Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/wtGF54bNE0bumkHMl3Xb0KhWee0.roa
File: wtGF54bNE0bumkHMl3Xb0KhWee0.roa (raw, json)
Hash identifier: 7FmjIO7KWCGr87gslYVWCZ3yy+TOkGbGAYpuzL5DZZ4=
Subject key identifier: C2:D1:85:E7:86:CD:13:46:EE:9A:41:CC:97:75:DB:D0:A8:56:79:ED
Certificate issuer: /CN=c2902f769bf681b1039f2cee61e9e0f975e4e56b
Certificate serial: 018DE4986242C0A7C49C51788165644DD1E8
Authority key identifier: C2:90:2F:76:9B:F6:81:B1:03:9F:2C:EE:61:E9:E0:F9:75:E4:E5:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wpAvdpv2gbEDnyzuYeng-XXk5Ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/wtGF54bNE0bumkHMl3Xb0KhWee0.roa
Signing time: Mon 26 Feb 2024 08:46:48 +0000
ROA not before: Mon 26 Feb 2024 08:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34359
IP address blocks: 195.225.144.0/22 maxlen: 22
195.225.144.0/24 maxlen: 24
195.225.145.0/24 maxlen: 24
195.225.146.0/24 maxlen: 24
195.225.147.0/24 maxlen: 24
213.109.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/wpAvdpv2gbEDnyzuYeng-XXk5Ws.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/wpAvdpv2gbEDnyzuYeng-XXk5Ws.mft
rsync://rpki.ripe.net/repository/DEFAULT/wpAvdpv2gbEDnyzuYeng-XXk5Ws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:98:62:42:c0:a7:c4:9c:51:78:81:65:64:4d:d1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2902f769bf681b1039f2cee61e9e0f975e4e56b
Validity
Not Before: Feb 26 08:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2d185e786cd1346ee9a41cc9775dbd0a85679ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:be:ef:16:24:ac:8a:97:7c:99:59:b6:3b:87:
0d:74:9c:85:58:99:1c:6b:a8:f0:81:6a:3e:24:b7:
8e:73:25:4a:98:52:c1:c9:39:98:07:36:e7:ea:d0:
83:cb:74:55:f2:2a:79:8e:41:e4:bf:a1:41:37:3f:
66:79:a6:e9:79:f4:1a:43:03:18:d9:04:82:ae:de:
90:96:f0:75:54:50:76:5d:ad:02:ae:22:93:f0:d3:
a1:71:5d:08:c3:82:75:78:c5:b5:e6:70:aa:d4:43:
4f:34:19:59:4e:5a:b0:75:13:3c:4d:df:ee:f5:ca:
7e:14:d5:44:94:1d:fc:86:f6:9d:5c:e4:7b:a2:44:
23:b5:5c:19:44:bd:18:8a:45:f0:f3:62:c5:e7:b5:
bc:79:16:a2:3e:1e:62:3b:2d:50:e6:de:98:ec:fc:
44:f0:ce:71:7e:ca:19:94:74:cb:93:c2:e2:d5:9c:
ed:19:29:db:1e:3f:e6:e5:bf:50:12:08:64:3a:db:
b0:7e:f4:58:c5:93:ca:1a:2b:5c:86:9d:82:87:c6:
3a:c3:02:ce:36:4b:a3:06:76:27:02:5a:33:78:62:
01:35:6d:6f:6f:a1:30:37:5c:59:ac:d9:9b:20:bc:
36:3b:87:0f:02:7d:f9:c7:aa:02:62:81:d2:b0:54:
e0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D1:85:E7:86:CD:13:46:EE:9A:41:CC:97:75:DB:D0:A8:56:79:ED
X509v3 Authority Key Identifier:
keyid:C2:90:2F:76:9B:F6:81:B1:03:9F:2C:EE:61:E9:E0:F9:75:E4:E5:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wpAvdpv2gbEDnyzuYeng-XXk5Ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/wtGF54bNE0bumkHMl3Xb0KhWee0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/54d413-40f5-4ae2-aca9-ff3936fe9946/1/wpAvdpv2gbEDnyzuYeng-XXk5Ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.144.0/22
213.109.128.0/20
Signature Algorithm: sha256WithRSAEncryption
75:a2:24:92:87:b2:1b:bf:7c:8d:b7:79:ed:0f:0d:bf:11:72:
cb:5d:40:63:0a:a8:c3:f3:89:38:58:e3:f4:fc:d4:f6:26:69:
42:57:f3:e3:96:85:04:a8:ca:88:86:29:21:6c:7d:a5:39:e1:
fc:eb:4e:3c:0c:a7:fe:6f:dd:dd:86:47:f8:cc:1c:b4:f8:31:
85:01:9b:73:43:c8:ba:c5:ef:56:b3:08:45:c4:5b:5a:5a:7a:
38:b6:ca:4e:6c:8c:76:17:f6:50:27:65:4e:eb:b7:6c:19:59:
23:83:46:4c:af:d0:da:d4:81:e0:13:7e:d6:d3:8e:2f:b5:62:
e5:53:b5:f7:df:4d:a8:9c:01:b0:ef:c9:f5:2c:18:7d:e1:e2:
b3:f1:cc:26:15:3f:6a:d0:09:1a:14:0b:ef:63:a9:29:48:2a:
7d:1a:6d:9d:34:92:2f:a3:db:e3:09:27:c0:aa:d1:0e:7e:b5:
39:af:5d:5d:7c:b0:74:f3:4a:a0:bd:80:73:3f:89:78:a6:13:
4d:d2:4d:d1:4c:ec:a8:b1:9f:51:47:cd:6c:d1:59:70:33:41:
ea:e4:44:51:3d:e0:ec:a3:b7:48:60:30:c1:4e:6b:1c:a9:72:
fb:62:03:e8:6d:b2:9b:fa:58:34:d5:d7:97:4f:cb:82:8d:35:
54:ba:01:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3kmGJCwKfEnFF4gWVkTdHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyOTAyZjc2OWJmNjgxYjEwMzlmMmNlZTYxZTllMGY5NzVl
NGU1NmIwHhcNMjQwMjI2MDg0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQxODVlNzg2Y2QxMzQ2ZWU5YTQxY2M5Nzc1ZGJkMGE4NTY3OWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r7vFiSsipd8mVm2O4cNdJyFWJkc
a6jwgWo+JLeOcyVKmFLByTmYBzbn6tCDy3RV8ip5jkHkv6FBNz9meabpefQaQwMY
2QSCrt6QlvB1VFB2Xa0CriKT8NOhcV0Iw4J1eMW15nCq1ENPNBlZTlqwdRM8Td/u
9cp+FNVElB38hvadXOR7okQjtVwZRL0YikXw82LF57W8eRaiPh5iOy1Q5t6Y7PxE
8M5xfsoZlHTLk8Li1ZztGSnbHj/m5b9QEghkOtuwfvRYxZPKGitchp2Ch8Y6wwLO
NkujBnYnAlozeGIBNW1vb6EwN1xZrNmbILw2O4cPAn35x6oCYoHSsFTgOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMLRheeGzRNG7ppBzJd129CoVnntMB8GA1UdIwQY
MBaAFMKQL3ab9oGxA58s7mHp4Pl15OVrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3BBdmRwdjJnYkVEbnl6dVllbmctWFhrNVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My81NGQ0MTMtNDBmNS00YWUyLWFjYTkt
ZmYzOTM2ZmU5OTQ2LzEvd3RHRjU0Yk5FMGJ1bWtITWwzWGIwS2hXZWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My81NGQ0MTMtNDBmNS00YWUyLWFjYTktZmYzOTM2ZmU5OTQ2
LzEvd3BBdmRwdjJnYkVEbnl6dVllbmctWFhrNVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw+GQAwQE
1W2AMA0GCSqGSIb3DQEBCwUAA4IBAQB1oiSSh7Ibv3yNt3ntDw2/EXLLXUBjCqjD
84k4WOP0/NT2JmlCV/PjloUEqMqIhikhbH2lOeH86048DKf+b93dhkf4zBy0+DGF
AZtzQ8i6xe9WswhFxFtaWno4tspObIx2F/ZQJ2VO67dsGVkjg0ZMr9Da1IHgE37W
044vtWLlU7X3302onAGw78n1LBh94eKz8cwmFT9q0AkaFAvvY6kpSCp9Gm2dNJIv
o9vjCSfAqtEOfrU5r11dfLB080qgvYBzP4l4phNN0k3RTOyosZ9RR81s0VlwM0Hq
5ERRPeDso7dIYDDBTmscqXL7YgPobbKb+lg01deXT8uCjTVUugGh
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:55:50 2024 by rpki-client on console-ams.rpki-client.org