Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/waDXyvUgHIG92Eis6GNxdUpev1M.roa
File: waDXyvUgHIG92Eis6GNxdUpev1M.roa (raw, json)
Hash identifier: JLcv/w5FS/U2bXGp7RLb00LL0S8swBujy9+QOWYes5k=
Subject key identifier: C1:A0:D7:CA:F5:20:1C:81:BD:D8:48:AC:E8:63:71:75:4A:5E:BF:53
Certificate issuer: /CN=f73cdc6751d7c59073e4b706402d3691af09086f
Certificate serial: 018CC3B6ED7FCB061B5092307E724B103367
Authority key identifier: F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/waDXyvUgHIG92Eis6GNxdUpev1M.roa
Signing time: Mon 01 Jan 2024 06:29:54 +0000
ROA not before: Mon 01 Jan 2024 06:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21348
IP address blocks: 80.246.144.0/20 maxlen: 20
80.95.128.0/20 maxlen: 20
2a01:51a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.mft
rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ed:7f:cb:06:1b:50:92:30:7e:72:4b:10:33:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73cdc6751d7c59073e4b706402d3691af09086f
Validity
Not Before: Jan 1 06:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1a0d7caf5201c81bdd848ace86371754a5ebf53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fe:b4:4f:f9:03:92:9e:62:1b:c8:c4:2b:59:
6f:30:57:b4:37:5e:0d:22:8a:df:b3:07:a4:8e:e3:
c0:5e:8e:60:a7:ba:dd:50:26:41:e6:8b:36:39:8a:
84:9b:c4:eb:92:00:de:b9:3c:82:b2:13:ad:95:c2:
03:3e:7d:c8:e9:f0:35:b7:f3:b3:39:fb:c2:4b:1a:
06:21:12:04:d4:b0:96:08:45:62:ae:6e:98:51:a5:
d4:b6:88:bb:44:96:b5:6b:55:3e:c8:a8:5e:52:77:
7e:45:22:0c:3a:10:36:91:82:a9:75:16:1e:9e:23:
5a:90:4a:e7:6e:20:16:99:d2:53:b9:17:6e:ad:b9:
b5:3e:36:dd:7a:9d:4a:94:3b:f0:a1:42:1b:9a:ca:
27:2b:2f:a0:2d:89:8a:01:64:5d:2a:46:0e:c5:25:
63:69:70:cd:06:3c:5d:84:5b:1a:71:27:6f:0d:b1:
21:eb:e2:4b:4a:47:53:f3:84:e2:7c:a9:4e:77:d8:
85:07:36:29:59:4b:3a:73:11:92:c5:33:69:c2:72:
89:25:8e:15:b9:0a:49:ba:e4:43:d2:ee:84:89:0a:
ef:51:50:2e:40:22:7b:3a:91:ff:ea:dd:13:ba:00:
97:7b:ea:a0:34:de:43:67:e7:8a:86:37:a8:46:31:
c7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A0:D7:CA:F5:20:1C:81:BD:D8:48:AC:E8:63:71:75:4A:5E:BF:53
X509v3 Authority Key Identifier:
keyid:F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/waDXyvUgHIG92Eis6GNxdUpev1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.95.128.0/20
80.246.144.0/20
IPv6:
2a01:51a0::/32
Signature Algorithm: sha256WithRSAEncryption
44:f2:95:72:73:90:d2:b3:73:8d:b9:74:27:16:a0:a7:2c:90:
c0:46:fc:2d:f2:dc:2f:4e:80:5b:dc:f7:5a:b1:5d:71:a2:d0:
f3:df:90:5a:6d:77:e1:1b:fb:3f:9a:2d:22:81:67:00:f4:ff:
e9:1e:29:30:ab:b0:75:e4:59:d0:8b:b2:20:2e:44:b0:15:35:
4d:70:ee:d5:48:0d:64:ca:bc:03:83:f8:ce:82:d7:fc:b0:72:
32:11:c5:40:b0:0d:48:96:dc:56:a7:b4:4c:1a:c7:be:fe:c9:
62:75:38:b3:0e:c5:c9:70:9b:6a:b9:cf:c4:dd:ba:55:fa:3a:
a5:63:2c:5a:d8:47:f2:2c:ea:64:6f:53:7e:dc:43:8e:9b:85:
6b:23:2d:3e:52:f2:03:42:89:c1:f7:4b:30:fb:91:d2:08:7e:
7b:ff:2e:45:89:e5:00:70:cb:2d:12:8d:66:ab:49:a0:64:ce:
99:1e:79:2c:ef:30:dc:ff:34:0d:b2:73:a0:69:fd:f8:12:70:
8f:2f:58:af:60:8f:00:21:3a:99:d6:10:10:cb:0a:32:66:9c:
5f:50:1c:32:fa:33:d6:cf:11:35:3a:42:7a:0b:61:fb:53:1f:
b1:0d:cd:48:11:35:8a:0e:43:b0:69:ba:3b:9b:aa:0f:d6:0e:
1e:6e:f9:93
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtu1/ywYbUJIwfnJLEDNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2NkYzY3NTFkN2M1OTA3M2U0YjcwNjQwMmQzNjkxYWYw
OTA4NmYwHhcNMjQwMTAxMDYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWEwZDdjYWY1MjAxYzgxYmRkODQ4YWNlODYzNzE3NTRhNWViZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf60T/kDkp5iG8jEK1lvMFe0N14N
IorfswekjuPAXo5gp7rdUCZB5os2OYqEm8TrkgDeuTyCshOtlcIDPn3I6fA1t/Oz
OfvCSxoGIRIE1LCWCEVirm6YUaXUtoi7RJa1a1U+yKheUnd+RSIMOhA2kYKpdRYe
niNakErnbiAWmdJTuRdurbm1Pjbdep1KlDvwoUIbmsonKy+gLYmKAWRdKkYOxSVj
aXDNBjxdhFsacSdvDbEh6+JLSkdT84TifKlOd9iFBzYpWUs6cxGSxTNpwnKJJY4V
uQpJuuRD0u6EiQrvUVAuQCJ7OpH/6t0TugCXe+qgNN5DZ+eKhjeoRjHHFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMGg18r1IByBvdhIrOhjcXVKXr9TMB8GA1UdIwQY
MBaAFPc83GdR18WQc+S3BkAtNpGvCQhvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEt
NzE4ZmQxOTVjNWViLzEvd2FEWHl2VWdISUc5MkVpczZHTnhkVXBldjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEtNzE4ZmQxOTVjNWVi
LzEvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUF+AAwQE
UPaQMA0EAgACMAcDBQAqAVGgMA0GCSqGSIb3DQEBCwUAA4IBAQBE8pVyc5DSs3ON
uXQnFqCnLJDARvwt8twvToBb3PdasV1xotDz35BabXfhG/s/mi0igWcA9P/pHikw
q7B15FnQi7IgLkSwFTVNcO7VSA1kyrwDg/jOgtf8sHIyEcVAsA1IltxWp7RMGse+
/slidTizDsXJcJtquc/E3bpV+jqlYyxa2EfyLOpkb1N+3EOOm4VrIy0+UvIDQonB
90sw+5HSCH57/y5FieUAcMstEo1mq0mgZM6ZHnks7zDc/zQNsnOgaf34EnCPL1iv
YI8AITqZ1hAQywoyZpxfUBwy+jPWzxE1OkJ6C2H7Ux+xDc1IETWKDkOwabo7m6oP
1g4ebvmT
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:21:40 2024 by rpki-client on console-ams.rpki-client.org