Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/wrMAOT6CGwBXXElBSuboDRzS_n8.roa
File: wrMAOT6CGwBXXElBSuboDRzS_n8.roa (raw, json)
Hash identifier: 4+8oyXIky/RrEP3WUip2+q5s6PcOemIQThB3dGY3Kd4=
Subject key identifier: C2:B3:00:39:3E:82:1B:00:57:5C:49:41:4A:E6:E8:0D:1C:D2:FE:7F
Certificate issuer: /CN=a3717ea54b95942fad81a943edb1c10f9df94afb
Certificate serial: 01929EF125994F27061D7A21B09B230364FC
Authority key identifier: A3:71:7E:A5:4B:95:94:2F:AD:81:A9:43:ED:B1:C1:0F:9D:F9:4A:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/wrMAOT6CGwBXXElBSuboDRzS_n8.roa
Signing time: Fri 18 Oct 2024 09:24:16 +0000
ROA not before: Fri 18 Oct 2024 09:24:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56911
IP address blocks: 185.47.136.0/24 maxlen: 24
185.47.137.0/24 maxlen: 24
185.47.139.0/24 maxlen: 24
185.139.180.0/24 maxlen: 24
195.177.112.0/24 maxlen: 24
195.177.113.0/24 maxlen: 24
195.177.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:f1:25:99:4f:27:06:1d:7a:21:b0:9b:23:03:64:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3717ea54b95942fad81a943edb1c10f9df94afb
Validity
Not Before: Oct 18 09:24:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2b300393e821b00575c49414ae6e80d1cd2fe7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ea:e4:59:f7:41:63:f8:ce:43:28:ad:6d:a7:
39:f4:cb:bc:f9:1f:2a:fd:ce:c3:0c:eb:3c:6d:19:
19:3d:e5:59:55:58:a8:b1:05:5c:eb:d2:39:5c:81:
9d:55:3f:ea:eb:cf:39:93:d4:98:bf:cb:da:44:64:
88:4f:7c:d2:38:48:46:f4:c6:ff:01:2b:9e:0e:69:
ea:ea:b5:59:e2:a7:d7:39:d9:4a:ad:8d:a9:a0:00:
eb:6b:63:4a:69:6e:d9:93:7c:5f:28:a2:f1:d8:63:
7f:a7:92:31:b9:eb:a4:b1:b5:02:bd:1b:2e:20:6c:
34:ca:67:42:f2:ab:65:f3:00:28:d3:72:fd:4c:cd:
c6:50:e1:1b:0b:f9:8d:79:45:a9:2b:aa:52:66:94:
5c:ad:b7:b5:b8:58:a1:23:a4:81:7f:fa:bc:88:e9:
05:7f:75:d4:6f:45:b1:c1:fa:a7:0e:57:6f:5e:16:
3f:58:42:6e:d8:57:fa:72:ac:6a:41:87:7f:bc:1f:
d4:c3:1c:bd:7e:f4:fb:ed:71:94:91:5c:8e:de:90:
63:ac:26:66:a2:7c:b4:62:c0:fa:7b:26:e3:56:9c:
27:3e:b1:f2:b4:48:24:7f:19:fb:ac:59:ea:38:89:
39:c6:fa:c2:db:60:47:bd:f4:1e:7d:90:31:06:c5:
ca:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B3:00:39:3E:82:1B:00:57:5C:49:41:4A:E6:E8:0D:1C:D2:FE:7F
X509v3 Authority Key Identifier:
keyid:A3:71:7E:A5:4B:95:94:2F:AD:81:A9:43:ED:B1:C1:0F:9D:F9:4A:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/wrMAOT6CGwBXXElBSuboDRzS_n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.136.0/23
185.47.139.0/24
185.139.180.0/24
195.177.112.0/23
195.177.115.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:ec:e6:20:7d:ff:4d:12:9d:2d:16:1f:92:93:9f:ee:00:3a:
c9:91:25:74:21:52:e9:be:00:42:3d:89:49:21:fb:db:40:7e:
dc:d7:64:cb:90:a4:e6:d8:75:1d:b1:b5:49:1d:53:de:fc:f0:
35:e6:1c:b3:3d:dc:aa:a5:67:38:43:80:b4:22:8a:c3:0c:82:
5c:48:eb:47:61:93:ed:74:32:a9:24:6e:8f:c3:6e:a7:47:1d:
1a:8f:c2:9c:32:b8:f6:5d:e1:44:e4:5a:b4:28:d6:93:67:7f:
79:2e:50:20:2f:f3:87:d1:ce:1e:fd:24:68:cf:fe:43:8e:b5:
d3:b0:26:db:23:b8:22:a5:43:dc:bb:3f:6c:46:4f:40:db:97:
34:e3:05:b3:09:75:f1:05:b3:96:a6:62:cd:4e:59:2a:98:e6:
64:00:34:19:61:03:30:2c:94:3c:f0:b1:80:c8:0b:38:a8:9c:
26:06:b3:88:07:23:4a:e9:8f:50:11:63:b3:a0:11:f5:58:66:
6e:55:70:ef:ea:d6:bd:de:36:e2:0f:7d:25:32:9c:e1:72:ce:
e4:7a:da:fe:06:8f:fc:e4:28:f3:ce:14:11:c8:17:fb:ba:3f:
b7:f9:b0:51:90:9f:f5:61:a1:e6:bd:d4:32:13:e2:90:79:9d:
92:17:29:5d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZKe8SWZTycGHXohsJsjA2T8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzE3ZWE1NGI5NTk0MmZhZDgxYTk0M2VkYjFjMTBmOWRm
OTRhZmIwHhcNMjQxMDE4MDkyNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmIzMDAzOTNlODIxYjAwNTc1YzQ5NDE0YWU2ZTgwZDFjZDJmZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAserkWfdBY/jOQyitbac59Mu8+R8q
/c7DDOs8bRkZPeVZVViosQVc69I5XIGdVT/q6885k9SYv8vaRGSIT3zSOEhG9Mb/
ASueDmnq6rVZ4qfXOdlKrY2poADra2NKaW7Zk3xfKKLx2GN/p5IxueuksbUCvRsu
IGw0ymdC8qtl8wAo03L9TM3GUOEbC/mNeUWpK6pSZpRcrbe1uFihI6SBf/q8iOkF
f3XUb0WxwfqnDldvXhY/WEJu2Ff6cqxqQYd/vB/Uwxy9fvT77XGUkVyO3pBjrCZm
ony0YsD6eybjVpwnPrHytEgkfxn7rFnqOIk5xvrC22BHvfQefZAxBsXKQQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMKzADk+ghsAV1xJQUrm6A0c0v5/MB8GA1UdIwQY
MBaAFKNxfqVLlZQvrYGpQ+2xwQ+d+Ur7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNGLXBVdVZsQy10Z2FsRDdiSEJENTM1U3ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNTQ4ZDUtODJmZS00NmMyLWI5OTct
MTU3YWQwYWM1MjBhLzEvd3JNQU9UNkNHd0JYWEVsQlN1Ym9EUnpTX244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNTQ4ZDUtODJmZS00NmMyLWI5OTctMTU3YWQwYWM1MjBh
LzEvbzNGLXBVdVZsQy10Z2FsRDdiSEJENTM1U3ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBuS+IAwQA
uS+LAwQAuYu0AwQBw7FwAwQAw7FzMA0GCSqGSIb3DQEBCwUAA4IBAQBu7OYgff9N
Ep0tFh+Sk5/uADrJkSV0IVLpvgBCPYlJIfvbQH7c12TLkKTm2HUdsbVJHVPe/PA1
5hyzPdyqpWc4Q4C0IorDDIJcSOtHYZPtdDKpJG6Pw26nRx0aj8KcMrj2XeFE5Fq0
KNaTZ395LlAgL/OH0c4e/SRoz/5DjrXTsCbbI7gipUPcuz9sRk9A25c04wWzCXXx
BbOWpmLNTlkqmOZkADQZYQMwLJQ88LGAyAs4qJwmBrOIByNK6Y9QEWOzoBH1WGZu
VXDv6ta93jbiD30lMpzhcs7ketr+Bo/85CjzzhQRyBf7uj+3+bBRkJ/1YaHmvdQy
E+KQeZ2SFyld
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:07:52 2024 by rpki-client on console-ams.rpki-client.org