Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/wZuIV35T8_NAfPE70kNRetY2IZs.roa
File: wZuIV35T8_NAfPE70kNRetY2IZs.roa (raw, json)
Hash identifier: AqXvn5iaWtiBK2GrhDsv5omaYcn0IBhm7tBxsHuMjdM=
Subject key identifier: C1:9B:88:57:7E:53:F3:F3:40:7C:F1:3B:D2:43:51:7A:D6:36:21:9B
Certificate issuer: /CN=fc05169be4c74952672597df103eeb1b47bb68a3
Certificate serial: 018CC94E6448E9EBD50326E96B644E327610
Authority key identifier: FC:05:16:9B:E4:C7:49:52:67:25:97:DF:10:3E:EB:1B:47:BB:68:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_AUWm-THSVJnJZffED7rG0e7aKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/wZuIV35T8_NAfPE70kNRetY2IZs.roa
Signing time: Tue 02 Jan 2024 08:33:27 +0000
ROA not before: Tue 02 Jan 2024 08:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57998
IP address blocks: 91.237.156.0/24 maxlen: 24
91.237.155.0/24 maxlen: 24
91.237.156.0/22 maxlen: 22
91.237.159.0/24 maxlen: 24
91.237.154.0/23 maxlen: 23
91.237.154.0/24 maxlen: 24
91.237.158.0/24 maxlen: 24
91.237.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/_AUWm-THSVJnJZffED7rG0e7aKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/_AUWm-THSVJnJZffED7rG0e7aKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_AUWm-THSVJnJZffED7rG0e7aKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:64:48:e9:eb:d5:03:26:e9:6b:64:4e:32:76:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc05169be4c74952672597df103eeb1b47bb68a3
Validity
Not Before: Jan 2 08:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c19b88577e53f3f3407cf13bd243517ad636219b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:05:5a:1a:51:a1:2d:02:44:35:91:e3:ce:
bc:16:7b:98:57:1e:f5:b2:97:c7:70:6a:ec:08:fc:
a1:e1:ef:81:c3:fd:c5:45:c2:0c:b8:3c:6f:51:c7:
d1:7e:30:81:a7:31:72:e4:9a:b8:b0:5b:bc:d7:e0:
36:77:63:16:b1:cb:ae:a4:de:76:3c:13:9b:14:6c:
9f:4e:06:1d:6a:aa:70:4b:9d:21:99:5d:41:49:48:
96:a6:36:cd:de:bb:0f:d7:79:2c:a5:4d:2e:60:3b:
b7:aa:b5:a8:26:6c:57:f2:77:3a:dd:36:e4:66:0c:
0d:42:08:c6:4d:45:71:c6:65:54:ba:2c:6c:c5:db:
a1:3a:95:06:df:8c:9e:7d:94:dd:f1:8e:79:23:76:
6c:97:b5:4d:95:d4:d3:f0:b5:f0:89:dc:67:6c:a9:
24:39:81:df:ed:f3:ff:ce:93:00:32:97:4b:dc:45:
bd:3a:ed:40:2b:73:39:d4:58:68:e6:ca:76:6f:e7:
ff:45:42:b3:b9:3b:9c:c8:75:e0:ab:ff:de:b3:8f:
5e:6d:8b:b4:ab:32:b0:27:fe:87:e0:fe:e4:fd:55:
f5:c7:ba:89:31:41:ef:34:33:37:5b:82:ef:4d:83:
18:46:12:29:b3:55:21:89:ef:38:86:55:1e:b3:79:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9B:88:57:7E:53:F3:F3:40:7C:F1:3B:D2:43:51:7A:D6:36:21:9B
X509v3 Authority Key Identifier:
keyid:FC:05:16:9B:E4:C7:49:52:67:25:97:DF:10:3E:EB:1B:47:BB:68:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_AUWm-THSVJnJZffED7rG0e7aKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/wZuIV35T8_NAfPE70kNRetY2IZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b59baf-113e-460b-93e7-338a98a1d9cb/1/_AUWm-THSVJnJZffED7rG0e7aKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.154.0-91.237.159.255
Signature Algorithm: sha256WithRSAEncryption
17:30:e7:8c:9b:d4:3e:1d:b0:33:3b:88:9a:06:49:28:e5:8c:
e2:fb:21:a2:2a:07:6b:b3:b0:3c:59:f4:d6:68:12:e1:49:f7:
a1:aa:64:af:79:d7:25:30:1b:eb:0a:6d:49:d0:96:9d:e3:a4:
b5:b5:48:52:7b:51:67:37:d9:b7:bd:f7:0b:e5:3e:43:96:9a:
6e:ef:da:62:d3:75:80:67:03:0a:09:cd:83:61:5e:07:a1:1e:
59:0f:06:4b:4d:82:65:6f:69:a6:91:79:a1:9e:0b:bd:6e:8d:
49:c6:de:a6:71:92:4c:35:27:ff:e1:38:96:59:18:73:51:69:
bb:f0:f9:b3:46:82:e3:cf:24:8b:fa:eb:c9:4a:c1:66:ae:6a:
9d:e5:1a:6c:4c:de:a9:f8:7c:44:88:f7:06:46:d0:a4:07:b6:
b9:f6:85:b1:1d:c2:fe:b2:5a:b8:c0:3e:f3:9e:07:1a:b5:f5:
4d:3e:9b:28:9a:17:99:f9:47:fc:f7:3b:cb:33:ab:63:c0:b8:
14:17:0d:f2:46:09:cd:5c:b3:83:6f:ea:78:37:8c:9b:79:62:
cd:8d:ff:3d:0c:89:51:b9:af:c9:d2:79:ee:a4:d5:00:ec:82:
13:c9:c8:a2:8b:a8:8b:65:0d:e3:eb:f9:3e:36:39:4b:5a:10:
29:80:c1:09
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJTmRI6evVAybpa2ROMnYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMDUxNjliZTRjNzQ5NTI2NzI1OTdkZjEwM2VlYjFiNDdi
YjY4YTMwHhcNMjQwMTAyMDgzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTliODg1NzdlNTNmM2YzNDA3Y2YxM2JkMjQzNTE3YWQ2MzYyMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkUFWhpRoS0CRDWR4868FnuYVx71
spfHcGrsCPyh4e+Bw/3FRcIMuDxvUcfRfjCBpzFy5Jq4sFu81+A2d2MWscuupN52
PBObFGyfTgYdaqpwS50hmV1BSUiWpjbN3rsP13kspU0uYDu3qrWoJmxX8nc63Tbk
ZgwNQgjGTUVxxmVUuixsxduhOpUG34yefZTd8Y55I3Zsl7VNldTT8LXwidxnbKkk
OYHf7fP/zpMAMpdL3EW9Ou1AK3M51Fho5sp2b+f/RUKzuTucyHXgq//es49ebYu0
qzKwJ/6H4P7k/VX1x7qJMUHvNDM3W4LvTYMYRhIps1Uhie84hlUes3nzEwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMGbiFd+U/PzQHzxO9JDUXrWNiGbMB8GA1UdIwQY
MBaAFPwFFpvkx0lSZyWX3xA+6xtHu2ijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0FVV20tVEhTVkpuSlpmZkVEN3JHMGU3YUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9iNTliYWYtMTEzZS00NjBiLTkzZTct
MzM4YTk4YTFkOWNiLzEvd1p1SVYzNVQ4X05BZlBFNzBrTlJldFkySVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9iNTliYWYtMTEzZS00NjBiLTkzZTctMzM4YTk4YTFkOWNi
LzEvX0FVV20tVEhTVkpuSlpmZkVEN3JHMGU3YUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFb7ZoD
BAVb7YAwDQYJKoZIhvcNAQELBQADggEBABcw54yb1D4dsDM7iJoGSSjljOL7IaIq
B2uzsDxZ9NZoEuFJ96GqZK951yUwG+sKbUnQlp3jpLW1SFJ7UWc32be99wvlPkOW
mm7v2mLTdYBnAwoJzYNhXgehHlkPBktNgmVvaaaReaGeC71ujUnG3qZxkkw1J//h
OJZZGHNRabvw+bNGguPPJIv668lKwWauap3lGmxM3qn4fESI9wZG0KQHtrn2hbEd
wv6yWrjAPvOeBxq19U0+myiaF5n5R/z3O8szq2PAuBQXDfJGCc1cs4Nv6ng3jJt5
Ys2N/z0MiVG5r8nSee6k1QDsghPJyKKLqItlDePr+T42OUtaECmAwQk=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:22:37 2024 by rpki-client on console-ams.rpki-client.org