Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/wTHLZFMXvwxDuAFCwW7tKoKFnHA.roa
File: wTHLZFMXvwxDuAFCwW7tKoKFnHA.roa (raw, json)
Hash identifier: Bg3c8MiJT3kTFwjpghpUZqGO0Z4NWgCWLSRlHaaox/4=
Subject key identifier: C1:31:CB:64:53:17:BF:0C:43:B8:01:42:C1:6E:ED:2A:82:85:9C:70
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 018D8A14CDA93CA543F2495394154AC48AAF
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/wTHLZFMXvwxDuAFCwW7tKoKFnHA.roa
Signing time: Thu 08 Feb 2024 18:57:15 +0000
ROA not before: Thu 08 Feb 2024 18:57:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201021
IP address blocks: 46.38.141.0/24 maxlen: 24
185.143.74.0/24 maxlen: 24
185.143.75.0/24 maxlen: 24
212.16.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 04:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8a:14:cd:a9:3c:a5:43:f2:49:53:94:15:4a:c4:8a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Feb 8 18:57:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c131cb645317bf0c43b80142c16eed2a82859c70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:73:ad:15:74:41:d4:47:49:e2:05:4a:87:a3:
d5:b9:3d:94:92:c2:90:bd:0c:48:66:ce:7c:d7:1a:
0e:06:1c:e1:09:a9:d5:a7:2f:4e:e8:b1:b9:bd:ec:
9d:62:8d:a3:05:8b:77:b8:b2:47:75:0c:6a:18:7e:
3f:0c:c3:de:d7:34:01:0d:65:9a:fe:63:eb:42:a5:
bb:0b:3a:7d:ed:e9:f9:59:29:46:50:df:12:44:b9:
bd:00:aa:9c:67:ee:18:75:f3:b0:da:3d:65:e2:a3:
77:fd:e5:d6:ec:2e:77:09:97:3a:33:ad:59:9e:3e:
40:28:76:7d:07:60:d0:11:77:0e:39:44:e6:ee:b3:
fc:2e:c5:a1:46:82:cf:24:d3:5b:12:d7:86:4a:df:
f1:11:b3:5c:5e:cf:76:87:49:f1:db:62:1d:b5:c9:
03:f9:89:26:e8:c7:de:3b:a0:ca:03:16:ff:a2:37:
c6:c0:ce:5c:3e:2b:f0:9d:41:1f:45:5e:fb:6c:17:
40:99:82:73:6b:e6:ec:91:04:77:d0:d8:1a:bb:34:
8f:66:07:b3:cc:92:78:11:ec:aa:4d:d3:5c:cb:f0:
dd:4a:b0:7a:84:60:78:4f:9e:53:2e:e2:ac:84:63:
e8:60:9c:31:0c:15:05:29:3f:38:68:fa:88:7d:d3:
3f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:31:CB:64:53:17:BF:0C:43:B8:01:42:C1:6E:ED:2A:82:85:9C:70
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/wTHLZFMXvwxDuAFCwW7tKoKFnHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.141.0/24
185.143.74.0/23
212.16.85.0/24
Signature Algorithm: sha256WithRSAEncryption
52:9a:ce:7c:32:39:4e:8d:32:21:18:e9:f5:b8:a3:e9:3b:d5:
98:82:39:99:5c:7d:9b:14:71:09:68:e4:b0:58:ff:94:35:2d:
67:89:ab:be:00:16:6b:ab:61:28:65:68:57:f2:f1:da:53:9a:
5b:28:65:7d:67:4b:7a:7e:11:95:d9:e3:c8:be:eb:15:0e:e5:
a2:2b:21:ef:b7:1a:54:03:e3:b6:ea:a3:5c:9a:1a:18:ac:be:
9e:43:3c:6e:82:b5:85:e1:4f:6c:89:05:41:8e:3b:5c:79:64:
32:81:7f:58:1c:7b:7f:dd:09:e7:5b:f6:bf:5d:1c:44:6a:58:
15:2a:9e:a5:fa:bc:91:cb:a1:17:c4:d2:c1:d3:43:e1:f1:b7:
d3:9f:77:cf:71:38:1f:8c:5e:d2:70:d9:50:cf:df:74:57:a3:
ef:17:b3:a5:0e:0d:87:79:44:43:a6:09:17:44:3f:cb:69:f7:
eb:38:47:0b:f3:f7:10:a7:23:98:ed:4e:9f:50:76:1c:26:8e:
31:4a:4a:c2:af:bd:b0:42:33:21:c8:c8:f1:82:2e:8a:dd:92:
73:5c:4a:7b:ce:99:e4:7f:f4:99:cb:fe:82:f9:b6:6e:63:9b:
10:b7:c7:d1:8f:a4:d3:e0:e5:63:27:02:39:07:17:6b:f5:fe:
aa:84:2e:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2KFM2pPKVD8klTlBVKxIqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwMjA4MTg1NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTMxY2I2NDUzMTdiZjBjNDNiODAxNDJjMTZlZWQyYTgyODU5YzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3OtFXRB1EdJ4gVKh6PVuT2UksKQ
vQxIZs581xoOBhzhCanVpy9O6LG5veydYo2jBYt3uLJHdQxqGH4/DMPe1zQBDWWa
/mPrQqW7Czp97en5WSlGUN8SRLm9AKqcZ+4YdfOw2j1l4qN3/eXW7C53CZc6M61Z
nj5AKHZ9B2DQEXcOOUTm7rP8LsWhRoLPJNNbEteGSt/xEbNcXs92h0nx22IdtckD
+Ykm6MfeO6DKAxb/ojfGwM5cPivwnUEfRV77bBdAmYJza+bskQR30NgauzSPZgez
zJJ4EeyqTdNcy/DdSrB6hGB4T55TLuKshGPoYJwxDBUFKT84aPqIfdM/bQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMExy2RTF78MQ7gBQsFu7SqChZxwMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvd1RITFpGTVh2d3hEdUFGQ3dXN3RLb0tGbkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiaNAwQB
uY9KAwQA1BBVMA0GCSqGSIb3DQEBCwUAA4IBAQBSms58MjlOjTIhGOn1uKPpO9WY
gjmZXH2bFHEJaOSwWP+UNS1niau+ABZrq2EoZWhX8vHaU5pbKGV9Z0t6fhGV2ePI
vusVDuWiKyHvtxpUA+O26qNcmhoYrL6eQzxugrWF4U9siQVBjjtceWQygX9YHHt/
3QnnW/a/XRxEalgVKp6l+ryRy6EXxNLB00Ph8bfTn3fPcTgfjF7ScNlQz990V6Pv
F7OlDg2HeURDpgkXRD/LaffrOEcL8/cQpyOY7U6fUHYcJo4xSkrCr72wQjMhyMjx
gi6K3ZJzXEp7zpnkf/SZy/6C+bZuY5sQt8fRj6TT4OVjJwI5Bxdr9f6qhC4s
-----END CERTIFICATE-----
Generated at Mon May 20 12:40:07 2024 by rpki-client on console-ams.rpki-client.org