Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/Wa0P1PSTtdqkJXPljzkdoCZN0II.roa
File: Wa0P1PSTtdqkJXPljzkdoCZN0II.roa (raw, json)
Hash identifier: 9qF/77epLJ3Rc1jl/sRIyxJ6mF0B+pCionAdRgrFbnY=
Subject key identifier: 59:AD:0F:D4:F4:93:B5:DA:A4:25:73:E5:8F:39:1D:A0:26:4D:D0:82
Certificate issuer: /CN=151e6c3dc5d6754fe4f60a82b1cc551ab780df8b
Certificate serial: 018CC86F6E60AF353A6CBA12BF0BA94D5D47
Authority key identifier: 15:1E:6C:3D:C5:D6:75:4F:E4:F6:0A:82:B1:CC:55:1A:B7:80:DF:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FR5sPcXWdU_k9gqCscxVGreA34s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/Wa0P1PSTtdqkJXPljzkdoCZN0II.roa
Signing time: Tue 02 Jan 2024 04:29:54 +0000
ROA not before: Tue 02 Jan 2024 04:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207097
IP address blocks: 185.166.26.0/24 maxlen: 24
185.166.27.0/24 maxlen: 24
185.166.25.0/24 maxlen: 24
185.166.24.0/24 maxlen: 24
2a0a:6a02::/32 maxlen: 32
2a0a:6a00::/32 maxlen: 32
2a0a:6a01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/FR5sPcXWdU_k9gqCscxVGreA34s.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/FR5sPcXWdU_k9gqCscxVGreA34s.mft
rsync://rpki.ripe.net/repository/DEFAULT/FR5sPcXWdU_k9gqCscxVGreA34s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:6e:60:af:35:3a:6c:ba:12:bf:0b:a9:4d:5d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151e6c3dc5d6754fe4f60a82b1cc551ab780df8b
Validity
Not Before: Jan 2 04:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59ad0fd4f493b5daa42573e58f391da0264dd082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8e:ad:1e:70:05:c5:4a:18:88:3f:a2:7d:51:
81:9e:2f:1b:16:b4:bd:ce:d8:00:b8:f1:91:6f:f0:
9e:97:13:23:51:0f:91:33:8d:45:07:40:68:f8:db:
49:b7:3e:9c:ba:6d:9a:8e:bf:ea:a9:37:cd:49:3a:
58:46:d9:7d:82:d0:e2:13:15:ec:88:38:22:0f:14:
c4:c3:37:92:38:76:7c:5b:2a:58:46:05:b3:f8:9f:
c0:0e:ae:0b:61:3a:f3:cd:d2:53:16:c0:d5:69:ec:
aa:7c:38:8b:2a:13:a4:cb:8e:17:43:95:a3:1a:9b:
0c:92:04:cd:b3:da:2d:ab:f9:14:07:f4:0a:e8:cc:
9d:63:43:d9:24:a5:be:7d:be:67:57:88:4b:a7:02:
24:28:88:5a:d6:bd:3f:82:fb:2e:bd:87:dd:a6:3c:
57:e2:c6:20:b3:bc:0c:6d:14:6a:fe:80:5d:bc:c6:
32:6e:ba:a5:bc:41:53:c6:75:b1:aa:1c:b3:1f:2b:
cd:3f:ae:ed:71:af:7f:e8:b2:63:fc:b5:4a:b7:5f:
99:b4:c2:df:16:73:7c:69:0c:a3:ea:b3:b4:d6:4b:
85:4f:81:aa:db:03:28:d9:28:01:0f:d9:86:28:8e:
7c:47:07:1a:39:5b:bf:4f:c1:9f:04:0c:7e:c1:df:
3f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:AD:0F:D4:F4:93:B5:DA:A4:25:73:E5:8F:39:1D:A0:26:4D:D0:82
X509v3 Authority Key Identifier:
keyid:15:1E:6C:3D:C5:D6:75:4F:E4:F6:0A:82:B1:CC:55:1A:B7:80:DF:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FR5sPcXWdU_k9gqCscxVGreA34s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/Wa0P1PSTtdqkJXPljzkdoCZN0II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/4ffe77-6f3d-41ca-8d8b-4a2aad796fc1/1/FR5sPcXWdU_k9gqCscxVGreA34s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.24.0/22
IPv6:
2a0a:6a00::-2a0a:6a02:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
18:45:6e:92:e6:86:a0:2f:31:66:44:ea:4a:91:65:83:22:47:
ee:73:bf:55:6c:37:e0:37:45:92:f3:4a:00:12:9e:cb:b7:96:
c5:2f:b1:3c:4b:43:6b:97:af:a5:92:83:76:0d:e7:1f:79:39:
88:4d:b0:1e:86:4a:78:e1:e1:6b:b8:25:db:ea:6d:79:c4:e7:
f5:c2:7c:b9:54:d0:04:f6:90:de:6f:66:d5:2d:1d:90:47:67:
2b:c4:ef:7b:bf:a3:49:a0:6f:9a:65:49:ab:e2:95:86:b4:a6:
bd:f1:5b:51:b3:cd:9f:d3:65:04:e6:2f:91:1e:c2:91:e6:f8:
92:79:3f:7f:b1:76:d5:f7:95:e3:07:9d:c5:be:fd:70:a2:dd:
e6:90:e3:2f:4c:e0:d5:80:dd:a3:96:e5:e8:b0:bd:3b:98:e5:
e3:ea:47:03:d9:52:f6:4a:f7:fb:dd:38:0f:89:80:6d:de:71:
ba:8e:a1:b1:64:62:ab:53:53:99:35:e1:0d:de:6a:19:6e:62:
c5:06:6f:a6:80:48:36:0c:5c:6f:06:e9:b5:e0:b1:01:ec:56:
0e:6a:17:d6:d9:d6:55:b9:ab:05:76:68:3f:18:b6:4e:0a:c0:
b0:23:0e:13:29:4f:41:cc:e0:07:da:86:13:5f:8c:58:9d:87:
8b:45:0f:4d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIb25grzU6bLoSvwupTV1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MWU2YzNkYzVkNjc1NGZlNGY2MGE4MmIxY2M1NTFhYjc4
MGRmOGIwHhcNMjQwMTAyMDQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWFkMGZkNGY0OTNiNWRhYTQyNTczZTU4ZjM5MWRhMDI2NGRkMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI6tHnAFxUoYiD+ifVGBni8bFrS9
ztgAuPGRb/CelxMjUQ+RM41FB0Bo+NtJtz6cum2ajr/qqTfNSTpYRtl9gtDiExXs
iDgiDxTEwzeSOHZ8WypYRgWz+J/ADq4LYTrzzdJTFsDVaeyqfDiLKhOky44XQ5Wj
GpsMkgTNs9otq/kUB/QK6MydY0PZJKW+fb5nV4hLpwIkKIha1r0/gvsuvYfdpjxX
4sYgs7wMbRRq/oBdvMYybrqlvEFTxnWxqhyzHyvNP67tca9/6LJj/LVKt1+ZtMLf
FnN8aQyj6rO01kuFT4Gq2wMo2SgBD9mGKI58RwcaOVu/T8GfBAx+wd8/vQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFmtD9T0k7XapCVz5Y85HaAmTdCCMB8GA1UdIwQY
MBaAFBUebD3F1nVP5PYKgrHMVRq3gN+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlI1c1BjWFdkVV9rOWdxQ3NjeFZHcmVBMzRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC80ZmZlNzctNmYzZC00MWNhLThkOGIt
NGEyYWFkNzk2ZmMxLzEvV2EwUDFQU1R0ZHFrSlhQbGp6a2RvQ1pOMElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC80ZmZlNzctNmYzZC00MWNhLThkOGItNGEyYWFkNzk2ZmMx
LzEvRlI1c1BjWFdkVV9rOWdxQ3NjeFZHcmVBMzRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQCuaYYMBUE
AgACMA8wDQMEASoKagMFACoKagIwDQYJKoZIhvcNAQELBQADggEBABhFbpLmhqAv
MWZE6kqRZYMiR+5zv1VsN+A3RZLzSgASnsu3lsUvsTxLQ2uXr6WSg3YN5x95OYhN
sB6GSnjh4Wu4JdvqbXnE5/XCfLlU0AT2kN5vZtUtHZBHZyvE73u/o0mgb5plSavi
lYa0pr3xW1GzzZ/TZQTmL5EewpHm+JJ5P3+xdtX3leMHncW+/XCi3eaQ4y9M4NWA
3aOW5eiwvTuY5ePqRwPZUvZK9/vdOA+JgG3ecbqOobFkYqtTU5k14Q3eahluYsUG
b6aASDYMXG8G6bXgsQHsVg5qF9bZ1lW5qwV2aD8Ytk4KwLAjDhMpT0HM4AfahhNf
jFidh4tFD00=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:53 2024 by rpki-client on console-ams.rpki-client.org