Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/WNKQPl5TY5RiDSDHnkjTQI8PvPI.roa
File: WNKQPl5TY5RiDSDHnkjTQI8PvPI.roa (raw, json)
Hash identifier: 7Fb1iyCYYwvtk+ftGp3igxKkC/lSPReZSqAU461T1nQ=
Subject key identifier: 58:D2:90:3E:5E:53:63:94:62:0D:20:C7:9E:48:D3:40:8F:0F:BC:F2
Certificate issuer: /CN=bd175e878d33b47d806f2cf3e04628220935123d
Certificate serial: 018CC7273B59D3C5B1CADFD9733B5DCED40D
Authority key identifier: BD:17:5E:87:8D:33:B4:7D:80:6F:2C:F3:E0:46:28:22:09:35:12:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/WNKQPl5TY5RiDSDHnkjTQI8PvPI.roa
Signing time: Mon 01 Jan 2024 22:31:26 +0000
ROA not before: Mon 01 Jan 2024 22:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206423
IP address blocks: 91.199.8.0/24 maxlen: 32
2001:67c:2f84::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.mft
rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:3b:59:d3:c5:b1:ca:df:d9:73:3b:5d:ce:d4:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd175e878d33b47d806f2cf3e04628220935123d
Validity
Not Before: Jan 1 22:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58d2903e5e536394620d20c79e48d3408f0fbcf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:38:10:46:ae:75:5b:c2:c8:c1:fc:78:42:9a:
de:e9:7a:2a:4c:2f:05:0a:25:f1:50:be:b9:25:9f:
5d:5f:d0:50:7f:ef:28:aa:94:63:28:dc:69:0e:e6:
80:43:81:1f:21:00:a2:cc:b7:61:2a:ab:26:51:0d:
68:a6:af:45:f5:97:ec:de:22:69:a3:9a:1c:a0:fd:
84:26:b5:d8:aa:f8:36:dd:8c:d7:f0:d7:e1:c0:b9:
6a:b3:1b:7f:2b:1a:fa:3e:d4:67:31:50:30:e9:b7:
bf:c1:f2:b7:95:0c:8b:8d:47:ce:50:08:df:90:90:
9a:ce:9b:93:92:0d:91:d2:6d:57:54:f2:0b:83:10:
99:3e:1a:da:c4:f0:c6:c5:6e:16:cb:eb:46:db:4b:
8a:50:69:31:80:05:cc:3a:36:18:eb:a5:6b:d7:c4:
7d:80:03:fb:76:f8:2d:b2:2b:11:e6:c1:04:74:45:
d0:91:da:e5:d7:0d:f5:21:b3:d1:5a:82:ec:9e:a3:
58:f9:53:3e:2b:bc:07:8a:7b:fc:35:c9:fe:82:d9:
8f:3e:c7:3e:8f:36:38:45:93:a1:c8:18:73:36:24:
33:ee:16:49:73:f4:95:ad:71:59:9a:8a:08:9e:32:
dd:7c:a9:16:f8:a5:37:ba:e3:5a:33:8e:a5:72:6e:
b3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D2:90:3E:5E:53:63:94:62:0D:20:C7:9E:48:D3:40:8F:0F:BC:F2
X509v3 Authority Key Identifier:
keyid:BD:17:5E:87:8D:33:B4:7D:80:6F:2C:F3:E0:46:28:22:09:35:12:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRdeh40ztH2Abyzz4EYoIgk1Ej0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/WNKQPl5TY5RiDSDHnkjTQI8PvPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dda98e-8646-4d07-80ac-a35eaf005af5/1/vRdeh40ztH2Abyzz4EYoIgk1Ej0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.8.0/24
IPv6:
2001:67c:2f84::/48
Signature Algorithm: sha256WithRSAEncryption
0d:6f:f4:d0:d0:b4:10:ec:c2:e2:6c:56:24:c7:87:7a:1a:03:
31:27:25:83:ab:d1:1b:33:a3:5a:ef:2f:a9:e5:e1:fc:f3:c3:
e0:81:eb:95:17:c9:82:d6:80:3e:95:8d:cb:fa:ca:09:d8:3d:
6f:62:a9:13:ff:9a:0c:76:e6:74:d0:5b:c4:ec:66:14:60:bf:
ae:e8:0c:1e:7a:46:d8:7b:8e:8e:54:6f:2b:00:86:a2:0b:fb:
9a:d0:6a:ef:a6:70:70:b7:69:e8:9d:01:06:19:31:bc:20:1b:
9d:20:8f:93:d3:0c:7c:4f:b2:b7:ab:64:8a:4a:7c:62:6e:d1:
63:63:96:e9:f8:7c:3c:09:b4:ef:21:ac:5f:49:61:2a:d8:15:
52:68:10:fb:78:a3:98:55:84:dc:4f:f8:92:ea:7b:bc:94:6d:
ee:d1:b6:0d:15:ab:d0:e7:a5:63:99:b5:b2:65:28:88:12:50:
8e:71:15:64:3f:1b:9c:a1:64:8d:15:63:07:3a:0f:d7:3d:71:
6f:d3:4c:24:a4:08:8b:79:76:13:ad:fb:c9:8f:0f:51:0e:5e:
4c:79:5c:d6:5e:9b:fd:a0:e0:fa:4c:72:2b:4e:70:a9:ec:b7:
1a:60:fe:c4:c7:9a:7f:c9:a1:c3:e9:39:0f:33:fc:24:8a:03:
8b:b0:d5:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJztZ08Wxyt/ZcztdztQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMTc1ZTg3OGQzM2I0N2Q4MDZmMmNmM2UwNDYyODIyMDkz
NTEyM2QwHhcNMjQwMTAxMjIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGQyOTAzZTVlNTM2Mzk0NjIwZDIwYzc5ZTQ4ZDM0MDhmMGZiY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojgQRq51W8LIwfx4Qpre6XoqTC8F
CiXxUL65JZ9dX9BQf+8oqpRjKNxpDuaAQ4EfIQCizLdhKqsmUQ1opq9F9Zfs3iJp
o5ocoP2EJrXYqvg23YzX8NfhwLlqsxt/Kxr6PtRnMVAw6be/wfK3lQyLjUfOUAjf
kJCazpuTkg2R0m1XVPILgxCZPhraxPDGxW4Wy+tG20uKUGkxgAXMOjYY66Vr18R9
gAP7dvgtsisR5sEEdEXQkdrl1w31IbPRWoLsnqNY+VM+K7wHinv8Ncn+gtmPPsc+
jzY4RZOhyBhzNiQz7hZJc/SVrXFZmooInjLdfKkW+KU3uuNaM46lcm6zVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFjSkD5eU2OUYg0gx55I00CPD7zyMB8GA1UdIwQY
MBaAFL0XXoeNM7R9gG8s8+BGKCIJNRI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlJkZWg0MHp0SDJBYnl6ejRFWW9JZ2sxRWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZGE5OGUtODY0Ni00ZDA3LTgwYWMt
YTM1ZWFmMDA1YWY1LzEvV05LUVBsNVRZNVJpRFNESG5ralRRSThQdlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZGE5OGUtODY0Ni00ZDA3LTgwYWMtYTM1ZWFmMDA1YWY1
LzEvdlJkZWg0MHp0SDJBYnl6ejRFWW9JZ2sxRWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8cIMA8E
AgACMAkDBwAgAQZ8L4QwDQYJKoZIhvcNAQELBQADggEBAA1v9NDQtBDswuJsViTH
h3oaAzEnJYOr0Rszo1rvL6nl4fzzw+CB65UXyYLWgD6Vjcv6ygnYPW9iqRP/mgx2
5nTQW8TsZhRgv67oDB56Rth7jo5UbysAhqIL+5rQau+mcHC3aeidAQYZMbwgG50g
j5PTDHxPsrerZIpKfGJu0WNjlun4fDwJtO8hrF9JYSrYFVJoEPt4o5hVhNxP+JLq
e7yUbe7Rtg0Vq9DnpWOZtbJlKIgSUI5xFWQ/G5yhZI0VYwc6D9c9cW/TTCSkCIt5
dhOt+8mPD1EOXkx5XNZem/2g4PpMcitOcKnstxpg/sTHmn/JocPpOQ8z/CSKA4uw
1WQ=
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:58:24 2024 by rpki-client on console-ams.rpki-client.org