Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/WZOkdQeycDmfsZHytZyXqfGJ-jo.roa
File: WZOkdQeycDmfsZHytZyXqfGJ-jo.roa (raw, json)
Hash identifier: ft2foDSN4IYvYzT/L85VM02q3w19jXEzk1HU7cimUNs=
Subject key identifier: 59:93:A4:75:07:B2:70:39:9F:B1:91:F2:B5:9C:97:A9:F1:89:FA:3A
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 0191B33AD4923222FB3FFBC328BE7B2D1A0D
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/WZOkdQeycDmfsZHytZyXqfGJ-jo.roa
Signing time: Mon 02 Sep 2024 14:54:22 +0000
ROA not before: Mon 02 Sep 2024 14:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 45.82.14.0/24 maxlen: 24
45.82.15.0/24 maxlen: 24
45.91.67.0/24 maxlen: 24
91.200.148.0/24 maxlen: 24
91.200.150.0/24 maxlen: 24
91.200.151.0/24 maxlen: 24
185.142.99.0/24 maxlen: 24
194.187.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:3a:d4:92:32:22:fb:3f:fb:c3:28:be:7b:2d:1a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Sep 2 14:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5993a47507b270399fb191f2b59c97a9f189fa3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:58:01:7e:c2:d8:2d:3b:cd:3b:63:66:cb:7a:
a7:32:a9:f0:ae:2e:9d:32:d2:3a:7b:1d:5c:7c:5f:
07:42:62:93:7c:bc:78:b7:ac:44:9a:d8:12:3e:21:
42:a1:f0:5a:63:6e:a0:ab:d2:8b:36:ac:96:eb:78:
b2:99:ac:c7:28:f8:e0:2b:14:5d:7a:00:48:8a:d5:
af:09:fd:c2:88:5f:8b:5f:19:5e:28:c4:82:d0:df:
41:d0:6e:04:bf:e3:9a:ac:0b:44:24:2c:6e:e8:80:
46:65:97:77:cb:b7:25:b2:93:9e:5d:19:ce:a1:73:
91:2c:a6:72:23:8d:2b:47:37:31:94:d1:cf:ab:0d:
06:fb:56:ad:f1:82:a5:4d:ea:68:8a:de:29:12:9e:
43:02:2d:77:8d:f3:f3:b2:fb:05:83:f3:8f:ea:e0:
1f:83:0a:2c:cb:5c:11:6b:30:39:fb:fe:fc:46:b3:
b3:c0:35:4b:6c:48:b3:0d:9e:57:c8:76:ce:d6:f8:
80:73:41:fb:aa:ce:ab:66:f9:02:ec:22:24:06:d5:
77:4d:5f:02:ac:5b:53:71:c7:2c:99:8b:10:13:ed:
4b:d3:ba:9f:63:9f:a2:92:61:fe:49:46:a4:89:98:
75:ae:22:02:13:cc:dc:77:2b:11:7e:cd:fa:5e:1a:
e5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:93:A4:75:07:B2:70:39:9F:B1:91:F2:B5:9C:97:A9:F1:89:FA:3A
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/WZOkdQeycDmfsZHytZyXqfGJ-jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
45.91.67.0/24
91.200.148.0/24
91.200.150.0/23
185.142.99.0/24
194.187.122.0/24
Signature Algorithm: sha256WithRSAEncryption
05:ee:30:9c:23:da:a6:eb:8d:3d:14:81:49:af:c3:d3:96:01:
c2:9b:d3:80:52:58:b3:37:46:87:fa:d3:7f:24:a4:be:85:dd:
2d:f8:78:aa:47:9e:d7:c3:32:4f:c1:d8:6c:b8:7c:15:fd:6a:
a3:81:86:a8:ab:4b:94:d1:14:4b:1a:e8:51:57:4b:48:dd:f0:
5a:94:c5:56:db:fc:2b:3f:5c:34:4f:0c:06:e1:1a:3c:60:89:
ad:37:de:0d:08:b5:f2:39:3d:5d:c1:b5:26:c2:3a:55:cd:d8:
04:1a:dd:85:ef:b2:19:b5:34:ef:ec:94:84:2e:61:0a:60:49:
e7:2f:fa:b7:07:7e:d0:6c:9e:68:41:68:8c:64:d7:24:32:72:
22:8a:13:c7:0c:f3:9f:64:82:54:87:2a:b3:36:b8:2e:4e:5c:
37:76:59:93:ae:1e:ff:11:04:39:9d:e1:d6:63:bc:8f:42:f1:
d5:32:61:2d:0c:ed:2b:6a:15:4d:46:05:3c:7f:aa:33:16:a2:
7e:0d:cb:1f:d7:3b:07:2d:f8:bf:e2:a4:f4:c8:7d:65:82:82:
11:88:66:66:cb:98:44:a6:c8:dc:17:b6:58:d4:21:d9:d1:46:
d3:52:a2:51:6a:4c:9e:31:86:05:b2:d9:83:b5:6a:77:0c:7b:
90:02:ba:7b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZGzOtSSMiL7P/vDKL57LRoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjQwOTAyMTQ1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTkzYTQ3NTA3YjI3MDM5OWZiMTkxZjJiNTljOTdhOWYxODlmYTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlgBfsLYLTvNO2Nmy3qnMqnwri6d
MtI6ex1cfF8HQmKTfLx4t6xEmtgSPiFCofBaY26gq9KLNqyW63iymazHKPjgKxRd
egBIitWvCf3CiF+LXxleKMSC0N9B0G4Ev+OarAtEJCxu6IBGZZd3y7clspOeXRnO
oXORLKZyI40rRzcxlNHPqw0G+1at8YKlTepoit4pEp5DAi13jfPzsvsFg/OP6uAf
gwosy1wRazA5+/78RrOzwDVLbEizDZ5XyHbO1viAc0H7qs6rZvkC7CIkBtV3TV8C
rFtTcccsmYsQE+1L07qfY5+ikmH+SUakiZh1riICE8zcdysRfs36Xhrl1wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFmTpHUHsnA5n7GR8rWcl6nxifo6MB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvV1pPa2RRZXljRG1mc1pIeXRaeVhxZkdKLWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLVIOAwQA
LVtDAwQAW8iUAwQBW8iWAwQAuY5jAwQAwrt6MA0GCSqGSIb3DQEBCwUAA4IBAQAF
7jCcI9qm6409FIFJr8PTlgHCm9OAUlizN0aH+tN/JKS+hd0t+HiqR57XwzJPwdhs
uHwV/WqjgYaoq0uU0RRLGuhRV0tI3fBalMVW2/wrP1w0TwwG4Ro8YImtN94NCLXy
OT1dwbUmwjpVzdgEGt2F77IZtTTv7JSELmEKYEnnL/q3B37QbJ5oQWiMZNckMnIi
ihPHDPOfZIJUhyqzNrguTlw3dlmTrh7/EQQ5neHWY7yPQvHVMmEtDO0rahVNRgU8
f6ozFqJ+Dcsf1zsHLfi/4qT0yH1lgoIRiGZmy5hEpsjcF7ZY1CHZ0UbTUqJRakye
MYYFstmDtWp3DHuQArp7
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:46:33 2024 by rpki-client on console-ams.rpki-client.org