Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/WyAD9-PVi4yNe-a8trvzVcOwpcY.roa
File: WyAD9-PVi4yNe-a8trvzVcOwpcY.roa (raw, json)
Hash identifier: Juqp69+L4F673CC7ZdVmOf5UpaTNUBU/d8qALDKxpbY=
Subject key identifier: 5B:20:03:F7:E3:D5:8B:8C:8D:7B:E6:BC:B6:BB:F3:55:C3:B0:A5:C6
Certificate issuer: /CN=644f033f782eaf32ab09088775d64ac4b94b5b11
Certificate serial: 018CF88824EFFFE1CE894391214CAEE7152B
Authority key identifier: 64:4F:03:3F:78:2E:AF:32:AB:09:08:87:75:D6:4A:C4:B9:4B:5B:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/WyAD9-PVi4yNe-a8trvzVcOwpcY.roa
Signing time: Thu 11 Jan 2024 12:38:41 +0000
ROA not before: Thu 11 Jan 2024 12:38:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58192
IP address blocks: 213.134.17.0/24 maxlen: 24
2a05:2580::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:88:24:ef:ff:e1:ce:89:43:91:21:4c:ae:e7:15:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=644f033f782eaf32ab09088775d64ac4b94b5b11
Validity
Not Before: Jan 11 12:38:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b2003f7e3d58b8c8d7be6bcb6bbf355c3b0a5c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d7:a7:65:15:35:06:0a:6b:ef:fa:0b:6b:57:
b4:82:15:28:be:b1:d2:c3:2c:47:fb:b6:fe:fe:15:
fa:93:e9:a0:72:48:70:a4:ff:4c:76:9b:bb:d0:a8:
7c:1c:a6:ba:35:fa:6f:be:a0:2e:98:c3:e8:76:3a:
31:ee:c6:b5:f8:27:e5:83:27:fe:5c:49:5f:d3:4f:
d3:6c:b0:21:b5:ac:58:58:7d:0e:cb:be:02:37:8e:
6f:84:ed:8a:1f:99:08:0a:aa:e5:52:55:3c:bb:0e:
24:24:90:c4:d6:54:d7:6a:8f:ce:ec:3a:d7:28:93:
d4:c1:dd:6a:07:dc:ca:1b:73:f4:d8:ce:9b:f8:5d:
6d:d8:c8:48:7c:5a:31:a0:6f:a4:ce:82:ad:ef:ac:
10:51:90:a3:e0:0e:9c:d9:e8:66:78:89:40:4c:0f:
50:63:3f:70:2b:bc:b1:73:03:6c:99:2c:6d:34:a3:
0c:cf:fe:95:b2:c5:a0:0d:21:56:97:92:12:84:fc:
ab:2d:07:39:04:bb:c9:9c:20:b4:69:c1:b3:39:4a:
84:bd:2e:95:ca:f7:97:56:91:05:5f:dd:1b:26:8a:
7c:9b:ca:4c:ae:7b:12:56:bb:f4:f5:f7:5b:0b:7d:
cc:80:0a:0e:a8:23:8f:70:de:00:13:f3:14:c6:de:
13:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:20:03:F7:E3:D5:8B:8C:8D:7B:E6:BC:B6:BB:F3:55:C3:B0:A5:C6
X509v3 Authority Key Identifier:
keyid:64:4F:03:3F:78:2E:AF:32:AB:09:08:87:75:D6:4A:C4:B9:4B:5B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/WyAD9-PVi4yNe-a8trvzVcOwpcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.134.17.0/24
IPv6:
2a05:2580::/30
Signature Algorithm: sha256WithRSAEncryption
0b:08:2d:98:0c:20:60:01:89:64:e6:02:5e:8b:2e:0a:25:5c:
f4:0b:79:b3:a2:4c:3a:6d:3d:c7:bb:cf:e6:75:58:69:74:fe:
7d:78:0e:40:f6:2a:a7:7d:c5:cf:e0:53:b9:b4:04:36:2a:0c:
db:02:fa:b1:72:87:17:fd:0a:f3:b1:7a:b5:b7:9d:cc:7b:44:
c7:ea:42:36:5e:4d:8b:8e:96:b6:0f:f0:57:b7:53:ab:6b:95:
53:69:93:a3:0c:91:51:e6:a9:cf:0c:fd:e9:c1:c0:fa:8e:46:
be:08:da:9b:83:e6:f4:9f:a6:c2:d5:33:3a:e0:6b:bc:7e:e0:
29:08:b6:9b:25:64:c2:d5:6a:51:da:5f:98:ac:d6:ea:43:f5:
f2:3f:a8:36:87:b8:4d:2a:1b:ff:1b:68:72:90:57:83:bd:c1:
06:11:25:f2:c7:66:fa:6a:2a:58:aa:d8:80:f9:41:85:d3:3a:
7e:b0:ee:6d:cf:28:a1:39:f5:c4:32:05:bf:b6:20:db:fe:89:
cb:f2:4d:b6:72:d9:6e:08:a4:9e:b1:f9:a1:78:84:5f:fa:a5:
b6:41:7f:5d:ed:be:e7:fa:18:b9:46:ae:57:59:e7:b3:1b:ea:
4f:e1:31:24:71:76:0e:2f:b0:1b:71:77:8f:93:c6:bc:a8:19:
79:d7:be:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYz4iCTv/+HOiUORIUyu5xUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NGYwMzNmNzgyZWFmMzJhYjA5MDg4Nzc1ZDY0YWM0Yjk0
YjViMTEwHhcNMjQwMTExMTIzODQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjIwMDNmN2UzZDU4YjhjOGQ3YmU2YmNiNmJiZjM1NWMzYjBhNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNenZRU1Bgpr7/oLa1e0ghUovrHS
wyxH+7b+/hX6k+mgckhwpP9Mdpu70Kh8HKa6NfpvvqAumMPodjox7sa1+Cflgyf+
XElf00/TbLAhtaxYWH0Oy74CN45vhO2KH5kICqrlUlU8uw4kJJDE1lTXao/O7DrX
KJPUwd1qB9zKG3P02M6b+F1t2MhIfFoxoG+kzoKt76wQUZCj4A6c2ehmeIlATA9Q
Yz9wK7yxcwNsmSxtNKMMz/6VssWgDSFWl5IShPyrLQc5BLvJnCC0acGzOUqEvS6V
yveXVpEFX90bJop8m8pMrnsSVrv09fdbC33MgAoOqCOPcN4AE/MUxt4THwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFsgA/fj1YuMjXvmvLa781XDsKXGMB8GA1UdIwQY
MBaAFGRPAz94Lq8yqwkIh3XWSsS5S1sRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkU4RFAzZ3VyektyQ1FpSGRkWkt4TGxMV3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84N2NhOTEtNmZiOC00MDM4LTg5MGMt
NDkxNWZlN2Y5MmNlLzEvV3lBRDktUFZpNHlOZS1hOHRydnpWY093cGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84N2NhOTEtNmZiOC00MDM4LTg5MGMtNDkxNWZlN2Y5MmNl
LzEvWkU4RFAzZ3VyektyQ1FpSGRkWkt4TGxMV3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1YYRMA0E
AgACMAcDBQIqBSWAMA0GCSqGSIb3DQEBCwUAA4IBAQALCC2YDCBgAYlk5gJeiy4K
JVz0C3mzokw6bT3Hu8/mdVhpdP59eA5A9iqnfcXP4FO5tAQ2KgzbAvqxcocX/Qrz
sXq1t53Me0TH6kI2Xk2Ljpa2D/BXt1Ora5VTaZOjDJFR5qnPDP3pwcD6jka+CNqb
g+b0n6bC1TM64Gu8fuApCLabJWTC1WpR2l+YrNbqQ/XyP6g2h7hNKhv/G2hykFeD
vcEGESXyx2b6aipYqtiA+UGF0zp+sO5tzyihOfXEMgW/tiDb/onL8k22ctluCKSe
sfmheIRf+qW2QX9d7b7n+hi5Rq5XWeezG+pP4TEkcXYOL7AbcXePk8a8qBl5176u
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:38:50 2024 by rpki-client on console-ams.rpki-client.org