Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/wFWR9hESsncIcMI-Hl-TGTST0UU.roa
File: wFWR9hESsncIcMI-Hl-TGTST0UU.roa (raw, json)
Hash identifier: 0TS7ayTLq2FqeoqLCinXglpUmk1ABIcjE4o7uMKWs0s=
Subject key identifier: C0:55:91:F6:11:12:B2:77:08:70:C2:3E:1E:5F:93:19:34:93:D1:45
Certificate issuer: /CN=acfbbca852b957385909f6bd288cdf363f218b06
Certificate serial: 018CC492AEA2B4A1CE8664B8C643F10ABE7C
Authority key identifier: AC:FB:BC:A8:52:B9:57:38:59:09:F6:BD:28:8C:DF:36:3F:21:8B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPu8qFK5VzhZCfa9KIzfNj8hiwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/wFWR9hESsncIcMI-Hl-TGTST0UU.roa
Signing time: Mon 01 Jan 2024 10:29:56 +0000
ROA not before: Mon 01 Jan 2024 10:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203901
IP address blocks: 185.101.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/rPu8qFK5VzhZCfa9KIzfNj8hiwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/rPu8qFK5VzhZCfa9KIzfNj8hiwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rPu8qFK5VzhZCfa9KIzfNj8hiwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:ae:a2:b4:a1:ce:86:64:b8:c6:43:f1:0a:be:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfbbca852b957385909f6bd288cdf363f218b06
Validity
Not Before: Jan 1 10:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c05591f61112b2770870c23e1e5f93193493d145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6b:69:8f:a9:c7:c7:2c:32:cf:3a:d0:35:20:
b3:9c:d5:0d:5a:90:77:b0:e3:59:74:8e:84:c2:7c:
00:45:36:cc:92:0b:13:e3:6c:83:f1:08:07:91:59:
e4:b2:99:81:f6:09:8c:98:7c:40:cf:54:73:40:c3:
a7:f1:25:d4:ac:4c:86:9c:7d:e6:52:6d:9e:7b:5f:
99:53:26:db:0f:ad:62:4c:31:1d:86:63:8d:d2:d7:
b6:85:79:93:d0:a1:50:75:1e:94:03:dc:6b:0d:19:
4a:03:0f:3c:ec:5b:7b:92:c7:c3:2a:f8:cb:32:10:
7f:cd:82:ce:e7:7d:36:60:1e:d5:8a:91:f1:9d:1c:
eb:96:c0:d6:fc:b9:62:d3:3e:52:3f:c1:94:a0:79:
44:97:36:0c:d8:cf:36:69:a5:85:5e:53:ae:7e:0d:
d9:38:19:cf:1b:ed:35:4f:43:e7:50:97:0e:22:fb:
b5:cf:39:71:2d:54:53:a7:bb:76:b8:70:18:7c:da:
7e:44:3d:9e:1a:f8:91:b0:18:75:52:94:7c:d7:9e:
61:4f:03:0d:4f:5e:22:de:2d:1e:61:5c:18:e4:d3:
06:1f:30:71:0e:1e:cd:5d:1e:3e:2b:7f:d6:28:e7:
4a:93:94:0f:56:92:97:d5:7b:16:bb:40:80:bc:27:
3b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:55:91:F6:11:12:B2:77:08:70:C2:3E:1E:5F:93:19:34:93:D1:45
X509v3 Authority Key Identifier:
keyid:AC:FB:BC:A8:52:B9:57:38:59:09:F6:BD:28:8C:DF:36:3F:21:8B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPu8qFK5VzhZCfa9KIzfNj8hiwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/wFWR9hESsncIcMI-Hl-TGTST0UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/5247b3-6067-436d-ae19-cba722ecb2db/1/rPu8qFK5VzhZCfa9KIzfNj8hiwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.28.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:f2:b9:10:68:f6:c8:4e:88:0c:f6:7f:cd:f0:d1:03:cb:a6:
3c:ef:6e:fc:72:10:9a:27:f7:fd:87:2c:dd:63:d9:f8:64:1f:
c9:cb:28:b2:4f:58:df:d9:f1:95:4a:ee:f4:7f:32:35:06:4e:
d4:b8:14:c2:3b:89:79:43:cc:6e:7a:0c:b8:ba:67:39:fe:06:
ee:aa:5a:e0:66:d0:c6:4f:57:0c:f9:b4:23:d9:aa:da:98:5a:
08:5e:f9:a4:b9:f3:f3:49:54:ca:59:69:bc:db:8f:b6:b3:24:
ff:01:96:b4:28:20:0f:c3:f4:c2:a7:ee:bb:2f:3b:25:56:65:
d1:43:ab:36:c6:3e:30:4f:6c:3a:5c:20:2f:06:09:e0:85:30:
b3:1c:bf:a3:27:cc:13:08:a7:21:c0:cc:58:72:dc:df:36:66:
73:d6:2e:cf:72:91:ff:7c:c8:04:8f:ad:8a:47:2b:78:87:77:
fb:47:f1:dd:8c:fd:1d:e4:cb:ba:e2:28:53:0a:42:73:8d:d1:
02:5c:c8:84:78:0b:5e:83:e7:92:1e:bb:b3:65:f9:8f:10:23:
aa:10:ee:75:4c:77:b7:23:77:94:10:c1:4c:6e:ba:36:6c:c7:
8c:7d:55:8e:f1:b0:ad:ba:52:87:07:cd:52:32:1e:cf:0b:89:
0f:5d:45:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkq6itKHOhmS4xkPxCr58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZmJiY2E4NTJiOTU3Mzg1OTA5ZjZiZDI4OGNkZjM2M2Yy
MThiMDYwHhcNMjQwMTAxMTAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU1OTFmNjExMTJiMjc3MDg3MGMyM2UxZTVmOTMxOTM0OTNkMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Gtpj6nHxywyzzrQNSCznNUNWpB3
sONZdI6EwnwARTbMkgsT42yD8QgHkVnkspmB9gmMmHxAz1RzQMOn8SXUrEyGnH3m
Um2ee1+ZUybbD61iTDEdhmON0te2hXmT0KFQdR6UA9xrDRlKAw887Ft7ksfDKvjL
MhB/zYLO5302YB7VipHxnRzrlsDW/Lli0z5SP8GUoHlElzYM2M82aaWFXlOufg3Z
OBnPG+01T0PnUJcOIvu1zzlxLVRTp7t2uHAYfNp+RD2eGviRsBh1UpR8155hTwMN
T14i3i0eYVwY5NMGHzBxDh7NXR4+K3/WKOdKk5QPVpKX1XsWu0CAvCc7twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBVkfYRErJ3CHDCPh5fkxk0k9FFMB8GA1UdIwQY
MBaAFKz7vKhSuVc4WQn2vSiM3zY/IYsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclB1OHFGSzVWemhaQ2ZhOUtJemZOajhoaXdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS81MjQ3YjMtNjA2Ny00MzZkLWFlMTkt
Y2JhNzIyZWNiMmRiLzEvd0ZXUjloRVNzbmNJY01JLUhsLVRHVFNUMFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS81MjQ3YjMtNjA2Ny00MzZkLWFlMTktY2JhNzIyZWNiMmRi
LzEvclB1OHFGSzVWemhaQ2ZhOUtJemZOajhoaXdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWUcMA0G
CSqGSIb3DQEBCwUAA4IBAQAs8rkQaPbITogM9n/N8NEDy6Y87278chCaJ/f9hyzd
Y9n4ZB/JyyiyT1jf2fGVSu70fzI1Bk7UuBTCO4l5Q8xuegy4umc5/gbuqlrgZtDG
T1cM+bQj2aramFoIXvmkufPzSVTKWWm824+2syT/AZa0KCAPw/TCp+67LzslVmXR
Q6s2xj4wT2w6XCAvBgnghTCzHL+jJ8wTCKchwMxYctzfNmZz1i7PcpH/fMgEj62K
Ryt4h3f7R/HdjP0d5Mu64ihTCkJzjdECXMiEeAteg+eSHruzZfmPECOqEO51THe3
I3eUEMFMbro2bMeMfVWO8bCtulKHB81SMh7PC4kPXUUx
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:07:04 2024 by rpki-client on console-fra.rpki-client.org