Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/Wgs6WYXswC2bZEIL-yVokvOs-PM.roa
File: Wgs6WYXswC2bZEIL-yVokvOs-PM.roa (raw, json)
Hash identifier: WeFAzQx+c9L0dmIAKdPuxomwmkb9OTSoN+4YOSFf6Ak=
Subject key identifier: 5A:0B:3A:59:85:EC:C0:2D:9B:64:42:0B:FB:25:68:92:F3:AC:F8:F3
Certificate issuer: /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial: 0192A4B6CFBDDE6A51A4D6487D30DB020E78
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/Wgs6WYXswC2bZEIL-yVokvOs-PM.roa
Signing time: Sat 19 Oct 2024 12:18:17 +0000
ROA not before: Sat 19 Oct 2024 12:18:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 45.11.92.0/24 maxlen: 32
45.11.93.0/24 maxlen: 32
45.11.94.0/24 maxlen: 32
45.145.4.0/24 maxlen: 32
45.145.6.0/24 maxlen: 32
45.145.7.0/24 maxlen: 32
45.152.84.0/24 maxlen: 32
45.152.86.0/24 maxlen: 32
45.152.112.0/24 maxlen: 32
45.152.113.0/24 maxlen: 32
45.152.114.0/24 maxlen: 32
45.152.115.0/24 maxlen: 32
45.154.1.0/24 maxlen: 32
45.154.2.0/24 maxlen: 32
45.154.3.0/24 maxlen: 32
45.159.208.0/24 maxlen: 32
45.159.209.0/24 maxlen: 32
45.159.210.0/24 maxlen: 32
45.159.211.0/24 maxlen: 32
193.23.55.0/24 maxlen: 32
193.43.72.0/24 maxlen: 32
193.43.79.0/24 maxlen: 32
193.43.91.0/24 maxlen: 32
193.43.94.0/24 maxlen: 32
193.187.172.0/24 maxlen: 32
193.187.173.0/24 maxlen: 32
193.187.174.0/24 maxlen: 32
193.187.175.0/24 maxlen: 32
193.242.145.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a4:b6:cf:bd:de:6a:51:a4:d6:48:7d:30:db:02:0e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Validity
Not Before: Oct 19 12:18:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a0b3a5985ecc02d9b64420bfb256892f3acf8f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7c:63:52:78:c8:ef:56:97:11:20:22:b8:08:
84:ab:fd:ff:91:90:7c:3c:97:0d:b0:48:bb:38:5a:
ac:a6:43:cf:24:73:cb:b2:6c:46:fe:8c:67:bf:32:
52:14:8c:6f:59:9f:f8:ae:26:02:3d:fc:26:4f:b4:
e4:dc:c5:87:5c:e8:9d:57:e0:4f:cb:31:77:78:82:
a2:45:cb:76:6a:1f:e7:1e:7a:5c:55:56:2f:2e:18:
db:58:c4:94:ad:79:87:4d:cb:a4:c9:d3:6f:96:0a:
53:71:54:a0:0e:e3:08:98:29:9d:8e:cb:13:35:67:
e7:4e:82:1c:2b:97:64:f5:8d:6f:ff:c2:d1:8c:de:
fb:2a:95:ab:3a:92:db:9d:73:4f:7b:29:f6:32:84:
a8:ea:69:9f:a1:7a:d4:25:37:43:01:e1:f8:ae:ee:
de:f5:d8:a1:14:65:42:31:e2:45:3e:d7:a0:77:b7:
e2:0a:94:87:cf:e1:19:0c:7b:b5:85:db:8f:38:2e:
d1:5a:20:6f:a4:8b:ea:67:40:be:e3:08:e6:3b:c0:
bb:5f:22:3f:78:c0:77:30:ce:3d:4b:f7:21:ee:11:
4c:60:e0:4c:0d:36:46:d9:75:cd:5c:67:23:12:74:
3c:0b:bf:91:42:34:32:d6:14:48:5c:74:23:81:7d:
0a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:0B:3A:59:85:EC:C0:2D:9B:64:42:0B:FB:25:68:92:F3:AC:F8:F3
X509v3 Authority Key Identifier:
keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/Wgs6WYXswC2bZEIL-yVokvOs-PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.92.0-45.11.94.255
45.145.4.0/24
45.145.6.0/23
45.152.84.0/24
45.152.86.0/24
45.152.112.0/22
45.154.1.0-45.154.3.255
45.159.208.0/22
193.23.55.0/24
193.43.72.0/24
193.43.79.0/24
193.43.91.0/24
193.43.94.0/24
193.187.172.0/22
193.242.145.0/24
Signature Algorithm: sha256WithRSAEncryption
57:37:18:f3:3a:e5:1c:32:04:f5:be:d0:30:b0:d5:4c:99:9f:
5e:0c:3f:dd:d0:f9:10:49:66:8e:2f:ad:d6:f7:e2:2d:73:a8:
2a:74:a0:79:96:51:77:26:f3:35:0a:24:e1:d1:19:88:4e:cf:
46:36:6b:f9:7a:61:60:fb:0c:9e:8e:a3:da:90:ad:63:87:f0:
6c:1f:e0:c4:b2:6a:fb:ab:0d:fe:59:64:bc:95:1f:82:42:55:
fe:9e:fa:3a:6d:db:d3:27:76:78:73:c2:64:2d:4b:b4:5c:68:
83:73:da:a8:fd:00:d5:c2:11:df:d2:11:8c:d4:23:d4:59:ab:
cd:a5:aa:66:6e:c7:08:e4:e2:b1:96:93:c2:40:11:a8:1f:ac:
87:eb:12:24:27:1c:98:7d:10:2c:a6:06:1f:03:19:6c:b2:19:
8c:82:6f:c3:6d:c0:50:67:8d:e2:09:df:80:8f:fc:b1:11:a9:
c7:ff:2e:ba:7b:db:7b:2d:e0:58:6a:48:ca:24:64:38:1c:d2:
c5:3d:9f:ef:0f:d5:46:1f:2d:8f:35:3c:e5:12:69:ea:ae:0b:
ed:d3:d2:1c:74:51:db:ad:84:3e:cd:f5:05:0a:69:02:16:8f:
12:f2:73:f2:64:af:8c:53:78:b8:30:b0:4f:05:a8:05:ac:53:
4e:fc:14:68
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZKkts+93mpRpNZIfTDbAg54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjhiYmIxZTE4NmE1OTlkNGNjMDU4Y2FiZjRkZjBlMjUy
ZjMxZmEwHhcNMjQxMDE5MTIxODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTBiM2E1OTg1ZWNjMDJkOWI2NDQyMGJmYjI1Njg5MmYzYWNmOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnxjUnjI71aXESAiuAiEq/3/kZB8
PJcNsEi7OFqspkPPJHPLsmxG/oxnvzJSFIxvWZ/4riYCPfwmT7Tk3MWHXOidV+BP
yzF3eIKiRct2ah/nHnpcVVYvLhjbWMSUrXmHTcukydNvlgpTcVSgDuMImCmdjssT
NWfnToIcK5dk9Y1v/8LRjN77KpWrOpLbnXNPeyn2MoSo6mmfoXrUJTdDAeH4ru7e
9dihFGVCMeJFPtegd7fiCpSHz+EZDHu1hduPOC7RWiBvpIvqZ0C+4wjmO8C7XyI/
eMB3MM49S/ch7hFMYOBMDTZG2XXNXGcjEnQ8C7+RQjQy1hRIXHQjgX0K/QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFFoLOlmF7MAtm2RCC/slaJLzrPjzMB8GA1UdIwQY
MBaAFPG4u7HhhqWZ1MwFjKv03w4lLzH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQt
NWI0Yjg1ZmQ1YWU1LzEvV2dzNldZWHN3QzJiWkVJTC15Vm9rdk9zLVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQtNWI0Yjg1ZmQ1YWU1
LzEvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQCLQtc
AwQALQteAwQALZEEAwQBLZEGAwQALZhUAwQALZhWAwQCLZhwMAwDBAAtmgEDBAIt
mgADBAItn9ADBADBFzcDBADBK0gDBADBK08DBADBK1sDBADBK14DBALBu6wDBADB
8pEwDQYJKoZIhvcNAQELBQADggEBAFc3GPM65RwyBPW+0DCw1UyZn14MP93Q+RBJ
Zo4vrdb34i1zqCp0oHmWUXcm8zUKJOHRGYhOz0Y2a/l6YWD7DJ6Oo9qQrWOH8Gwf
4MSyavurDf5ZZLyVH4JCVf6e+jpt29MndnhzwmQtS7RcaINz2qj9ANXCEd/SEYzU
I9RZq82lqmZuxwjk4rGWk8JAEagfrIfrEiQnHJh9ECymBh8DGWyyGYyCb8NtwFBn
jeIJ34CP/LERqcf/Lrp723st4FhqSMokZDgc0sU9n+8P1UYfLY81POUSaequC+3T
0hx0UduthD7N9QUKaQIWjxLyc/Jkr4xTeLgwsE8FqAWsU078FGg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:45:12 2024 by rpki-client on console-ams.rpki-client.org