Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/WcYypOUYbtUG8kK2k584mhs6vBo.roa
File: WcYypOUYbtUG8kK2k584mhs6vBo.roa (raw, json)
Hash identifier: r7gO5l4eZMaD2f9+3bUt9HKwJ+VBsNTW7MmZGYAMkgA=
Subject key identifier: 59:C6:32:A4:E5:18:6E:D5:06:F2:42:B6:93:9F:38:9A:1B:3A:BC:1A
Certificate issuer: /CN=4a63dc6753a8cbd74b74452c1536f37d9c4dc70c
Certificate serial: 01927020D22F9CDC7A3AB4073A46D41D4A13
Authority key identifier: 4A:63:DC:67:53:A8:CB:D7:4B:74:45:2C:15:36:F3:7D:9C:4D:C7:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/WcYypOUYbtUG8kK2k584mhs6vBo.roa
Signing time: Wed 09 Oct 2024 07:14:12 +0000
ROA not before: Wed 09 Oct 2024 07:14:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201850
IP address blocks: 45.136.142.0/23 maxlen: 23
45.136.142.0/24 maxlen: 24
45.136.143.0/24 maxlen: 24
185.154.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.mft
rsync://rpki.ripe.net/repository/DEFAULT/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:20:d2:2f:9c:dc:7a:3a:b4:07:3a:46:d4:1d:4a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a63dc6753a8cbd74b74452c1536f37d9c4dc70c
Validity
Not Before: Oct 9 07:14:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59c632a4e5186ed506f242b6939f389a1b3abc1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ce:e2:e9:56:f1:71:03:be:72:ee:d6:94:4f:
ba:2c:63:5d:4e:e4:a1:af:a4:32:31:a1:20:c1:84:
f6:f3:97:ad:4e:ab:48:6b:94:0d:6e:c3:fc:99:3c:
52:5a:7b:16:37:1f:4c:d2:5e:76:6d:48:5f:5c:4b:
5d:7e:a0:f3:22:17:ed:2a:58:5c:c1:93:fa:8e:0f:
7a:3f:b2:2e:2e:0c:9e:53:7a:01:ee:4a:d9:b3:e0:
a3:a5:7f:aa:68:f9:f7:80:9b:97:ce:37:0e:ed:5d:
1e:dd:d8:da:3e:23:04:df:b2:ad:08:7d:86:0e:e5:
f0:0e:53:a8:70:be:2d:da:c8:ef:f9:c6:50:06:bb:
67:02:24:42:a6:e0:e5:9b:df:05:c9:c5:cc:7c:c3:
e3:46:54:fe:df:93:37:d1:45:79:0f:18:d0:38:50:
72:c8:67:3b:0f:85:38:9b:1b:2f:bf:1e:58:c4:0f:
48:1a:82:10:a1:75:43:ea:91:8a:0e:a7:3e:39:7b:
d7:f7:39:2e:6a:63:c7:d7:9b:4a:0f:48:bf:1a:bb:
e0:32:88:f6:15:2f:ab:34:2c:76:e8:1a:10:d6:3c:
65:f6:ec:f9:ba:03:92:fe:98:5e:55:22:0e:34:1f:
6d:49:a6:8f:2a:05:ef:f5:7d:de:87:df:c3:d8:3f:
02:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C6:32:A4:E5:18:6E:D5:06:F2:42:B6:93:9F:38:9A:1B:3A:BC:1A
X509v3 Authority Key Identifier:
keyid:4A:63:DC:67:53:A8:CB:D7:4B:74:45:2C:15:36:F3:7D:9C:4D:C7:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/WcYypOUYbtUG8kK2k584mhs6vBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.142.0/23
185.154.191.0/24
Signature Algorithm: sha256WithRSAEncryption
41:15:4f:f5:87:15:0d:b8:9e:8a:07:aa:66:ca:34:3e:d4:86:
f5:a3:a7:bb:2b:d8:04:c2:c4:2b:4b:4e:b7:45:69:11:4c:cc:
ee:fa:65:8e:23:0c:4e:a5:ae:98:fc:dc:ae:98:4b:d5:0b:6c:
66:7e:6a:16:1a:11:99:6c:ac:d7:7b:be:4e:ed:4f:50:8c:0f:
6e:90:06:d3:bf:e5:52:ea:f0:d0:78:8e:af:62:49:5c:d9:c4:
8f:7f:42:8a:88:e5:d2:ce:6d:eb:0a:6e:77:5a:67:5b:ca:df:
fd:62:4c:25:15:ed:36:32:bd:60:32:c1:04:03:ad:31:67:91:
bb:ba:53:2e:4e:e9:c0:4d:9e:fd:82:20:f2:0a:3a:09:9a:23:
cc:e9:e7:6f:d1:e2:24:39:fe:f8:df:39:20:3a:f3:6f:51:78:
cd:14:c6:b9:dc:8c:3a:e5:c6:97:85:20:62:fb:43:d2:27:f9:
eb:56:96:4e:75:08:64:c6:e3:33:6e:19:4d:48:83:0c:c4:27:
d0:dd:c7:3b:f1:bf:42:d2:82:42:2d:ec:c9:e7:2c:06:51:95:
16:e1:6b:f7:0d:0d:9c:3d:2c:d6:07:fb:83:ab:80:a1:f7:19:
53:c3:59:29:13:b0:bd:2c:ac:4c:6b:05:9a:44:10:22:20:8e:
1d:c1:12:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJwINIvnNx6OrQHOkbUHUoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjNkYzY3NTNhOGNiZDc0Yjc0NDUyYzE1MzZmMzdkOWM0
ZGM3MGMwHhcNMjQxMDA5MDcxNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWM2MzJhNGU1MTg2ZWQ1MDZmMjQyYjY5MzlmMzg5YTFiM2FiYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx87i6VbxcQO+cu7WlE+6LGNdTuSh
r6QyMaEgwYT285etTqtIa5QNbsP8mTxSWnsWNx9M0l52bUhfXEtdfqDzIhftKlhc
wZP6jg96P7IuLgyeU3oB7krZs+CjpX+qaPn3gJuXzjcO7V0e3djaPiME37KtCH2G
DuXwDlOocL4t2sjv+cZQBrtnAiRCpuDlm98FycXMfMPjRlT+35M30UV5DxjQOFBy
yGc7D4U4mxsvvx5YxA9IGoIQoXVD6pGKDqc+OXvX9zkuamPH15tKD0i/GrvgMoj2
FS+rNCx26BoQ1jxl9uz5ugOS/pheVSIONB9tSaaPKgXv9X3eh9/D2D8C9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFnGMqTlGG7VBvJCtpOfOJobOrwaMB8GA1UdIwQY
MBaAFEpj3GdTqMvXS3RFLBU2832cTccMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21QY1oxT295OWRMZEVVc0ZUYnpmWnhOeHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80ZjAzMzUtZTg2MC00NjE5LTkzODAt
ZTM0MWIwZjkxNWQzLzEvV2NZeXBPVVlidFVHOGtLMms1ODRtaHM2dkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80ZjAzMzUtZTg2MC00NjE5LTkzODAtZTM0MWIwZjkxNWQz
LzEvU21QY1oxT295OWRMZEVVc0ZUYnpmWnhOeHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYiOAwQA
uZq/MA0GCSqGSIb3DQEBCwUAA4IBAQBBFU/1hxUNuJ6KB6pmyjQ+1Ib1o6e7K9gE
wsQrS063RWkRTMzu+mWOIwxOpa6Y/NyumEvVC2xmfmoWGhGZbKzXe75O7U9QjA9u
kAbTv+VS6vDQeI6vYklc2cSPf0KKiOXSzm3rCm53Wmdbyt/9YkwlFe02Mr1gMsEE
A60xZ5G7ulMuTunATZ79giDyCjoJmiPM6edv0eIkOf743zkgOvNvUXjNFMa53Iw6
5caXhSBi+0PSJ/nrVpZOdQhkxuMzbhlNSIMMxCfQ3cc78b9C0oJCLezJ5ywGUZUW
4Wv3DQ2cPSzWB/uDq4Ch9xlTw1kpE7C9LKxMawWaRBAiII4dwRIM
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:05 2024 by rpki-client on console-fra.rpki-client.org