Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/wH8dKoeGJgGmweQofWa1pKLttjs.roa
File: wH8dKoeGJgGmweQofWa1pKLttjs.roa (raw, json)
Hash identifier: q734lCUvqcbixBUU0tIHN9nSC2QLyXLQ0pIDYY0+ZTw=
Subject key identifier: C0:7F:1D:2A:87:86:26:01:A6:C1:E4:28:7D:66:B5:A4:A2:ED:B6:3B
Certificate issuer: /CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Certificate serial: 018EE123F9693A4DA2999F240DDED33B0563
Authority key identifier: 13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/wH8dKoeGJgGmweQofWa1pKLttjs.roa
Signing time: Mon 15 Apr 2024 09:43:34 +0000
ROA not before: Mon 15 Apr 2024 09:43:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199967
IP address blocks: 2.56.151.0/24 maxlen: 24
5.252.197.0/24 maxlen: 24
45.146.120.0/24 maxlen: 24
45.146.121.0/24 maxlen: 24
92.118.44.0/24 maxlen: 24
92.118.45.0/24 maxlen: 24
92.118.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:23:f9:69:3a:4d:a2:99:9f:24:0d:de:d3:3b:05:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Validity
Not Before: Apr 15 09:43:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c07f1d2a87862601a6c1e4287d66b5a4a2edb63b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9c:51:fa:1c:65:d7:8e:d9:6b:00:fc:df:b2:
a1:7f:96:4a:a3:a6:f4:17:ba:d9:05:1c:78:b2:af:
44:c2:a5:3d:91:07:e0:f8:47:e5:62:49:62:b2:37:
dc:6a:b5:2e:68:3f:08:99:e7:b7:1a:11:e9:de:32:
7e:63:25:9a:53:ea:0c:61:91:45:a1:82:46:7f:51:
82:fd:8c:8d:fe:dc:86:79:28:69:8a:6a:bf:5e:35:
82:db:f8:af:cf:f2:3b:2b:d9:63:28:a7:ec:bf:d6:
00:8f:ab:5a:f8:34:40:2b:65:a0:e2:71:7c:6c:39:
ff:5d:2e:64:32:45:08:b5:04:ce:9c:02:4d:c9:d8:
05:8e:6d:71:48:54:bc:be:4c:3e:cd:ef:f0:5a:8b:
65:0d:9e:e3:a0:6b:bc:87:fd:8b:a9:67:52:0a:c5:
74:7b:f5:fa:8b:a7:77:a2:82:93:b9:fd:1a:a3:d4:
89:f7:d1:12:cc:25:9f:d1:9e:5d:0f:d0:a7:01:56:
bb:15:1c:d3:59:b3:e1:1f:5f:a6:50:74:9e:f4:d9:
90:96:36:62:1b:0f:3c:d6:2d:7d:99:48:33:7a:64:
08:2d:e7:bf:7f:9c:20:86:9b:b0:d2:03:26:7f:1f:
2e:e5:5c:f2:08:de:6f:ee:1f:53:72:4b:69:ae:22:
06:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:7F:1D:2A:87:86:26:01:A6:C1:E4:28:7D:66:B5:A4:A2:ED:B6:3B
X509v3 Authority Key Identifier:
keyid:13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/wH8dKoeGJgGmweQofWa1pKLttjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.151.0/24
5.252.197.0/24
45.146.120.0/23
92.118.44.0/23
92.118.47.0/24
Signature Algorithm: sha256WithRSAEncryption
08:30:b8:2a:b7:20:8f:d6:9a:d1:89:2f:6a:05:32:52:77:09:
37:33:18:24:a0:a3:55:fe:5a:eb:20:3a:c7:6e:35:df:d9:47:
c9:a1:ee:6d:c2:25:c5:00:12:77:3e:ff:2c:d6:6c:f6:fe:22:
e1:fa:f2:09:6e:16:c7:75:78:e8:40:6e:8a:3e:03:24:e7:f9:
42:7f:a7:4d:25:66:89:17:75:bb:db:5b:1b:61:e7:55:93:33:
0d:4a:50:63:ae:29:5f:fe:d8:cf:3f:7d:44:08:0a:3a:33:8d:
d2:50:59:95:3c:fc:29:30:a8:d4:86:bb:93:8d:ea:8e:3a:61:
0b:d8:37:0d:40:4e:47:55:a2:b5:a4:00:33:8f:3f:1a:b0:eb:
73:f7:cc:5a:36:69:30:bf:a5:70:94:e6:79:4d:0a:95:04:0a:
a5:26:8d:9f:47:e8:6d:90:0d:94:73:57:00:b7:0a:ee:e9:c1:
01:53:7d:d1:75:e5:8a:a9:00:f2:be:e0:4f:19:33:cf:d0:26:
1e:52:b0:c2:91:ba:6a:d5:2f:47:74:69:5d:48:39:fe:8a:5b:
04:ca:fc:a8:e3:4d:ca:31:74:17:48:7d:38:aa:07:bd:8d:74:
11:01:b9:62:fa:55:46:e8:37:f5:67:72:f1:f8:80:ef:a6:ce:
e5:e5:19:28
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7hI/lpOk2imZ8kDd7TOwVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzJlMGMyYjgzZGQ1MTA5MDEzYzdmMWMwYmI5NzE2ZDM2
MThkZDIwHhcNMjQwNDE1MDk0MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDdmMWQyYTg3ODYyNjAxYTZjMWU0Mjg3ZDY2YjVhNGEyZWRiNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5xR+hxl147ZawD837Khf5ZKo6b0
F7rZBRx4sq9EwqU9kQfg+EflYklisjfcarUuaD8Imee3GhHp3jJ+YyWaU+oMYZFF
oYJGf1GC/YyN/tyGeShpimq/XjWC2/ivz/I7K9ljKKfsv9YAj6ta+DRAK2Wg4nF8
bDn/XS5kMkUItQTOnAJNydgFjm1xSFS8vkw+ze/wWotlDZ7joGu8h/2LqWdSCsV0
e/X6i6d3ooKTuf0ao9SJ99ESzCWf0Z5dD9CnAVa7FRzTWbPhH1+mUHSe9NmQljZi
Gw881i19mUgzemQILee/f5wghpuw0gMmfx8u5VzyCN5v7h9TcktpriIG/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMB/HSqHhiYBpsHkKH1mtaSi7bY7MB8GA1UdIwQY
MBaAFBNy4MK4PdUQkBPH8cC7lxbTYY3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQt
ZGQxZWM1N2Q3ZTc0LzEvd0g4ZEtvZUdKZ0dtd2VRb2ZXYTFwS0x0dGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQtZGQxZWM1N2Q3ZTc0
LzEvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjiXAwQA
BfzFAwQBLZJ4AwQBXHYsAwQAXHYvMA0GCSqGSIb3DQEBCwUAA4IBAQAIMLgqtyCP
1prRiS9qBTJSdwk3MxgkoKNV/lrrIDrHbjXf2UfJoe5twiXFABJ3Pv8s1mz2/iLh
+vIJbhbHdXjoQG6KPgMk5/lCf6dNJWaJF3W721sbYedVkzMNSlBjrilf/tjPP31E
CAo6M43SUFmVPPwpMKjUhruTjeqOOmEL2DcNQE5HVaK1pAAzjz8asOtz98xaNmkw
v6VwlOZ5TQqVBAqlJo2fR+htkA2Uc1cAtwru6cEBU33RdeWKqQDyvuBPGTPP0CYe
UrDCkbpq1S9HdGldSDn+ilsEyvyo403KMXQXSH04qge9jXQRAbli+lVG6Df1Z3Lx
+IDvps7l5Rko
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:20 2024 by rpki-client on console-fra.rpki-client.org