Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/Wc9Gd40cZbvZDsuVux1npXj7fTA.roa
File: Wc9Gd40cZbvZDsuVux1npXj7fTA.roa (raw, json)
Hash identifier: Dt3yfGPSkfCG/dhwwGkKR6jtlyfNXsMxjzMSgspE2hU=
Subject key identifier: 59:CF:46:77:8D:1C:65:BB:D9:0E:CB:95:BB:1D:67:A5:78:FB:7D:30
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 0191BD1C6E871965C7D2034787D7C5AE790E
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/Wc9Gd40cZbvZDsuVux1npXj7fTA.roa
Signing time: Wed 04 Sep 2024 12:57:22 +0000
ROA not before: Wed 04 Sep 2024 12:57:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15626
IP address blocks: 5.34.182.0/23 maxlen: 23
5.34.182.0/24 maxlen: 24
5.34.183.0/24 maxlen: 24
46.28.64.0/21 maxlen: 21
46.28.67.0/24 maxlen: 24
82.118.17.0/24 maxlen: 24
82.118.18.0/24 maxlen: 24
193.238.152.0/23 maxlen: 23
193.238.153.0/24 maxlen: 24
217.12.192.0/21 maxlen: 21
217.12.199.0/24 maxlen: 24
217.12.204.0/23 maxlen: 23
217.12.210.0/23 maxlen: 23
217.12.210.0/24 maxlen: 24
217.12.212.0/22 maxlen: 22
217.12.215.0/24 maxlen: 24
217.12.216.0/23 maxlen: 23
217.12.220.0/22 maxlen: 22
217.12.221.0/24 maxlen: 24
217.12.222.0/24 maxlen: 24
217.12.223.0/24 maxlen: 24
2a02:27a8::/32 maxlen: 32
2a02:27a8:feed::/48 maxlen: 48
2a02:27ad::/32 maxlen: 32
2a05:9407::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:1c:6e:87:19:65:c7:d2:03:47:87:d7:c5:ae:79:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Sep 4 12:57:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59cf46778d1c65bbd90ecb95bb1d67a578fb7d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7b:1e:c6:37:f4:16:0f:1b:2b:62:70:0d:69:
f9:a2:6e:ca:7d:cb:77:a2:74:4e:7f:62:2d:24:e5:
dc:8d:ad:30:48:24:eb:ec:0a:fa:32:1d:b4:63:86:
08:c8:c7:35:f7:67:33:f7:f3:f8:e4:e5:1d:f2:b6:
70:59:5a:a8:90:cf:74:f1:f0:99:1b:6b:3a:3e:ba:
ef:61:46:fe:70:12:7e:b7:1b:f4:ae:76:12:88:f2:
91:37:6b:53:a1:b4:a9:ac:34:4e:f9:0d:d4:54:ca:
6b:d3:7e:1b:56:6b:75:b0:3a:8f:54:b8:b9:c7:ec:
c2:e9:63:db:b6:21:cd:22:ca:23:01:3c:39:bd:64:
95:df:99:58:ef:e7:98:bc:60:a4:07:69:41:51:ae:
66:0b:e3:e7:7b:78:8d:4b:a2:ea:b8:ef:23:06:29:
ec:14:8d:60:90:4f:f9:c9:b7:84:34:ba:6d:56:fb:
2b:14:3e:28:1f:cd:f4:04:96:f7:63:5d:c1:00:02:
0e:33:f2:d7:98:12:bb:32:49:19:47:52:31:a6:2d:
79:2c:cf:5e:a0:c2:d2:17:8d:11:57:a5:a2:eb:5f:
3a:75:b4:da:12:3d:ce:8c:d4:36:5b:4e:ca:a2:00:
95:2b:8c:3a:96:f9:ce:d1:62:f0:9d:b3:ea:1f:74:
5d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CF:46:77:8D:1C:65:BB:D9:0E:CB:95:BB:1D:67:A5:78:FB:7D:30
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/Wc9Gd40cZbvZDsuVux1npXj7fTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.182.0/23
46.28.64.0/21
82.118.17.0-82.118.18.255
193.238.152.0/23
217.12.192.0/21
217.12.204.0/23
217.12.210.0-217.12.217.255
217.12.220.0/22
IPv6:
2a02:27a8::/32
2a02:27ad::/32
2a05:9407::/32
Signature Algorithm: sha256WithRSAEncryption
17:ad:72:e9:03:53:27:83:1a:60:01:b5:7e:1a:0f:a6:c2:31:
57:69:18:7d:6d:77:a2:aa:fd:e8:6d:f2:cc:86:10:93:e1:8c:
62:ad:45:06:bc:53:a6:04:68:c3:17:f1:85:89:06:f9:1f:66:
60:70:3e:f5:39:7e:ed:a3:36:28:4d:7c:47:8b:c3:ae:07:6a:
ad:27:a2:e1:85:bf:5a:0c:4b:f8:1c:b0:95:03:35:eb:98:07:
ff:d9:d2:3b:f3:bf:e4:2c:8b:16:4f:02:b6:aa:f7:3f:64:c8:
f1:2b:2d:f8:de:6c:1b:c6:8a:2e:1a:20:fd:bc:ba:6c:83:08:
17:38:93:41:ca:37:3e:16:9a:08:5e:75:44:94:1e:a8:75:07:
22:ef:d4:bc:04:a2:fa:df:c8:52:d3:89:e5:ed:2b:9d:f2:80:
fd:fa:1f:70:b8:a3:41:f8:38:63:86:89:81:7d:a0:02:3b:18:
08:9a:d5:f9:84:24:e1:b3:f1:52:08:90:64:1b:49:0a:90:2b:
c8:5d:20:ff:7e:f4:17:f0:35:c8:fa:d1:ec:d8:d5:e6:82:09:
57:4a:be:26:48:a7:5d:1a:4b:77:a2:a0:ff:25:bb:75:10:3d:
15:c5:ec:16:2d:b5:53:b0:d8:fb:9b:4b:67:b6:dd:03:6e:99:
b5:ed:a5:62
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZG9HG6HGWXH0gNHh9fFrnkOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjQwOTA0MTI1NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWNmNDY3NzhkMWM2NWJiZDkwZWNiOTViYjFkNjdhNTc4ZmI3ZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3sexjf0Fg8bK2JwDWn5om7Kfct3
onROf2ItJOXcja0wSCTr7Ar6Mh20Y4YIyMc192cz9/P45OUd8rZwWVqokM908fCZ
G2s6PrrvYUb+cBJ+txv0rnYSiPKRN2tTobSprDRO+Q3UVMpr034bVmt1sDqPVLi5
x+zC6WPbtiHNIsojATw5vWSV35lY7+eYvGCkB2lBUa5mC+Pne3iNS6LquO8jBins
FI1gkE/5ybeENLptVvsrFD4oH830BJb3Y13BAAIOM/LXmBK7MkkZR1Ixpi15LM9e
oMLSF40RV6Wi6186dbTaEj3OjNQ2W07KogCVK4w6lvnO0WLwnbPqH3RdkwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFFnPRneNHGW72Q7LlbsdZ6V4+30wMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvV2M5R2Q0MGNaYnZaRHN1VnV4MW5wWGo3ZlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBGBAIAATBAAwQBBSK2AwQD
LhxAMAwDBABSdhEDBABSdhIDBAHB7pgDBAPZDMADBAHZDMwwDAMEAdkM0gMEAdkM
2AMEAtkM3DAbBAIAAjAVAwUAKgInqAMFACoCJ60DBQAqBZQHMA0GCSqGSIb3DQEB
CwUAA4IBAQAXrXLpA1MngxpgAbV+Gg+mwjFXaRh9bXeiqv3obfLMhhCT4YxirUUG
vFOmBGjDF/GFiQb5H2ZgcD71OX7tozYoTXxHi8OuB2qtJ6Lhhb9aDEv4HLCVAzXr
mAf/2dI787/kLIsWTwK2qvc/ZMjxKy343mwbxoouGiD9vLpsgwgXOJNByjc+FpoI
XnVElB6odQci79S8BKL638hS04nl7Sud8oD9+h9wuKNB+DhjhomBfaACOxgImtX5
hCThs/FSCJBkG0kKkCvIXSD/fvQX8DXI+tHs2NXmgglXSr4mSKddGkt3oqD/Jbt1
ED0VxewWLbVTsNj7m0tntt0Dbpm17aVi
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:23:06 2024 by rpki-client on console-fra.rpki-client.org