Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/WouLbO4J6JNDh1hXvYc8wxiud5Y.roa
File: WouLbO4J6JNDh1hXvYc8wxiud5Y.roa (raw, json)
Hash identifier: F+ItkZG+pkgnotnWwKD17NPdxPrVP8BcieEcr7pXlPc=
Subject key identifier: 5A:8B:8B:6C:EE:09:E8:93:43:87:58:57:BD:87:3C:C3:18:AE:77:96
Certificate issuer: /CN=6e3ee2b8400208a7eea45060f4b7a83c43e8de7c
Certificate serial: 018CC2DAC4192D8C121DAC3EB4886BCA46DF
Authority key identifier: 6E:3E:E2:B8:40:02:08:A7:EE:A4:50:60:F4:B7:A8:3C:43:E8:DE:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bj7iuEACCKfupFBg9LeoPEPo3nw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/WouLbO4J6JNDh1hXvYc8wxiud5Y.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205234
IP address blocks: 91.201.34.0/24 maxlen: 24
91.201.35.0/24 maxlen: 24
91.201.32.0/24 maxlen: 24
91.201.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/bj7iuEACCKfupFBg9LeoPEPo3nw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/bj7iuEACCKfupFBg9LeoPEPo3nw.mft
rsync://rpki.ripe.net/repository/DEFAULT/bj7iuEACCKfupFBg9LeoPEPo3nw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c4:19:2d:8c:12:1d:ac:3e:b4:88:6b:ca:46:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e3ee2b8400208a7eea45060f4b7a83c43e8de7c
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a8b8b6cee09e89343875857bd873cc318ae7796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d9:8d:ce:d2:89:99:f2:5f:df:9d:bb:41:7e:
60:b2:a0:9d:99:6d:a1:31:be:81:64:94:1e:9b:b5:
5a:82:c2:5e:01:a2:fe:aa:45:21:42:71:ae:6c:3d:
9e:a1:0c:bd:a7:4e:bc:8e:0e:37:89:54:f1:86:bf:
e4:b4:3b:95:3a:01:95:ac:01:f6:cb:a9:29:09:2d:
0f:58:29:e3:38:36:0c:7e:e6:b1:b4:e6:44:9a:04:
b8:2d:43:23:ec:b5:16:73:5b:80:57:10:10:c7:20:
5a:ac:a5:e7:69:a6:55:a2:51:fc:b2:c8:68:4b:8b:
1e:e9:7b:ad:8e:5f:4e:e3:cb:09:ca:cc:a7:f6:44:
7e:a4:3c:56:4c:c2:26:0f:2e:67:3a:d2:64:a6:f7:
51:52:da:49:85:08:af:d0:f6:a6:b8:d0:6a:c2:cc:
1a:ef:ad:f4:53:b2:28:46:61:97:ff:e4:97:6e:0c:
d4:13:b3:4b:da:52:63:b2:4a:96:3c:af:33:33:85:
fe:71:f7:55:ae:14:3b:0f:a2:6b:d1:6c:01:3c:cc:
56:ea:78:92:dd:ae:6c:68:c2:ef:fc:6c:f8:21:11:
81:b4:65:49:82:b9:25:3e:8e:70:3e:24:47:06:4e:
c6:3c:4e:b1:86:7a:78:bb:64:fc:3b:e6:72:44:e1:
3e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8B:8B:6C:EE:09:E8:93:43:87:58:57:BD:87:3C:C3:18:AE:77:96
X509v3 Authority Key Identifier:
keyid:6E:3E:E2:B8:40:02:08:A7:EE:A4:50:60:F4:B7:A8:3C:43:E8:DE:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bj7iuEACCKfupFBg9LeoPEPo3nw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/WouLbO4J6JNDh1hXvYc8wxiud5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/e4f2db-6f46-4761-adfe-7327df6bdd10/1/bj7iuEACCKfupFBg9LeoPEPo3nw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.32.0/22
Signature Algorithm: sha256WithRSAEncryption
97:b9:b8:68:2e:7a:13:e1:00:86:2e:1c:f9:65:b0:be:b6:81:
24:51:b0:31:76:9e:5b:ec:97:4b:53:9c:23:be:20:6a:ae:f1:
ef:c2:bc:05:24:f6:cc:65:ff:a2:3e:95:1c:88:da:b9:45:7c:
e8:ec:02:bb:a8:c5:6f:da:2a:ab:84:65:d9:89:7d:41:b7:6e:
45:aa:c4:22:3d:58:0c:94:76:72:db:0e:88:69:39:37:30:45:
8a:1d:79:af:bd:2e:58:61:7d:fb:26:e5:7e:cb:fa:cd:71:96:
8d:4a:81:cf:8a:35:55:f3:5d:23:df:4c:4e:2d:1d:85:f2:4e:
4d:41:33:97:1a:fe:6f:54:bd:13:8e:15:39:2e:98:87:9b:31:
75:06:44:59:da:ad:14:ba:b2:83:a0:23:70:92:66:28:77:4b:
fd:fa:48:88:2a:dc:d3:30:fe:8c:39:8c:07:c2:5e:8b:1e:f5:
9f:0b:ae:c3:20:6e:f0:c6:e7:be:d0:c8:fc:ce:c0:7f:c3:44:
73:cd:14:ac:e8:c5:36:46:7d:9d:fd:c9:00:f7:18:61:51:b9:
8f:4c:d1:9d:22:8c:0d:22:b5:ec:27:0b:3e:c9:68:bd:54:81:
1f:8f:74:0d:a8:f5:dd:d1:71:59:27:47:aa:4e:22:86:16:5e:
7b:ad:25:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2sQZLYwSHaw+tIhrykbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlM2VlMmI4NDAwMjA4YTdlZWE0NTA2MGY0YjdhODNjNDNl
OGRlN2MwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YThiOGI2Y2VlMDllODkzNDM4NzU4NTdiZDg3M2NjMzE4YWU3Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dmNztKJmfJf3527QX5gsqCdmW2h
Mb6BZJQem7VagsJeAaL+qkUhQnGubD2eoQy9p068jg43iVTxhr/ktDuVOgGVrAH2
y6kpCS0PWCnjODYMfuaxtOZEmgS4LUMj7LUWc1uAVxAQxyBarKXnaaZVolH8ssho
S4se6Xutjl9O48sJysyn9kR+pDxWTMImDy5nOtJkpvdRUtpJhQiv0PamuNBqwswa
7630U7IoRmGX/+SXbgzUE7NL2lJjskqWPK8zM4X+cfdVrhQ7D6Jr0WwBPMxW6niS
3a5saMLv/Gz4IRGBtGVJgrklPo5wPiRHBk7GPE6xhnp4u2T8O+ZyROE+XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqLi2zuCeiTQ4dYV72HPMMYrneWMB8GA1UdIwQY
MBaAFG4+4rhAAgin7qRQYPS3qDxD6N58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmo3aXVFQUNDS2Z1cEZCZzlMZW9QRVBvM253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9lNGYyZGItNmY0Ni00NzYxLWFkZmUt
NzMyN2RmNmJkZDEwLzEvV291TGJPNEo2Sk5EaDFoWHZZYzh3eGl1ZDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9lNGYyZGItNmY0Ni00NzYxLWFkZmUtNzMyN2RmNmJkZDEw
LzEvYmo3aXVFQUNDS2Z1cEZCZzlMZW9QRVBvM253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8kgMA0G
CSqGSIb3DQEBCwUAA4IBAQCXubhoLnoT4QCGLhz5ZbC+toEkUbAxdp5b7JdLU5wj
viBqrvHvwrwFJPbMZf+iPpUciNq5RXzo7AK7qMVv2iqrhGXZiX1Bt25FqsQiPVgM
lHZy2w6IaTk3MEWKHXmvvS5YYX37JuV+y/rNcZaNSoHPijVV810j30xOLR2F8k5N
QTOXGv5vVL0TjhU5LpiHmzF1BkRZ2q0UurKDoCNwkmYod0v9+kiIKtzTMP6MOYwH
wl6LHvWfC67DIG7wxue+0Mj8zsB/w0RzzRSs6MU2Rn2d/ckA9xhhUbmPTNGdIowN
IrXsJws+yWi9VIEfj3QNqPXd0XFZJ0eqTiKGFl57rSUL
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:48:16 2024 by rpki-client on console-ams.rpki-client.org