Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/WSIVj10PJgxYIdyxgkWkSMm_5LY.roa
File: WSIVj10PJgxYIdyxgkWkSMm_5LY.roa (raw, json)
Hash identifier: 8mV0Psy5RLYJt0xO+FFGWWwexhVKxzomOtQOXLlDtqg=
Subject key identifier: 59:22:15:8F:5D:0F:26:0C:58:21:DC:B1:82:45:A4:48:C9:BF:E4:B6
Certificate issuer: /CN=d32d000368c1d54f08a7782c07673b68a93edfc5
Certificate serial: 018CC794B1E8A8234353486680BBE8FB0F58
Authority key identifier: D3:2D:00:03:68:C1:D5:4F:08:A7:78:2C:07:67:3B:68:A9:3E:DF:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0y0AA2jB1U8Ip3gsB2c7aKk-38U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/WSIVj10PJgxYIdyxgkWkSMm_5LY.roa
Signing time: Tue 02 Jan 2024 00:30:59 +0000
ROA not before: Tue 02 Jan 2024 00:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29492
IP address blocks: 94.102.32.0/20 maxlen: 20
95.169.32.0/19 maxlen: 19
185.20.244.0/22 maxlen: 22
37.148.144.0/21 maxlen: 21
77.106.128.0/18 maxlen: 18
87.248.0.0/19 maxlen: 19
109.203.0.0/19 maxlen: 19
82.147.32.0/19 maxlen: 19
2a02:a18::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/0y0AA2jB1U8Ip3gsB2c7aKk-38U.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/0y0AA2jB1U8Ip3gsB2c7aKk-38U.mft
rsync://rpki.ripe.net/repository/DEFAULT/0y0AA2jB1U8Ip3gsB2c7aKk-38U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 03:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:b1:e8:a8:23:43:53:48:66:80:bb:e8:fb:0f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d32d000368c1d54f08a7782c07673b68a93edfc5
Validity
Not Before: Jan 2 00:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5922158f5d0f260c5821dcb18245a448c9bfe4b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:19:c6:e0:dc:f3:0f:53:03:3a:a9:f5:c0:6a:
c3:a9:54:aa:02:95:94:84:b4:50:28:c1:7f:e2:f5:
1a:2c:70:5c:c4:af:fb:b4:77:95:bf:36:d1:77:ce:
db:49:6c:3c:89:27:86:c6:7f:04:48:3e:6c:93:8a:
97:3a:ea:ed:a0:7f:2d:7f:0d:a5:93:7a:b7:4f:7e:
84:d5:f0:4e:3a:07:98:4d:6a:16:f6:81:e3:67:bd:
a2:e0:e5:3f:e4:d9:05:c2:50:97:1f:9b:62:9f:f5:
f5:ac:3e:ee:54:a6:bf:c7:59:59:04:26:a9:b5:b3:
bc:4d:68:bc:1b:dc:dc:f8:f4:00:14:da:f8:d9:56:
64:94:65:dd:00:64:65:de:b3:f6:1e:62:09:32:d0:
40:b0:77:72:79:e4:f6:7b:75:d4:a2:75:c4:4d:a9:
5d:bc:9f:5a:b3:dc:f0:fd:3c:91:96:aa:6f:eb:ef:
a7:d2:f1:3e:a0:72:58:b0:da:9a:4f:21:db:be:60:
67:0b:47:e9:7f:f7:81:ff:7d:11:86:7d:36:a0:fd:
5e:b3:20:00:81:28:0c:14:5e:e6:82:8e:b8:21:59:
16:d5:f1:c7:f3:47:6d:f2:6d:80:79:d1:be:07:29:
44:6d:45:0f:f5:34:a2:51:51:24:05:62:89:e8:57:
b0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:22:15:8F:5D:0F:26:0C:58:21:DC:B1:82:45:A4:48:C9:BF:E4:B6
X509v3 Authority Key Identifier:
keyid:D3:2D:00:03:68:C1:D5:4F:08:A7:78:2C:07:67:3B:68:A9:3E:DF:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0y0AA2jB1U8Ip3gsB2c7aKk-38U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/WSIVj10PJgxYIdyxgkWkSMm_5LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/468065-2233-4dc7-b95c-a7bb38a1a53d/1/0y0AA2jB1U8Ip3gsB2c7aKk-38U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.144.0/21
77.106.128.0/18
82.147.32.0/19
87.248.0.0/19
94.102.32.0/20
95.169.32.0/19
109.203.0.0/19
185.20.244.0/22
IPv6:
2a02:a18::/32
Signature Algorithm: sha256WithRSAEncryption
26:87:0c:f3:12:06:5f:69:b2:8d:8d:a6:17:c2:96:b3:68:4c:
bd:80:dc:8f:4a:41:15:54:6d:fe:f1:ce:a3:5e:1e:5f:fe:8d:
40:dd:ae:67:3f:e0:79:e2:7e:9a:4c:c1:6e:d8:7d:a8:62:3e:
52:47:68:d4:14:01:74:85:86:d4:ff:62:e1:98:07:2c:38:3d:
fb:99:81:a7:ba:6f:8e:cf:48:4b:99:fe:8b:a6:9d:07:90:42:
7a:da:22:91:4f:32:7d:84:26:b0:85:e5:33:ce:d3:8c:27:9f:
d7:f8:08:47:86:aa:e5:e9:c1:58:72:ee:b8:26:71:76:c2:76:
5a:46:e2:6f:d7:66:93:7f:14:3f:42:a4:67:42:bb:a2:37:d2:
f3:c6:26:06:59:96:c2:2f:10:56:c9:6f:a4:33:ca:a4:02:1e:
c2:22:28:f8:ce:78:de:91:9d:54:a5:4c:96:1d:5e:68:ec:e3:
8e:59:f8:66:98:c0:bf:a7:5a:28:21:95:c9:4e:6a:47:80:6e:
c7:41:be:d8:67:4b:6f:6c:62:2c:59:fb:f7:c6:e0:e6:e4:aa:
92:08:09:e0:88:ab:5b:b6:db:17:37:31:1b:1c:b6:38:e3:68:
cc:e6:b1:7b:31:c3:44:bf:6f:20:d0:e5:ec:59:1e:72:55:35:
0f:c1:95:e3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzHlLHoqCNDU0hmgLvo+w9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMmQwMDAzNjhjMWQ1NGYwOGE3NzgyYzA3NjczYjY4YTkz
ZWRmYzUwHhcNMjQwMTAyMDAzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTIyMTU4ZjVkMGYyNjBjNTgyMWRjYjE4MjQ1YTQ0OGM5YmZlNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhnG4NzzD1MDOqn1wGrDqVSqApWU
hLRQKMF/4vUaLHBcxK/7tHeVvzbRd87bSWw8iSeGxn8ESD5sk4qXOurtoH8tfw2l
k3q3T36E1fBOOgeYTWoW9oHjZ72i4OU/5NkFwlCXH5tin/X1rD7uVKa/x1lZBCap
tbO8TWi8G9zc+PQAFNr42VZklGXdAGRl3rP2HmIJMtBAsHdyeeT2e3XUonXETald
vJ9as9zw/TyRlqpv6++n0vE+oHJYsNqaTyHbvmBnC0fpf/eB/30Rhn02oP1esyAA
gSgMFF7mgo64IVkW1fHH80dt8m2AedG+BylEbUUP9TSiUVEkBWKJ6FewXwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFFkiFY9dDyYMWCHcsYJFpEjJv+S2MB8GA1UdIwQY
MBaAFNMtAANowdVPCKd4LAdnO2ipPt/FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHkwQUEyakIxVThJcDNnc0IyYzdhS2stMzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NjgwNjUtMjIzMy00ZGM3LWI5NWMt
YTdiYjM4YTFhNTNkLzEvV1NJVmoxMFBKZ3hZSWR5eGdrV2tTTW1fNUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NjgwNjUtMjIzMy00ZGM3LWI5NWMtYTdiYjM4YTFhNTNk
LzEvMHkwQUEyakIxVThJcDNnc0IyYzdhS2stMzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJZSQAwQG
TWqAAwQFUpMgAwQFV/gAAwQEXmYgAwQFX6kgAwQFbcsAAwQCuRT0MA0EAgACMAcD
BQAqAgoYMA0GCSqGSIb3DQEBCwUAA4IBAQAmhwzzEgZfabKNjaYXwpazaEy9gNyP
SkEVVG3+8c6jXh5f/o1A3a5nP+B54n6aTMFu2H2oYj5SR2jUFAF0hYbU/2LhmAcs
OD37mYGnum+Oz0hLmf6Lpp0HkEJ62iKRTzJ9hCawheUzztOMJ5/X+AhHhqrl6cFY
cu64JnF2wnZaRuJv12aTfxQ/QqRnQruiN9LzxiYGWZbCLxBWyW+kM8qkAh7CIij4
znjekZ1UpUyWHV5o7OOOWfhmmMC/p1ooIZXJTmpHgG7HQb7YZ0tvbGIsWfv3xuDm
5KqSCAngiKtbttsXNzEbHLY442jM5rF7McNEv28g0OXsWR5yVTUPwZXj
-----END CERTIFICATE-----
Generated at Fri May 17 09:12:27 2024 by rpki-client on console-ams.rpki-client.org