Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/wNk9_cabnJrFiVfxAdp3CA07Vfc.roa
File: wNk9_cabnJrFiVfxAdp3CA07Vfc.roa (raw, json)
Hash identifier: QtQ843WGPzheI4idwDRpo8mguDKwMaPlhOA7uHzrmNk=
Subject key identifier: C0:D9:3D:FD:C6:9B:9C:9A:C5:89:57:F1:01:DA:77:08:0D:3B:55:F7
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 018DC2B47157DFEFF1D3914DF84009C31E49
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/wNk9_cabnJrFiVfxAdp3CA07Vfc.roa
Signing time: Mon 19 Feb 2024 18:50:21 +0000
ROA not before: Mon 19 Feb 2024 18:50:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203217
IP address blocks: 93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.218.0/23 maxlen: 23
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
138.124.156.0/24 maxlen: 24
138.124.157.0/24 maxlen: 24
138.124.158.0/24 maxlen: 24
138.124.159.0/24 maxlen: 24
144.86.228.0/22 maxlen: 22
144.86.228.0/23 maxlen: 23
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/23 maxlen: 23
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.20.196.0/23 maxlen: 23
185.20.196.0/24 maxlen: 24
185.20.197.0/24 maxlen: 24
185.20.198.0/23 maxlen: 23
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
185.138.120.0/23 maxlen: 23
185.138.120.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/23 maxlen: 23
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
185.254.13.0/24 maxlen: 24
185.254.14.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
195.133.220.0/23 maxlen: 23
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
199.74.188.0/23 maxlen: 23
199.74.188.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.190.0/23 maxlen: 23
199.74.190.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
2a0b:1880::/48 maxlen: 48
2a0b:1880:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c2:b4:71:57:df:ef:f1:d3:91:4d:f8:40:09:c3:1e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Feb 19 18:50:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0d93dfdc69b9c9ac58957f101da77080d3b55f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d4:79:46:02:ba:52:c1:15:04:b3:66:7f:05:
97:41:d5:6c:80:92:a0:aa:5a:8f:f9:d9:df:ea:83:
54:ea:d2:8f:11:40:d7:7a:ba:9a:4c:58:30:09:f6:
ed:4a:37:f9:f2:e8:2d:1e:c1:2c:1a:e8:9b:94:73:
12:64:27:8c:62:77:00:6c:49:bc:6d:66:c2:25:24:
75:04:bb:67:b3:1c:14:4a:de:43:79:bc:22:32:22:
d8:99:ea:de:9a:a5:54:53:d7:3a:f4:be:c2:c6:22:
4c:8f:d9:67:e1:a7:75:6f:cb:6b:f8:f5:46:6a:24:
e8:db:0c:f7:c7:50:87:ae:09:df:82:5b:63:0c:ea:
b6:86:f8:6b:c0:58:43:40:b0:78:32:c7:af:a6:05:
47:01:d2:28:c8:8d:17:5e:19:51:11:9d:a4:2d:67:
23:14:25:f4:95:c6:35:2a:50:d7:b3:c4:f5:6b:1b:
17:6c:9a:21:3b:e0:e7:51:73:d9:7c:12:b1:62:d3:
c5:19:16:eb:4d:d9:65:cb:08:1c:84:aa:82:d0:a0:
c3:54:82:1d:3d:9b:08:6a:9b:73:43:1d:f3:60:7a:
e7:0d:c7:66:bd:26:c5:89:f8:5e:6e:61:0f:a6:58:
5e:72:7e:ae:cd:bd:c2:83:03:f2:fd:80:07:6d:26:
f0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D9:3D:FD:C6:9B:9C:9A:C5:89:57:F1:01:DA:77:08:0D:3B:55:F7
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/wNk9_cabnJrFiVfxAdp3CA07Vfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
138.124.156.0/22
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.13.0-185.254.15.255
195.133.220.0/22
199.74.188.0/22
IPv6:
2a0b:1880::/47
Signature Algorithm: sha256WithRSAEncryption
93:00:50:54:4d:6c:fb:7e:b9:19:65:1b:27:6a:83:77:0d:91:
dd:9c:97:06:38:81:c7:46:7c:29:90:ad:48:73:3b:f3:0d:ef:
4e:a3:61:6f:4c:c4:fd:73:e1:e9:f2:20:65:db:d6:c5:84:f2:
a8:b0:b4:3a:87:d1:89:6e:77:0b:e6:1f:f5:b1:05:1f:9e:5c:
92:6e:0d:0c:ff:64:81:ab:26:12:46:21:82:04:d3:8e:5c:54:
f5:71:f2:62:a3:f5:f6:ce:6b:57:ed:1c:44:2f:37:88:57:e7:
86:32:98:bd:ea:c5:91:bd:fe:ee:d1:ed:99:0b:43:f8:a0:f9:
06:2d:02:62:30:09:52:fa:44:11:aa:f0:4d:86:a8:db:34:b4:
76:a2:fd:91:f4:e2:ee:a8:9a:99:cd:8c:51:42:45:86:cd:6e:
b4:ae:c4:75:6c:9b:33:56:e9:b7:f7:03:5d:e1:21:23:08:c5:
08:a6:01:ef:0c:1b:26:1d:3f:e0:71:64:81:14:f3:0d:58:df:
47:80:03:27:8e:31:c1:63:5c:b3:5f:57:f1:1e:72:0a:ea:cf:
a2:4f:19:2a:06:dc:16:4b:0a:b2:fe:12:1f:88:16:f6:18:97:
9b:49:74:36:01:94:0e:64:11:c9:5f:25:60:c0:2b:be:fe:7e:
83:6a:50:49
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAY3CtHFX3+/x05FN+EAJwx5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjQwMjE5MTg1MDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQ5M2RmZGM2OWI5YzlhYzU4OTU3ZjEwMWRhNzcwODBkM2I1NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtR5RgK6UsEVBLNmfwWXQdVsgJKg
qlqP+dnf6oNU6tKPEUDXerqaTFgwCfbtSjf58ugtHsEsGuiblHMSZCeMYncAbEm8
bWbCJSR1BLtnsxwUSt5DebwiMiLYmeremqVUU9c69L7CxiJMj9ln4ad1b8tr+PVG
aiTo2wz3x1CHrgnfgltjDOq2hvhrwFhDQLB4MsevpgVHAdIoyI0XXhlREZ2kLWcj
FCX0lcY1KlDXs8T1axsXbJohO+DnUXPZfBKxYtPFGRbrTdllywgchKqC0KDDVIId
PZsIaptzQx3zYHrnDcdmvSbFifhebmEPplhecn6uzb3CgwPy/YAHbSbwzwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFMDZPf3Gm5yaxYlX8QHadwgNO1X3MB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvd05rOV9jYWJuSnJGaVZmeEFkcDNDQTA3VmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA+BAIAATA4AwQDXbTYAwQC
inycAwQCkFbkAwQCuRTEAwQCuYp4MAwDBAC5/g0DBAS5/gADBALDhdwDBALHSrww
DwQCAAIwCQMHASoLGIAAADANBgkqhkiG9w0BAQsFAAOCAQEAkwBQVE1s+365GWUb
J2qDdw2R3ZyXBjiBx0Z8KZCtSHM78w3vTqNhb0zE/XPh6fIgZdvWxYTyqLC0OofR
iW53C+Yf9bEFH55ckm4NDP9kgasmEkYhggTTjlxU9XHyYqP19s5rV+0cRC83iFfn
hjKYverFkb3+7tHtmQtD+KD5Bi0CYjAJUvpEEarwTYao2zS0dqL9kfTi7qiamc2M
UUJFhs1utK7EdWybM1bpt/cDXeEhIwjFCKYB7wwbJh0/4HFkgRTzDVjfR4ADJ44x
wWNcs19X8R5yCurPok8ZKgbcFksKsv4SH4gW9hiXm0l0NgGUDmQRyV8lYMArvv5+
g2pQSQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:38:39 2024 by rpki-client on console-ams.rpki-client.org