Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/WhyhvAQNwozjvNZPDRvWn0LV-Gw.roa
File: WhyhvAQNwozjvNZPDRvWn0LV-Gw.roa (raw, json)
Hash identifier: pgE1DOBMUKdrkpM2RsJrngGC7l0zEQnloilpWJUckOc=
Subject key identifier: 5A:1C:A1:BC:04:0D:C2:8C:E3:BC:D6:4F:0D:1B:D6:9F:42:D5:F8:6C
Certificate issuer: /CN=574e25a16e5d3aa110ac5e8335f88f63e54b42f1
Certificate serial: 018E130A88172BDDEBFD5078E01E048956F0
Authority key identifier: 57:4E:25:A1:6E:5D:3A:A1:10:AC:5E:83:35:F8:8F:63:E5:4B:42:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V04loW5dOqEQrF6DNfiPY-VLQvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/WhyhvAQNwozjvNZPDRvWn0LV-Gw.roa
Signing time: Wed 06 Mar 2024 09:14:01 +0000
ROA not before: Wed 06 Mar 2024 09:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202214
IP address blocks: 185.50.64.0/23 maxlen: 23
185.50.64.0/24 maxlen: 24
185.50.65.0/24 maxlen: 24
185.50.66.0/23 maxlen: 23
185.50.66.0/24 maxlen: 24
185.50.67.0/24 maxlen: 24
2a01:a6a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/V04loW5dOqEQrF6DNfiPY-VLQvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/V04loW5dOqEQrF6DNfiPY-VLQvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/V04loW5dOqEQrF6DNfiPY-VLQvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:0a:88:17:2b:dd:eb:fd:50:78:e0:1e:04:89:56:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574e25a16e5d3aa110ac5e8335f88f63e54b42f1
Validity
Not Before: Mar 6 09:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a1ca1bc040dc28ce3bcd64f0d1bd69f42d5f86c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:28:56:06:6d:a7:24:c7:b5:99:e3:ce:03:b7:
24:f3:6f:05:9b:5b:6d:79:eb:aa:ec:a5:0d:ea:b6:
4f:83:e1:bb:06:b7:ca:b9:03:fa:f2:7d:ca:65:d3:
90:8f:ca:8e:bc:9e:87:f9:59:9e:bd:6f:66:7f:d6:
70:22:35:c0:a2:04:bc:72:a3:2d:b5:91:1e:7b:63:
f9:73:28:c2:5a:1a:df:7b:7d:4d:63:0c:74:21:7f:
fa:c3:46:ff:5e:ff:b8:98:56:1d:ed:13:b5:de:0f:
6d:9c:93:9c:23:f4:55:64:83:c6:4c:ae:48:03:d6:
13:e7:48:75:c1:b5:ab:4e:3e:f0:72:72:26:08:da:
cb:1b:1b:0a:02:44:fa:2a:f3:89:4f:ed:92:7d:48:
40:ec:8a:18:4e:54:cb:f6:e7:c1:7e:89:2d:24:d0:
ee:84:3b:7a:e1:95:8e:7a:62:71:72:c1:a3:f3:18:
1f:83:31:fa:b9:89:c6:d4:70:d5:96:e4:4c:c5:77:
68:8f:49:9a:66:a2:8f:f6:95:dd:af:a3:ad:1b:25:
b6:f1:06:c7:a9:c4:6e:5f:b9:a9:57:08:07:ce:70:
3f:c6:0a:a1:16:03:c2:dd:fd:1c:c0:60:b7:63:0a:
ee:ed:79:f0:2a:85:fd:70:a8:54:e2:3a:17:df:2d:
09:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1C:A1:BC:04:0D:C2:8C:E3:BC:D6:4F:0D:1B:D6:9F:42:D5:F8:6C
X509v3 Authority Key Identifier:
keyid:57:4E:25:A1:6E:5D:3A:A1:10:AC:5E:83:35:F8:8F:63:E5:4B:42:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V04loW5dOqEQrF6DNfiPY-VLQvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/WhyhvAQNwozjvNZPDRvWn0LV-Gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/04292f-f104-417c-acda-571af066cf1e/1/V04loW5dOqEQrF6DNfiPY-VLQvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.64.0/22
IPv6:
2a01:a6a0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:ee:7b:14:48:30:52:be:fc:3e:be:fd:4e:02:81:16:8e:f5:
9d:34:85:19:51:d4:9d:ca:46:b8:a3:46:a1:4f:04:ac:74:f7:
98:7d:c6:51:ae:a8:88:8f:15:39:05:19:1f:d8:21:12:fb:bf:
10:b0:81:57:18:1e:ce:95:7c:c2:b2:22:01:3c:20:93:d6:27:
23:39:3f:de:70:b9:85:0d:99:a1:20:2b:f3:41:c7:35:0e:2f:
75:d2:1e:ce:92:e4:8a:dd:76:87:35:db:ba:42:57:75:4d:f7:
a7:d9:a5:75:9b:0a:d3:28:98:c6:81:6d:2b:fb:2b:ab:9e:e3:
0c:ea:01:c5:10:11:b1:06:c1:75:23:ec:f0:1c:d3:96:3c:ee:
5f:ee:55:0f:9a:33:31:eb:ce:c5:f1:2b:50:bb:93:5a:37:a8:
c8:2f:45:34:1c:6e:5c:2b:8f:ce:aa:f7:08:85:21:9a:e7:bd:
fb:0c:9b:95:54:1c:bb:ef:ea:5d:ec:a3:aa:8e:46:8c:75:23:
93:38:5d:8a:e4:ae:ff:fd:33:ac:b2:ef:08:b1:1f:80:f8:c5:
9b:4d:19:c0:80:e4:92:9f:01:bd:b6:e3:0b:a3:38:8d:50:9b:
49:21:3e:16:a2:c9:cd:8a:f2:98:c5:e2:03:93:80:7e:c9:4b:
3e:6e:88:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4TCogXK93r/VB44B4EiVbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NGUyNWExNmU1ZDNhYTExMGFjNWU4MzM1Zjg4ZjYzZTU0
YjQyZjEwHhcNMjQwMzA2MDkxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFjYTFiYzA0MGRjMjhjZTNiY2Q2NGYwZDFiZDY5ZjQyZDVmODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyhWBm2nJMe1mePOA7ck828Fm1tt
eeuq7KUN6rZPg+G7BrfKuQP68n3KZdOQj8qOvJ6H+VmevW9mf9ZwIjXAogS8cqMt
tZEee2P5cyjCWhrfe31NYwx0IX/6w0b/Xv+4mFYd7RO13g9tnJOcI/RVZIPGTK5I
A9YT50h1wbWrTj7wcnImCNrLGxsKAkT6KvOJT+2SfUhA7IoYTlTL9ufBfoktJNDu
hDt64ZWOemJxcsGj8xgfgzH6uYnG1HDVluRMxXdoj0maZqKP9pXdr6OtGyW28QbH
qcRuX7mpVwgHznA/xgqhFgPC3f0cwGC3Ywru7XnwKoX9cKhU4joX3y0JlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFocobwEDcKM47zWTw0b1p9C1fhsMB8GA1UdIwQY
MBaAFFdOJaFuXTqhEKxegzX4j2PlS0LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjA0bG9XNWRPcUVRckY2RE5maVBZLVZMUXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNDI5MmYtZjEwNC00MTdjLWFjZGEt
NTcxYWYwNjZjZjFlLzEvV2h5aHZBUU53b3pqdk5aUERSdlduMExWLUd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNDI5MmYtZjEwNC00MTdjLWFjZGEtNTcxYWYwNjZjZjFl
LzEvVjA0bG9XNWRPcUVRckY2RE5maVBZLVZMUXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTJAMA0E
AgACMAcDBQAqAaagMA0GCSqGSIb3DQEBCwUAA4IBAQCN7nsUSDBSvvw+vv1OAoEW
jvWdNIUZUdSdyka4o0ahTwSsdPeYfcZRrqiIjxU5BRkf2CES+78QsIFXGB7OlXzC
siIBPCCT1icjOT/ecLmFDZmhICvzQcc1Di910h7OkuSK3XaHNdu6Qld1Tfen2aV1
mwrTKJjGgW0r+yurnuMM6gHFEBGxBsF1I+zwHNOWPO5f7lUPmjMx687F8StQu5Na
N6jIL0U0HG5cK4/OqvcIhSGa5737DJuVVBy77+pd7KOqjkaMdSOTOF2K5K7//TOs
su8IsR+A+MWbTRnAgOSSnwG9tuMLoziNUJtJIT4WosnNivKYxeIDk4B+yUs+bohD
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:56:05 2024 by rpki-client on console-fra.rpki-client.org