Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/wsNRODSlq_nh1GDEKdmia3PTMko.roa
File: wsNRODSlq_nh1GDEKdmia3PTMko.roa (raw, json)
Hash identifier: oJgNuBgkHwRy1QBN/xCPFqgneU9FqbAO/DZOxkV4624=
Subject key identifier: C2:C3:51:38:34:A5:AB:F9:E1:D4:60:C4:29:D9:A2:6B:73:D3:32:4A
Certificate issuer: /CN=61fe2eafa64aceaf1fcfcfbca6150a7a2d35be4a
Certificate serial: 019427B5DD4B2B1EEA0BF7309D4F102AD121
Authority key identifier: 61:FE:2E:AF:A6:4A:CE:AF:1F:CF:CF:BC:A6:15:0A:7A:2D:35:BE:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yf4ur6ZKzq8fz8-8phUKei01vko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/wsNRODSlq_nh1GDEKdmia3PTMko.roa
Signing time: Thu 02 Jan 2025 15:50:17 +0000
ROA not before: Thu 02 Jan 2025 15:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205679
IP address blocks: 84.234.114.0/23 maxlen: 23
84.234.114.0/24 maxlen: 24
84.234.115.0/24 maxlen: 24
88.218.252.0/22 maxlen: 24
92.118.164.0/22 maxlen: 24
185.210.36.0/22 maxlen: 24
2a0b:51c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/Yf4ur6ZKzq8fz8-8phUKei01vko.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/Yf4ur6ZKzq8fz8-8phUKei01vko.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yf4ur6ZKzq8fz8-8phUKei01vko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:dd:4b:2b:1e:ea:0b:f7:30:9d:4f:10:2a:d1:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61fe2eafa64aceaf1fcfcfbca6150a7a2d35be4a
Validity
Not Before: Jan 2 15:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2c3513834a5abf9e1d460c429d9a26b73d3324a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:53:56:83:55:ae:9c:5b:74:36:fe:c2:77:dd:
f1:17:d4:09:d5:f3:be:87:d9:d7:84:86:83:2f:a8:
73:33:61:ed:1e:00:75:68:1a:60:19:ca:a3:fe:3b:
e2:49:17:b4:1d:d7:4d:36:74:16:ef:ca:b1:aa:3c:
ae:98:4c:f2:18:d7:4c:f4:8d:74:fd:37:cb:c4:b3:
11:a6:bb:bb:6a:d5:30:dd:8a:4f:59:92:ff:84:68:
e1:63:ff:5f:bb:03:45:40:58:62:1f:14:7e:ab:d7:
45:dc:2c:bf:70:74:92:be:22:17:97:7e:df:bd:a6:
0e:b6:ba:ac:54:f1:14:60:d0:f6:42:6b:ae:e2:ad:
bf:2a:5a:e7:0b:ee:f4:4c:35:5a:cb:d2:e9:fb:61:
b4:93:1c:16:6d:f5:6d:31:0b:44:4d:a1:73:c1:40:
0f:02:e2:e6:59:11:eb:81:45:db:86:67:9c:66:dd:
e6:67:8f:08:b1:50:9a:0e:18:fa:e7:e5:8a:93:65:
0c:a6:2f:af:a4:93:21:b5:96:51:e1:60:8f:62:1a:
c2:84:5f:1d:95:88:2a:ea:16:73:6e:b9:28:eb:ac:
e9:6d:af:39:d2:c3:e9:83:26:b2:7f:2e:e4:8c:d5:
43:f6:30:46:a8:41:6c:05:75:99:5e:6a:0f:77:0f:
19:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C3:51:38:34:A5:AB:F9:E1:D4:60:C4:29:D9:A2:6B:73:D3:32:4A
X509v3 Authority Key Identifier:
keyid:61:FE:2E:AF:A6:4A:CE:AF:1F:CF:CF:BC:A6:15:0A:7A:2D:35:BE:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yf4ur6ZKzq8fz8-8phUKei01vko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/wsNRODSlq_nh1GDEKdmia3PTMko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/21ca43-d3e1-4ec0-9a9d-39afd9316598/1/Yf4ur6ZKzq8fz8-8phUKei01vko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.114.0/23
88.218.252.0/22
92.118.164.0/22
185.210.36.0/22
IPv6:
2a0b:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:ae:25:68:18:13:a7:89:60:bb:91:2b:aa:98:b6:11:85:9c:
34:67:43:cf:8a:7a:f4:22:08:7a:73:ec:0e:b5:88:83:c9:0b:
5c:d0:09:a0:71:32:98:e9:63:e1:63:80:3b:e5:4f:03:33:b3:
76:d5:7d:c6:73:28:5b:7c:9e:60:e1:0d:0c:46:cb:57:ce:0d:
df:bd:20:3d:c1:0e:87:4c:38:33:d5:6f:ab:73:04:49:a8:44:
f3:12:18:bc:ee:24:0f:d9:ce:1f:7c:0e:8c:e6:bc:be:f7:9a:
27:21:89:c7:7a:60:c1:34:da:15:f5:ac:4f:dd:4c:55:d5:e0:
3a:ea:c3:72:92:ee:96:bc:49:d2:3c:e2:77:97:74:02:67:1d:
4b:79:c5:58:13:fa:1f:a2:39:5d:70:18:cd:de:35:b7:11:36:
1d:b3:d6:ab:1f:01:29:07:46:b9:24:29:77:16:9f:d5:f5:48:
48:99:d0:65:bb:eb:e6:c0:74:fe:18:43:ee:86:5a:87:43:2f:
19:96:7a:c9:b2:0b:62:3b:12:26:1c:d9:08:02:01:90:d1:fc:
3b:71:57:5c:9f:d3:83:03:b3:b5:9c:46:11:0d:74:8c:30:ea:
41:16:bb:27:65:47:6f:c1:d0:b6:82:d0:20:84:00:0b:bf:85:
a9:47:97:99
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQntd1LKx7qC/cwnU8QKtEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZmUyZWFmYTY0YWNlYWYxZmNmY2ZiY2E2MTUwYTdhMmQz
NWJlNGEwHhcNMjUwMTAyMTU1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmMzNTEzODM0YTVhYmY5ZTFkNDYwYzQyOWQ5YTI2YjczZDMzMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1NWg1WunFt0Nv7Cd93xF9QJ1fO+
h9nXhIaDL6hzM2HtHgB1aBpgGcqj/jviSRe0HddNNnQW78qxqjyumEzyGNdM9I10
/TfLxLMRpru7atUw3YpPWZL/hGjhY/9fuwNFQFhiHxR+q9dF3Cy/cHSSviIXl37f
vaYOtrqsVPEUYND2Qmuu4q2/KlrnC+70TDVay9Lp+2G0kxwWbfVtMQtETaFzwUAP
AuLmWRHrgUXbhmecZt3mZ48IsVCaDhj65+WKk2UMpi+vpJMhtZZR4WCPYhrChF8d
lYgq6hZzbrko66zpba850sPpgyayfy7kjNVD9jBGqEFsBXWZXmoPdw8ZBwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMLDUTg0pav54dRgxCnZomtz0zJKMB8GA1UdIwQY
MBaAFGH+Lq+mSs6vH8/PvKYVCnotNb5KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWY0dXI2Wkt6cThmejgtOHBoVUtlaTAxdmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8yMWNhNDMtZDNlMS00ZWMwLTlhOWQt
MzlhZmQ5MzE2NTk4LzEvd3NOUk9EU2xxX25oMUdERUtkbWlhM1BUTWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8yMWNhNDMtZDNlMS00ZWMwLTlhOWQtMzlhZmQ5MzE2NTk4
LzEvWWY0dXI2Wkt6cThmejgtOHBoVUtlaTAxdmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBVOpyAwQC
WNr8AwQCXHakAwQCudIkMA0EAgACMAcDBQMqC1HAMA0GCSqGSIb3DQEBCwUAA4IB
AQAariVoGBOniWC7kSuqmLYRhZw0Z0PPinr0Igh6c+wOtYiDyQtc0AmgcTKY6WPh
Y4A75U8DM7N21X3GcyhbfJ5g4Q0MRstXzg3fvSA9wQ6HTDgz1W+rcwRJqETzEhi8
7iQP2c4ffA6M5ry+95onIYnHemDBNNoV9axP3UxV1eA66sNyku6WvEnSPOJ3l3QC
Zx1LecVYE/ofojldcBjN3jW3ETYds9arHwEpB0a5JCl3Fp/V9UhImdBlu+vmwHT+
GEPuhlqHQy8ZlnrJsgtiOxImHNkIAgGQ0fw7cVdcn9ODA7O1nEYRDXSMMOpBFrsn
ZUdvwdC2gtAghAALv4WpR5eZ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:38 2025 by rpki-client