Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/Wk_D9l-aDqkkiQk-TnSyZtqbCZ8.roa
File: Wk_D9l-aDqkkiQk-TnSyZtqbCZ8.roa (raw, json)
Hash identifier: eP+77XdmviWWWujJDQQVFq/pGrhkzaUGtLgSTgbjfNE=
Subject key identifier: 5A:4F:C3:F6:5F:9A:0E:A9:24:89:09:3E:4E:74:B2:66:DA:9B:09:9F
Certificate issuer: /CN=e87ce7df23140c0005125a61aad721531e681f0e
Certificate serial: 018CC2DADFF5FD1545EBE276A0516BA7D946
Authority key identifier: E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/Wk_D9l-aDqkkiQk-TnSyZtqbCZ8.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47160
IP address blocks: 31.14.68.0/22 maxlen: 24
45.112.120.0/22 maxlen: 24
185.126.228.0/22 maxlen: 24
2a06:c480::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:df:f5:fd:15:45:eb:e2:76:a0:51:6b:a7:d9:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e87ce7df23140c0005125a61aad721531e681f0e
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a4fc3f65f9a0ea92489093e4e74b266da9b099f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a4:9c:bf:d5:d4:5a:6c:d0:8b:89:4b:39:24:
55:51:52:ef:55:d5:6e:4f:56:7e:6f:87:7e:95:04:
0f:47:88:fa:dd:2f:2a:a3:b6:5d:2b:ae:00:f7:0a:
01:26:9e:2e:ba:87:3f:51:0f:bb:58:04:bc:cc:41:
42:4f:9a:ff:02:f6:c8:a6:b1:85:b9:9a:1e:77:b5:
52:7d:62:b0:ac:06:b9:f9:04:df:e9:16:27:d0:85:
47:43:33:6a:9b:30:ee:07:bf:f4:39:22:f9:71:d2:
e2:b7:41:ec:b7:97:fa:45:86:cf:ee:42:d4:a6:53:
35:8d:7c:7b:53:a1:1a:8e:db:bc:a6:7e:0e:1c:49:
41:40:9d:c9:a5:f7:9e:56:be:a6:09:2b:19:c6:5b:
3f:02:86:2c:03:35:0d:31:81:5c:49:24:e8:3d:73:
2b:51:1d:47:38:c3:08:a6:81:33:02:6f:d1:30:b7:
88:9d:bc:76:71:48:61:10:fd:9d:d8:a3:8f:70:36:
8c:43:03:6d:f0:a1:8b:de:e8:7e:c6:e6:94:5c:3f:
40:61:c9:05:81:cd:1e:f5:ec:80:8d:bd:d0:ed:c4:
cd:ae:a0:cc:7e:6e:af:e2:d3:9d:fe:b3:f7:92:65:
23:51:47:69:c9:0c:c9:63:62:90:db:6c:da:db:bd:
be:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4F:C3:F6:5F:9A:0E:A9:24:89:09:3E:4E:74:B2:66:DA:9B:09:9F
X509v3 Authority Key Identifier:
keyid:E8:7C:E7:DF:23:14:0C:00:05:12:5A:61:AA:D7:21:53:1E:68:1F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Hzn3yMUDAAFElphqtchUx5oHw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/Wk_D9l-aDqkkiQk-TnSyZtqbCZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/776747-624a-494e-94b2-323d34defc8a/1/6Hzn3yMUDAAFElphqtchUx5oHw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.68.0/22
45.112.120.0/22
185.126.228.0/22
IPv6:
2a06:c480::/29
Signature Algorithm: sha256WithRSAEncryption
64:a0:b9:04:38:4e:9e:03:20:47:61:0e:e3:a9:64:f0:5a:0f:
6f:eb:58:c7:d3:75:23:7f:80:fd:6f:4c:de:53:97:bd:ee:e3:
63:bc:54:bb:f0:e4:3f:6d:cc:13:da:ec:8f:78:80:22:86:80:
63:2d:a1:b0:b1:db:86:cf:8f:70:16:89:00:39:82:54:72:93:
7f:74:48:ed:ac:92:3c:fd:18:b7:b2:98:1d:86:9c:8f:32:c6:
c0:75:ad:99:d3:e4:a3:38:c9:b5:4a:cd:c4:56:09:18:13:89:
ff:07:6f:ef:8b:82:67:87:45:09:d8:0b:ea:41:99:cb:10:35:
05:b8:cf:c7:77:42:9f:a0:e1:b8:d9:ea:f3:f7:c1:da:a9:95:
df:ba:69:cb:7b:4d:a8:0d:e7:26:0e:d2:e8:8e:ec:0e:54:21:
ee:ce:e4:68:15:81:27:a3:3c:bf:b7:84:bc:e6:14:39:a2:a9:
a1:e5:16:a3:1e:f5:b4:56:6d:c6:dd:ee:0c:b7:72:cb:a9:69:
a8:d1:6f:e4:f1:13:30:89:dd:b3:99:a2:40:ee:f1:cc:56:2e:
53:2f:32:f7:2c:e1:a7:c8:88:50:8c:f4:1e:1a:53:6e:54:e0:
b4:85:59:64:05:df:f0:7f:89:5a:1a:50:1f:9b:86:e6:23:f6:
4a:8b:d7:9b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2t/1/RVF6+J2oFFrp9lGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4N2NlN2RmMjMxNDBjMDAwNTEyNWE2MWFhZDcyMTUzMWU2
ODFmMGUwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTRmYzNmNjVmOWEwZWE5MjQ4OTA5M2U0ZTc0YjI2NmRhOWIwOTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKScv9XUWmzQi4lLOSRVUVLvVdVu
T1Z+b4d+lQQPR4j63S8qo7ZdK64A9woBJp4uuoc/UQ+7WAS8zEFCT5r/AvbIprGF
uZoed7VSfWKwrAa5+QTf6RYn0IVHQzNqmzDuB7/0OSL5cdLit0Hst5f6RYbP7kLU
plM1jXx7U6Eajtu8pn4OHElBQJ3JpfeeVr6mCSsZxls/AoYsAzUNMYFcSSToPXMr
UR1HOMMIpoEzAm/RMLeInbx2cUhhEP2d2KOPcDaMQwNt8KGL3uh+xuaUXD9AYckF
gc0e9eyAjb3Q7cTNrqDMfm6v4tOd/rP3kmUjUUdpyQzJY2KQ22za272+ZQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFpPw/Zfmg6pJIkJPk50smbamwmfMB8GA1UdIwQY
MBaAFOh8598jFAwABRJaYarXIVMeaB8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjIt
MzIzZDM0ZGVmYzhhLzEvV2tfRDlsLWFEcWtraVFrLVRuU3ladHFiQ1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzY3NDctNjI0YS00OTRlLTk0YjItMzIzZDM0ZGVmYzhh
LzEvNkh6bjN5TVVEQUFGRWxwaHF0Y2hVeDVvSHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCHw5EAwQC
LXB4AwQCuX7kMA0EAgACMAcDBQMqBsSAMA0GCSqGSIb3DQEBCwUAA4IBAQBkoLkE
OE6eAyBHYQ7jqWTwWg9v61jH03Ujf4D9b0zeU5e97uNjvFS78OQ/bcwT2uyPeIAi
hoBjLaGwsduGz49wFokAOYJUcpN/dEjtrJI8/Ri3spgdhpyPMsbAda2Z0+SjOMm1
Ss3EVgkYE4n/B2/vi4Jnh0UJ2AvqQZnLEDUFuM/Hd0KfoOG42erz98HaqZXfumnL
e02oDecmDtLojuwOVCHuzuRoFYEnozy/t4S85hQ5oqmh5RajHvW0Vm3G3e4Mt3LL
qWmo0W/k8RMwid2zmaJA7vHMVi5TLzL3LOGnyIhQjPQeGlNuVOC0hVlkBd/wf4la
GlAfm4bmI/ZKi9eb
-----END CERTIFICATE-----
Generated at Sat May 18 06:08:03 2024 by rpki-client on console-ams.rpki-client.org