Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/WQ3KksUnJZb7ejWniPJ_PuqcV9s.roa
File: WQ3KksUnJZb7ejWniPJ_PuqcV9s.roa (raw, json)
Hash identifier: YU+IPy0LIoKZEkRN3pmDOheywoR8Fje3GC9od31YD0w=
Subject key identifier: 59:0D:CA:92:C5:27:25:96:FB:7A:35:A7:88:F2:7F:3E:EA:9C:57:DB
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 018CC56E1F8EC1A280E6EF99D21E77576ED5
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/WQ3KksUnJZb7ejWniPJ_PuqcV9s.roa
Signing time: Mon 01 Jan 2024 14:29:37 +0000
ROA not before: Mon 01 Jan 2024 14:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 213.181.77.0/24 maxlen: 24
213.181.72.0/23 maxlen: 23
89.29.190.0/23 maxlen: 23
213.181.89.0/24 maxlen: 24
213.181.90.0/23 maxlen: 23
213.181.94.0/24 maxlen: 24
213.181.92.0/23 maxlen: 23
89.29.206.0/23 maxlen: 23
89.29.225.0/24 maxlen: 24
176.57.96.0/24 maxlen: 24
89.29.247.0/24 maxlen: 24
89.29.253.0/24 maxlen: 24
89.29.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1f:8e:c1:a2:80:e6:ef:99:d2:1e:77:57:6e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 1 14:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=590dca92c5272596fb7a35a788f27f3eea9c57db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6e:2e:f4:32:43:c6:90:f9:3c:c2:da:7d:5d:
22:c6:0e:39:89:67:82:ca:2a:00:93:6b:bf:e2:f5:
5a:6c:fb:3b:11:58:f1:01:16:7e:e6:40:4e:61:77:
63:e6:03:90:f0:46:a1:45:04:c7:1c:f1:3e:d3:e6:
fe:a4:c3:45:03:9f:68:f1:62:94:c1:0a:cb:c9:a1:
14:95:b8:94:8b:38:e5:1b:e1:cf:31:b6:ea:82:57:
7f:91:ec:6a:77:fe:9b:0b:6d:f0:0a:8f:ea:e4:47:
26:8b:8c:e5:18:20:8b:a2:04:35:1b:34:65:81:d6:
27:bc:1a:71:4f:2f:75:58:b4:59:d6:6f:70:69:cd:
32:6b:8d:ed:37:55:16:e1:0c:03:58:97:68:0f:c1:
e8:c3:f9:8c:f9:5a:0c:37:36:f3:62:4e:89:cb:f7:
43:c4:19:01:2f:0a:c2:2b:6f:b1:fa:9d:46:e1:1e:
5d:77:d3:e1:a6:10:6b:20:9a:18:21:91:7a:a8:48:
c7:ad:2a:ae:73:8e:f4:99:22:f3:5b:e2:4f:41:fa:
e6:ab:8b:90:0c:23:21:26:4d:85:3b:fc:6a:34:56:
01:1c:b4:a9:fe:e3:35:43:54:0e:e4:d8:06:cf:e2:
d1:d8:a7:e9:d5:c9:2b:96:92:6a:26:29:2d:fc:c6:
f1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:0D:CA:92:C5:27:25:96:FB:7A:35:A7:88:F2:7F:3E:EA:9C:57:DB
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/WQ3KksUnJZb7ejWniPJ_PuqcV9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.190.0/23
89.29.206.0/23
89.29.225.0/24
89.29.247.0/24
89.29.253.0/24
89.29.255.0/24
176.57.96.0/24
213.181.72.0/23
213.181.77.0/24
213.181.89.0-213.181.94.255
Signature Algorithm: sha256WithRSAEncryption
94:71:38:cf:3b:46:a3:1c:e4:9e:7b:71:dc:d2:97:a7:76:67:
ed:fc:de:07:8b:9c:1e:6e:81:78:10:f8:84:61:a3:8f:83:f6:
22:b6:e8:71:f9:d9:1b:ff:e6:dc:1c:2c:0d:fc:9d:2c:ea:f8:
65:e4:3f:f2:56:8e:24:da:83:b6:d7:0c:38:39:44:28:a0:97:
fc:59:9e:68:3c:b0:ec:b6:61:16:be:95:d2:3b:21:68:44:af:
df:87:ae:15:f5:b1:69:b8:3e:d2:50:b4:c0:46:4e:19:5d:74:
77:c9:45:23:3a:bb:c5:a6:81:d3:dd:68:2c:45:e4:58:2e:05:
3e:3c:25:a0:7e:49:73:3c:d4:dc:fe:7d:1b:57:23:4d:a5:d1:
25:38:ca:40:8a:a1:72:a6:e1:e4:6f:54:bd:e5:80:9a:1d:37:
45:50:01:bf:12:2a:4e:3a:0f:69:77:37:ee:b6:6d:4a:0f:7a:
9e:da:74:1e:b1:63:35:6a:65:2e:4f:6e:c1:58:2c:a1:07:96:
d0:b5:5d:95:83:7a:a4:14:54:9b:19:69:6f:1b:b5:56:0c:57:
99:07:75:15:cd:34:88:e5:80:f7:48:84:14:c0:8b:a2:42:a5:
0a:c6:5f:a6:88:e0:20:ca:f0:56:a8:58:a2:ef:4c:aa:58:64:
35:ea:d5:d7
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzFbh+OwaKA5u+Z0h53V27VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjQwMTAxMTQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTBkY2E5MmM1MjcyNTk2ZmI3YTM1YTc4OGYyN2YzZWVhOWM1N2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW4u9DJDxpD5PMLafV0ixg45iWeC
yioAk2u/4vVabPs7EVjxARZ+5kBOYXdj5gOQ8EahRQTHHPE+0+b+pMNFA59o8WKU
wQrLyaEUlbiUizjlG+HPMbbqgld/kexqd/6bC23wCo/q5Ecmi4zlGCCLogQ1GzRl
gdYnvBpxTy91WLRZ1m9wac0ya43tN1UW4QwDWJdoD8How/mM+VoMNzbzYk6Jy/dD
xBkBLwrCK2+x+p1G4R5dd9PhphBrIJoYIZF6qEjHrSquc470mSLzW+JPQfrmq4uQ
DCMhJk2FO/xqNFYBHLSp/uM1Q1QO5NgGz+LR2Kfp1ckrlpJqJikt/MbxIwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFkNypLFJyWW+3o1p4jyfz7qnFfbMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvV1EzS2tzVW5KWmI3ZWpXbmlQSl9QdXFjVjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBWR2+AwQB
WR3OAwQAWR3hAwQAWR33AwQAWR39AwQAWR3/AwQAsDlgAwQB1bVIAwQA1bVNMAwD
BADVtVkDBADVtV4wDQYJKoZIhvcNAQELBQADggEBAJRxOM87RqMc5J57cdzSl6d2
Z+383geLnB5ugXgQ+IRho4+D9iK26HH52Rv/5twcLA38nSzq+GXkP/JWjiTag7bX
DDg5RCigl/xZnmg8sOy2YRa+ldI7IWhEr9+HrhX1sWm4PtJQtMBGThlddHfJRSM6
u8WmgdPdaCxF5FguBT48JaB+SXM81Nz+fRtXI02l0SU4ykCKoXKm4eRvVL3lgJod
N0VQAb8SKk46D2l3N+62bUoPep7adB6xYzVqZS5PbsFYLKEHltC1XZWDeqQUVJsZ
aW8btVYMV5kHdRXNNIjlgPdIhBTAi6JCpQrGX6aI4CDK8FaoWKLvTKpYZDXq1dc=
-----END CERTIFICATE-----
Generated at Sat May 25 10:30:01 2024 by rpki-client on console-ams.rpki-client.org