Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/WJPr0H_a39X5gs0HjTluLtM3FdE.roa
File: WJPr0H_a39X5gs0HjTluLtM3FdE.roa (raw, json)
Hash identifier: cTCkfELCyR6kndxEjfm1v2HungUXgYtPEO8R7UDayxw=
Subject key identifier: 58:93:EB:D0:7F:DA:DF:D5:F9:82:CD:07:8D:39:6E:2E:D3:37:15:D1
Certificate issuer: /CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Certificate serial: 018CC34899CFE6E650E25AEA6FF513895EF8
Authority key identifier: 31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/WJPr0H_a39X5gs0HjTluLtM3FdE.roa
Signing time: Mon 01 Jan 2024 04:29:24 +0000
ROA not before: Mon 01 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43009
IP address blocks: 193.105.74.0/24 maxlen: 24
81.23.249.0/24 maxlen: 24
81.23.250.0/24 maxlen: 24
81.23.251.0/24 maxlen: 24
81.23.252.0/24 maxlen: 24
81.23.248.0/24 maxlen: 24
81.23.253.0/24 maxlen: 24
185.255.9.0/24 maxlen: 24
185.255.10.0/24 maxlen: 24
185.255.11.0/24 maxlen: 24
185.255.8.0/24 maxlen: 24
202.22.160.0/24 maxlen: 24
202.22.164.0/24 maxlen: 24
202.22.165.0/24 maxlen: 24
202.22.166.0/24 maxlen: 24
202.22.161.0/24 maxlen: 24
202.22.162.0/24 maxlen: 24
202.22.163.0/24 maxlen: 24
202.22.171.0/24 maxlen: 24
202.22.172.0/24 maxlen: 24
202.22.168.0/24 maxlen: 24
202.22.169.0/24 maxlen: 24
202.22.170.0/24 maxlen: 24
202.22.173.0/24 maxlen: 24
202.22.174.0/24 maxlen: 24
202.22.175.0/24 maxlen: 24
81.23.254.0/24 maxlen: 24
81.23.255.0/24 maxlen: 24
2a0c:55c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.mft
rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:99:cf:e6:e6:50:e2:5a:ea:6f:f5:13:89:5e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Validity
Not Before: Jan 1 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5893ebd07fdadfd5f982cd078d396e2ed33715d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:58:c7:93:ab:dd:47:f5:d3:4d:a3:a8:3c:a2:
c4:8e:a3:41:80:b3:f9:b2:e1:48:51:e6:b2:f1:4e:
d6:0a:83:02:b2:2e:ab:77:f4:66:84:7a:a1:cb:dd:
c4:ad:3e:5b:e4:94:54:8f:05:6a:1f:b1:99:58:6a:
cf:1a:22:16:fc:02:15:77:a2:9a:92:f8:14:eb:e2:
ef:07:b3:5f:b7:f4:7a:8e:c0:9c:08:33:04:d0:f6:
04:00:ab:31:d3:01:8e:bf:64:95:02:97:fd:b4:7f:
8a:46:d9:4f:3b:23:f0:3f:95:5e:3a:17:21:2e:f4:
40:75:6b:90:f4:db:5c:71:1e:77:18:e1:64:44:20:
32:aa:50:43:6e:09:56:77:33:6f:f7:02:cf:4f:3f:
5d:5b:6e:a6:21:6f:77:0d:0f:00:2f:f7:46:dd:12:
c6:63:7a:95:6b:5e:17:73:f1:73:a8:a2:90:21:8f:
84:a0:54:37:2b:77:21:30:47:22:96:15:bb:b0:92:
18:a4:74:dd:9b:0c:4f:5a:70:d3:d4:de:b7:02:70:
ed:25:f6:1c:bf:8b:aa:ed:d4:e5:80:8c:8b:65:67:
b5:f1:50:dc:35:69:3f:fc:c1:8b:80:d2:91:e0:95:
81:ba:0a:60:d6:f9:c4:91:2f:6c:b0:e0:ab:32:25:
08:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:93:EB:D0:7F:DA:DF:D5:F9:82:CD:07:8D:39:6E:2E:D3:37:15:D1
X509v3 Authority Key Identifier:
keyid:31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/WJPr0H_a39X5gs0HjTluLtM3FdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.248.0/21
185.255.8.0/22
193.105.74.0/24
202.22.160.0-202.22.166.255
202.22.168.0/21
IPv6:
2a0c:55c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
6a:ea:f8:f7:24:58:01:f0:f3:5c:35:1b:30:c4:07:1b:77:4c:
2f:93:82:ba:9a:fe:7b:cc:87:bf:de:fa:e5:c0:8d:c6:31:11:
82:d6:31:91:b1:43:48:f5:60:26:8c:c5:b5:92:8a:38:f1:a8:
1a:6a:19:5a:d2:bd:27:4d:60:bd:26:10:9b:c0:10:23:c7:b9:
5b:1c:9e:3d:fa:2f:22:f3:97:91:b4:a6:64:f3:29:5d:67:0a:
ce:ec:53:60:91:45:30:f0:9b:65:12:df:ee:63:ae:48:48:ea:
9a:51:f5:c8:28:67:ea:26:a9:7a:09:a5:51:94:7c:4b:5f:dc:
df:67:31:98:7f:e5:d4:65:33:16:e8:db:4e:e1:65:dc:97:cc:
26:d0:3b:d2:e3:da:73:60:89:fb:a9:74:95:a0:68:fa:fe:f2:
2e:63:d8:7d:b5:98:97:62:28:73:de:38:e5:90:f8:ad:83:99:
6f:1c:5d:d6:9f:94:76:91:ef:74:f6:d9:bd:cc:7a:01:06:1d:
9d:a6:30:27:de:94:12:60:93:61:20:c7:b6:10:c7:11:e0:1a:
8a:2a:44:25:78:2e:9f:56:b7:ee:e2:25:76:90:73:8e:43:9e:
37:bf:fe:cc:16:f4:6a:8d:9c:5b:2a:41:6b:cd:14:7f:72:10:
f3:03:57:56
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzDSJnP5uZQ4lrqb/UTiV74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZWI5YjJkYjRhM2JkZGY4YzkyZmM1MGI5NzEzMDQzZGQ1
NmRjMzgwHhcNMjQwMTAxMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODkzZWJkMDdmZGFkZmQ1Zjk4MmNkMDc4ZDM5NmUyZWQzMzcxNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVjHk6vdR/XTTaOoPKLEjqNBgLP5
suFIUeay8U7WCoMCsi6rd/RmhHqhy93ErT5b5JRUjwVqH7GZWGrPGiIW/AIVd6Ka
kvgU6+LvB7Nft/R6jsCcCDME0PYEAKsx0wGOv2SVApf9tH+KRtlPOyPwP5VeOhch
LvRAdWuQ9NtccR53GOFkRCAyqlBDbglWdzNv9wLPTz9dW26mIW93DQ8AL/dG3RLG
Y3qVa14Xc/FzqKKQIY+EoFQ3K3chMEcilhW7sJIYpHTdmwxPWnDT1N63AnDtJfYc
v4uq7dTlgIyLZWe18VDcNWk//MGLgNKR4JWBugpg1vnEkS9ssOCrMiUIRwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFFiT69B/2t/V+YLNB405bi7TNxXRMB8GA1UdIwQY
MBaAFDHrmy20o73fjJL8ULlxMEPdVtw4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgt
YmQyNGYwMDM1NzhmLzEvV0pQcjBIX2EzOVg1Z3MwSGpUbHVMdE0zRmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgtYmQyNGYwMDM1Nzhm
LzEvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQDURf4AwQC
uf8IAwQAwWlKMAwDBAXKFqADBADKFqYDBAPKFqgwDwQCAAIwCQMHACoMVcAAATAN
BgkqhkiG9w0BAQsFAAOCAQEAaur49yRYAfDzXDUbMMQHG3dML5OCupr+e8yHv976
5cCNxjERgtYxkbFDSPVgJozFtZKKOPGoGmoZWtK9J01gvSYQm8AQI8e5WxyePfov
IvOXkbSmZPMpXWcKzuxTYJFFMPCbZRLf7mOuSEjqmlH1yChn6iapegmlUZR8S1/c
32cxmH/l1GUzFujbTuFl3JfMJtA70uPac2CJ+6l0laBo+v7yLmPYfbWYl2Ioc944
5ZD4rYOZbxxd1p+UdpHvdPbZvcx6AQYdnaYwJ96UEmCTYSDHthDHEeAaiipEJXgu
n1a37uIldpBzjkOeN7/+zBb0ao2cWypBa80Uf3IQ8wNXVg==
-----END CERTIFICATE-----
Generated at Sat Sep 28 23:06:02 2024 by rpki-client on console-fra.rpki-client.org