Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/WDiePfFCLbv6TYFsZh9otFWz8qI.roa
File: WDiePfFCLbv6TYFsZh9otFWz8qI.roa (raw, json)
Hash identifier: 6Q7ogjuKDpUxEIuhIILJEBumfZ9kyFNRGoymzDBP7Us=
Subject key identifier: 58:38:9E:3D:F1:42:2D:BB:FA:4D:81:6C:66:1F:68:B4:55:B3:F2:A2
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 01927A6BB4F7543C62CFB48AFA95F49BC87C
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/WDiePfFCLbv6TYFsZh9otFWz8qI.roa
Signing time: Fri 11 Oct 2024 07:12:11 +0000
ROA not before: Fri 11 Oct 2024 07:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
128.0.144.0/23 maxlen: 24
128.0.144.0/24 maxlen: 24
128.0.145.0/24 maxlen: 24
128.0.146.0/23 maxlen: 23
128.0.148.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
128.0.154.0/24 maxlen: 24
185.5.8.0/23 maxlen: 24
185.5.8.0/24 maxlen: 24
185.5.9.0/24 maxlen: 24
185.5.10.0/23 maxlen: 23
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 24
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
2a02:45c0::/32 maxlen: 48
2a02:45c0::/48 maxlen: 48
2a02:45c0:1::/48 maxlen: 48
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
2a02:45c0:20::/48 maxlen: 48
2a02:45c0:fffe::/48 maxlen: 48
2a02:45c0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:6b:b4:f7:54:3c:62:cf:b4:8a:fa:95:f4:9b:c8:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Oct 11 07:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58389e3df1422dbbfa4d816c661f68b455b3f2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0a:dd:b0:03:50:3d:93:98:aa:20:24:50:b4:
08:e1:36:d4:ce:8d:ab:60:69:81:a6:47:d0:0a:96:
dc:f6:7e:8b:f3:6b:fe:b3:c5:99:fb:e7:ec:af:f0:
5e:be:51:51:42:ac:ac:b0:ac:fe:6f:1e:13:6e:b2:
05:da:17:23:63:b5:dc:49:8a:f5:74:e6:c9:05:26:
4c:83:ac:6b:3f:3e:2b:1e:22:05:5a:44:32:f2:d0:
d3:3f:d8:1b:72:b9:0f:09:30:12:8e:69:b4:8a:91:
05:24:92:34:fd:88:4b:ed:62:d6:90:14:96:9a:63:
7d:78:ce:74:af:09:70:9f:56:98:82:01:0c:00:a6:
76:f4:f6:97:11:9a:1f:f4:0d:0f:d9:fd:59:94:12:
10:4a:29:d1:f7:97:c3:5f:4a:d9:01:a9:43:33:c4:
b5:96:d6:be:06:85:2c:12:1f:4d:ca:71:23:07:72:
2d:8c:23:18:72:c1:6a:11:2a:f8:1b:ff:b5:be:27:
67:79:a3:e2:e3:f7:07:c9:de:25:d2:73:f9:0e:d2:
6a:8e:b3:1f:39:ac:03:2e:09:4b:ba:4e:f6:ea:cb:
ec:f0:de:03:a4:8a:ef:5f:28:ef:4a:4a:9c:c6:da:
fe:1b:1a:20:f8:2b:43:a6:af:e1:4d:84:31:0d:9b:
b3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:38:9E:3D:F1:42:2D:BB:FA:4D:81:6C:66:1F:68:B4:55:B3:F2:A2
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/WDiePfFCLbv6TYFsZh9otFWz8qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:a6:c6:4e:81:2e:bd:3c:45:0a:2a:d4:53:96:a6:98:b2:3e:
af:48:18:f1:ca:9e:b8:d6:cd:00:cf:5f:d9:a5:c9:5e:f7:db:
6c:ab:c5:c3:8e:70:2a:77:b8:47:2f:e1:bd:32:97:03:83:fd:
14:60:41:9a:4a:01:de:47:0f:26:56:7e:b8:6f:ca:12:51:91:
77:61:46:7d:96:b8:19:ae:60:97:67:e3:b6:eb:f9:10:a8:95:
01:ce:27:10:0d:57:c7:93:33:3b:69:d3:0c:14:44:c4:47:8b:
39:71:db:b2:be:23:0e:fe:09:4a:36:92:f9:dc:31:bb:7d:29:
a6:f9:f9:94:1f:08:f8:39:93:1b:63:fa:b9:0d:89:8f:76:9d:
63:eb:88:5d:e5:45:3d:e5:ab:10:a1:e5:61:b6:d2:8c:be:11:
0c:85:6f:b1:cd:52:63:3c:71:e6:df:ef:9e:27:f5:8e:d1:ce:
7d:3b:eb:5e:9d:6c:10:47:11:22:5c:e3:b1:15:eb:6a:d0:14:
82:8f:c3:df:df:fe:f7:a3:da:91:3a:d6:6e:42:22:54:cb:cd:
32:e3:7d:ae:4f:0f:87:70:9d:08:8e:de:71:ed:f5:3f:31:e9:
2a:29:c0:fd:b9:1e:72:c5:7c:ec:02:99:97:49:be:08:a1:44:
1a:dc:e6:ff
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZJ6a7T3VDxiz7SK+pX0m8h8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjQxMDExMDcxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODM4OWUzZGYxNDIyZGJiZmE0ZDgxNmM2NjFmNjhiNDU1YjNmMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigrdsANQPZOYqiAkULQI4TbUzo2r
YGmBpkfQCpbc9n6L82v+s8WZ++fsr/BevlFRQqyssKz+bx4TbrIF2hcjY7XcSYr1
dObJBSZMg6xrPz4rHiIFWkQy8tDTP9gbcrkPCTASjmm0ipEFJJI0/YhL7WLWkBSW
mmN9eM50rwlwn1aYggEMAKZ29PaXEZof9A0P2f1ZlBIQSinR95fDX0rZAalDM8S1
lta+BoUsEh9NynEjB3ItjCMYcsFqESr4G/+1vidneaPi4/cHyd4l0nP5DtJqjrMf
OawDLglLuk726svs8N4DpIrvXyjvSkqcxtr+Gxog+CtDpq/hTYQxDZuz+wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFFg4nj3xQi27+k2BbGYfaLRVs/KiMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvV0RpZVBmRkNMYnY2VFlGc1poOW90Rld6OHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAK5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEAnabGToEuvTxFCirUU5ammLI+r0gY8cqeuNbNAM9f
2aXJXvfbbKvFw45wKne4Ry/hvTKXA4P9FGBBmkoB3kcPJlZ+uG/KElGRd2FGfZa4
Ga5gl2fjtuv5EKiVAc4nEA1Xx5MzO2nTDBRExEeLOXHbsr4jDv4JSjaS+dwxu30p
pvn5lB8I+DmTG2P6uQ2Jj3adY+uIXeVFPeWrEKHlYbbSjL4RDIVvsc1SYzxx5t/v
nif1jtHOfTvrXp1sEEcRIlzjsRXratAUgo/D39/+96PakTrWbkIiVMvNMuN9rk8P
h3CdCI7ece31PzHpKinA/bkecsV87AKZl0m+CKFEGtzm/w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:12:49 2024 by rpki-client on console-ams.rpki-client.org