Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WpuJpBFtaeX3yDcz_jlyUxw8MjQ.roa
File: WpuJpBFtaeX3yDcz_jlyUxw8MjQ.roa (raw, json)
Hash identifier: LLLD2k0j5mJqiofAiKJ8JutoThR3HO+m/y5wzGuZ2XE=
Subject key identifier: 5A:9B:89:A4:11:6D:69:E5:F7:C8:37:33:FE:39:72:53:1C:3C:32:34
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D4F843168054A32BAB8BA60A00FFC
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WpuJpBFtaeX3yDcz_jlyUxw8MjQ.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21337
IP address blocks: 213.91.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 Nov 2024 16:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4f:84:31:68:05:4a:32:ba:b8:ba:60:a0:0f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a9b89a4116d69e5f7c83733fe3972531c3c3234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ea:aa:e4:fd:c4:38:55:bf:16:01:24:33:37:
dc:ed:55:1c:8a:21:3e:06:cb:40:45:b4:c6:64:61:
6a:06:94:83:89:a9:fd:16:3e:66:3e:21:7d:b5:6f:
7f:1c:f0:d3:10:45:51:b0:c2:74:48:ea:f9:52:80:
b2:a8:03:85:70:f4:32:31:76:c7:30:37:5e:ea:05:
8e:ef:b3:4a:0e:8b:7f:a1:da:2c:0b:a6:3d:2b:41:
4e:ec:e4:ec:52:95:1a:bd:98:c0:d4:60:cb:ec:cd:
d1:cb:7c:ce:28:64:08:6f:31:e7:62:0c:32:64:4a:
e2:83:3b:e9:a4:1e:0f:6f:8a:5d:b1:a2:4d:b7:96:
e1:a1:13:10:e1:1d:b2:20:a4:19:34:ec:11:9a:85:
ed:2a:8a:ff:2e:80:8c:e1:a0:26:d8:a8:01:7d:a0:
82:29:50:55:ea:ae:ac:44:17:1d:4c:97:db:b6:38:
bb:f0:6c:f3:13:bf:d0:c8:09:85:9e:ce:e7:15:f7:
4e:78:8d:05:a2:0b:7f:99:15:e7:7b:c3:55:43:d6:
15:62:58:a6:45:b5:a4:80:96:38:91:7a:7a:62:3e:
0e:bd:a2:f5:4e:94:f5:9a:e9:f4:20:2f:93:14:74:
ea:60:f4:41:0a:0a:98:33:12:6f:1c:f8:49:16:b8:
df:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9B:89:A4:11:6D:69:E5:F7:C8:37:33:FE:39:72:53:1C:3C:32:34
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WpuJpBFtaeX3yDcz_jlyUxw8MjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.91.196.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:eb:46:bb:6e:6d:21:6d:4c:71:59:44:d8:96:be:aa:48:da:
4f:ce:69:a9:08:23:c6:bc:fb:28:65:d0:1c:05:3f:fa:1b:f8:
22:3c:d5:7b:20:fc:32:a6:75:74:69:a3:06:15:08:0e:8b:e0:
a6:a3:9e:27:12:a9:4b:60:14:b2:10:17:51:be:cb:d3:d9:a1:
59:aa:06:ce:13:94:40:c7:60:4f:e5:59:60:dd:42:eb:66:35:
94:6c:93:4c:bb:7d:df:c0:18:6e:6b:02:14:64:a1:5d:b6:57:
45:f2:df:62:84:12:d5:75:08:4e:11:f6:b1:8b:d3:60:57:4b:
3a:d3:be:d4:e0:22:ff:28:a3:3c:e7:48:72:ae:4e:19:8d:2d:
f8:83:bb:a9:3f:cf:23:81:6c:7b:ea:e8:12:07:ee:0a:be:d9:
60:1a:1c:b9:07:c7:e0:c0:39:19:0c:48:4e:58:0c:ba:a5:ac:
60:cd:85:12:1a:10:a7:55:15:9e:d3:58:36:bc:f1:0d:98:d3:
8a:b8:3e:ff:55:d8:f4:39:30:9d:20:1c:e7:5a:0f:07:18:44:
31:c6:df:d4:4c:d4:02:54:e7:e5:7f:9c:27:b7:fa:e9:36:bc:
6f:c8:e7:ad:5a:a2:be:71:49:5b:3d:e0:bd:17:8d:b4:98:96:
e6:eb:39:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbU+EMWgFSjK6uLpgoA/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTliODlhNDExNmQ2OWU1ZjdjODM3MzNmZTM5NzI1MzFjM2MzMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+qq5P3EOFW/FgEkMzfc7VUciiE+
BstARbTGZGFqBpSDian9Fj5mPiF9tW9/HPDTEEVRsMJ0SOr5UoCyqAOFcPQyMXbH
MDde6gWO77NKDot/odosC6Y9K0FO7OTsUpUavZjA1GDL7M3Ry3zOKGQIbzHnYgwy
ZErigzvppB4Pb4pdsaJNt5bhoRMQ4R2yIKQZNOwRmoXtKor/LoCM4aAm2KgBfaCC
KVBV6q6sRBcdTJfbtji78GzzE7/QyAmFns7nFfdOeI0Fogt/mRXne8NVQ9YVYlim
RbWkgJY4kXp6Yj4OvaL1TpT1mun0IC+TFHTqYPRBCgqYMxJvHPhJFrjflQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqbiaQRbWnl98g3M/45clMcPDI0MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvV3B1SnBCRnRhZVgzeURjel9qbHlVeHc4TWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1VvEMA0G
CSqGSIb3DQEBCwUAA4IBAQAs60a7bm0hbUxxWUTYlr6qSNpPzmmpCCPGvPsoZdAc
BT/6G/giPNV7IPwypnV0aaMGFQgOi+Cmo54nEqlLYBSyEBdRvsvT2aFZqgbOE5RA
x2BP5Vlg3ULrZjWUbJNMu33fwBhuawIUZKFdtldF8t9ihBLVdQhOEfaxi9NgV0s6
077U4CL/KKM850hyrk4ZjS34g7upP88jgWx76ugSB+4KvtlgGhy5B8fgwDkZDEhO
WAy6paxgzYUSGhCnVRWe01g2vPENmNOKuD7/Vdj0OTCdIBznWg8HGEQxxt/UTNQC
VOflf5wnt/rpNrxvyOetWqK+cUlbPeC9F420mJbm6zkG
-----END CERTIFICATE-----
Generated at Fri Nov 1 00:16:34 2024 by rpki-client on console-ams.rpki-client.org