Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/WcR7zHhUmC6rSaxttpYk9euQIik.roa
File: WcR7zHhUmC6rSaxttpYk9euQIik.roa (raw, json)
Hash identifier: wXzakS8nMeEGBjkg0PrjxyqwymvnWmh0iq5Wo7l7Qww=
Subject key identifier: 59:C4:7B:CC:78:54:98:2E:AB:49:AC:6D:B6:96:24:F5:EB:90:22:29
Certificate issuer: /CN=6a016dad273047b18886691485dedd97171c4d68
Certificate serial: 018CC8DE464DA5ECDAD79F6ADE4C1AE38673
Authority key identifier: 6A:01:6D:AD:27:30:47:B1:88:86:69:14:85:DE:DD:97:17:1C:4D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/agFtrScwR7GIhmkUhd7dlxccTWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/WcR7zHhUmC6rSaxttpYk9euQIik.roa
Signing time: Tue 02 Jan 2024 06:30:59 +0000
ROA not before: Tue 02 Jan 2024 06:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 194.1.165.0/24 maxlen: 24
194.1.164.0/24 maxlen: 24
194.1.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/agFtrScwR7GIhmkUhd7dlxccTWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/agFtrScwR7GIhmkUhd7dlxccTWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/agFtrScwR7GIhmkUhd7dlxccTWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:46:4d:a5:ec:da:d7:9f:6a:de:4c:1a:e3:86:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a016dad273047b18886691485dedd97171c4d68
Validity
Not Before: Jan 2 06:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59c47bcc7854982eab49ac6db69624f5eb902229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:44:5c:f6:45:b0:5b:2d:d8:55:a9:a9:eb:5c:
b4:8c:5b:97:ec:e3:13:c7:c7:f2:0b:14:4c:71:c6:
81:09:d0:5d:7c:ae:72:3f:ca:3b:78:15:f3:82:97:
27:a8:24:2f:e5:08:d6:d5:31:bc:bf:29:35:bf:49:
be:c9:26:df:9d:f9:1a:e7:32:ca:f3:c8:57:e4:d7:
92:09:23:ba:26:55:b6:cd:ad:49:1f:64:af:87:b4:
07:4f:bc:57:f0:ae:97:a8:25:7b:a3:83:2e:0f:c7:
a7:e9:9a:e5:94:ad:77:64:61:61:14:74:14:47:56:
48:3c:9e:20:10:68:09:81:90:e3:54:a8:69:3d:bc:
c1:9d:7a:90:e5:90:94:33:0b:2c:bd:aa:01:9b:e3:
57:43:8d:c0:01:a8:cf:f0:60:1f:e3:9e:6e:a2:95:
d7:74:5f:e9:50:fe:7b:32:4b:24:86:11:be:41:4a:
17:c2:da:91:c1:94:b1:ba:f5:8c:b8:f8:bd:50:f9:
49:be:4c:cc:22:1a:5c:da:58:d0:4f:f9:ce:b1:85:
ef:76:e1:2a:e9:f1:90:49:6d:0d:3d:0c:f4:1b:63:
16:ab:a6:5a:4f:e7:a6:b0:79:da:2d:1f:c2:32:b4:
7d:1c:9f:ef:01:1f:b5:4d:e7:6a:54:63:94:88:b6:
89:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C4:7B:CC:78:54:98:2E:AB:49:AC:6D:B6:96:24:F5:EB:90:22:29
X509v3 Authority Key Identifier:
keyid:6A:01:6D:AD:27:30:47:B1:88:86:69:14:85:DE:DD:97:17:1C:4D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/agFtrScwR7GIhmkUhd7dlxccTWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/WcR7zHhUmC6rSaxttpYk9euQIik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/45c9ad-c4a7-4652-aad3-c952804932c2/1/agFtrScwR7GIhmkUhd7dlxccTWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.164.0-194.1.166.255
Signature Algorithm: sha256WithRSAEncryption
d9:f5:43:0c:6e:27:23:83:ef:5c:c9:80:04:96:46:94:ce:db:
41:20:40:f8:0c:ed:16:c4:bf:61:43:03:dc:42:bc:7a:2e:34:
42:03:65:7a:d4:c8:73:74:45:8f:46:8e:ff:45:0b:04:19:ea:
4c:81:a9:19:59:57:84:77:07:84:dc:39:ff:18:54:47:a4:d6:
77:e7:35:5c:0e:9d:2f:8f:4d:80:68:ab:b3:3d:25:8a:4b:65:
2d:a6:0f:1d:76:5a:04:68:8f:d6:22:d4:1c:3f:0a:b7:76:54:
3f:e5:45:02:e7:b3:1f:84:79:50:37:d9:48:76:6e:18:d4:95:
ba:2c:e5:32:cb:73:bc:0f:ee:6e:12:5f:f1:66:33:28:5b:fd:
19:d6:47:46:18:17:11:75:de:17:99:56:0a:4a:11:65:c4:f0:
80:1f:65:3a:39:15:c1:1e:82:11:ef:c1:93:cd:06:76:61:c3:
b8:6b:92:95:aa:aa:9f:52:d7:42:7e:ae:2d:9c:43:67:c6:c2:
36:1e:13:ac:c1:1e:a1:eb:3a:51:b3:3c:88:7c:f2:9d:29:ce:
29:25:48:e9:25:97:f9:b1:d7:4a:b7:40:df:10:d9:fd:68:1d:
4f:63:28:a4:67:91:8f:23:1f:cc:66:b8:df:1c:e3:ab:d4:4e:
6a:01:a4:ba
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzI3kZNpeza159q3kwa44ZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMDE2ZGFkMjczMDQ3YjE4ODg2NjkxNDg1ZGVkZDk3MTcx
YzRkNjgwHhcNMjQwMTAyMDYzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWM0N2JjYzc4NTQ5ODJlYWI0OWFjNmRiNjk2MjRmNWViOTAyMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtURc9kWwWy3YVamp61y0jFuX7OMT
x8fyCxRMccaBCdBdfK5yP8o7eBXzgpcnqCQv5QjW1TG8vyk1v0m+ySbfnfka5zLK
88hX5NeSCSO6JlW2za1JH2Svh7QHT7xX8K6XqCV7o4MuD8en6ZrllK13ZGFhFHQU
R1ZIPJ4gEGgJgZDjVKhpPbzBnXqQ5ZCUMwssvaoBm+NXQ43AAajP8GAf455uopXX
dF/pUP57MkskhhG+QUoXwtqRwZSxuvWMuPi9UPlJvkzMIhpc2ljQT/nOsYXvduEq
6fGQSW0NPQz0G2MWq6ZaT+emsHnaLR/CMrR9HJ/vAR+1TedqVGOUiLaJDwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFnEe8x4VJguq0msbbaWJPXrkCIpMB8GA1UdIwQY
MBaAFGoBba0nMEexiIZpFIXe3ZcXHE1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWdGdHJTY3dSN0dJaG1rVWhkN2RseGNjVFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NWM5YWQtYzRhNy00NjUyLWFhZDMt
Yzk1MjgwNDkzMmMyLzEvV2NSN3pIaFVtQzZyU2F4dHRwWWs5ZXVRSWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NWM5YWQtYzRhNy00NjUyLWFhZDMtYzk1MjgwNDkzMmMy
LzEvYWdGdHJTY3dSN0dJaG1rVWhkN2RseGNjVFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALCAaQD
BADCAaYwDQYJKoZIhvcNAQELBQADggEBANn1QwxuJyOD71zJgASWRpTO20EgQPgM
7RbEv2FDA9xCvHouNEIDZXrUyHN0RY9Gjv9FCwQZ6kyBqRlZV4R3B4TcOf8YVEek
1nfnNVwOnS+PTYBoq7M9JYpLZS2mDx12WgRoj9Yi1Bw/Crd2VD/lRQLnsx+EeVA3
2Uh2bhjUlbos5TLLc7wP7m4SX/FmMyhb/RnWR0YYFxF13heZVgpKEWXE8IAfZTo5
FcEeghHvwZPNBnZhw7hrkpWqqp9S10J+ri2cQ2fGwjYeE6zBHqHrOlGzPIh88p0p
ziklSOkll/mx10q3QN8Q2f1oHU9jKKRnkY8jH8xmuN8c46vUTmoBpLo=
-----END CERTIFICATE-----
Generated at Fri May 3 01:53:30 2024 by rpki-client on console-ams.rpki-client.org