Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/WNyiJISsbvOpdzbexhh8EvHPgMw.roa
File: WNyiJISsbvOpdzbexhh8EvHPgMw.roa (raw, json)
Hash identifier: cysV4PR3RusPUzKJ4RJlu7Bl1EFMxSQctW+sKhOjPmo=
Subject key identifier: 58:DC:A2:24:84:AC:6E:F3:A9:77:36:DE:C6:18:7C:12:F1:CF:80:CC
Certificate issuer: /CN=9ae07c94a8a6af7a5d18f4eaaea79e26df932214
Certificate serial: 0191C69043395E45DD4E0724F1CF408F5B3F
Authority key identifier: 9A:E0:7C:94:A8:A6:AF:7A:5D:18:F4:EA:AE:A7:9E:26:DF:93:22:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/muB8lKimr3pdGPTqrqeeJt-TIhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/WNyiJISsbvOpdzbexhh8EvHPgMw.roa
Signing time: Fri 06 Sep 2024 09:00:28 +0000
ROA not before: Fri 06 Sep 2024 09:00:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8462
IP address blocks: 46.249.128.0/19 maxlen: 19
77.110.128.0/19 maxlen: 19
77.110.160.0/19 maxlen: 19
77.111.128.0/18 maxlen: 18
79.121.104.0/21 maxlen: 21
79.121.112.0/21 maxlen: 21
91.146.128.0/18 maxlen: 18
95.168.32.0/19 maxlen: 19
95.168.64.0/19 maxlen: 19
185.3.136.0/22 maxlen: 22
185.165.108.0/22 maxlen: 22
185.166.132.0/22 maxlen: 22
185.166.136.0/22 maxlen: 22
185.170.84.0/22 maxlen: 22
185.172.44.0/22 maxlen: 22
185.187.248.0/22 maxlen: 22
185.195.52.0/22 maxlen: 22
185.202.136.0/22 maxlen: 22
185.214.28.0/22 maxlen: 22
185.235.112.0/22 maxlen: 22
193.151.116.0/22 maxlen: 22
193.218.98.0/24 maxlen: 24
193.227.196.0/22 maxlen: 22
194.37.88.0/22 maxlen: 22
195.128.232.0/23 maxlen: 23
212.16.128.0/19 maxlen: 19
2a01:5d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/muB8lKimr3pdGPTqrqeeJt-TIhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/muB8lKimr3pdGPTqrqeeJt-TIhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/muB8lKimr3pdGPTqrqeeJt-TIhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c6:90:43:39:5e:45:dd:4e:07:24:f1:cf:40:8f:5b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ae07c94a8a6af7a5d18f4eaaea79e26df932214
Validity
Not Before: Sep 6 09:00:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58dca22484ac6ef3a97736dec6187c12f1cf80cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5d:4e:0c:36:98:23:4e:50:63:58:88:40:ec:
3c:95:16:4f:e6:20:fd:7f:e6:82:ed:47:60:c3:c5:
03:67:b9:92:18:6b:e4:fe:94:c0:6d:c0:1c:a4:28:
95:d2:0a:a5:cc:75:51:ea:83:43:85:4a:a1:82:58:
40:ae:a1:6d:08:b6:bf:e3:fd:1f:af:3b:61:6b:ac:
75:48:14:fa:fc:2d:00:9d:67:34:3c:7b:72:7c:01:
fb:55:1e:84:36:a8:01:e0:b6:58:f1:e3:47:18:0e:
4c:09:1c:ee:37:b5:76:d8:4c:df:87:c2:75:4d:43:
ca:fc:0e:f8:a4:1c:d1:c2:0b:02:56:09:e7:ed:99:
93:41:15:78:2c:76:36:99:95:13:73:24:44:de:4a:
e4:a7:47:c6:10:79:da:f0:fd:e7:98:d1:7b:dd:8c:
36:69:1f:ed:3b:1d:ba:96:6a:bd:90:12:c4:f0:1c:
18:17:9a:c5:70:52:06:82:04:73:b7:0d:52:62:10:
e3:6c:ad:e3:38:94:26:0c:93:a9:60:e3:88:73:3e:
b3:f9:da:1e:16:2c:3e:bc:f8:d9:ec:4b:cd:4a:74:
4a:88:4e:b3:22:9d:b6:be:e4:20:9b:98:b1:65:61:
4c:d2:00:fc:77:e3:7c:6a:91:ac:93:2a:02:3a:99:
2a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DC:A2:24:84:AC:6E:F3:A9:77:36:DE:C6:18:7C:12:F1:CF:80:CC
X509v3 Authority Key Identifier:
keyid:9A:E0:7C:94:A8:A6:AF:7A:5D:18:F4:EA:AE:A7:9E:26:DF:93:22:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/muB8lKimr3pdGPTqrqeeJt-TIhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/WNyiJISsbvOpdzbexhh8EvHPgMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/3a8dd0-3875-4eb2-b633-e2665d447d32/1/muB8lKimr3pdGPTqrqeeJt-TIhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.128.0/19
77.110.128.0/18
77.111.128.0/18
79.121.104.0-79.121.119.255
91.146.128.0/18
95.168.32.0-95.168.95.255
185.3.136.0/22
185.165.108.0/22
185.166.132.0-185.166.139.255
185.170.84.0/22
185.172.44.0/22
185.187.248.0/22
185.195.52.0/22
185.202.136.0/22
185.214.28.0/22
185.235.112.0/22
193.151.116.0/22
193.218.98.0/24
193.227.196.0/22
194.37.88.0/22
195.128.232.0/23
212.16.128.0/19
IPv6:
2a01:5d0::/32
Signature Algorithm: sha256WithRSAEncryption
9e:f2:b8:58:be:39:16:49:0d:bb:57:00:57:b7:4f:24:09:ea:
25:89:f1:38:60:d7:df:2e:19:6e:ac:e8:80:14:d0:83:0f:4d:
f0:86:ac:fc:43:f5:4b:b9:9a:2e:23:b4:fb:54:ba:96:3a:03:
d7:9a:75:33:54:1d:1e:46:d3:fb:8f:5e:a9:33:8a:bd:8a:dc:
af:d1:47:9a:03:62:9e:5c:5d:02:8b:6b:99:d5:21:3f:2d:51:
e5:c4:20:e8:af:1e:63:a2:8c:bd:d0:d4:cb:a4:5d:c6:a0:39:
70:55:19:73:09:db:80:1c:26:26:43:0c:8d:c9:dc:74:1e:ac:
3b:d3:14:d6:90:cf:e5:29:a1:e6:1c:20:47:ff:5c:f6:52:5a:
ee:85:1a:66:8a:86:59:9b:76:2c:ac:23:a7:1f:8e:d3:cb:ff:
e1:79:77:83:21:7d:23:57:54:cd:51:0f:32:e1:18:e2:db:05:
77:8c:b2:4c:67:26:22:1d:9e:f1:f2:ee:b7:1a:fd:85:a6:19:
cf:58:29:b6:9c:ea:64:70:dc:3c:30:89:92:c2:39:cd:e2:1c:
e0:9a:cf:df:82:9d:6d:8d:aa:0f:67:0b:61:fc:d2:33:23:68:
f2:1e:24:81:68:12:3a:1d:34:43:da:b5:53:c3:2c:fe:99:96:
e9:ad:07:32
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAZHGkEM5XkXdTgck8c9Aj1s/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZTA3Yzk0YThhNmFmN2E1ZDE4ZjRlYWFlYTc5ZTI2ZGY5
MzIyMTQwHhcNMjQwOTA2MDkwMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGRjYTIyNDg0YWM2ZWYzYTk3NzM2ZGVjNjE4N2MxMmYxY2Y4MGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV1ODDaYI05QY1iIQOw8lRZP5iD9
f+aC7Udgw8UDZ7mSGGvk/pTAbcAcpCiV0gqlzHVR6oNDhUqhglhArqFtCLa/4/0f
rztha6x1SBT6/C0AnWc0PHtyfAH7VR6ENqgB4LZY8eNHGA5MCRzuN7V22Ezfh8J1
TUPK/A74pBzRwgsCVgnn7ZmTQRV4LHY2mZUTcyRE3krkp0fGEHna8P3nmNF73Yw2
aR/tOx26lmq9kBLE8BwYF5rFcFIGggRztw1SYhDjbK3jOJQmDJOpYOOIcz6z+doe
Fiw+vPjZ7EvNSnRKiE6zIp22vuQgm5ixZWFM0gD8d+N8apGskyoCOpkqmQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFFjcoiSErG7zqXc23sYYfBLxz4DMMB8GA1UdIwQY
MBaAFJrgfJSopq96XRj06q6nnibfkyIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXVCOGxLaW1yM3BkR1BUcXJxZWVKdC1USWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8zYThkZDAtMzg3NS00ZWIyLWI2MzMt
ZTI2NjVkNDQ3ZDMyLzEvV055aUpJU3Nidk9wZHpiZXhoaDhFdkhQZ013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8zYThkZDAtMzg3NS00ZWIyLWI2MzMtZTI2NjVkNDQ3ZDMy
LzEvbXVCOGxLaW1yM3BkR1BUcXJxZWVKdC1USWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBowQCAAEwgZwDBAUu
+YADBAZNboADBAZNb4AwDAMEA095aAMEA095cAMEBluSgDAMAwQFX6ggAwQFX6hA
AwQCuQOIAwQCuaVsMAwDBAK5poQDBAK5pogDBAK5qlQDBAK5rCwDBAK5u/gDBAK5
wzQDBAK5yogDBAK51hwDBAK563ADBALBl3QDBADB2mIDBALB48QDBALCJVgDBAHD
gOgDBAXUEIAwDQQCAAIwBwMFACoBBdAwDQYJKoZIhvcNAQELBQADggEBAJ7yuFi+
ORZJDbtXAFe3TyQJ6iWJ8Thg198uGW6s6IAU0IMPTfCGrPxD9Uu5mi4jtPtUupY6
A9eadTNUHR5G0/uPXqkzir2K3K/RR5oDYp5cXQKLa5nVIT8tUeXEIOivHmOijL3Q
1MukXcagOXBVGXMJ24AcJiZDDI3J3HQerDvTFNaQz+UpoeYcIEf/XPZSWu6FGmaK
hlmbdiysI6cfjtPL/+F5d4MhfSNXVM1RDzLhGOLbBXeMskxnJiIdnvHy7rca/YWm
Gc9YKbac6mRw3DwwiZLCOc3iHOCaz9+CnW2Nqg9nC2H80jMjaPIeJIFoEjodNEPa
tVPDLP6ZlumtBzI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:53 2024 by rpki-client on console-ams.rpki-client.org