Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/WwUMcjGtrY8eLTTK_IXUoH6a8vI.roa
File: WwUMcjGtrY8eLTTK_IXUoH6a8vI.roa (raw, json)
Hash identifier: 1k4jSf95tVxuI5SikfoibyGabJ+wtwevIpUv/i15cE4=
Subject key identifier: 5B:05:0C:72:31:AD:AD:8F:1E:2D:34:CA:FC:85:D4:A0:7E:9A:F2:F2
Certificate issuer: /CN=b5afa37bd0ddadeb7fea2b9be64b1108e20de9b4
Certificate serial: 018CC64AF805B4BDF7774FF4B29A2D4DBA54
Authority key identifier: B5:AF:A3:7B:D0:DD:AD:EB:7F:EA:2B:9B:E6:4B:11:08:E2:0D:E9:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/WwUMcjGtrY8eLTTK_IXUoH6a8vI.roa
Signing time: Mon 01 Jan 2024 18:30:51 +0000
ROA not before: Mon 01 Jan 2024 18:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209030
IP address blocks: 82.202.187.0/24 maxlen: 24
82.202.191.0/24 maxlen: 24
82.202.190.0/24 maxlen: 24
82.202.189.0/24 maxlen: 24
82.202.188.0/24 maxlen: 24
82.202.186.0/24 maxlen: 24
2a13:c80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/ta-je9Ddret_6iub5ksRCOIN6bQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/ta-je9Ddret_6iub5ksRCOIN6bQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:f8:05:b4:bd:f7:77:4f:f4:b2:9a:2d:4d:ba:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5afa37bd0ddadeb7fea2b9be64b1108e20de9b4
Validity
Not Before: Jan 1 18:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b050c7231adad8f1e2d34cafc85d4a07e9af2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ae:55:37:76:d6:14:38:c0:b9:7f:68:48:6c:
f8:19:e6:26:48:ef:74:c9:83:14:80:84:31:f0:c7:
08:80:32:42:af:db:4d:2d:b1:ef:2e:2f:9b:6e:55:
5e:c6:b7:69:c6:c0:96:fd:c1:6c:28:02:9c:e4:16:
bf:e5:90:26:c5:5a:01:f1:14:f9:12:fe:59:51:87:
a1:ea:f8:27:77:e7:cb:15:fc:3b:71:47:8e:52:b9:
89:1b:65:cc:bb:8c:30:1a:63:4a:71:c9:ce:4f:46:
1b:26:ae:24:d9:43:0f:91:6b:f4:80:24:bb:79:d3:
0d:03:47:1e:3a:f5:98:93:93:f2:28:a6:c9:3e:a1:
dd:a4:24:ed:0e:30:a7:df:73:02:72:59:6c:e0:cc:
0b:17:83:47:2e:df:9f:9b:f6:ec:a4:a2:d8:ff:76:
7a:d0:68:c1:60:78:20:0b:2e:f8:8f:a2:3c:f1:ea:
a9:74:a0:3e:fb:85:39:1a:ef:c6:0c:20:df:f2:ae:
e1:28:4f:cd:39:2c:51:b0:f1:fb:3b:50:dd:23:1f:
9e:af:00:67:ae:b9:12:22:60:af:7e:c8:0c:90:da:
02:59:c8:09:6d:cb:51:63:20:71:e7:c4:a4:ce:cb:
c5:2a:d4:c3:a0:bf:32:c8:a2:58:5e:48:29:48:62:
1a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:05:0C:72:31:AD:AD:8F:1E:2D:34:CA:FC:85:D4:A0:7E:9A:F2:F2
X509v3 Authority Key Identifier:
keyid:B5:AF:A3:7B:D0:DD:AD:EB:7F:EA:2B:9B:E6:4B:11:08:E2:0D:E9:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/WwUMcjGtrY8eLTTK_IXUoH6a8vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/ta-je9Ddret_6iub5ksRCOIN6bQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.202.186.0-82.202.191.255
IPv6:
2a13:c80::/32
Signature Algorithm: sha256WithRSAEncryption
69:9c:98:2f:1c:81:c3:5a:92:3b:6b:3a:04:b8:ec:1a:f0:1c:
59:4d:73:17:6b:39:e7:16:0a:4c:47:ab:62:2b:db:a9:c6:c1:
74:0d:46:3b:69:c4:b9:b8:70:3e:05:e7:64:35:67:9c:11:e5:
f8:ca:27:c4:b8:d4:59:70:08:53:37:d9:9d:99:4f:ef:af:07:
39:a2:f7:81:c0:48:f2:99:70:78:96:0a:45:6e:62:d1:d0:cf:
95:97:01:e0:94:27:8f:57:3c:d1:01:30:ab:cd:37:a7:e8:fc:
56:dc:71:c0:ae:5b:cd:c6:27:b7:46:a9:e8:01:19:44:a5:3c:
65:94:19:3f:a2:82:8b:68:0f:6e:4d:bf:f9:71:c4:c8:88:b4:
5a:5b:1d:86:05:d3:f0:54:34:b3:ea:b0:e1:c1:38:6a:4c:6a:
c2:d9:1c:6f:9a:65:e5:51:2c:d4:58:6d:ba:5a:d4:28:f5:7d:
be:91:67:b8:83:79:e7:bf:88:2c:1b:a9:0b:e1:f9:24:66:b8:
75:98:4b:a7:63:25:a8:ed:a7:1e:7e:76:34:6c:5f:d0:e6:ea:
01:cc:1a:8c:f7:88:b7:b2:90:13:29:89:ea:3e:4f:98:e5:e6:
ac:4d:5f:74:f7:15:c6:04:df:47:4e:6b:7a:86:d7:eb:38:1f:
5a:43:38:37
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGSvgFtL33d0/0spotTbpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YWZhMzdiZDBkZGFkZWI3ZmVhMmI5YmU2NGIxMTA4ZTIw
ZGU5YjQwHhcNMjQwMTAxMTgzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjA1MGM3MjMxYWRhZDhmMWUyZDM0Y2FmYzg1ZDRhMDdlOWFmMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1q5VN3bWFDjAuX9oSGz4GeYmSO90
yYMUgIQx8McIgDJCr9tNLbHvLi+bblVexrdpxsCW/cFsKAKc5Ba/5ZAmxVoB8RT5
Ev5ZUYeh6vgnd+fLFfw7cUeOUrmJG2XMu4wwGmNKccnOT0YbJq4k2UMPkWv0gCS7
edMNA0ceOvWYk5PyKKbJPqHdpCTtDjCn33MCclls4MwLF4NHLt+fm/bspKLY/3Z6
0GjBYHggCy74j6I88eqpdKA++4U5Gu/GDCDf8q7hKE/NOSxRsPH7O1DdIx+erwBn
rrkSImCvfsgMkNoCWcgJbctRYyBx58SkzsvFKtTDoL8yyKJYXkgpSGIagwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFsFDHIxra2PHi00yvyF1KB+mvLyMB8GA1UdIwQY
MBaAFLWvo3vQ3a3rf+orm+ZLEQjiDem0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGEtamU5RGRyZXRfNml1YjVrc1JDT0lONmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84YmFhOWMtMGVmMi00MmZiLWIzZDYt
NWE5NWNjODBjZDFiLzEvV3dVTWNqR3RyWThlTFRUS19JWFVvSDZhOHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84YmFhOWMtMGVmMi00MmZiLWIzZDYtNWE5NWNjODBjZDFi
LzEvdGEtamU5RGRyZXRfNml1YjVrc1JDT0lONmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAFSyroD
BAZSyoAwDQQCAAIwBwMFACoTDIAwDQYJKoZIhvcNAQELBQADggEBAGmcmC8cgcNa
kjtrOgS47BrwHFlNcxdrOecWCkxHq2Ir26nGwXQNRjtpxLm4cD4F52Q1Z5wR5fjK
J8S41FlwCFM32Z2ZT++vBzmi94HASPKZcHiWCkVuYtHQz5WXAeCUJ49XPNEBMKvN
N6fo/FbcccCuW83GJ7dGqegBGUSlPGWUGT+igotoD25Nv/lxxMiItFpbHYYF0/BU
NLPqsOHBOGpMasLZHG+aZeVRLNRYbbpa1Cj1fb6RZ7iDeee/iCwbqQvh+SRmuHWY
S6djJajtpx5+djRsX9Dm6gHMGoz3iLeykBMpieo+T5jl5qxNX3T3FcYE30dOa3qG
1+s4H1pDODc=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:27:35 2024 by rpki-client on console-fra.rpki-client.org