Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/wjG5WnLQ2I7uNmypXcbq0Z6FkJY.roa
File: wjG5WnLQ2I7uNmypXcbq0Z6FkJY.roa (raw, json)
Hash identifier: UJ13SJIdGy2Aj81etqvr4DpYKyevJ7H+R85oxCs8FN0=
Subject key identifier: C2:31:B9:5A:72:D0:D8:8E:EE:36:6C:A9:5D:C6:EA:D1:9E:85:90:96
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 018CC2DB1456ED8DBBD761B6C693E0AFCEC4
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/wjG5WnLQ2I7uNmypXcbq0Z6FkJY.roa
Signing time: Mon 01 Jan 2024 02:29:46 +0000
ROA not before: Mon 01 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15589
IP address blocks: 217.15.208.0/20 maxlen: 24
212.90.0.0/19 maxlen: 24
213.183.128.0/19 maxlen: 24
81.92.32.0/20 maxlen: 24
194.153.192.0/20 maxlen: 24
213.136.128.0/18 maxlen: 24
83.211.0.0/16 maxlen: 24
212.110.0.0/19 maxlen: 24
194.153.208.0/22 maxlen: 24
62.94.0.0/16 maxlen: 24
213.198.128.0/18 maxlen: 24
2001:750::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:14:56:ed:8d:bb:d7:61:b6:c6:93:e0:af:ce:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Jan 1 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c231b95a72d0d88eee366ca95dc6ead19e859096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4d:78:af:06:7a:01:2f:cb:c9:3e:1f:59:86:
96:6f:d0:9a:81:d4:81:33:d6:dc:fa:b0:c6:da:95:
8a:50:ed:53:4d:45:de:3f:5b:a4:28:79:b5:ca:66:
16:55:72:3e:0f:ad:70:a7:0c:8b:ce:76:fb:c8:1a:
8b:89:fc:5c:5a:67:fc:c7:b6:3e:f9:23:26:77:30:
ab:7b:d2:2f:73:ee:28:99:ee:89:c2:69:a5:6f:42:
9b:da:05:dc:7c:4c:b1:42:f4:3f:4d:44:a4:5a:3d:
a6:73:65:31:f9:ff:b6:42:a6:c0:19:38:3a:ab:9a:
2a:07:2c:fc:c6:90:5a:fd:f5:6b:0b:0e:0d:9c:a1:
f9:17:ca:95:02:c1:62:d5:24:76:cc:fe:89:4c:35:
7c:9c:94:7d:a1:03:f8:50:5a:46:c3:b4:ea:ec:ca:
25:00:fa:b6:9a:b6:5d:06:e6:34:f5:12:a9:87:bc:
bb:d7:57:93:b7:cd:4c:fb:c9:f4:03:95:4d:67:5b:
61:cd:00:98:cd:2d:61:d0:5a:f2:8e:cb:cb:3a:47:
6f:11:62:e7:1c:21:9b:46:14:5c:a7:7c:02:11:83:
2c:f4:43:3e:32:03:1f:c8:cc:6e:28:3a:d1:f1:ac:
03:98:1b:f9:4f:ce:1c:92:e4:ad:31:28:82:0f:4a:
d4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:31:B9:5A:72:D0:D8:8E:EE:36:6C:A9:5D:C6:EA:D1:9E:85:90:96
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/wjG5WnLQ2I7uNmypXcbq0Z6FkJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.94.0.0/16
81.92.32.0/20
83.211.0.0/16
194.153.192.0-194.153.211.255
212.90.0.0/19
212.110.0.0/19
213.136.128.0/18
213.183.128.0/19
213.198.128.0/18
217.15.208.0/20
IPv6:
2001:750::/29
Signature Algorithm: sha256WithRSAEncryption
25:c2:73:a4:b6:bf:f1:92:37:76:13:dc:c2:15:da:c0:d7:04:
77:bb:0a:9a:29:bb:a6:d0:c3:68:b9:a7:12:78:0a:ca:58:21:
88:88:a9:c3:bc:7a:56:8b:7e:d5:a3:54:ec:de:c3:93:13:69:
c9:87:57:47:23:03:a9:b8:4e:60:65:0e:ff:7f:1c:55:cf:f5:
cf:4d:e5:1f:28:8b:c4:13:7e:b1:cf:0f:e0:b1:83:74:e2:26:
11:38:e0:b3:e5:dc:86:16:ed:b8:37:3d:da:0a:b7:43:0d:a3:
42:f5:74:bb:ad:20:4e:ca:b1:41:6f:7c:b6:d6:a1:1d:4a:d0:
8f:90:b4:0f:95:5d:b9:eb:db:13:2e:10:7b:ab:1e:7f:bf:b4:
b0:4c:71:f9:a5:d9:34:87:ee:4a:f4:1f:c5:93:0f:55:ab:f6:
8a:99:f1:bb:ad:00:f2:ea:b1:b4:b3:f1:f6:c6:64:86:1d:f6:
cc:bd:0b:00:0b:ab:5a:4b:fd:07:9e:31:26:76:73:9c:bb:ab:
ee:6e:c3:48:3b:a0:5a:ff:87:a7:d2:e6:5e:62:40:e2:32:02:
91:3c:10:fb:ab:4b:9f:71:a3:29:c8:97:4d:22:67:ff:bc:24:
69:24:6a:51:f7:9b:ad:95:5f:fb:fb:8d:15:08:a3:93:9c:7b:
3d:7f:e2:09
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzC2xRW7Y2712G2xpPgr87EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjQwMTAxMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjMxYjk1YTcyZDBkODhlZWUzNjZjYTk1ZGM2ZWFkMTllODU5MDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsU14rwZ6AS/LyT4fWYaWb9CagdSB
M9bc+rDG2pWKUO1TTUXeP1ukKHm1ymYWVXI+D61wpwyLznb7yBqLifxcWmf8x7Y+
+SMmdzCre9Ivc+4ome6Jwmmlb0Kb2gXcfEyxQvQ/TUSkWj2mc2Ux+f+2QqbAGTg6
q5oqByz8xpBa/fVrCw4NnKH5F8qVAsFi1SR2zP6JTDV8nJR9oQP4UFpGw7Tq7Mol
APq2mrZdBuY09RKph7y711eTt81M+8n0A5VNZ1thzQCYzS1h0FryjsvLOkdvEWLn
HCGbRhRcp3wCEYMs9EM+MgMfyMxuKDrR8awDmBv5T84ckuStMSiCD0rUvQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFMIxuVpy0NiO7jZsqV3G6tGehZCWMB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvd2pHNVduTFEySTd1Tm15cFhjYnEwWjZGa0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwMAPl4DBARR
XCADAwBT0zAMAwQGwpnAAwQCwpnQAwQF1FoAAwQF1G4AAwQG1YiAAwQF1beAAwQG
1caAAwQE2Q/QMA0EAgACMAcDBQMgAQdQMA0GCSqGSIb3DQEBCwUAA4IBAQAlwnOk
tr/xkjd2E9zCFdrA1wR3uwqaKbum0MNouacSeArKWCGIiKnDvHpWi37Vo1Ts3sOT
E2nJh1dHIwOpuE5gZQ7/fxxVz/XPTeUfKIvEE36xzw/gsYN04iYROOCz5dyGFu24
Nz3aCrdDDaNC9XS7rSBOyrFBb3y21qEdStCPkLQPlV2569sTLhB7qx5/v7SwTHH5
pdk0h+5K9B/Fkw9Vq/aKmfG7rQDy6rG0s/H2xmSGHfbMvQsAC6taS/0HnjEmdnOc
u6vubsNIO6Ba/4en0uZeYkDiMgKRPBD7q0ufcaMpyJdNImf/vCRpJGpR95utlV/7
+40VCKOTnHs9f+IJ
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:28 2024 by rpki-client on console-ams.rpki-client.org