Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/WxlDWzOy4Fv4iKcjVJUKNbFCXDU.roa
File: WxlDWzOy4Fv4iKcjVJUKNbFCXDU.roa (raw, json)
Hash identifier: 3536b2nemRCGC9lKmJOL46IS+goTdyKnxVd8h8e27ic=
Subject key identifier: 5B:19:43:5B:33:B2:E0:5B:F8:88:A7:23:54:95:0A:35:B1:42:5C:35
Certificate issuer: /CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Certificate serial: 018CC5DC2EEB77B2973241B041F40B55417E
Authority key identifier: 7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/WxlDWzOy4Fv4iKcjVJUKNbFCXDU.roa
Signing time: Mon 01 Jan 2024 16:29:50 +0000
ROA not before: Mon 01 Jan 2024 16:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136744
IP address blocks: 212.23.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2e:eb:77:b2:97:32:41:b0:41:f4:0b:55:41:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Validity
Not Before: Jan 1 16:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b19435b33b2e05bf888a72354950a35b1425c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:4f:09:60:ba:f1:e9:dc:66:00:38:30:ad:
1f:f5:c6:82:dd:83:9d:80:ad:56:9c:3a:82:18:46:
35:f1:c2:db:d7:d5:be:52:b8:88:4c:42:ac:31:b2:
26:74:51:43:79:a4:18:a4:b7:f8:da:9f:4d:d9:e3:
2c:14:5a:50:af:b0:c5:20:a6:37:9c:97:4b:86:1d:
cc:b5:78:af:a6:e3:37:c9:55:a1:ab:f8:82:95:13:
32:f7:f2:ad:7d:7a:8c:ca:2b:7f:48:6c:1d:25:c2:
85:b7:6f:1e:f5:71:61:fb:ed:14:92:ee:a3:f2:4a:
03:c9:85:bb:6d:16:7c:00:d9:4b:0b:39:46:3f:ee:
ec:31:a7:37:60:4b:38:ce:1d:af:12:72:e6:d1:e1:
61:29:ca:70:89:54:3d:35:c7:d0:bc:5b:26:53:c4:
1d:5e:1b:43:c8:a9:44:86:7a:51:d4:17:46:8a:27:
e3:33:76:42:da:f4:cb:e7:90:87:d0:fc:43:64:72:
21:d0:56:87:ca:68:d7:a8:26:5c:7d:10:74:70:8b:
66:68:2f:51:31:09:d1:d6:16:80:b2:a0:ec:33:42:
d0:8f:c5:3e:57:82:fd:40:4b:5c:b6:f6:e9:56:ab:
fd:64:30:ca:d4:1f:dd:67:84:e7:41:41:7a:43:be:
03:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:19:43:5B:33:B2:E0:5B:F8:88:A7:23:54:95:0A:35:B1:42:5C:35
X509v3 Authority Key Identifier:
keyid:7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/WxlDWzOy4Fv4iKcjVJUKNbFCXDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.208.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:2b:b4:17:c0:8c:8d:47:de:d5:09:41:97:50:3b:89:40:81:
c9:e5:6a:0b:32:8f:5c:f9:d7:cd:16:98:1b:58:60:01:05:50:
92:98:ce:c8:a7:45:d1:5f:10:24:b1:76:cb:56:24:12:2b:aa:
65:3c:01:07:6b:a4:cf:b7:fd:31:58:3a:d7:8b:ce:5e:d8:3c:
4e:2f:56:9d:ed:f7:1e:c6:9d:94:ab:0f:aa:16:62:28:0d:e1:
5b:aa:07:0b:ff:f0:a1:d1:8d:10:da:96:e2:ca:1d:2e:b0:70:
c6:9d:d4:99:86:5d:20:7c:dd:cc:38:07:5e:a9:5f:e3:8e:2f:
c3:33:d6:ad:e3:0c:4e:db:99:40:4b:9c:26:3d:82:eb:b3:0f:
f3:59:0f:df:65:23:6c:14:04:5a:11:8d:85:b4:2b:d8:fe:42:
97:07:aa:a2:17:25:90:32:92:1b:2e:37:b3:59:6f:63:e3:8b:
b0:72:ec:7e:22:fd:2e:e9:b2:53:b2:84:aa:eb:27:f1:4a:56:
4b:2e:83:fc:0b:57:a2:65:9d:0e:67:a3:76:88:20:16:75:68:
c2:d6:de:a8:2a:7a:10:ea:8f:cd:fb:fa:9a:d0:75:46:6f:91:
17:b8:b7:11:c5:6f:d6:9c:02:4d:96:d2:09:29:a4:84:18:12:
25:51:d4:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3C7rd7KXMkGwQfQLVUF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzczNGRmZWExMjA2NTc0MTJlYTg2N2RkYmM3Yjg0ZDEz
MmJmNzgwHhcNMjQwMTAxMTYyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjE5NDM1YjMzYjJlMDViZjg4OGE3MjM1NDk1MGEzNWIxNDI1YzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFFPCWC68encZgA4MK0f9caC3YOd
gK1WnDqCGEY18cLb19W+UriITEKsMbImdFFDeaQYpLf42p9N2eMsFFpQr7DFIKY3
nJdLhh3MtXivpuM3yVWhq/iClRMy9/KtfXqMyit/SGwdJcKFt28e9XFh++0Uku6j
8koDyYW7bRZ8ANlLCzlGP+7sMac3YEs4zh2vEnLm0eFhKcpwiVQ9NcfQvFsmU8Qd
XhtDyKlEhnpR1BdGiifjM3ZC2vTL55CH0PxDZHIh0FaHymjXqCZcfRB0cItmaC9R
MQnR1haAsqDsM0LQj8U+V4L9QEtctvbpVqv9ZDDK1B/dZ4TnQUF6Q74DIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsZQ1szsuBb+IinI1SVCjWxQlw1MB8GA1UdIwQY
MBaAFH93NN/qEgZXQS6oZ928e4TRMr94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYt
MTk2OTMxOTYyZDNjLzEvV3hsRFd6T3k0RnY0aUtjalZKVUtOYkZDWERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYtMTk2OTMxOTYyZDNj
LzEvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfQMA0G
CSqGSIb3DQEBCwUAA4IBAQBsK7QXwIyNR97VCUGXUDuJQIHJ5WoLMo9c+dfNFpgb
WGABBVCSmM7Ip0XRXxAksXbLViQSK6plPAEHa6TPt/0xWDrXi85e2DxOL1ad7fce
xp2Uqw+qFmIoDeFbqgcL//Ch0Y0Q2pbiyh0usHDGndSZhl0gfN3MOAdeqV/jji/D
M9at4wxO25lAS5wmPYLrsw/zWQ/fZSNsFARaEY2FtCvY/kKXB6qiFyWQMpIbLjez
WW9j44uwcux+Iv0u6bJTsoSq6yfxSlZLLoP8C1eiZZ0OZ6N2iCAWdWjC1t6oKnoQ
6o/N+/qa0HVGb5EXuLcRxW/WnAJNltIJKaSEGBIlUdR1
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:39:48 2024 by rpki-client on console-ams.rpki-client.org