Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/WLs8o4VngfOkLCPN7kqZZWMXGFk.roa
File: WLs8o4VngfOkLCPN7kqZZWMXGFk.roa (raw, json)
Hash identifier: SjZj2TPP1jbTr95vRAY2U1KbcMhQmioRsVfWijNENDg=
Subject key identifier: 58:BB:3C:A3:85:67:81:F3:A4:2C:23:CD:EE:4A:99:65:63:17:18:59
Certificate issuer: /CN=8ef645770d2914402d6c95b8daf51f7ffe12772b
Certificate serial: 018CC9BC5B2911531CB7EECF1BBA4D52CCE5
Authority key identifier: 8E:F6:45:77:0D:29:14:40:2D:6C:95:B8:DA:F5:1F:7F:FE:12:77:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvZFdw0pFEAtbJW42vUff_4Sdys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/WLs8o4VngfOkLCPN7kqZZWMXGFk.roa
Signing time: Tue 02 Jan 2024 10:33:33 +0000
ROA not before: Tue 02 Jan 2024 10:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16001
IP address blocks: 194.76.19.0/24 maxlen: 24
80.250.128.0/20 maxlen: 20
185.255.64.0/22 maxlen: 22
2a00:ecc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/jvZFdw0pFEAtbJW42vUff_4Sdys.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/jvZFdw0pFEAtbJW42vUff_4Sdys.mft
rsync://rpki.ripe.net/repository/DEFAULT/jvZFdw0pFEAtbJW42vUff_4Sdys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:5b:29:11:53:1c:b7:ee:cf:1b:ba:4d:52:cc:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef645770d2914402d6c95b8daf51f7ffe12772b
Validity
Not Before: Jan 2 10:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58bb3ca3856781f3a42c23cdee4a996563171859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:cb:31:f4:09:14:30:04:dc:e4:dd:03:81:67:
59:98:89:81:8f:a6:ec:36:df:13:0a:c5:44:8d:1c:
48:00:21:3d:b6:ca:46:7f:0e:9e:50:7a:16:74:57:
73:32:0d:81:90:0d:cd:85:13:ec:4c:8d:50:45:59:
db:f3:31:36:6e:3b:c5:c9:cc:95:d3:8c:5d:a7:74:
c8:10:80:a1:50:4a:01:f9:64:48:b6:46:37:1e:23:
18:a5:30:0d:dd:f4:e1:51:13:23:89:f1:e5:98:c3:
a4:e1:7e:c1:97:9c:11:24:0f:68:4e:d6:b0:e2:9c:
bd:a6:33:07:0b:21:9d:48:45:ef:19:67:32:a2:a4:
a5:6b:a6:65:0a:06:df:f4:57:b7:38:77:94:50:79:
21:07:04:bb:2d:b5:43:15:6d:80:d1:db:da:56:34:
cb:16:f2:1c:ba:ea:56:a8:d3:dc:7d:39:1f:51:4f:
31:7d:a6:9c:56:2b:1e:c8:8f:dd:bd:cd:e7:37:1c:
1b:84:b7:ed:bf:ab:65:f8:08:c8:41:d0:a7:c7:9e:
d7:41:5e:a8:e6:a4:dd:81:32:ba:eb:f4:c8:ec:b6:
7b:b2:6e:e8:97:77:7b:a9:b4:3f:09:de:e3:1f:19:
46:66:51:38:0b:f2:aa:1b:8d:c5:a1:5d:8e:c9:ec:
7d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BB:3C:A3:85:67:81:F3:A4:2C:23:CD:EE:4A:99:65:63:17:18:59
X509v3 Authority Key Identifier:
keyid:8E:F6:45:77:0D:29:14:40:2D:6C:95:B8:DA:F5:1F:7F:FE:12:77:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvZFdw0pFEAtbJW42vUff_4Sdys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/WLs8o4VngfOkLCPN7kqZZWMXGFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/jvZFdw0pFEAtbJW42vUff_4Sdys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.128.0/20
185.255.64.0/22
194.76.19.0/24
IPv6:
2a00:ecc0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:c6:61:7c:c2:82:7e:82:a6:68:b9:f1:a9:b3:26:4b:ab:d5:
fa:7a:6b:32:df:6d:84:14:81:17:43:c8:05:35:22:5c:88:58:
5e:57:95:bc:69:ac:60:8a:a2:75:1d:50:34:bf:1b:10:89:ef:
ee:16:fd:a0:43:41:22:1b:e3:72:82:21:0e:c3:90:a0:f4:ff:
51:15:34:52:e2:7e:a3:62:af:73:30:b8:c2:1e:1e:cb:fa:77:
0c:db:af:54:ad:18:22:a8:e5:07:c3:52:96:9f:e5:f9:6a:a0:
db:b7:31:4c:0c:84:d6:27:28:70:ab:6d:86:bd:39:fa:eb:5c:
fc:35:06:6e:1a:87:b1:2c:b5:16:e0:e4:45:cd:70:f2:ba:aa:
45:f8:82:6b:c2:35:6c:0a:40:75:4b:93:ce:c1:3e:e0:be:56:
d5:a0:7a:d3:06:dc:85:56:5a:b2:28:bb:3d:30:6c:8c:b0:9a:
ca:f5:90:90:8c:6f:17:ac:96:9c:fd:4f:83:e9:01:48:1e:d7:
0f:d3:2b:90:43:0c:54:5c:d7:9a:07:e5:75:36:a0:40:fa:28:
10:b9:70:16:e0:4c:15:6a:87:e8:04:83:10:9c:23:6e:78:eb:
fe:62:98:67:45:96:c9:05:0b:68:25:0f:2f:e6:39:aa:5a:a9:
62:b2:02:87
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJvFspEVMct+7PG7pNUszlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjY0NTc3MGQyOTE0NDAyZDZjOTViOGRhZjUxZjdmZmUx
Mjc3MmIwHhcNMjQwMTAyMTAzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGJiM2NhMzg1Njc4MWYzYTQyYzIzY2RlZTRhOTk2NTYzMTcxODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMsx9AkUMATc5N0DgWdZmImBj6bs
Nt8TCsVEjRxIACE9tspGfw6eUHoWdFdzMg2BkA3NhRPsTI1QRVnb8zE2bjvFycyV
04xdp3TIEIChUEoB+WRItkY3HiMYpTAN3fThURMjifHlmMOk4X7Bl5wRJA9oTtaw
4py9pjMHCyGdSEXvGWcyoqSla6ZlCgbf9Fe3OHeUUHkhBwS7LbVDFW2A0dvaVjTL
FvIcuupWqNPcfTkfUU8xfaacViseyI/dvc3nNxwbhLftv6tl+AjIQdCnx57XQV6o
5qTdgTK66/TI7LZ7sm7ol3d7qbQ/Cd7jHxlGZlE4C/KqG43FoV2Oyex92QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFi7PKOFZ4HzpCwjze5KmWVjFxhZMB8GA1UdIwQY
MBaAFI72RXcNKRRALWyVuNr1H3/+EncrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZaRmR3MHBGRUF0YkpXNDJ2VWZmXzRTZHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iMDk3NWMtMjU3My00ZDBhLWI4ZDkt
NjU2OTU3ZjM4NjdlLzEvV0xzOG80Vm5nZk9rTENQTjdrcVpaV01YR0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iMDk3NWMtMjU3My00ZDBhLWI4ZDktNjU2OTU3ZjM4Njdl
LzEvanZaRmR3MHBGRUF0YkpXNDJ2VWZmXzRTZHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPqAAwQC
uf9AAwQAwkwTMA0EAgACMAcDBQAqAOzAMA0GCSqGSIb3DQEBCwUAA4IBAQCyxmF8
woJ+gqZoufGpsyZLq9X6emsy322EFIEXQ8gFNSJciFheV5W8aaxgiqJ1HVA0vxsQ
ie/uFv2gQ0EiG+NygiEOw5Cg9P9RFTRS4n6jYq9zMLjCHh7L+ncM269UrRgiqOUH
w1KWn+X5aqDbtzFMDITWJyhwq22GvTn661z8NQZuGoexLLUW4ORFzXDyuqpF+IJr
wjVsCkB1S5POwT7gvlbVoHrTBtyFVlqyKLs9MGyMsJrK9ZCQjG8XrJac/U+D6QFI
HtcP0yuQQwxUXNeaB+V1NqBA+igQuXAW4EwVaofoBIMQnCNueOv+YphnRZbJBQto
JQ8v5jmqWqlisgKH
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:39:49 2024 by rpki-client on console-fra.rpki-client.org