Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/5cf431-4d57-4503-b28a-90ef7bda1dc3/1/3WF9Jke5_VD3x5ida8dxgUoSUxQ.roa
File: 3WF9Jke5_VD3x5ida8dxgUoSUxQ.roa (raw, json)
Hash identifier: 7cTGjpAX/iR4aXbs3Qm34euDB/AkshQvXp9sFjqUBjQ=
Subject key identifier: DD:61:7D:26:47:B9:FD:50:F7:C7:98:9D:6B:C7:71:81:4A:12:53:14
Certificate issuer: /CN=c1eb2c601fa6d07507973081faa1325fe190b276
Certificate serial: 018FA456BA7348A15A7DE13692E55C90B79F
Authority key identifier: C1:EB:2C:60:1F:A6:D0:75:07:97:30:81:FA:A1:32:5F:E1:90:B2:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wessYB-m0HUHlzCB-qEyX-GQsnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/5cf431-4d57-4503-b28a-90ef7bda1dc3/1/3WF9Jke5_VD3x5ida8dxgUoSUxQ.roa
Signing time: Thu 23 May 2024 07:24:58 +0000
ROA not before: Thu 23 May 2024 07:24:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 193.169.70.0/24 maxlen: 24
193.169.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/5cf431-4d57-4503-b28a-90ef7bda1dc3/1/wessYB-m0HUHlzCB-qEyX-GQsnY.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/5cf431-4d57-4503-b28a-90ef7bda1dc3/1/wessYB-m0HUHlzCB-qEyX-GQsnY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wessYB-m0HUHlzCB-qEyX-GQsnY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:56:ba:73:48:a1:5a:7d:e1:36:92:e5:5c:90:b7:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1eb2c601fa6d07507973081faa1325fe190b276
Validity
Not Before: May 23 07:24:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd617d2647b9fd50f7c7989d6bc771814a125314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:81:46:d3:16:20:6e:0d:20:7a:58:d6:0f:ce:
a4:23:3d:39:cd:82:44:4a:56:30:88:82:01:3a:45:
b1:45:5d:bc:92:be:b8:08:06:6a:47:21:36:f2:95:
04:e7:e8:ba:ff:7b:dd:1d:f2:98:9b:70:b9:4f:34:
78:af:a7:50:ee:e0:20:7a:6d:89:31:53:99:79:c1:
5e:91:10:e0:af:f3:b9:41:ff:cc:a0:0d:83:34:64:
ba:86:1f:b2:9a:a7:16:c1:7d:ec:3e:84:1c:61:83:
6d:03:32:4f:bc:26:28:59:3b:39:81:52:d9:d6:38:
30:f5:51:5d:c7:7c:ab:aa:9b:91:ad:24:2d:90:7f:
c9:a2:32:a9:43:77:5d:ea:3d:93:21:6e:fa:82:39:
53:f8:c0:29:76:7c:2d:03:71:46:82:21:7a:d4:56:
59:8a:76:a7:0c:f2:65:df:36:0d:73:bb:1c:cc:41:
95:12:ab:35:cd:be:6e:4c:6c:2f:fd:4d:c0:19:ea:
68:ac:53:17:a0:2f:2f:2a:14:55:2c:5e:f1:50:da:
e2:2e:a8:2c:72:3a:c1:26:5b:33:87:11:e7:04:c9:
d6:0d:84:77:11:d2:57:69:30:36:59:f3:a4:1c:aa:
65:e7:88:dc:55:2a:5d:70:d0:8b:6e:d5:86:b6:5a:
22:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:61:7D:26:47:B9:FD:50:F7:C7:98:9D:6B:C7:71:81:4A:12:53:14
X509v3 Authority Key Identifier:
keyid:C1:EB:2C:60:1F:A6:D0:75:07:97:30:81:FA:A1:32:5F:E1:90:B2:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wessYB-m0HUHlzCB-qEyX-GQsnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/5cf431-4d57-4503-b28a-90ef7bda1dc3/1/3WF9Jke5_VD3x5ida8dxgUoSUxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/5cf431-4d57-4503-b28a-90ef7bda1dc3/1/wessYB-m0HUHlzCB-qEyX-GQsnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.70.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:41:4b:63:82:a5:a0:c7:24:9b:ae:9e:eb:c2:83:cd:d0:68:
f7:a2:78:4f:d6:03:46:93:73:52:df:d4:01:dd:9c:45:4c:09:
14:ad:64:b9:24:1b:3f:eb:6f:6b:5a:d2:fe:f4:9e:a8:39:eb:
74:60:d3:1d:1d:1c:1f:b9:47:4f:cb:51:74:de:cb:33:dc:89:
1e:6b:0b:a8:14:4c:3a:38:7c:3f:74:80:c3:34:f8:f3:1b:5e:
ec:ad:bb:8e:1f:59:7f:42:36:be:9d:07:40:cd:91:7a:d1:b0:
f5:ab:ea:0a:5d:9d:fc:17:3b:d8:ec:ec:e7:d8:57:a2:73:36:
ca:37:80:cc:98:39:99:52:ad:81:7f:52:47:13:61:34:ea:40:
bf:d3:28:71:77:03:e1:84:74:83:f9:93:9b:6c:26:7e:f0:b7:
bd:89:2f:19:b8:58:f5:b9:7d:4a:0d:75:77:08:4e:11:d6:36:
7e:d3:32:17:bb:c0:bf:d6:11:e5:c0:a5:36:50:83:fe:50:13:
9e:ed:2a:1f:55:d9:1c:2f:22:1a:11:6e:ea:11:34:07:b3:33:
a7:8b:34:4a:8d:72:e9:32:7d:c4:d5:c8:35:f6:55:25:8b:39:
9e:61:fc:e1:a6:02:a8:4b:7b:8f:da:84:03:36:7d:60:ba:47:
77:e4:b9:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+kVrpzSKFafeE2kuVckLefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWIyYzYwMWZhNmQwNzUwNzk3MzA4MWZhYTEzMjVmZTE5
MGIyNzYwHhcNMjQwNTIzMDcyNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDYxN2QyNjQ3YjlmZDUwZjdjNzk4OWQ2YmM3NzE4MTRhMTI1MzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5IFG0xYgbg0geljWD86kIz05zYJE
SlYwiIIBOkWxRV28kr64CAZqRyE28pUE5+i6/3vdHfKYm3C5TzR4r6dQ7uAgem2J
MVOZecFekRDgr/O5Qf/MoA2DNGS6hh+ymqcWwX3sPoQcYYNtAzJPvCYoWTs5gVLZ
1jgw9VFdx3yrqpuRrSQtkH/JojKpQ3dd6j2TIW76gjlT+MApdnwtA3FGgiF61FZZ
inanDPJl3zYNc7sczEGVEqs1zb5uTGwv/U3AGeporFMXoC8vKhRVLF7xUNriLqgs
cjrBJlszhxHnBMnWDYR3EdJXaTA2WfOkHKpl54jcVSpdcNCLbtWGtloilwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1hfSZHuf1Q98eYnWvHcYFKElMUMB8GA1UdIwQY
MBaAFMHrLGAfptB1B5cwgfqhMl/hkLJ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2Vzc1lCLW0wSFVIbHpDQi1xRXlYLUdRc25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81Y2Y0MzEtNGQ1Ny00NTAzLWIyOGEt
OTBlZjdiZGExZGMzLzEvM1dGOUprZTVfVkQzeDVpZGE4ZHhnVW9TVXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81Y2Y0MzEtNGQ1Ny00NTAzLWIyOGEtOTBlZjdiZGExZGMz
LzEvd2Vzc1lCLW0wSFVIbHpDQi1xRXlYLUdRc25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwalGMA0G
CSqGSIb3DQEBCwUAA4IBAQBeQUtjgqWgxySbrp7rwoPN0Gj3onhP1gNGk3NS39QB
3ZxFTAkUrWS5JBs/629rWtL+9J6oOet0YNMdHRwfuUdPy1F03ssz3IkeawuoFEw6
OHw/dIDDNPjzG17srbuOH1l/Qja+nQdAzZF60bD1q+oKXZ38FzvY7Ozn2FeiczbK
N4DMmDmZUq2Bf1JHE2E06kC/0yhxdwPhhHSD+ZObbCZ+8Le9iS8ZuFj1uX1KDXV3
CE4R1jZ+0zIXu8C/1hHlwKU2UIP+UBOe7SofVdkcLyIaEW7qETQHszOnizRKjXLp
Mn3E1cg19lUlizmeYfzhpgKoS3uP2oQDNn1gukd35LnQ
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:22:01 2024 by rpki-client on console-ams.rpki-client.org