Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/c071a8-54aa-4abd-8127-edf7bb653f13/1/wyiBFKsG7mhieb9Aca9FzDZ_Sl0.roa
File: wyiBFKsG7mhieb9Aca9FzDZ_Sl0.roa (raw, json)
Hash identifier: a2wBSTdy+4JP7tb65w7vsC2KCZCYJCeTlMmF/ryiLlY=
Subject key identifier: C3:28:81:14:AB:06:EE:68:62:79:BF:40:71:AF:45:CC:36:7F:4A:5D
Certificate issuer: /CN=bbe128dcb6810ffdc502ba3047cd419132da2274
Certificate serial: 018CC64B5FCA839F361D90D135565D30D143
Authority key identifier: BB:E1:28:DC:B6:81:0F:FD:C5:02:BA:30:47:CD:41:91:32:DA:22:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u-Eo3LaBD_3FArowR81BkTLaInQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/c071a8-54aa-4abd-8127-edf7bb653f13/1/wyiBFKsG7mhieb9Aca9FzDZ_Sl0.roa
Signing time: Mon 01 Jan 2024 18:31:17 +0000
ROA not before: Mon 01 Jan 2024 18:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25460
IP address blocks: 185.118.28.0/22 maxlen: 22
45.154.208.0/22 maxlen: 22
5.61.120.0/21 maxlen: 21
2a01:5ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/c071a8-54aa-4abd-8127-edf7bb653f13/1/u-Eo3LaBD_3FArowR81BkTLaInQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/c071a8-54aa-4abd-8127-edf7bb653f13/1/u-Eo3LaBD_3FArowR81BkTLaInQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/u-Eo3LaBD_3FArowR81BkTLaInQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5f:ca:83:9f:36:1d:90:d1:35:56:5d:30:d1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbe128dcb6810ffdc502ba3047cd419132da2274
Validity
Not Before: Jan 1 18:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3288114ab06ee686279bf4071af45cc367f4a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:83:d9:bc:49:7c:f8:b4:a3:15:d2:8b:b1:26:
25:51:1d:c4:fd:f0:15:86:7c:4a:bd:77:e3:97:85:
70:fd:16:99:24:f7:f6:de:56:2f:9e:e2:51:17:02:
9f:3c:0c:be:93:ba:e9:b1:c4:f4:6f:88:90:ea:3c:
74:fc:f1:87:42:85:fb:a7:0e:fc:62:56:53:19:73:
3c:14:df:2e:1a:6f:52:aa:c0:d2:69:9f:b5:59:8c:
d4:9c:79:21:e2:5b:b4:dc:43:eb:15:a5:2f:ed:ee:
fb:87:70:23:bd:da:8e:e6:24:2c:a8:74:40:e7:bd:
6f:33:9c:15:a9:0a:e6:81:99:8f:d9:09:d2:5b:1d:
9a:80:00:41:b9:e6:8b:4b:42:92:27:68:6d:dc:46:
1a:35:17:90:21:f9:05:1b:d3:c7:12:f8:26:a2:11:
b6:b6:8c:3c:c3:4b:3d:42:9c:15:68:d3:5b:d8:6e:
a1:38:02:3d:b1:83:6f:6b:50:e1:5c:d3:20:a0:3c:
81:98:bc:dc:86:19:ae:7c:0c:c5:f3:cc:f3:a4:5a:
d9:4b:de:89:27:dd:77:2f:a9:7f:be:24:90:e4:12:
18:99:a6:23:31:fa:b5:07:d2:57:29:79:51:41:d7:
a8:d1:a6:63:6d:e4:ea:50:fa:38:0c:fb:d3:57:d0:
1c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:28:81:14:AB:06:EE:68:62:79:BF:40:71:AF:45:CC:36:7F:4A:5D
X509v3 Authority Key Identifier:
keyid:BB:E1:28:DC:B6:81:0F:FD:C5:02:BA:30:47:CD:41:91:32:DA:22:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-Eo3LaBD_3FArowR81BkTLaInQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/c071a8-54aa-4abd-8127-edf7bb653f13/1/wyiBFKsG7mhieb9Aca9FzDZ_Sl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/c071a8-54aa-4abd-8127-edf7bb653f13/1/u-Eo3LaBD_3FArowR81BkTLaInQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.120.0/21
45.154.208.0/22
185.118.28.0/22
IPv6:
2a01:5ac0::/32
Signature Algorithm: sha256WithRSAEncryption
da:c9:ef:bd:3d:ea:b1:fc:d0:a6:92:05:80:ac:3f:36:4f:3b:
4d:e9:95:bf:85:b5:f3:8b:5e:04:49:4d:92:7b:e8:8b:39:c7:
c2:84:40:b1:57:2b:5f:4c:86:17:27:0c:bc:8c:74:2d:db:d5:
cc:a5:b6:93:82:b9:aa:bf:1b:f8:dc:68:bd:f1:64:4c:e5:c1:
c2:14:c6:f0:ab:78:27:35:51:ba:09:13:a2:b8:4e:e7:70:5c:
23:7b:77:62:5a:b4:c0:96:8f:ef:8f:15:29:97:f7:c7:88:5d:
64:bf:6a:06:42:e1:e9:f0:6a:31:ad:6d:4e:f2:2d:2e:d2:bc:
c1:4e:aa:91:fa:12:16:6c:45:9d:2f:a2:66:52:72:96:1a:ba:
b7:81:de:49:e0:be:4b:4c:03:76:8f:16:5a:84:6c:bf:56:cf:
f9:b9:33:e9:8b:be:4d:67:94:bf:f8:54:69:1b:30:cf:14:95:
e9:82:21:c7:f0:fb:1b:03:97:cb:5f:14:6c:1e:a9:ad:96:a7:
a2:b0:80:34:1f:e1:f8:5e:65:38:e9:89:93:47:0b:fa:30:4e:
59:44:7b:d2:8c:ff:30:6c:b7:61:c8:ae:56:79:a6:e8:07:64:
f6:4e:ba:5d:87:4c:bc:82:a8:65:6b:31:05:2b:2b:99:c1:87:
35:44:9e:7e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS1/Kg582HZDRNVZdMNFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTEyOGRjYjY4MTBmZmRjNTAyYmEzMDQ3Y2Q0MTkxMzJk
YTIyNzQwHhcNMjQwMTAxMTgzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzI4ODExNGFiMDZlZTY4NjI3OWJmNDA3MWFmNDVjYzM2N2Y0YTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIPZvEl8+LSjFdKLsSYlUR3E/fAV
hnxKvXfjl4Vw/RaZJPf23lYvnuJRFwKfPAy+k7rpscT0b4iQ6jx0/PGHQoX7pw78
YlZTGXM8FN8uGm9SqsDSaZ+1WYzUnHkh4lu03EPrFaUv7e77h3AjvdqO5iQsqHRA
571vM5wVqQrmgZmP2QnSWx2agABBueaLS0KSJ2ht3EYaNReQIfkFG9PHEvgmohG2
tow8w0s9QpwVaNNb2G6hOAI9sYNva1DhXNMgoDyBmLzchhmufAzF88zzpFrZS96J
J913L6l/viSQ5BIYmaYjMfq1B9JXKXlRQdeo0aZjbeTqUPo4DPvTV9AckwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMMogRSrBu5oYnm/QHGvRcw2f0pdMB8GA1UdIwQY
MBaAFLvhKNy2gQ/9xQK6MEfNQZEy2iJ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1FbzNMYUJEXzNGQXJvd1I4MUJrVExhSW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9jMDcxYTgtNTRhYS00YWJkLTgxMjct
ZWRmN2JiNjUzZjEzLzEvd3lpQkZLc0c3bWhpZWI5QWNhOUZ6RFpfU2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9jMDcxYTgtNTRhYS00YWJkLTgxMjctZWRmN2JiNjUzZjEz
LzEvdS1FbzNMYUJEXzNGQXJvd1I4MUJrVExhSW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBT14AwQC
LZrQAwQCuXYcMA0EAgACMAcDBQAqAVrAMA0GCSqGSIb3DQEBCwUAA4IBAQDaye+9
Peqx/NCmkgWArD82TztN6ZW/hbXzi14ESU2Se+iLOcfChECxVytfTIYXJwy8jHQt
29XMpbaTgrmqvxv43Gi98WRM5cHCFMbwq3gnNVG6CROiuE7ncFwje3diWrTAlo/v
jxUpl/fHiF1kv2oGQuHp8GoxrW1O8i0u0rzBTqqR+hIWbEWdL6JmUnKWGrq3gd5J
4L5LTAN2jxZahGy/Vs/5uTPpi75NZ5S/+FRpGzDPFJXpgiHH8PsbA5fLXxRsHqmt
lqeisIA0H+H4XmU46YmTRwv6ME5ZRHvSjP8wbLdhyK5WeaboB2T2Trpdh0y8gqhl
azEFKyuZwYc1RJ5+
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:17:50 2024 by rpki-client on console-ams.rpki-client.org