Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WIx3-BTiKtrwsKB5Nki7rVsZcR4.roa
File: WIx3-BTiKtrwsKB5Nki7rVsZcR4.roa (raw, json)
Hash identifier: 59/rPMkhxtEUbCJt8I6xGp592sfWtFMo/ZfHVO09raU=
Subject key identifier: 58:8C:77:F8:14:E2:2A:DA:F0:B0:A0:79:36:48:BB:AD:5B:19:71:1E
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D56E3BE8578C5E99A8FFBBF5F9390
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WIx3-BTiKtrwsKB5Nki7rVsZcR4.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39163
IP address blocks: 213.91.197.0/24 maxlen: 24
95.43.201.0/24 maxlen: 24
62.176.120.0/24 maxlen: 24
95.43.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 Nov 2024 16:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:56:e3:be:85:78:c5:e9:9a:8f:fb:bf:5f:93:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=588c77f814e22adaf0b0a0793648bbad5b19711e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ab:20:41:ee:91:df:ad:14:0a:00:57:15:61:
10:95:fe:0f:5b:ae:42:8b:26:24:b4:cf:44:ca:ab:
f8:92:20:2f:73:3f:13:42:52:71:7c:91:49:c2:6f:
9a:27:71:41:53:af:d0:30:3e:35:f3:a5:5e:9e:60:
fd:c9:6e:aa:22:9b:1b:f3:14:2a:47:5c:04:ab:38:
e1:c2:38:8d:fe:bd:db:98:43:7a:59:ee:b5:db:93:
f0:52:c4:d6:70:ba:08:6f:1d:ba:40:76:71:3c:5e:
4c:b6:9a:38:ec:79:39:24:06:64:e7:e9:6a:89:e3:
25:c9:a1:c6:e7:3b:fa:b6:29:f9:3f:c5:f5:e3:23:
aa:4b:05:1b:85:5f:43:5d:ee:33:ac:76:77:3a:97:
86:b5:9a:a9:a1:d7:f4:21:12:9e:a8:4c:b5:fc:83:
f0:f0:06:8b:62:59:69:11:f6:3e:fe:b1:b4:e8:7c:
3d:d4:b5:9d:81:79:9b:cc:a5:b3:a6:e7:b9:2d:50:
a4:03:30:95:3c:35:e9:b3:01:c7:02:e8:18:b9:2b:
de:04:15:ae:3e:1b:0e:8e:d1:79:85:3e:57:07:0d:
3d:bf:87:f4:5c:1d:9d:44:e7:54:1d:42:aa:e8:6f:
54:bc:25:b7:c4:aa:f5:a7:43:10:ab:5b:ff:1a:13:
41:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:8C:77:F8:14:E2:2A:DA:F0:B0:A0:79:36:48:BB:AD:5B:19:71:1E
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WIx3-BTiKtrwsKB5Nki7rVsZcR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.176.120.0/24
95.43.201.0/24
95.43.251.0/24
213.91.197.0/24
Signature Algorithm: sha256WithRSAEncryption
46:e2:87:a6:8c:20:91:88:c0:53:96:92:15:ed:ad:23:c8:08:
b7:0e:91:ba:66:1d:35:96:31:cc:69:cd:aa:26:9a:ca:a6:2c:
95:72:69:b7:42:2c:62:f3:d3:08:bf:2c:ac:15:f3:3f:91:38:
00:c1:e6:65:49:6f:a0:8d:7b:ac:d8:f7:73:80:e2:99:8c:ac:
45:4c:5c:a7:28:67:d0:6d:99:29:3d:dd:01:13:d1:a0:e4:0b:
35:30:bf:c3:e4:47:3e:a3:0f:40:9a:86:d7:37:ac:ec:cf:51:
f0:9b:e2:9b:b1:b7:b1:50:82:d8:83:f9:d3:ca:93:a1:c0:a6:
42:c3:75:ba:c1:ea:68:d7:3a:d4:d2:44:86:98:74:4e:4a:9e:
29:c2:f0:97:23:5a:b2:c2:68:25:63:e7:0e:21:e1:74:7c:5a:
10:2a:73:53:e5:e2:55:24:67:bc:9c:ac:2a:0b:b7:73:43:13:
b7:26:64:68:6b:0d:dd:7a:26:71:c6:e7:af:6a:fc:57:f1:03:
97:ec:c8:bb:e5:6e:83:e0:2a:93:5c:cc:b7:4f:96:2b:2a:53:
8b:46:4d:bd:27:a1:a0:50:a6:78:ab:73:52:f3:e2:51:36:52:
81:47:b3:0e:7c:49:c5:9b:4e:bd:50:83:7d:bd:01:6a:1f:d9:
4c:97:ff:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzCbVbjvoV4xemaj/u/X5OQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODhjNzdmODE0ZTIyYWRhZjBiMGEwNzkzNjQ4YmJhZDViMTk3MTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqsgQe6R360UCgBXFWEQlf4PW65C
iyYktM9Eyqv4kiAvcz8TQlJxfJFJwm+aJ3FBU6/QMD4186VenmD9yW6qIpsb8xQq
R1wEqzjhwjiN/r3bmEN6We6125PwUsTWcLoIbx26QHZxPF5Mtpo47Hk5JAZk5+lq
ieMlyaHG5zv6tin5P8X14yOqSwUbhV9DXe4zrHZ3OpeGtZqpodf0IRKeqEy1/IPw
8AaLYllpEfY+/rG06Hw91LWdgXmbzKWzpue5LVCkAzCVPDXpswHHAugYuSveBBWu
PhsOjtF5hT5XBw09v4f0XB2dROdUHUKq6G9UvCW3xKr1p0MQq1v/GhNBFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFiMd/gU4ira8LCgeTZIu61bGXEeMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvV0l4My1CVGlLdHJ3c0tCNU5raTdyVnNaY1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPrB4AwQA
XyvJAwQAXyv7AwQA1VvFMA0GCSqGSIb3DQEBCwUAA4IBAQBG4oemjCCRiMBTlpIV
7a0jyAi3DpG6Zh01ljHMac2qJprKpiyVcmm3Qixi89MIvyysFfM/kTgAweZlSW+g
jXus2PdzgOKZjKxFTFynKGfQbZkpPd0BE9Gg5As1ML/D5Ec+ow9AmobXN6zsz1Hw
m+KbsbexUILYg/nTypOhwKZCw3W6wepo1zrU0kSGmHROSp4pwvCXI1qywmglY+cO
IeF0fFoQKnNT5eJVJGe8nKwqC7dzQxO3JmRoaw3deiZxxuevavxX8QOX7Mi75W6D
4CqTXMy3T5YrKlOLRk29J6GgUKZ4q3NS8+JRNlKBR7MOfEnFm069UIN9vQFqH9lM
l//r
-----END CERTIFICATE-----
Generated at Fri Nov 1 00:16:34 2024 by rpki-client on console-ams.rpki-client.org