Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/Wm5Yto-HowQ7dBal7MgmoSsd5G4.roa
File: Wm5Yto-HowQ7dBal7MgmoSsd5G4.roa (raw, json)
Hash identifier: xw+fdoMPrPctW90k50mEl0IFhK1zCaVrFqrx/n+ihkE=
Subject key identifier: 5A:6E:58:B6:8F:87:A3:04:3B:74:16:A5:EC:C8:26:A1:2B:1D:E4:6E
Certificate issuer: /CN=25a553794223e6b4c632779b51371dc4e7d70705
Certificate serial: 018CC4247A61317C855DE1979C77DB33B7F9
Authority key identifier: 25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/Wm5Yto-HowQ7dBal7MgmoSsd5G4.roa
Signing time: Mon 01 Jan 2024 08:29:34 +0000
ROA not before: Mon 01 Jan 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39756
IP address blocks: 46.102.248.0/24 maxlen: 24
89.36.24.0/21 maxlen: 24
176.223.224.0/20 maxlen: 24
89.36.30.0/24 maxlen: 24
176.223.240.0/21 maxlen: 24
89.41.60.0/23 maxlen: 24
89.47.247.0/24 maxlen: 24
89.33.207.0/24 maxlen: 24
176.223.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:7a:61:31:7c:85:5d:e1:97:9c:77:db:33:b7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a553794223e6b4c632779b51371dc4e7d70705
Validity
Not Before: Jan 1 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a6e58b68f87a3043b7416a5ecc826a12b1de46e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:8d:46:e9:3c:19:b2:42:80:cd:4c:41:99:24:
b1:8b:ca:45:74:9b:95:8e:3c:69:36:d0:d1:b1:4b:
6d:4e:a5:f9:d3:4c:66:c8:5f:b9:fc:55:63:9b:22:
f5:58:5b:68:46:e4:3a:d9:75:2e:8a:b3:b5:77:6a:
ec:7c:d8:11:4a:07:b0:4a:58:2c:4c:cb:b8:e9:ef:
11:27:e9:2d:44:39:fa:c9:84:5b:b2:7e:f0:98:38:
72:4f:31:f9:ee:92:66:16:d4:3f:8f:97:d0:80:c6:
e5:a3:9f:c4:2a:1c:97:e2:fc:43:66:d3:f6:ad:27:
c7:d5:1f:c9:20:e9:68:51:80:9d:4c:96:0b:f4:18:
0c:7d:72:87:be:c4:d0:34:dd:0a:4d:8f:a6:5b:ba:
2b:61:c7:00:b5:68:15:7c:ff:a3:63:6d:a0:61:70:
14:a8:ae:e9:7c:ab:77:65:4a:07:4f:ab:23:28:9c:
d8:3f:9b:40:8b:37:a1:23:88:ee:a8:95:2e:ba:5d:
54:18:00:a3:52:f5:f7:d0:2b:56:b3:2f:57:78:e5:
47:ad:3b:36:8d:3d:1d:f6:29:00:32:67:85:86:11:
aa:75:27:42:9e:4d:4a:c6:a8:80:0a:ab:da:d2:04:
98:fc:ea:4e:69:7c:91:34:29:b1:d9:86:d2:89:ea:
e7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6E:58:B6:8F:87:A3:04:3B:74:16:A5:EC:C8:26:A1:2B:1D:E4:6E
X509v3 Authority Key Identifier:
keyid:25:A5:53:79:42:23:E6:B4:C6:32:77:9B:51:37:1D:C4:E7:D7:07:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaVTeUIj5rTGMnebUTcdxOfXBwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/Wm5Yto-HowQ7dBal7MgmoSsd5G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/1f96cc-5ea6-49e3-8f5f-30e929ed1063/1/JaVTeUIj5rTGMnebUTcdxOfXBwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.248.0/24
89.33.207.0/24
89.36.24.0/21
89.41.60.0/23
89.47.247.0/24
176.223.192.0-176.223.247.255
Signature Algorithm: sha256WithRSAEncryption
8a:c6:d5:be:89:3f:b1:d4:50:72:be:e5:51:54:71:df:99:e8:
9a:18:83:42:82:18:ff:92:e9:63:8c:98:b8:65:5a:b0:f0:c7:
bc:fa:1f:50:9b:93:77:96:d7:a5:8d:4a:b9:1e:45:b7:94:b8:
16:b8:9f:50:69:b2:be:e9:5c:1d:9f:bd:9c:45:99:e3:b6:2f:
41:06:8b:7d:df:4a:d0:d1:e2:17:3f:38:23:a6:10:89:5c:f0:
44:8c:25:cf:7e:a1:c8:26:b9:20:33:39:ba:84:0f:96:c0:f7:
f2:45:d8:3e:d9:4d:26:ab:c9:75:dc:79:88:29:a2:74:6a:09:
9f:d9:1e:f5:75:ae:b9:c1:47:72:9d:65:cb:19:5a:7c:fc:ad:
ab:ef:71:c3:b9:1c:37:42:b8:f3:12:46:6e:35:2b:76:16:7a:
e0:7c:33:c0:e6:07:4d:cc:4a:61:dd:0b:7d:e7:ab:5c:a7:ef:
31:9e:d0:fb:27:49:0a:36:09:e7:aa:d4:69:12:4e:b2:5a:78:
75:c1:1f:5b:d8:65:d3:aa:da:5a:60:1e:89:6c:d7:6d:7b:1c:
f1:5f:a9:f3:0e:46:20:4e:71:ef:de:cc:75:e9:62:26:d8:a1:
6a:74:c7:f6:25:e8:5f:18:52:c4:4b:6f:2e:8d:3f:52:39:6e:
32:39:b6:77
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzEJHphMXyFXeGXnHfbM7f5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTU1Mzc5NDIyM2U2YjRjNjMyNzc5YjUxMzcxZGM0ZTdk
NzA3MDUwHhcNMjQwMTAxMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTZlNThiNjhmODdhMzA0M2I3NDE2YTVlY2M4MjZhMTJiMWRlNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY1G6TwZskKAzUxBmSSxi8pFdJuV
jjxpNtDRsUttTqX500xmyF+5/FVjmyL1WFtoRuQ62XUuirO1d2rsfNgRSgewSlgs
TMu46e8RJ+ktRDn6yYRbsn7wmDhyTzH57pJmFtQ/j5fQgMblo5/EKhyX4vxDZtP2
rSfH1R/JIOloUYCdTJYL9BgMfXKHvsTQNN0KTY+mW7orYccAtWgVfP+jY22gYXAU
qK7pfKt3ZUoHT6sjKJzYP5tAizehI4juqJUuul1UGACjUvX30CtWsy9XeOVHrTs2
jT0d9ikAMmeFhhGqdSdCnk1KxqiACqva0gSY/OpOaXyRNCmx2YbSiernEwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFpuWLaPh6MEO3QWpezIJqErHeRuMB8GA1UdIwQY
MBaAFCWlU3lCI+a0xjJ3m1E3HcTn1wcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYt
MzBlOTI5ZWQxMDYzLzEvV201WXRvLUhvd1E3ZEJhbDdNZ21vU3NkNUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8xZjk2Y2MtNWVhNi00OWUzLThmNWYtMzBlOTI5ZWQxMDYz
LzEvSmFWVGVVSWo1clRHTW5lYlVUY2R4T2ZYQndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALmb4AwQA
WSHPAwQDWSQYAwQBWSk8AwQAWS/3MAwDBAaw38ADBAOw3/AwDQYJKoZIhvcNAQEL
BQADggEBAIrG1b6JP7HUUHK+5VFUcd+Z6JoYg0KCGP+S6WOMmLhlWrDwx7z6H1Cb
k3eW16WNSrkeRbeUuBa4n1Bpsr7pXB2fvZxFmeO2L0EGi33fStDR4hc/OCOmEIlc
8ESMJc9+ocgmuSAzObqED5bA9/JF2D7ZTSaryXXceYgponRqCZ/ZHvV1rrnBR3Kd
ZcsZWnz8ravvccO5HDdCuPMSRm41K3YWeuB8M8DmB03MSmHdC33nq1yn7zGe0Psn
SQo2Ceeq1GkSTrJaeHXBH1vYZdOq2lpgHols1217HPFfqfMORiBOce/ezHXpYibY
oWp0x/Yl6F8YUsRLby6NP1I5bjI5tnc=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:24:13 2024 by rpki-client on console-fra.rpki-client.org