Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/wkGYdhL0DXJxtvUqL6W8lqF5V50.roa
File: wkGYdhL0DXJxtvUqL6W8lqF5V50.roa (raw, json)
Hash identifier: WYrPMT9s0Z7UyIEvob11ZzDXKDbXZ+UV04Rz6Op6VAU=
Subject key identifier: C2:41:98:76:12:F4:0D:72:71:B6:F5:2A:2F:A5:BC:96:A1:79:57:9D
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018CC49389324A4DDC5DD13FE4908F981E59
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/wkGYdhL0DXJxtvUqL6W8lqF5V50.roa
Signing time: Mon 01 Jan 2024 10:30:52 +0000
ROA not before: Mon 01 Jan 2024 10:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 146.66.210.0/24 maxlen: 24
178.157.109.0/24 maxlen: 24
188.74.131.0/24 maxlen: 24
188.74.130.0/24 maxlen: 24
188.119.161.0/24 maxlen: 24
188.119.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:89:32:4a:4d:dc:5d:d1:3f:e4:90:8f:98:1e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 10:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c241987612f40d7271b6f52a2fa5bc96a179579d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:72:c4:e3:39:e3:0e:2d:23:3a:da:99:3c:da:
05:23:61:34:dc:8d:d7:fe:6f:c8:e5:18:d5:9c:70:
7e:c3:57:0e:3b:ad:bb:10:b0:f8:64:7b:c0:3f:8f:
cf:3b:f1:e0:c3:16:cd:35:9d:a3:69:6d:76:95:ce:
63:0a:f6:d9:19:ec:ef:9b:bb:46:d8:db:41:b5:59:
05:4d:df:05:a1:52:c8:04:fe:61:72:d9:51:42:c5:
05:e5:e0:4b:b7:ff:c6:c2:e3:02:8e:3f:bc:b3:f1:
3f:63:ff:c1:86:ac:18:29:52:df:41:09:10:bd:2d:
61:fe:90:fd:94:30:68:01:98:89:2e:65:f3:48:52:
16:8c:c0:0b:88:8c:22:00:77:e9:7a:0a:13:20:8e:
56:1a:9e:91:6b:db:fd:be:55:4b:d8:9e:72:86:22:
c3:3c:6e:55:c2:02:9f:4e:e6:9c:18:f0:b8:f7:bf:
13:2f:7f:d8:9c:83:fc:97:d6:e1:42:fb:b4:82:fb:
a8:3f:4f:b2:57:34:b0:b2:3f:1b:07:d4:97:45:fd:
9c:e5:0d:34:70:23:df:38:60:e2:f5:30:f6:0e:e9:
7f:52:1c:d4:eb:55:7b:e0:25:54:07:68:be:ef:34:
da:3f:23:ac:d1:2a:36:4e:27:89:ac:35:f0:b3:37:
c2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:41:98:76:12:F4:0D:72:71:B6:F5:2A:2F:A5:BC:96:A1:79:57:9D
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/wkGYdhL0DXJxtvUqL6W8lqF5V50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.210.0/24
178.157.109.0/24
188.74.130.0/23
188.119.160.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:63:85:4b:eb:b1:87:27:b6:7f:eb:19:a9:44:a1:d6:21:c4:
07:8d:59:7f:81:67:92:c9:a2:00:10:12:2c:9a:20:26:b0:13:
6a:cd:97:de:63:bd:f2:88:a1:8f:cc:a8:2f:ea:18:47:18:9a:
5b:0b:dc:3c:4e:3d:ab:a2:c7:e1:08:06:e8:40:ba:0a:85:2a:
b5:c7:ae:64:e8:e9:b2:40:eb:ed:47:0b:bb:c3:5e:d5:3a:aa:
9c:7e:66:99:8f:58:70:5f:e6:ec:e5:40:a0:78:ae:34:85:55:
d8:f9:f1:7b:31:ca:7e:db:8c:4a:1a:14:3d:0b:bf:5f:d1:3c:
75:8e:60:45:ff:41:9a:e2:79:3a:c5:a1:5d:6f:6c:c5:65:96:
20:1b:f7:85:4d:8a:17:25:71:ef:01:a9:a5:cf:53:a2:aa:d8:
a1:e4:42:03:bd:ed:fa:d4:99:f7:8c:d7:30:ba:ba:bc:bf:31:
63:3b:1f:e3:5b:25:50:84:36:81:ea:47:8e:5a:6b:ed:3a:b1:
7e:a9:05:23:c2:8f:82:be:5e:b1:93:0f:1e:b2:93:78:ad:09:
7f:0f:92:3a:88:d2:ef:86:f4:c3:5c:18:9a:52:5c:08:44:8c:
3a:7a:91:58:88:b9:0c:b9:85:8b:eb:f0:40:f2:73:f6:6f:c1:
1b:18:80:65
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEk4kySk3cXdE/5JCPmB5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQxOTg3NjEyZjQwZDcyNzFiNmY1MmEyZmE1YmM5NmExNzk1NzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HLE4znjDi0jOtqZPNoFI2E03I3X
/m/I5RjVnHB+w1cOO627ELD4ZHvAP4/PO/HgwxbNNZ2jaW12lc5jCvbZGezvm7tG
2NtBtVkFTd8FoVLIBP5hctlRQsUF5eBLt//GwuMCjj+8s/E/Y//BhqwYKVLfQQkQ
vS1h/pD9lDBoAZiJLmXzSFIWjMALiIwiAHfpegoTII5WGp6Ra9v9vlVL2J5yhiLD
PG5VwgKfTuacGPC4978TL3/YnIP8l9bhQvu0gvuoP0+yVzSwsj8bB9SXRf2c5Q00
cCPfOGDi9TD2Dul/UhzU61V74CVUB2i+7zTaPyOs0So2TieJrDXwszfC3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMJBmHYS9A1ycbb1Ki+lvJaheVedMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvd2tHWWRoTDBEWEp4dHZVcUw2VzhscUY1VjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkkLSAwQA
sp1tAwQBvEqCAwQBvHegMA0GCSqGSIb3DQEBCwUAA4IBAQANY4VL67GHJ7Z/6xmp
RKHWIcQHjVl/gWeSyaIAEBIsmiAmsBNqzZfeY73yiKGPzKgv6hhHGJpbC9w8Tj2r
osfhCAboQLoKhSq1x65k6OmyQOvtRwu7w17VOqqcfmaZj1hwX+bs5UCgeK40hVXY
+fF7Mcp+24xKGhQ9C79f0Tx1jmBF/0Ga4nk6xaFdb2zFZZYgG/eFTYoXJXHvAaml
z1Oiqtih5EIDve361Jn3jNcwurq8vzFjOx/jWyVQhDaB6keOWmvtOrF+qQUjwo+C
vl6xkw8espN4rQl/D5I6iNLvhvTDXBiaUlwIRIw6epFYiLkMuYWL6/BA8nP2b8Eb
GIBl
-----END CERTIFICATE-----
Generated at Wed May 8 07:55:21 2024 by rpki-client on console-fra.rpki-client.org