Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/WCxX9B9hsRg9iDQLqobwIJFI3aQ.roa
File: WCxX9B9hsRg9iDQLqobwIJFI3aQ.roa (raw, json)
Hash identifier: aqiFK1z9sh34iEKm+H3kxm6G6G3i/8oN1xjlFSXUh+U=
Subject key identifier: 58:2C:57:F4:1F:61:B1:18:3D:88:34:0B:AA:86:F0:20:91:48:DD:A4
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018CC7942657F660CFDD7F31E9EA14729133
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/WCxX9B9hsRg9iDQLqobwIJFI3aQ.roa
Signing time: Tue 02 Jan 2024 00:30:24 +0000
ROA not before: Tue 02 Jan 2024 00:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204390
IP address blocks: 88.119.212.0/22 maxlen: 22
85.206.56.0/22 maxlen: 22
85.206.17.0/24 maxlen: 24
85.206.124.0/24 maxlen: 24
85.206.125.0/24 maxlen: 24
85.206.120.0/22 maxlen: 22
212.59.26.0/24 maxlen: 24
85.206.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:26:57:f6:60:cf:dd:7f:31:e9:ea:14:72:91:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 00:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=582c57f41f61b1183d88340baa86f0209148dda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2e:9b:41:17:54:63:16:bb:35:95:7d:b4:06:
39:f6:53:a5:71:7a:76:2b:2a:41:82:c8:3b:f3:eb:
d4:8d:8b:ba:bb:7d:07:9d:f7:4f:bc:5b:a8:6a:17:
92:9a:0f:20:e8:7a:73:09:55:3f:29:7a:2e:97:cb:
2e:bd:dc:50:e1:93:bc:3a:4f:73:4d:c7:58:14:93:
3d:6c:79:f7:d7:cb:d1:da:d9:f6:71:cc:dc:35:e3:
ed:c1:a0:36:e9:50:e8:46:af:cc:9f:22:d0:2c:e8:
e0:7f:13:69:1b:63:9d:bd:1e:fa:78:29:14:41:c8:
d3:11:ff:33:03:22:d0:81:46:93:19:23:d7:70:38:
00:31:63:e7:57:d9:2f:96:ab:7a:52:59:2b:83:2c:
f1:db:d6:62:b7:7e:bc:a2:08:59:4d:02:88:c3:e5:
42:18:43:03:90:20:d9:42:e7:fc:aa:cd:72:23:06:
1b:98:8e:60:ff:f3:27:ef:35:79:3c:a7:7b:ff:53:
6a:53:99:d2:26:06:9e:47:81:de:e0:01:ea:c6:d2:
55:c0:96:29:48:58:ed:31:82:4c:ce:76:db:f2:03:
6c:f0:89:1b:2e:04:15:3e:c1:7a:e7:98:9d:a4:ae:
21:c7:f2:87:fe:00:8a:7d:11:e3:e3:c8:41:2d:af:
d6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2C:57:F4:1F:61:B1:18:3D:88:34:0B:AA:86:F0:20:91:48:DD:A4
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/WCxX9B9hsRg9iDQLqobwIJFI3aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.17.0/24
85.206.56.0/22
85.206.120.0-85.206.126.255
88.119.212.0/22
212.59.26.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:b0:c9:cb:ca:62:04:fd:83:c5:71:33:90:a6:c7:3a:27:fa:
62:24:7e:f5:b2:33:8e:c5:77:06:dc:7e:84:1a:c5:2f:ee:9e:
0b:40:9e:e0:34:40:b5:17:8b:54:f2:5d:da:76:01:24:15:cf:
4e:0b:8a:a9:7d:cd:aa:c4:19:e6:d1:28:13:6f:9a:3e:24:7c:
d4:84:49:44:29:51:30:29:f6:b1:f9:9f:a7:55:87:bc:f2:e3:
91:de:67:54:04:25:35:95:bf:89:12:02:81:5a:78:43:59:4c:
fb:01:2a:a0:f5:53:81:17:c6:de:50:a0:c0:b2:bb:74:62:5a:
14:e4:47:06:3d:3e:d8:f1:76:d2:5b:ce:8c:f3:d1:d8:c3:35:
80:59:ce:de:66:6c:cc:1c:55:00:bb:47:5a:6e:4e:fc:2f:36:
b8:d4:3a:47:96:80:4b:09:ab:7d:d7:e0:f6:25:3d:31:33:22:
08:b6:48:44:68:8e:29:84:ab:fb:64:49:4b:9b:a5:e5:fd:41:
48:b4:da:98:cc:ca:1b:50:76:d9:f8:3a:9c:d2:91:65:94:10:
b1:dc:67:46:e4:71:3b:be:ef:3d:e8:ff:8d:d3:bf:50:cb:1a:
29:5e:07:7e:1d:0e:65:f7:49:b5:87:40:41:8f:b9:8d:5f:b8:
50:71:a7:0e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHlCZX9mDP3X8x6eoUcpEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjQwMTAyMDAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODJjNTdmNDFmNjFiMTE4M2Q4ODM0MGJhYTg2ZjAyMDkxNDhkZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAii6bQRdUYxa7NZV9tAY59lOlcXp2
KypBgsg78+vUjYu6u30HnfdPvFuoaheSmg8g6HpzCVU/KXoul8suvdxQ4ZO8Ok9z
TcdYFJM9bHn318vR2tn2cczcNePtwaA26VDoRq/MnyLQLOjgfxNpG2OdvR76eCkU
QcjTEf8zAyLQgUaTGSPXcDgAMWPnV9kvlqt6Ulkrgyzx29Zit368oghZTQKIw+VC
GEMDkCDZQuf8qs1yIwYbmI5g//Mn7zV5PKd7/1NqU5nSJgaeR4He4AHqxtJVwJYp
SFjtMYJMznbb8gNs8IkbLgQVPsF655idpK4hx/KH/gCKfRHj48hBLa/WkQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFgsV/QfYbEYPYg0C6qG8CCRSN2kMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL1dDeFg5Qjloc1JnOWlEUUxxb2J3SUpGSTNhUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYDBABVzhED
BAJVzjgwDAMEA1XOeAMEAFXOfgMEAlh31AMEANQ7GjANBgkqhkiG9w0BAQsFAAOC
AQEAirDJy8piBP2DxXEzkKbHOif6YiR+9bIzjsV3Btx+hBrFL+6eC0Ce4DRAtReL
VPJd2nYBJBXPTguKqX3NqsQZ5tEoE2+aPiR81IRJRClRMCn2sfmfp1WHvPLjkd5n
VAQlNZW/iRICgVp4Q1lM+wEqoPVTgRfG3lCgwLK7dGJaFORHBj0+2PF20lvOjPPR
2MM1gFnO3mZszBxVALtHWm5O/C82uNQ6R5aASwmrfdfg9iU9MTMiCLZIRGiOKYSr
+2RJS5ul5f1BSLTamMzKG1B22fg6nNKRZZQQsdxnRuRxO77vPej/jdO/UMsaKV4H
fh0OZfdJtYdAQY+5jV+4UHGnDg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:47 2024 by rpki-client on console-ams.rpki-client.org