Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/wCJeM7eBKQGlAN0O7Zt5KPvnb0I.roa
File: wCJeM7eBKQGlAN0O7Zt5KPvnb0I.roa (raw, json)
Hash identifier: 7etUwln5/WMTQAhr43Ow8WHFe9m0OBgz/EQGATu7lKI=
Subject key identifier: C0:22:5E:33:B7:81:29:01:A5:00:DD:0E:ED:9B:79:28:FB:E7:6F:42
Certificate issuer: /CN=021b3ea35edfdd138c15506d74a76022dd37694b
Certificate serial: 018D0CE6FBFCC9B670F859DAFA64F104BD3C
Authority key identifier: 02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/wCJeM7eBKQGlAN0O7Zt5KPvnb0I.roa
Signing time: Mon 15 Jan 2024 11:34:40 +0000
ROA not before: Mon 15 Jan 2024 11:34:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 553
IP address blocks: 141.70.0.0/16 maxlen: 16
141.70.128.0/17 maxlen: 17
193.197.70.0/24 maxlen: 24
193.197.68.0/23 maxlen: 23
193.197.85.0/24 maxlen: 24
193.197.80.0/22 maxlen: 22
193.197.86.0/23 maxlen: 23
193.197.94.0/24 maxlen: 24
193.197.112.0/22 maxlen: 22
193.197.20.0/23 maxlen: 23
193.197.28.0/22 maxlen: 22
193.197.32.0/19 maxlen: 19
193.197.64.0/22 maxlen: 22
193.197.180.0/22 maxlen: 22
193.197.200.0/21 maxlen: 21
193.197.212.0/24 maxlen: 24
193.197.224.0/19 maxlen: 19
193.197.120.0/21 maxlen: 21
193.197.132.0/22 maxlen: 22
193.197.130.0/24 maxlen: 24
193.197.136.0/21 maxlen: 21
193.197.152.0/22 maxlen: 22
193.197.149.0/24 maxlen: 24
193.197.157.0/24 maxlen: 24
193.197.160.0/22 maxlen: 22
193.197.160.0/23 maxlen: 23
193.197.168.0/21 maxlen: 21
193.196.130.0/23 maxlen: 23
193.196.132.0/22 maxlen: 22
193.196.129.0/24 maxlen: 24
193.196.136.0/21 maxlen: 21
193.196.144.0/21 maxlen: 21
193.196.152.0/24 maxlen: 24
193.196.154.0/23 maxlen: 23
193.196.156.0/22 maxlen: 22
193.196.64.0/18 maxlen: 18
129.143.0.0/16 maxlen: 16
193.197.4.0/23 maxlen: 23
193.197.0.0/24 maxlen: 24
129.69.0.0/16 maxlen: 16
193.197.8.0/22 maxlen: 22
193.196.165.0/24 maxlen: 24
193.196.160.0/22 maxlen: 22
193.196.166.0/23 maxlen: 23
193.196.168.0/21 maxlen: 21
193.196.176.0/20 maxlen: 20
193.196.192.0/18 maxlen: 18
192.108.36.0/22 maxlen: 22
192.108.35.0/24 maxlen: 24
192.108.44.0/24 maxlen: 24
192.108.40.0/22 maxlen: 22
192.67.189.0/24 maxlen: 24
193.196.0.0/21 maxlen: 21
193.196.9.0/24 maxlen: 24
193.196.16.0/20 maxlen: 20
193.196.13.0/24 maxlen: 24
193.196.0.0/15 maxlen: 15
141.58.0.0/16 maxlen: 16
192.67.208.0/24 maxlen: 24
2001:7c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/Ahs-o17f3ROMFVBtdKdgIt03aUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/Ahs-o17f3ROMFVBtdKdgIt03aUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:e6:fb:fc:c9:b6:70:f8:59:da:fa:64:f1:04:bd:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=021b3ea35edfdd138c15506d74a76022dd37694b
Validity
Not Before: Jan 15 11:34:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0225e33b7812901a500dd0eed9b7928fbe76f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:77:e8:eb:b3:8e:3c:5c:ed:51:a6:f2:05:a4:
63:7c:01:9f:23:56:61:37:f4:ff:87:ad:0f:0f:be:
c8:e6:ab:5e:49:a4:ba:42:d3:d6:8e:1e:1f:23:80:
aa:df:8f:d9:5f:12:2c:3b:25:4d:8a:fe:1a:f8:9e:
ad:8d:17:09:73:00:f8:5a:aa:c0:33:11:ac:63:24:
ac:2e:cb:30:65:c9:87:2e:c4:2c:2a:39:a9:79:a6:
1b:1c:d6:b6:1d:58:8e:15:a3:3c:e1:e4:61:9a:35:
c6:71:0b:0b:ed:f0:62:fc:c7:19:ea:e4:14:3a:bb:
06:1c:77:1f:7c:1b:9e:3b:21:06:47:ac:57:ef:c0:
ae:fc:27:8a:5e:a2:ce:72:71:63:1a:28:fd:17:13:
8d:47:e3:b8:92:48:ec:7b:bf:0c:fd:38:c1:5c:65:
16:d4:ce:55:ce:0a:97:88:49:e1:47:5a:54:33:05:
22:4f:36:00:ce:6a:44:98:81:a8:76:12:26:5d:72:
40:03:ef:d4:8d:6a:85:4e:73:30:cb:c4:b2:21:5e:
8c:e8:20:eb:a2:3b:04:a0:7e:2f:3d:09:fb:8c:e7:
ae:d0:d5:54:7b:20:05:0b:ac:5a:8c:70:ba:87:05:
97:28:bc:ee:45:52:5c:f4:24:fa:4e:6c:4c:d3:7a:
f2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:22:5E:33:B7:81:29:01:A5:00:DD:0E:ED:9B:79:28:FB:E7:6F:42
X509v3 Authority Key Identifier:
keyid:02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/wCJeM7eBKQGlAN0O7Zt5KPvnb0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/Ahs-o17f3ROMFVBtdKdgIt03aUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.69.0.0/16
129.143.0.0/16
141.58.0.0/16
141.70.0.0/16
192.67.189.0/24
192.67.208.0/24
192.108.35.0-192.108.44.255
193.196.0.0/15
IPv6:
2001:7c0::/29
Signature Algorithm: sha256WithRSAEncryption
79:fc:42:d9:27:aa:c7:2d:24:0f:f9:35:bf:6a:4b:60:f5:22:
02:ce:ed:18:b1:5a:62:57:2a:d6:75:a5:49:97:7b:c1:4f:4c:
57:88:19:f0:c8:b2:c2:14:e8:ca:19:45:84:53:5c:84:2e:21:
62:67:75:a1:9e:d6:76:4d:81:8a:4d:ee:e8:0b:e0:9a:8f:27:
c4:24:a8:76:84:bf:33:71:b9:30:17:9a:8f:e1:cc:84:ac:c8:
bb:5e:1d:30:7d:df:32:50:20:7c:d6:78:04:25:8a:9d:5f:bb:
b8:ce:bd:8c:49:20:c3:b9:aa:e3:b9:29:7f:b4:1a:f6:b7:6e:
1e:75:0b:30:e3:98:88:3c:36:1c:59:15:59:54:42:62:e5:7e:
5b:72:c6:fb:c0:d4:86:7b:e2:06:8f:3f:70:2f:fa:4b:03:97:
0a:aa:5a:71:eb:bf:67:40:5c:15:a6:67:55:7a:f4:ed:55:1c:
85:90:5f:e0:e5:43:c9:cf:62:c6:36:98:20:08:b4:18:5f:84:
67:71:0a:ea:74:6c:4e:0f:7e:7c:11:78:6c:24:3c:d1:e4:70:
4e:fa:3e:05:96:35:6d:55:c4:a9:d6:59:f1:4a:f1:f8:88:a3:
c0:be:1f:eb:74:04:f2:bc:34:e6:5b:c6:0b:6a:08:b9:15:74:
67:9e:88:68
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY0M5vv8ybZw+Fna+mTxBL08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMWIzZWEzNWVkZmRkMTM4YzE1NTA2ZDc0YTc2MDIyZGQz
NzY5NGIwHhcNMjQwMTE1MTEzNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDIyNWUzM2I3ODEyOTAxYTUwMGRkMGVlZDliNzkyOGZiZTc2ZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHfo67OOPFztUabyBaRjfAGfI1Zh
N/T/h60PD77I5qteSaS6QtPWjh4fI4Cq34/ZXxIsOyVNiv4a+J6tjRcJcwD4WqrA
MxGsYySsLsswZcmHLsQsKjmpeaYbHNa2HViOFaM84eRhmjXGcQsL7fBi/McZ6uQU
OrsGHHcffBueOyEGR6xX78Cu/CeKXqLOcnFjGij9FxONR+O4kkjse78M/TjBXGUW
1M5VzgqXiEnhR1pUMwUiTzYAzmpEmIGodhImXXJAA+/UjWqFTnMwy8SyIV6M6CDr
ojsEoH4vPQn7jOeu0NVUeyAFC6xajHC6hwWXKLzuRVJc9CT6TmxM03ry1QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMAiXjO3gSkBpQDdDu2beSj7529CMB8GA1UdIwQY
MBaAFAIbPqNe390TjBVQbXSnYCLdN2lLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAt
YzMyMDRiZGU3NzczLzEvd0NKZU03ZUJLUUdsQU4wTzdadDVLUHZuYjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAtYzMyMDRiZGU3Nzcz
LzEvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA5BAIAATAzAwMAgUUDAwCB
jwMDAI06AwMAjUYDBADAQ70DBADAQ9AwDAMEAMBsIwMEAMBsLAMDAcHEMA0EAgAC
MAcDBQMgAQfAMA0GCSqGSIb3DQEBCwUAA4IBAQB5/ELZJ6rHLSQP+TW/aktg9SIC
zu0YsVpiVyrWdaVJl3vBT0xXiBnwyLLCFOjKGUWEU1yELiFiZ3WhntZ2TYGKTe7o
C+CajyfEJKh2hL8zcbkwF5qP4cyErMi7Xh0wfd8yUCB81ngEJYqdX7u4zr2MSSDD
uarjuSl/tBr2t24edQsw45iIPDYcWRVZVEJi5X5bcsb7wNSGe+IGjz9wL/pLA5cK
qlpx679nQFwVpmdVevTtVRyFkF/g5UPJz2LGNpggCLQYX4RncQrqdGxOD358EXhs
JDzR5HBO+j4FljVtVcSp1lnxSvH4iKPAvh/rdATyvDTmW8YLagi5FXRnnoho
-----END CERTIFICATE-----
Generated at Sun May 19 00:47:36 2024 by rpki-client on console-ams.rpki-client.org