Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/W3pA55FIWiZFTZyJhLC8Nb_NKuc.roa
File: W3pA55FIWiZFTZyJhLC8Nb_NKuc.roa (raw, json)
Hash identifier: tSAUKAv6YpFvWUrVzoaZEPWdHL2HO9ySno/GjlIxV84=
Subject key identifier: 5B:7A:40:E7:91:48:5A:26:45:4D:9C:89:84:B0:BC:35:BF:CD:2A:E7
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 0191585DAC2EEDB9993C84746042EF939FDE
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/W3pA55FIWiZFTZyJhLC8Nb_NKuc.roa
Signing time: Thu 15 Aug 2024 23:26:59 +0000
ROA not before: Thu 15 Aug 2024 23:26:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.71.228.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
185.125.84.0/24 maxlen: 24
193.0.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.mft
rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:58:5d:ac:2e:ed:b9:99:3c:84:74:60:42:ef:93:9f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Aug 15 23:26:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b7a40e791485a26454d9c8984b0bc35bfcd2ae7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:48:d0:80:cd:06:63:55:c8:9b:ff:96:ef:5f:
14:68:da:4f:9c:af:d5:ad:ef:38:f0:9f:b8:c7:c0:
e5:54:4d:87:4c:74:02:c2:1a:37:6d:fc:53:c2:16:
fd:7b:34:f6:49:c1:6a:48:fd:6c:1f:8e:c9:84:33:
de:34:3a:43:3c:16:bd:bf:c8:2f:7b:e5:0a:a2:dd:
b5:96:65:77:ce:f9:d8:d6:e3:11:c7:6d:9f:b8:93:
bb:9d:79:a7:29:c2:0f:2b:7f:5f:0d:a8:b5:a7:ef:
13:3a:f2:ce:39:7a:7a:b8:f1:3d:e3:82:13:f5:3c:
d9:64:76:96:0f:85:e2:b4:e7:00:d1:52:29:62:c6:
2e:3b:68:b4:77:3e:27:22:3e:c4:49:57:eb:4c:29:
de:6c:0b:21:43:14:53:ca:81:fd:ce:f3:04:ad:fa:
1f:a2:62:87:9c:cd:e0:97:ed:4f:53:04:54:21:39:
db:3f:63:93:59:6c:b3:05:df:da:01:d9:fb:e8:a7:
49:6e:63:41:4d:1d:0f:3c:11:6a:2a:a7:6b:c2:28:
fe:3a:37:37:4c:01:b1:49:4b:06:55:bf:17:94:fd:
0e:c8:f1:1b:4b:ff:a2:bb:7c:da:e6:a5:6d:03:79:
3e:f1:38:c5:42:d1:9e:17:8d:b3:2d:d1:a5:e6:bd:
54:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:7A:40:E7:91:48:5A:26:45:4D:9C:89:84:B0:BC:35:BF:CD:2A:E7
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/W3pA55FIWiZFTZyJhLC8Nb_NKuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/23
185.125.84.0/24
193.0.181.0/24
Signature Algorithm: sha256WithRSAEncryption
25:e8:2c:a9:26:c6:38:5b:3a:91:7a:14:79:45:13:bf:99:e0:
96:4a:71:30:d4:40:d7:4d:6b:c3:b4:72:9e:a6:d3:12:5a:d7:
8e:dd:d3:f9:dc:ed:c3:7e:ff:00:59:40:14:c5:ae:cd:64:f1:
14:f6:9d:b3:43:5e:33:c2:99:bc:e1:b2:6f:74:75:49:c7:6b:
67:86:f1:8f:ef:f4:46:a0:ba:1e:b2:3a:d1:6f:b8:2b:8c:bf:
a8:7b:33:12:95:53:80:01:cb:17:b4:08:8b:4b:e7:dc:50:21:
b6:c6:e2:20:24:11:7e:0e:46:f9:6e:63:4b:59:35:8c:3e:18:
1a:b5:a5:13:f8:ff:4d:20:7e:1c:41:bf:18:e7:64:eb:f0:c0:
5d:ad:ef:d2:a7:d3:16:48:d3:4d:3f:95:f7:d4:11:ae:ad:8d:
8a:05:3d:d7:48:2a:ce:5e:e0:c7:26:ed:01:59:bc:76:47:3c:
6d:bf:ca:82:f5:ba:86:65:63:fb:68:e5:34:ff:6b:6b:46:bf:
3f:78:ca:04:0c:06:65:33:00:40:ca:cf:c3:46:b1:44:a7:bf:
8d:5d:c3:bf:39:a2:c7:88:a7:56:cc:d4:b0:54:9e:17:aa:a7:
5a:a9:d1:98:d4:85:db:e0:44:36:e3:78:6d:7f:a7:9b:05:29:
ba:4c:ff:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFYXawu7bmZPIR0YELvk5/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjQwODE1MjMyNjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjdhNDBlNzkxNDg1YTI2NDU0ZDljODk4NGIwYmMzNWJmY2QyYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkjQgM0GY1XIm/+W718UaNpPnK/V
re848J+4x8DlVE2HTHQCwho3bfxTwhb9ezT2ScFqSP1sH47JhDPeNDpDPBa9v8gv
e+UKot21lmV3zvnY1uMRx22fuJO7nXmnKcIPK39fDai1p+8TOvLOOXp6uPE944IT
9TzZZHaWD4XitOcA0VIpYsYuO2i0dz4nIj7ESVfrTCnebAshQxRTyoH9zvMErfof
omKHnM3gl+1PUwRUITnbP2OTWWyzBd/aAdn76KdJbmNBTR0PPBFqKqdrwij+Ojc3
TAGxSUsGVb8XlP0OyPEbS/+iu3za5qVtA3k+8TjFQtGeF42zLdGl5r1UtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFt6QOeRSFomRU2ciYSwvDW/zSrnMB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvVzNwQTU1RklXaVpGVFp5SmhMQzhOYl9OS3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUfkAwQA
uX1UAwQAwQC1MA0GCSqGSIb3DQEBCwUAA4IBAQAl6CypJsY4WzqRehR5RRO/meCW
SnEw1EDXTWvDtHKeptMSWteO3dP53O3Dfv8AWUAUxa7NZPEU9p2zQ14zwpm84bJv
dHVJx2tnhvGP7/RGoLoesjrRb7grjL+oezMSlVOAAcsXtAiLS+fcUCG2xuIgJBF+
Dkb5bmNLWTWMPhgataUT+P9NIH4cQb8Y52Tr8MBdre/Sp9MWSNNNP5X31BGurY2K
BT3XSCrOXuDHJu0BWbx2Rzxtv8qC9bqGZWP7aOU0/2trRr8/eMoEDAZlMwBAys/D
RrFEp7+NXcO/OaLHiKdWzNSwVJ4XqqdaqdGY1IXb4EQ243htf6ebBSm6TP8W
-----END CERTIFICATE-----
Generated at Tue Oct 22 21:25:29 2024 by rpki-client on console-ams.rpki-client.org