Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/WTCvtBe919krc0kD_uCIEPo86io.roa
File: WTCvtBe919krc0kD_uCIEPo86io.roa (raw, json)
Hash identifier: EDkDVLTTxkraoKPoDVIEvPMI8lnoedvpH6c+FCs+eb8=
Subject key identifier: 59:30:AF:B4:17:BD:D7:D9:2B:73:49:03:FE:E0:88:10:FA:3C:EA:2A
Certificate issuer: /CN=4e8db964389446cabcaf7941cd198342c2336dd0
Certificate serial: 0190C5084F5851794D86F87EA768C590E964
Authority key identifier: 4E:8D:B9:64:38:94:46:CA:BC:AF:79:41:CD:19:83:42:C2:33:6D:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/To25ZDiURsq8r3lBzRmDQsIzbdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/WTCvtBe919krc0kD_uCIEPo86io.roa
Signing time: Thu 18 Jul 2024 08:49:34 +0000
ROA not before: Thu 18 Jul 2024 08:49:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200565
IP address blocks: 185.11.64.0/22 maxlen: 22
185.99.136.0/22 maxlen: 22
212.78.242.0/23 maxlen: 23
2a12:4540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/To25ZDiURsq8r3lBzRmDQsIzbdA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/To25ZDiURsq8r3lBzRmDQsIzbdA.mft
rsync://rpki.ripe.net/repository/DEFAULT/To25ZDiURsq8r3lBzRmDQsIzbdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:08:4f:58:51:79:4d:86:f8:7e:a7:68:c5:90:e9:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e8db964389446cabcaf7941cd198342c2336dd0
Validity
Not Before: Jul 18 08:49:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5930afb417bdd7d92b734903fee08810fa3cea2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a8:ad:44:61:4f:fe:e4:76:b1:33:ad:29:a9:
7a:c0:11:50:5c:25:86:6e:6d:b4:d8:d3:11:1d:97:
12:30:b8:f2:78:63:55:91:c6:d4:b6:92:02:ee:4c:
7a:70:36:05:95:9c:89:fe:44:d8:4a:33:f1:4b:ca:
a6:44:13:49:74:dd:03:8e:b8:6d:a6:ac:4c:f1:04:
7b:47:a8:ec:10:5c:63:2f:7f:be:4e:9f:ab:5f:7b:
23:15:85:59:ee:6e:72:e6:49:6d:44:c5:67:df:1a:
93:03:1a:50:16:3d:b4:48:92:8b:22:64:4f:be:ab:
b0:23:c7:ab:29:ac:c6:60:ca:ff:de:76:66:56:97:
44:6b:ce:1a:d3:a7:d4:17:e2:61:d9:7e:71:6b:a0:
d1:21:7f:7b:41:b8:34:38:70:ef:ba:90:b2:2b:4d:
80:8a:f1:8a:d4:ad:10:76:11:39:e3:49:cf:95:af:
fe:db:59:af:8a:ef:e5:29:40:41:4d:d2:66:5f:f6:
8d:61:78:64:0b:79:e2:6a:54:22:40:ab:17:4f:a6:
8d:8f:e6:09:55:d0:40:1b:bf:52:f6:2c:37:49:bd:
42:66:a0:42:b1:35:6f:28:51:78:6d:cf:95:d5:03:
91:87:a5:58:68:73:10:12:3f:ed:56:ed:8d:c4:72:
63:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:30:AF:B4:17:BD:D7:D9:2B:73:49:03:FE:E0:88:10:FA:3C:EA:2A
X509v3 Authority Key Identifier:
keyid:4E:8D:B9:64:38:94:46:CA:BC:AF:79:41:CD:19:83:42:C2:33:6D:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/To25ZDiURsq8r3lBzRmDQsIzbdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/WTCvtBe919krc0kD_uCIEPo86io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/b3961c-3f68-45c1-a04e-95469bf09340/1/To25ZDiURsq8r3lBzRmDQsIzbdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.64.0/22
185.99.136.0/22
212.78.242.0/23
IPv6:
2a12:4540::/29
Signature Algorithm: sha256WithRSAEncryption
7a:7f:56:80:5b:0d:9d:b2:c3:c6:e7:96:d4:dd:53:a1:80:45:
f8:b5:1f:14:64:69:2f:83:b3:26:76:78:c6:fb:07:d5:3c:fa:
3c:1a:43:83:6f:b5:e8:0a:5e:c1:42:b0:6a:e3:d4:a3:b9:65:
27:a6:24:6a:f5:5b:1e:95:e4:2a:d3:33:dd:7a:24:b4:ed:3f:
82:e4:f5:dc:ea:cd:17:9b:81:f3:58:04:4a:62:83:bb:da:c5:
fe:16:a7:71:46:70:db:9e:38:4c:4c:bd:e0:89:65:dc:a6:ed:
02:29:fc:0c:43:28:35:51:82:2f:7c:73:1e:0a:8e:15:8b:75:
64:cf:aa:74:91:47:5e:39:db:e5:07:79:91:82:03:96:34:a5:
91:04:9f:e5:0a:5f:40:3d:3e:b4:a6:9f:4d:2f:f4:00:fa:fb:
7c:b2:4c:1e:48:ac:83:d9:1b:28:25:b9:6e:82:08:cc:85:b2:
5c:17:e9:e7:3c:16:10:ac:7f:42:e6:71:fb:82:c3:1b:e3:f1:
00:28:2c:e4:c4:4f:25:6b:d2:65:ea:e4:4c:a1:b8:12:55:7b:
23:c9:31:82:e8:f5:3a:db:23:79:8a:aa:bb:59:53:43:81:33:
10:e7:87:5f:df:cd:50:60:bb:45:3e:51:a9:90:04:39:28:a1:
14:3e:21:ba
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZDFCE9YUXlNhvh+p2jFkOlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOGRiOTY0Mzg5NDQ2Y2FiY2FmNzk0MWNkMTk4MzQyYzIz
MzZkZDAwHhcNMjQwNzE4MDg0OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTMwYWZiNDE3YmRkN2Q5MmI3MzQ5MDNmZWUwODgxMGZhM2NlYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaitRGFP/uR2sTOtKal6wBFQXCWG
bm202NMRHZcSMLjyeGNVkcbUtpIC7kx6cDYFlZyJ/kTYSjPxS8qmRBNJdN0Djrht
pqxM8QR7R6jsEFxjL3++Tp+rX3sjFYVZ7m5y5kltRMVn3xqTAxpQFj20SJKLImRP
vquwI8erKazGYMr/3nZmVpdEa84a06fUF+Jh2X5xa6DRIX97Qbg0OHDvupCyK02A
ivGK1K0QdhE540nPla/+21mviu/lKUBBTdJmX/aNYXhkC3nialQiQKsXT6aNj+YJ
VdBAG79S9iw3Sb1CZqBCsTVvKFF4bc+V1QORh6VYaHMQEj/tVu2NxHJj5wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFkwr7QXvdfZK3NJA/7giBD6POoqMB8GA1UdIwQY
MBaAFE6NuWQ4lEbKvK95Qc0Zg0LCM23QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG8yNVpEaVVSc3E4cjNsQnpSbURRc0l6YmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9iMzk2MWMtM2Y2OC00NWMxLWEwNGUt
OTU0NjliZjA5MzQwLzEvV1RDdnRCZTkxOWtyYzBrRF91Q0lFUG84NmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9iMzk2MWMtM2Y2OC00NWMxLWEwNGUtOTU0NjliZjA5MzQw
LzEvVG8yNVpEaVVSc3E4cjNsQnpSbURRc0l6YmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQtAAwQC
uWOIAwQB1E7yMA0EAgACMAcDBQMqEkVAMA0GCSqGSIb3DQEBCwUAA4IBAQB6f1aA
Ww2dssPG55bU3VOhgEX4tR8UZGkvg7MmdnjG+wfVPPo8GkODb7XoCl7BQrBq49Sj
uWUnpiRq9VseleQq0zPdeiS07T+C5PXc6s0Xm4HzWARKYoO72sX+FqdxRnDbnjhM
TL3giWXcpu0CKfwMQyg1UYIvfHMeCo4Vi3Vkz6p0kUdeOdvlB3mRggOWNKWRBJ/l
Cl9APT60pp9NL/QA+vt8skweSKyD2RsoJbluggjMhbJcF+nnPBYQrH9C5nH7gsMb
4/EAKCzkxE8la9Jl6uRMobgSVXsjyTGC6PU62yN5iqq7WVNDgTMQ54df381QYLtF
PlGpkAQ5KKEUPiG6
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:58 2024 by rpki-client on console-ams.rpki-client.org