Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/wrcIAOIjlNbbRpSqREXw2nARpFQ.roa
File: wrcIAOIjlNbbRpSqREXw2nARpFQ.roa (raw, json)
Hash identifier: TobuQCiRT1qOWg4Pbddn2M7I1r4NzjXjPB+6M4rS+gk=
Subject key identifier: C2:B7:08:00:E2:23:94:D6:DB:46:94:AA:44:45:F0:DA:70:11:A4:54
Certificate issuer: /CN=62dfe53884b95a09f66a416e14f56c6b0f789afc
Certificate serial: 018CC94D20A43ADAAC52EE90A9557AEECC26
Authority key identifier: 62:DF:E5:38:84:B9:5A:09:F6:6A:41:6E:14:F5:6C:6B:0F:78:9A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yt_lOIS5Wgn2akFuFPVsaw94mvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/wrcIAOIjlNbbRpSqREXw2nARpFQ.roa
Signing time: Tue 02 Jan 2024 08:32:04 +0000
ROA not before: Tue 02 Jan 2024 08:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205345
IP address blocks: 185.221.124.0/22 maxlen: 22
2a0d:c000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/Yt_lOIS5Wgn2akFuFPVsaw94mvw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/Yt_lOIS5Wgn2akFuFPVsaw94mvw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yt_lOIS5Wgn2akFuFPVsaw94mvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:20:a4:3a:da:ac:52:ee:90:a9:55:7a:ee:cc:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62dfe53884b95a09f66a416e14f56c6b0f789afc
Validity
Not Before: Jan 2 08:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2b70800e22394d6db4694aa4445f0da7011a454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:02:5c:5f:3d:22:c2:9e:b6:4e:fe:90:52:d4:
73:6b:ba:d4:bc:88:48:7a:cc:bf:e0:7d:cf:0e:1c:
5c:a1:a9:3c:b0:ec:18:e6:e3:64:42:06:a6:f5:58:
b4:f2:ca:b9:c7:b3:0b:bf:c7:d8:8c:02:1c:7f:99:
f3:01:61:55:57:0d:c2:33:58:a4:84:b6:d0:ce:d4:
d4:57:c1:4f:6e:51:34:96:88:a7:f7:94:58:fb:77:
cd:98:cc:a5:2d:32:75:95:47:6f:66:04:7c:c0:30:
c2:61:cb:9f:1c:30:a9:be:61:af:6c:d8:15:f2:31:
ad:0d:3e:d7:19:5b:e0:2e:4d:d5:5c:d3:6d:52:d7:
6f:c6:57:ee:58:eb:2a:4f:d7:c1:cb:b0:6a:69:06:
e8:8e:d5:30:ef:9b:31:3d:77:cb:a4:36:68:32:5c:
82:0b:80:b4:05:d2:ca:16:9d:fc:8f:10:70:48:20:
e5:95:9a:13:f0:71:f1:69:b5:97:24:e5:87:11:dc:
8d:c2:ef:60:c6:78:fa:c3:0d:78:74:9b:d6:2a:04:
9f:d3:22:7d:4d:98:12:55:98:ce:7b:e6:9f:9a:7b:
8b:15:ff:10:19:0a:0e:f4:da:a3:4d:dc:ec:59:ec:
56:31:09:58:37:18:e1:ec:c2:8e:ff:0a:61:31:3b:
46:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B7:08:00:E2:23:94:D6:DB:46:94:AA:44:45:F0:DA:70:11:A4:54
X509v3 Authority Key Identifier:
keyid:62:DF:E5:38:84:B9:5A:09:F6:6A:41:6E:14:F5:6C:6B:0F:78:9A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yt_lOIS5Wgn2akFuFPVsaw94mvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/wrcIAOIjlNbbRpSqREXw2nARpFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fb0032-bc45-458f-ab2b-2936aa227765/1/Yt_lOIS5Wgn2akFuFPVsaw94mvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.124.0/22
IPv6:
2a0d:c000::/29
Signature Algorithm: sha256WithRSAEncryption
3d:a2:2b:65:90:c5:20:f1:e4:38:0a:6d:de:2c:51:85:c0:86:
87:09:73:de:29:ce:e6:15:5d:ae:da:a6:7c:5a:64:dc:60:5b:
5c:2d:85:d4:df:c2:2a:90:7b:46:05:1f:78:92:1c:f1:36:aa:
09:c7:88:da:e8:56:e9:0f:a6:ef:c0:63:c4:8b:5c:63:40:06:
0e:4b:3e:01:3a:69:ec:9a:5b:81:cf:8e:94:2f:6f:8c:d3:eb:
ef:ea:5d:51:22:e8:26:6d:54:ed:76:3d:33:b8:47:c5:ec:6e:
ab:ea:3d:42:e0:90:1f:6d:28:c7:a0:ee:3b:57:b9:5b:4d:3a:
9e:84:1a:11:b8:3b:01:2b:b0:55:37:9b:85:60:75:65:31:4c:
b4:81:94:fa:66:03:08:d2:56:42:45:d4:ab:0a:c8:12:41:e3:
e5:66:1f:83:11:2c:a1:09:4f:74:14:53:ee:75:ff:98:6c:1c:
b1:be:17:d4:bb:73:89:ea:45:55:5b:b9:b8:3e:78:12:d0:56:
ed:57:b6:a6:ba:4d:73:14:d9:f9:05:3d:44:32:13:a2:6a:23:
64:dc:7b:d5:c1:c0:d7:25:bc:8c:03:a6:9c:b3:8b:de:d8:d6:
ac:92:0d:3b:af:89:52:f3:fa:71:52:2a:a4:83:e1:2c:5e:6d:
0e:fb:b5:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTSCkOtqsUu6QqVV67swmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZGZlNTM4ODRiOTVhMDlmNjZhNDE2ZTE0ZjU2YzZiMGY3
ODlhZmMwHhcNMjQwMTAyMDgzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI3MDgwMGUyMjM5NGQ2ZGI0Njk0YWE0NDQ1ZjBkYTcwMTFhNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQJcXz0iwp62Tv6QUtRza7rUvIhI
esy/4H3PDhxcoak8sOwY5uNkQgam9Vi08sq5x7MLv8fYjAIcf5nzAWFVVw3CM1ik
hLbQztTUV8FPblE0loin95RY+3fNmMylLTJ1lUdvZgR8wDDCYcufHDCpvmGvbNgV
8jGtDT7XGVvgLk3VXNNtUtdvxlfuWOsqT9fBy7BqaQbojtUw75sxPXfLpDZoMlyC
C4C0BdLKFp38jxBwSCDllZoT8HHxabWXJOWHEdyNwu9gxnj6ww14dJvWKgSf0yJ9
TZgSVZjOe+afmnuLFf8QGQoO9NqjTdzsWexWMQlYNxjh7MKO/wphMTtGtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMK3CADiI5TW20aUqkRF8NpwEaRUMB8GA1UdIwQY
MBaAFGLf5TiEuVoJ9mpBbhT1bGsPeJr8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRfbE9JUzVXZ24yYWtGdUZQVnNhdzk0bXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mYjAwMzItYmM0NS00NThmLWFiMmIt
MjkzNmFhMjI3NzY1LzEvd3JjSUFPSWpsTmJiUnBTcVJFWHcybkFScEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mYjAwMzItYmM0NS00NThmLWFiMmItMjkzNmFhMjI3NzY1
LzEvWXRfbE9JUzVXZ24yYWtGdUZQVnNhdzk0bXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud18MA0E
AgACMAcDBQMqDcAAMA0GCSqGSIb3DQEBCwUAA4IBAQA9oitlkMUg8eQ4Cm3eLFGF
wIaHCXPeKc7mFV2u2qZ8WmTcYFtcLYXU38IqkHtGBR94khzxNqoJx4ja6FbpD6bv
wGPEi1xjQAYOSz4BOmnsmluBz46UL2+M0+vv6l1RIugmbVTtdj0zuEfF7G6r6j1C
4JAfbSjHoO47V7lbTTqehBoRuDsBK7BVN5uFYHVlMUy0gZT6ZgMI0lZCRdSrCsgS
QePlZh+DESyhCU90FFPudf+YbByxvhfUu3OJ6kVVW7m4PngS0FbtV7amuk1zFNn5
BT1EMhOiaiNk3HvVwcDXJbyMA6acs4ve2Naskg07r4lS8/pxUiqkg+EsXm0O+7UE
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:22:34 2024 by rpki-client on console-fra.rpki-client.org