Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/wsSi5LmY7syySz7XZQTOR492a3A.roa
File: wsSi5LmY7syySz7XZQTOR492a3A.roa (raw, json)
Hash identifier: e0mIxpFjae9aAS60OemvViD2kxOMCVB4IF/I02zWLww=
Subject key identifier: C2:C4:A2:E4:B9:98:EE:CC:B2:4B:3E:D7:65:04:CE:47:8F:76:6B:70
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 018DC096731C0847AE54EBE432FD1E220038
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/wsSi5LmY7syySz7XZQTOR492a3A.roa
Signing time: Mon 19 Feb 2024 08:58:21 +0000
ROA not before: Mon 19 Feb 2024 08:58:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33885
IP address blocks: 31.211.192.0/18 maxlen: 18
37.46.160.0/19 maxlen: 19
37.247.0.0/19 maxlen: 19
84.55.64.0/18 maxlen: 18
84.246.88.0/21 maxlen: 21
89.253.64.0/18 maxlen: 18
92.244.0.0/19 maxlen: 19
94.137.96.0/19 maxlen: 19
109.104.0.0/19 maxlen: 19
178.78.192.0/18 maxlen: 18
185.86.100.0/22 maxlen: 22
212.107.128.0/19 maxlen: 19
2a01:3b8::/32 maxlen: 32
2a01:3b8:4000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 14:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:96:73:1c:08:47:ae:54:eb:e4:32:fd:1e:22:00:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: Feb 19 08:58:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2c4a2e4b998eeccb24b3ed76504ce478f766b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:9f:66:20:03:30:f7:50:98:58:9d:01:19:
fa:8c:c8:0f:2d:85:0a:43:7e:79:87:2c:59:6e:87:
b9:c3:62:89:fa:8d:54:d6:3d:1d:39:2a:97:dd:17:
d6:c1:34:a1:41:43:24:a4:43:a8:04:99:56:4f:67:
64:e3:0c:99:8f:e2:c0:b7:28:e5:a8:8b:84:fc:36:
71:35:b5:d0:61:b0:62:43:4c:b1:3f:4d:ff:1d:d8:
23:ac:1f:cf:19:70:40:94:5e:55:64:b6:25:94:94:
89:9b:0d:48:26:56:e1:17:6b:e9:94:4a:5e:81:ea:
42:10:04:9e:78:de:da:46:03:cc:e6:4f:ab:37:f4:
95:e5:9a:67:c1:53:8a:a1:2b:21:63:7d:ba:2c:e9:
b8:92:c2:e7:d9:c0:db:31:a6:89:8e:84:3d:77:5a:
c5:c9:2f:de:e1:be:6d:1b:c8:e5:bc:43:fa:16:fb:
98:79:05:55:37:85:1c:c9:a2:2d:f9:5c:82:e0:9b:
7e:5a:bf:f8:04:a2:e4:a5:e5:29:91:1d:03:30:8c:
db:23:c5:0d:eb:d2:0d:ed:bb:09:f7:8e:82:0e:ee:
c0:3f:3e:ab:1a:8f:0c:a5:4d:36:4a:ac:e3:29:bc:
7b:eb:2b:6b:88:8d:49:90:04:6f:56:87:b6:0b:ad:
89:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:C4:A2:E4:B9:98:EE:CC:B2:4B:3E:D7:65:04:CE:47:8F:76:6B:70
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/wsSi5LmY7syySz7XZQTOR492a3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.211.192.0/18
37.46.160.0/19
37.247.0.0/19
84.55.64.0/18
84.246.88.0/21
89.253.64.0/18
92.244.0.0/19
94.137.96.0/19
109.104.0.0/19
178.78.192.0/18
185.86.100.0/22
212.107.128.0/19
IPv6:
2a01:3b8::/32
Signature Algorithm: sha256WithRSAEncryption
25:db:6c:38:53:42:e4:bf:6f:44:b5:80:4e:c3:f2:e7:b9:49:
3a:5c:76:fd:e3:8f:2a:ec:b7:d4:52:28:c0:ec:0e:f1:90:62:
46:dc:f3:ee:ba:37:12:34:20:38:0d:f6:fa:09:31:0a:f1:67:
cd:b5:a5:34:74:19:79:13:c0:6b:a6:08:de:a2:7e:26:11:ce:
50:ae:ae:8b:fc:5f:68:36:cf:0f:2d:8c:05:98:3b:fe:68:00:
a1:1f:8a:66:44:3d:81:c4:83:49:b1:45:af:49:1e:12:23:aa:
50:ea:53:85:91:86:25:a7:d9:b2:48:a3:25:da:e3:03:e4:97:
19:a0:41:bd:07:bd:f6:dd:4e:3c:7b:d2:6c:23:39:a1:0a:a6:
7f:c1:24:a6:e3:ef:95:0d:1a:9c:49:ef:76:fe:a9:59:98:d5:
99:3c:31:c1:4c:6a:31:b4:d1:85:a9:16:55:37:c6:dc:42:a6:
fa:a0:6e:69:82:ca:20:69:68:d9:1c:32:e3:57:be:70:98:c6:
48:0b:21:b9:73:f6:6c:1f:c6:71:1b:33:ce:4c:7f:a7:5b:71:
69:2f:98:f2:95:16:6e:73:8c:b2:5d:13:13:1e:8b:4f:cb:e6:
78:ad:47:23:ca:0e:d9:d7:3e:cc:c8:b5:f2:5a:d8:ac:06:72:
41:f2:8c:cd
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY3AlnMcCEeuVOvkMv0eIgA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjQwMjE5MDg1ODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmM0YTJlNGI5OThlZWNjYjI0YjNlZDc2NTA0Y2U0NzhmNzY2YjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7GfZiADMPdQmFidARn6jMgPLYUK
Q355hyxZboe5w2KJ+o1U1j0dOSqX3RfWwTShQUMkpEOoBJlWT2dk4wyZj+LAtyjl
qIuE/DZxNbXQYbBiQ0yxP03/HdgjrB/PGXBAlF5VZLYllJSJmw1IJlbhF2vplEpe
gepCEASeeN7aRgPM5k+rN/SV5ZpnwVOKoSshY326LOm4ksLn2cDbMaaJjoQ9d1rF
yS/e4b5tG8jlvEP6FvuYeQVVN4UcyaIt+VyC4Jt+Wr/4BKLkpeUpkR0DMIzbI8UN
69IN7bsJ946CDu7APz6rGo8MpU02SqzjKbx76ytriI1JkARvVoe2C62J4wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFMLEouS5mO7Msks+12UEzkePdmtwMB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvd3NTaTVMbVk3c3l5U3o3WFpRVE9SNDkyYTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQGH9PAAwQF
JS6gAwQFJfcAAwQGVDdAAwQDVPZYAwQGWf1AAwQFXPQAAwQFXolgAwQFbWgAAwQG
sk7AAwQCuVZkAwQF1GuAMA0EAgACMAcDBQAqAQO4MA0GCSqGSIb3DQEBCwUAA4IB
AQAl22w4U0Lkv29EtYBOw/LnuUk6XHb9448q7LfUUijA7A7xkGJG3PPuujcSNCA4
Dfb6CTEK8WfNtaU0dBl5E8Brpgjeon4mEc5Qrq6L/F9oNs8PLYwFmDv+aAChH4pm
RD2BxINJsUWvSR4SI6pQ6lOFkYYlp9mySKMl2uMD5JcZoEG9B7323U48e9JsIzmh
CqZ/wSSm4++VDRqcSe92/qlZmNWZPDHBTGoxtNGFqRZVN8bcQqb6oG5pgsogaWjZ
HDLjV75wmMZICyG5c/ZsH8ZxGzPOTH+nW3FpL5jylRZuc4yyXRMTHotPy+Z4rUcj
yg7Z1z7MyLXyWtisBnJB8ozN
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:15:51 2024 by rpki-client on console-fra.rpki-client.org