Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/wQW0c6qrDXRFXYZ_tc8bQrwPVtY.roa
File: wQW0c6qrDXRFXYZ_tc8bQrwPVtY.roa (raw, json)
Hash identifier: TZ1XHNJBOAJCx37CCDL2BkyTJ/t7EqdCn2rkgk+YUPY=
Subject key identifier: C1:05:B4:73:AA:AB:0D:74:45:5D:86:7F:B5:CF:1B:42:BC:0F:56:D6
Certificate issuer: /CN=d63d5529bda17713ebe6b4c22f7fce4cb8f1e8b3
Certificate serial: 0190971FAE85A58667F4144FC6C6653DDDF1
Authority key identifier: D6:3D:55:29:BD:A1:77:13:EB:E6:B4:C2:2F:7F:CE:4C:B8:F1:E8:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1j1VKb2hdxPr5rTCL3_OTLjx6LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/wQW0c6qrDXRFXYZ_tc8bQrwPVtY.roa
Signing time: Tue 09 Jul 2024 10:52:34 +0000
ROA not before: Tue 09 Jul 2024 10:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210028
IP address blocks: 185.89.99.0/24 maxlen: 24
194.12.56.0/24 maxlen: 24
194.12.57.0/24 maxlen: 24
194.12.58.0/24 maxlen: 24
194.12.59.0/24 maxlen: 24
194.12.60.0/24 maxlen: 24
194.12.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/1j1VKb2hdxPr5rTCL3_OTLjx6LM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/1j1VKb2hdxPr5rTCL3_OTLjx6LM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1j1VKb2hdxPr5rTCL3_OTLjx6LM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:1f:ae:85:a5:86:67:f4:14:4f:c6:c6:65:3d:dd:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d63d5529bda17713ebe6b4c22f7fce4cb8f1e8b3
Validity
Not Before: Jul 9 10:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c105b473aaab0d74455d867fb5cf1b42bc0f56d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:49:39:99:81:57:ba:53:7e:d0:08:97:58:7e:
50:65:11:f4:83:8d:76:6d:a8:56:d4:9b:d3:d9:2d:
83:71:f4:6a:09:4e:9b:1d:dc:7e:9e:de:2e:29:c0:
d9:45:c5:91:33:70:89:4f:f3:12:0b:59:1b:bc:96:
d7:e1:4b:cb:e4:a1:36:e7:16:e5:8c:c9:63:09:15:
37:cd:b9:b0:2e:2c:40:73:fe:e3:be:28:be:a6:a5:
65:7e:be:e8:da:33:83:9d:5b:6c:d1:22:7a:4e:76:
8c:dd:3b:5f:fc:66:25:20:cb:3f:f2:df:05:d8:89:
39:b3:3f:81:d4:ab:55:04:53:cc:fd:f1:6d:49:7c:
ad:9c:41:3a:de:69:86:67:38:d1:08:45:78:9a:00:
ea:8b:5b:e9:52:8c:fd:42:2b:7f:e1:10:d3:37:16:
6b:92:05:14:b9:4b:2c:ad:84:77:71:61:52:73:01:
95:31:5b:52:69:36:a5:b2:57:63:ba:d2:7f:d6:10:
0b:b9:57:b9:53:f1:10:38:90:4d:d9:f6:5b:f7:3a:
9b:df:03:09:b7:26:9c:d4:ba:92:ca:aa:46:5d:c9:
bf:9d:14:72:83:1c:b8:46:4f:63:cd:90:e3:0d:50:
b5:b4:ae:f3:2e:06:dc:13:ce:25:e2:fc:5e:90:1e:
6e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:05:B4:73:AA:AB:0D:74:45:5D:86:7F:B5:CF:1B:42:BC:0F:56:D6
X509v3 Authority Key Identifier:
keyid:D6:3D:55:29:BD:A1:77:13:EB:E6:B4:C2:2F:7F:CE:4C:B8:F1:E8:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1j1VKb2hdxPr5rTCL3_OTLjx6LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/wQW0c6qrDXRFXYZ_tc8bQrwPVtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/62b342-7c20-41e3-8f1b-cdcf5f6a4c27/1/1j1VKb2hdxPr5rTCL3_OTLjx6LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.99.0/24
194.12.56.0-194.12.61.255
Signature Algorithm: sha256WithRSAEncryption
61:c5:e7:f8:49:78:63:37:75:22:c1:46:be:6d:a7:6c:9f:c4:
30:7b:44:ca:2e:7e:ea:54:b3:20:b9:eb:54:30:4b:36:d1:43:
91:cd:bf:15:eb:c5:64:6c:50:1e:f9:59:59:bd:26:88:9d:27:
92:ca:8e:d6:b7:4d:d6:a5:fe:f8:c3:ad:47:a6:26:0c:ce:97:
64:01:77:a0:e9:de:29:fd:1c:e7:b9:bf:e2:31:ac:bd:0f:19:
6b:be:42:60:d8:c6:95:8f:6c:81:63:74:90:e1:1c:5b:18:f2:
d4:1c:9e:76:99:f7:14:44:34:f1:45:e9:36:24:d2:2b:c8:70:
78:d4:89:98:38:81:2c:0a:0b:ce:57:58:7b:d6:05:3d:bb:c8:
ad:3c:7d:16:b4:b2:b1:7c:f3:b5:bc:ec:15:82:0c:93:77:72:
26:62:23:81:62:60:b9:c6:91:99:3b:82:1e:d8:8c:c9:5f:46:
91:38:9a:e0:ac:8f:f1:ea:bc:0f:52:9c:bc:d8:19:c7:64:19:
ea:53:bf:41:52:66:09:0a:c5:ae:e4:d1:85:bf:cb:bf:d0:13:
69:9c:2c:b5:3b:47:1d:92:93:ec:e5:01:0e:f5:93:83:c4:d9:
1d:b2:a6:0d:a9:5d:30:c8:29:9a:f7:82:b3:c0:10:cd:a3:39:
0f:2d:ea:d9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZCXH66FpYZn9BRPxsZlPd3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2M2Q1NTI5YmRhMTc3MTNlYmU2YjRjMjJmN2ZjZTRjYjhm
MWU4YjMwHhcNMjQwNzA5MTA1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTA1YjQ3M2FhYWIwZDc0NDU1ZDg2N2ZiNWNmMWI0MmJjMGY1NmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0k5mYFXulN+0AiXWH5QZRH0g412
bahW1JvT2S2DcfRqCU6bHdx+nt4uKcDZRcWRM3CJT/MSC1kbvJbX4UvL5KE25xbl
jMljCRU3zbmwLixAc/7jvii+pqVlfr7o2jODnVts0SJ6TnaM3Ttf/GYlIMs/8t8F
2Ik5sz+B1KtVBFPM/fFtSXytnEE63mmGZzjRCEV4mgDqi1vpUoz9Qit/4RDTNxZr
kgUUuUssrYR3cWFScwGVMVtSaTalsldjutJ/1hALuVe5U/EQOJBN2fZb9zqb3wMJ
tyac1LqSyqpGXcm/nRRygxy4Rk9jzZDjDVC1tK7zLgbcE84l4vxekB5uVQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMEFtHOqqw10RV2Gf7XPG0K8D1bWMB8GA1UdIwQY
MBaAFNY9VSm9oXcT6+a0wi9/zky48eizMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWoxVktiMmhkeFByNXJUQ0wzX09UTGp4NkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82MmIzNDItN2MyMC00MWUzLThmMWIt
Y2RjZjVmNmE0YzI3LzEvd1FXMGM2cXJEWFJGWFlaX3RjOGJRcndQVnRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82MmIzNDItN2MyMC00MWUzLThmMWItY2RjZjVmNmE0YzI3
LzEvMWoxVktiMmhkeFByNXJUQ0wzX09UTGp4NkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAuVljMAwD
BAPCDDgDBAHCDDwwDQYJKoZIhvcNAQELBQADggEBAGHF5/hJeGM3dSLBRr5tp2yf
xDB7RMoufupUsyC561QwSzbRQ5HNvxXrxWRsUB75WVm9JoidJ5LKjta3Tdal/vjD
rUemJgzOl2QBd6Dp3in9HOe5v+IxrL0PGWu+QmDYxpWPbIFjdJDhHFsY8tQcnnaZ
9xRENPFF6TYk0ivIcHjUiZg4gSwKC85XWHvWBT27yK08fRa0srF887W87BWCDJN3
ciZiI4FiYLnGkZk7gh7YjMlfRpE4muCsj/HqvA9SnLzYGcdkGepTv0FSZgkKxa7k
0YW/y7/QE2mcLLU7Rx2Sk+zlAQ71k4PE2R2ypg2pXTDIKZr3grPAEM2jOQ8t6tk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:44:24 2024 by rpki-client on console-ams.rpki-client.org