Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/wEYDyt3ZeuOTVeBlJrknkYcjoFk.roa
File: wEYDyt3ZeuOTVeBlJrknkYcjoFk.roa (raw, json)
Hash identifier: y3A8JAT3priMYorK5llQMsQubhjdbu9fm3PT3BS+ytk=
Subject key identifier: C0:46:03:CA:DD:D9:7A:E3:93:55:E0:65:26:B9:27:91:87:23:A0:59
Certificate issuer: /CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Certificate serial: 018CCA2A0B371FBC4A98F6A456A4F5445CF6
Authority key identifier: 34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/wEYDyt3ZeuOTVeBlJrknkYcjoFk.roa
Signing time: Tue 02 Jan 2024 12:33:22 +0000
ROA not before: Tue 02 Jan 2024 12:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206767
IP address blocks: 185.171.13.0/24 maxlen: 24
185.171.12.0/24 maxlen: 24
185.171.15.0/24 maxlen: 24
185.171.14.0/24 maxlen: 24
2a0d:580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0b:37:1f:bc:4a:98:f6:a4:56:a4:f5:44:5c:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406a12ecc53a251a75ce7bacaac9e41aee8b4ca
Validity
Not Before: Jan 2 12:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c04603caddd97ae39355e06526b927918723a059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0d:43:76:26:07:c5:1f:9b:49:34:f0:8c:b1:
80:11:97:6d:d2:b7:e4:9e:4a:e2:50:c4:b0:90:f1:
08:31:60:11:df:a9:81:c3:41:45:0e:ac:61:7c:45:
3d:1e:42:bb:6c:eb:d3:07:31:3f:20:86:dc:0e:78:
ee:13:89:26:2d:af:b1:7f:b4:21:4c:21:60:47:86:
1c:16:94:6a:21:d4:cd:72:d2:69:84:41:20:66:17:
6b:df:84:cb:01:2b:b6:fb:2e:93:95:f1:78:30:40:
90:e4:f8:44:8f:40:c7:45:93:00:c1:e4:37:ab:3d:
b9:dd:90:03:46:0d:ac:39:3e:9f:11:a3:60:93:41:
d5:fb:bc:aa:12:a2:50:bf:ee:54:a1:bd:a4:e8:34:
ea:86:eb:01:98:08:8b:4d:6b:19:6a:5f:16:58:3e:
33:29:bd:6f:e3:c7:e4:1c:21:96:b5:9e:47:ed:c3:
49:fd:8c:7a:ce:71:ce:29:a6:ac:90:27:74:5d:b7:
95:19:48:8d:13:81:62:02:64:35:62:1d:57:ec:75:
44:60:cf:5e:ad:47:cb:b9:3d:3e:b3:06:f3:37:6d:
29:c2:52:71:45:40:46:a0:be:d3:2c:31:79:cb:7a:
0a:ee:a1:8f:60:c3:6a:b6:07:08:bd:5c:7a:38:90:
b2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:46:03:CA:DD:D9:7A:E3:93:55:E0:65:26:B9:27:91:87:23:A0:59
X509v3 Authority Key Identifier:
keyid:34:06:A1:2E:CC:53:A2:51:A7:5C:E7:BA:CA:AC:9E:41:AE:E8:B4:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAahLsxTolGnXOe6yqyeQa7otMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/wEYDyt3ZeuOTVeBlJrknkYcjoFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/87f92e-4e67-4ac9-96c5-a779baaa7599/1/NAahLsxTolGnXOe6yqyeQa7otMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.12.0/22
IPv6:
2a0d:580::/32
Signature Algorithm: sha256WithRSAEncryption
57:54:a7:8b:da:33:0a:7c:63:2e:45:cf:e0:75:47:17:0d:8d:
1c:a2:68:01:c3:e0:35:54:94:32:dd:80:d7:66:b4:3c:f7:f9:
04:d1:be:d9:01:2e:c3:46:ef:af:9a:c0:b2:c2:d5:e9:a5:ea:
1b:71:58:84:db:e1:f7:44:c9:a7:7c:76:8f:a2:76:58:8d:c4:
a1:ce:6b:69:b4:34:81:d8:25:d1:25:9c:ae:67:2b:99:72:e5:
eb:bb:e9:10:c1:f1:ee:f5:be:20:2a:97:44:ff:af:8a:f0:00:
37:0d:ab:bb:7b:4f:02:6b:99:37:db:07:2d:ca:42:ff:86:1a:
e5:1d:0e:c3:eb:88:51:99:27:67:ce:b4:9e:b8:16:a3:bc:a5:
93:ee:ad:b7:60:32:88:89:f1:36:e1:6c:bb:30:37:99:d2:4e:
12:88:23:cb:15:4c:ea:fd:0b:bf:ce:5c:47:80:c1:23:de:7f:
9f:55:6a:5c:e4:92:6b:b0:08:e7:7d:f9:74:b6:b1:2f:3b:95:
84:cf:1f:32:2c:e9:8c:68:76:45:94:70:75:e4:80:44:bc:f2:
09:62:ee:8b:75:de:6d:85:21:42:b4:64:b1:59:96:a2:53:7e:
e7:7e:b7:e8:f5:dd:26:b3:61:96:51:16:43:4b:ce:ed:cc:8a:
35:84:6e:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKgs3H7xKmPakVqT1RFz2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZhMTJlY2M1M2EyNTFhNzVjZTdiYWNhYWM5ZTQxYWVl
OGI0Y2EwHhcNMjQwMTAyMTIzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDQ2MDNjYWRkZDk3YWUzOTM1NWUwNjUyNmI5Mjc5MTg3MjNhMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ1DdiYHxR+bSTTwjLGAEZdt0rfk
nkriUMSwkPEIMWAR36mBw0FFDqxhfEU9HkK7bOvTBzE/IIbcDnjuE4kmLa+xf7Qh
TCFgR4YcFpRqIdTNctJphEEgZhdr34TLASu2+y6TlfF4MECQ5PhEj0DHRZMAweQ3
qz253ZADRg2sOT6fEaNgk0HV+7yqEqJQv+5Uob2k6DTqhusBmAiLTWsZal8WWD4z
Kb1v48fkHCGWtZ5H7cNJ/Yx6znHOKaaskCd0XbeVGUiNE4FiAmQ1Yh1X7HVEYM9e
rUfLuT0+swbzN20pwlJxRUBGoL7TLDF5y3oK7qGPYMNqtgcIvVx6OJCyDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMBGA8rd2Xrjk1XgZSa5J5GHI6BZMB8GA1UdIwQY
MBaAFDQGoS7MU6JRp1znusqsnkGu6LTKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUt
YTc3OWJhYWE3NTk5LzEvd0VZRHl0M1pldU9UVmVCbEpya25rWWNqb0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84N2Y5MmUtNGU2Ny00YWM5LTk2YzUtYTc3OWJhYWE3NTk5
LzEvTkFhaExzeFRvbEduWE9lNnlxeWVRYTdvdE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuasMMA0E
AgACMAcDBQAqDQWAMA0GCSqGSIb3DQEBCwUAA4IBAQBXVKeL2jMKfGMuRc/gdUcX
DY0comgBw+A1VJQy3YDXZrQ89/kE0b7ZAS7DRu+vmsCywtXppeobcViE2+H3RMmn
fHaPonZYjcShzmtptDSB2CXRJZyuZyuZcuXru+kQwfHu9b4gKpdE/6+K8AA3Dau7
e08Ca5k32wctykL/hhrlHQ7D64hRmSdnzrSeuBajvKWT7q23YDKIifE24Wy7MDeZ
0k4SiCPLFUzq/Qu/zlxHgMEj3n+fVWpc5JJrsAjnffl0trEvO5WEzx8yLOmMaHZF
lHB15IBEvPIJYu6Ldd5thSFCtGSxWZaiU37nfrfo9d0ms2GWURZDS87tzIo1hG72
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:21:14 2024 by rpki-client on console-ams.rpki-client.org