Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/wqwGVF697QLjUBfDKICyu9inW3k.roa
File: wqwGVF697QLjUBfDKICyu9inW3k.roa (raw, json)
Hash identifier: ZTgK5aqyT/2sHzeLTrgZjeke+VSeflAeKiXOzmaEXpg=
Subject key identifier: C2:AC:06:54:5E:BD:ED:02:E3:50:17:C3:28:80:B2:BB:D8:A7:5B:79
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 0190ACBE0C40D825C95A961CDD01F4BFF9B4
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/wqwGVF697QLjUBfDKICyu9inW3k.roa
Signing time: Sat 13 Jul 2024 15:37:34 +0000
ROA not before: Sat 13 Jul 2024 15:37:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51026
IP address blocks: 45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
185.126.202.0/24 maxlen: 24
2a0a:2fc4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ac:be:0c:40:d8:25:c9:5a:96:1c:dd:01:f4:bf:f9:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Jul 13 15:37:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2ac06545ebded02e35017c32880b2bbd8a75b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fd:20:42:2a:df:01:41:20:f1:12:3b:fe:91:
36:60:d0:67:57:bc:5f:64:88:68:43:fe:74:a2:71:
05:34:dc:8d:50:68:63:ce:c4:54:2c:bb:27:f2:82:
8b:3c:b7:e2:b9:ec:86:65:7e:c0:08:05:7b:9f:f8:
10:44:04:f0:7c:83:41:24:aa:d6:4f:77:1d:7a:a7:
fb:c9:5d:a3:31:78:a4:ff:4d:65:35:8c:df:62:33:
dd:72:5f:ad:d6:10:95:6e:53:9c:49:8e:cc:bb:04:
3b:f5:9f:16:62:1a:2c:d3:18:c8:1f:42:66:f7:d6:
e9:dd:a3:be:57:92:eb:7f:01:cc:a7:b5:00:79:84:
19:a0:f2:55:74:41:5d:16:32:2f:57:dd:8e:95:1d:
10:52:c7:ba:17:b9:6d:f2:ba:0d:6b:b1:fd:52:ee:
bc:36:fa:21:ed:55:93:f1:97:5e:a1:9e:9d:3b:e1:
60:bc:c3:f8:4b:75:51:42:ed:2b:a3:f6:f2:47:6e:
58:9a:cf:ad:03:89:54:e9:f6:69:16:19:89:d5:40:
b5:d8:62:14:b8:b6:b9:f2:3e:b8:2e:5e:c5:54:2c:
d0:bd:03:5d:cb:e2:27:b6:b1:6f:30:8e:a0:87:95:
0d:a1:cb:14:15:81:b1:b1:27:a6:e9:2a:73:47:4c:
ec:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:AC:06:54:5E:BD:ED:02:E3:50:17:C3:28:80:B2:BB:D8:A7:5B:79
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/wqwGVF697QLjUBfDKICyu9inW3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.141.0-185.53.143.255
185.126.202.0/24
IPv6:
2a0a:2fc4::/32
Signature Algorithm: sha256WithRSAEncryption
6b:e2:01:6b:4b:74:32:90:ac:de:bd:a5:43:0e:f5:9f:ac:49:
23:cb:28:cc:08:ae:87:a0:ee:b8:7d:a5:ff:98:3f:e0:6b:0e:
fe:75:71:66:7c:6c:6a:4c:57:f1:99:b7:85:fb:f1:db:f3:77:
9f:31:fe:b2:5b:cd:45:1a:ea:c0:e1:ce:43:97:cc:a8:55:53:
c0:ec:10:67:b5:aa:db:4d:f0:df:35:1e:2a:84:3a:17:ef:1b:
57:e7:72:25:18:ba:f4:67:61:ef:ec:0c:25:0e:83:45:59:03:
47:4b:93:1c:73:fc:52:c4:eb:57:53:09:c7:1b:e3:ce:13:9b:
8a:88:94:d8:21:86:de:5f:38:33:59:58:1f:1e:4e:1c:69:0b:
78:cf:be:2e:5b:34:e2:e7:9e:db:6c:a5:5f:6d:0b:54:ad:51:
74:c2:96:a6:9f:ed:b7:0f:7c:a5:f3:e3:a1:36:4e:c0:1b:a3:
96:c5:af:a6:7d:8f:5f:a1:20:cc:5e:56:0e:54:f6:64:47:a8:
55:78:99:bd:9d:22:58:79:48:fa:49:ae:d7:6f:d0:f2:eb:e0:
c5:6c:e7:f9:5a:39:73:ac:9f:d8:f2:48:06:83:f0:5e:bb:0a:
67:f6:e0:18:0e:f0:27:cf:53:db:bb:cb:63:00:02:ee:4d:3d:
a5:68:f2:df
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZCsvgxA2CXJWpYc3QH0v/m0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjQwNzEzMTUzNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmFjMDY1NDVlYmRlZDAyZTM1MDE3YzMyODgwYjJiYmQ4YTc1Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof0gQirfAUEg8RI7/pE2YNBnV7xf
ZIhoQ/50onEFNNyNUGhjzsRULLsn8oKLPLfiueyGZX7ACAV7n/gQRATwfINBJKrW
T3cdeqf7yV2jMXik/01lNYzfYjPdcl+t1hCVblOcSY7MuwQ79Z8WYhos0xjIH0Jm
99bp3aO+V5LrfwHMp7UAeYQZoPJVdEFdFjIvV92OlR0QUse6F7lt8roNa7H9Uu68
Nvoh7VWT8ZdeoZ6dO+FgvMP4S3VRQu0ro/byR25Yms+tA4lU6fZpFhmJ1UC12GIU
uLa58j64Ll7FVCzQvQNdy+IntrFvMI6gh5UNocsUFYGxsSem6SpzR0zsjQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMKsBlReve0C41AXwyiAsrvYp1t5MB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvd3F3R1ZGNjk3UUxqVUJmREtJQ3l1OWluVzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCLYEkMAwD
BAC5NY0DBAS5NYADBAC5fsowDQQCAAIwBwMFACoKL8QwDQYJKoZIhvcNAQELBQAD
ggEBAGviAWtLdDKQrN69pUMO9Z+sSSPLKMwIroeg7rh9pf+YP+BrDv51cWZ8bGpM
V/GZt4X78dvzd58x/rJbzUUa6sDhzkOXzKhVU8DsEGe1qttN8N81HiqEOhfvG1fn
ciUYuvRnYe/sDCUOg0VZA0dLkxxz/FLE61dTCccb484Tm4qIlNghht5fODNZWB8e
ThxpC3jPvi5bNOLnnttspV9tC1StUXTClqaf7bcPfKXz46E2TsAbo5bFr6Z9j1+h
IMxeVg5U9mRHqFV4mb2dIlh5SPpJrtdv0PLr4MVs5/laOXOsn9jySAaD8F67Cmf2
4BgO8CfPU9u7y2MAAu5NPaVo8t8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:08:23 2024 by rpki-client on console-ams.rpki-client.org