Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/wwTpW4KLRyFo2l6WO14fR8Z0htI.roa
File: wwTpW4KLRyFo2l6WO14fR8Z0htI.roa (raw, json)
Hash identifier: Z9N3wrPRt72uSw3BqykRF1hHBzXd4VqmaMcqelK06Kw=
Subject key identifier: C3:04:E9:5B:82:8B:47:21:68:DA:5E:96:3B:5E:1F:47:C6:74:86:D2
Certificate issuer: /CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Certificate serial: 018CCA2B8A9D41C93682998089FC334AFAC6
Authority key identifier: BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/wwTpW4KLRyFo2l6WO14fR8Z0htI.roa
Signing time: Tue 02 Jan 2024 12:35:00 +0000
ROA not before: Tue 02 Jan 2024 12:35:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209283
IP address blocks: 78.140.252.0/24 maxlen: 24
185.255.76.0/22 maxlen: 22
2a06:4800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.mft
rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:8a:9d:41:c9:36:82:99:80:89:fc:33:4a:fa:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4ad21a0a69dc041c4e1770eb18ba43b6db29ce
Validity
Not Before: Jan 2 12:35:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c304e95b828b472168da5e963b5e1f47c67486d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0a:30:ec:eb:74:41:1e:4a:0d:d9:fc:d8:9d:
b5:35:a8:80:82:59:fe:06:f1:50:a3:07:0a:30:9f:
2c:4e:f6:08:c4:03:21:f9:c8:42:d6:b9:cc:ad:4f:
42:d4:00:2e:4e:c0:57:1e:53:43:c1:64:a6:ab:a4:
68:3b:af:e6:86:cd:f7:4a:f5:dd:47:75:76:05:3d:
98:6d:0e:49:91:f7:95:d3:d5:c8:79:75:38:e8:c4:
79:bd:8d:32:b6:2c:d1:e7:df:57:21:c7:b1:3c:d5:
11:64:4a:b7:ab:99:5f:d1:a3:e6:e8:f0:32:2d:96:
67:3b:83:96:ed:d0:34:62:12:8d:0b:43:18:11:2b:
6e:45:7a:5a:a9:33:fd:19:b9:52:06:16:32:fd:48:
f9:99:5c:37:27:8f:3e:33:2d:de:24:38:fb:82:6f:
2a:ed:12:51:58:71:15:16:af:74:64:72:93:03:fc:
30:5c:25:c9:2b:30:15:77:0c:29:2c:c1:b1:45:0f:
9d:a7:d2:42:57:d5:8e:3b:db:e1:e6:a2:2d:8a:d5:
bb:36:45:be:51:af:f6:94:71:cc:26:b6:5d:6b:70:
02:df:ac:1f:6d:27:c2:27:14:82:b6:55:8b:8a:7c:
f3:00:7b:3f:1d:45:02:67:0b:86:ec:54:f9:8e:2a:
25:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:04:E9:5B:82:8B:47:21:68:DA:5E:96:3B:5E:1F:47:C6:74:86:D2
X509v3 Authority Key Identifier:
keyid:BD:4A:D2:1A:0A:69:DC:04:1C:4E:17:70:EB:18:BA:43:B6:DB:29:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vUrSGgpp3AQcThdw6xi6Q7bbKc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/wwTpW4KLRyFo2l6WO14fR8Z0htI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/67f707-0006-469d-b311-cdd4d8f8d0d9/1/vUrSGgpp3AQcThdw6xi6Q7bbKc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.140.252.0/24
185.255.76.0/22
IPv6:
2a06:4800::/32
Signature Algorithm: sha256WithRSAEncryption
c7:fd:55:39:1e:3d:3f:86:22:a7:c8:b7:21:2e:ca:57:c8:d9:
21:66:9a:88:77:24:11:fc:53:9e:14:91:58:bd:9e:56:00:2d:
2e:82:74:80:3f:26:8c:93:c3:33:5f:2f:0b:47:52:e1:2c:06:
05:fa:89:d9:ac:7e:f9:ff:3e:ad:be:7c:dd:c3:01:ad:1b:0a:
4a:2e:e0:ca:21:f1:e6:91:52:30:6d:c8:6c:ee:1a:3d:ec:01:
51:93:05:f3:0e:42:11:90:dc:a9:23:b9:be:e4:e6:4a:4f:8c:
01:b0:d4:de:90:da:a0:d6:11:25:21:c8:1d:46:eb:a5:02:a6:
e5:92:12:33:9d:5a:87:7f:e0:33:b3:7f:c8:48:68:fa:dc:5c:
04:6e:92:7e:19:43:66:d4:00:bd:c3:f0:f2:55:a8:e7:6a:c1:
aa:c5:5b:49:84:94:1f:6f:38:f6:3c:7b:40:8d:30:8e:99:fe:
0f:38:56:0f:fe:d9:9a:b0:3a:04:76:19:f0:8e:22:7c:75:34:
be:eb:19:22:39:90:f5:bb:61:96:d3:24:f1:a2:13:d5:55:89:
1a:46:6b:fd:7a:78:05:dc:6a:3a:3f:60:dc:46:85:88:f6:c7:
44:09:38:b7:c8:9e:5d:f7:79:fe:74:ce:10:06:e3:a6:8f:33:
85:ec:fd:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKK4qdQck2gpmAifwzSvrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGFkMjFhMGE2OWRjMDQxYzRlMTc3MGViMThiYTQzYjZk
YjI5Y2UwHhcNMjQwMTAyMTIzNTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzA0ZTk1YjgyOGI0NzIxNjhkYTVlOTYzYjVlMWY0N2M2NzQ4NmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQow7Ot0QR5KDdn82J21NaiAgln+
BvFQowcKMJ8sTvYIxAMh+chC1rnMrU9C1AAuTsBXHlNDwWSmq6RoO6/mhs33SvXd
R3V2BT2YbQ5JkfeV09XIeXU46MR5vY0ytizR599XIcexPNURZEq3q5lf0aPm6PAy
LZZnO4OW7dA0YhKNC0MYEStuRXpaqTP9GblSBhYy/Uj5mVw3J48+My3eJDj7gm8q
7RJRWHEVFq90ZHKTA/wwXCXJKzAVdwwpLMGxRQ+dp9JCV9WOO9vh5qItitW7NkW+
Ua/2lHHMJrZda3AC36wfbSfCJxSCtlWLinzzAHs/HUUCZwuG7FT5jiolVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMME6VuCi0chaNpeljteH0fGdIbSMB8GA1UdIwQY
MBaAFL1K0hoKadwEHE4XcOsYukO22ynOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEt
Y2RkNGQ4ZjhkMGQ5LzEvd3dUcFc0S0xSeUZvMmw2V08xNGZSOFowaHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82N2Y3MDctMDAwNi00NjlkLWIzMTEtY2RkNGQ4ZjhkMGQ5
LzEvdlVyU0dncHAzQVFjVGhkdzZ4aTZRN2JiS2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAToz8AwQC
uf9MMA0EAgACMAcDBQAqBkgAMA0GCSqGSIb3DQEBCwUAA4IBAQDH/VU5Hj0/hiKn
yLchLspXyNkhZpqIdyQR/FOeFJFYvZ5WAC0ugnSAPyaMk8MzXy8LR1LhLAYF+onZ
rH75/z6tvnzdwwGtGwpKLuDKIfHmkVIwbchs7ho97AFRkwXzDkIRkNypI7m+5OZK
T4wBsNTekNqg1hElIcgdRuulAqblkhIznVqHf+Azs3/ISGj63FwEbpJ+GUNm1AC9
w/DyVajnasGqxVtJhJQfbzj2PHtAjTCOmf4POFYP/tmasDoEdhnwjiJ8dTS+6xki
OZD1u2GW0yTxohPVVYkaRmv9engF3Go6P2DcRoWI9sdECTi3yJ5d93n+dM4QBuOm
jzOF7P0a
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:34 2024 by rpki-client on console-fra.rpki-client.org