Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WuBSXyfkLpvpVg8MHEJggxecxuw.roa
File: WuBSXyfkLpvpVg8MHEJggxecxuw.roa (raw, json)
Hash identifier: gV7fjMg7RpyN41ATy9vhKNKPtcnFNqYpJnc30B7vEng=
Subject key identifier: 5A:E0:52:5F:27:E4:2E:9B:E9:56:0F:0C:1C:42:60:83:17:9C:C6:EC
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D5E8541CC2A27EA3BE2E5B8EC0083
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WuBSXyfkLpvpVg8MHEJggxecxuw.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196738
IP address blocks: 84.40.81.0/24 maxlen: 24
95.87.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 Nov 2024 13:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5e:85:41:cc:2a:27:ea:3b:e2:e5:b8:ec:00:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ae0525f27e42e9be9560f0c1c426083179cc6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c9:d9:61:d7:d2:96:2c:2c:72:5b:16:34:1a:
18:92:e8:df:3c:b8:ef:80:bf:76:f9:e2:57:d5:0a:
4b:2a:7e:a1:d9:a3:14:0f:59:2d:43:08:01:d9:2e:
a0:05:b5:ae:6d:92:f1:37:e7:f0:1c:b5:e7:90:86:
a9:3d:96:6a:fd:63:c4:ba:09:6c:79:fb:38:22:7d:
40:1e:1b:5b:eb:98:b0:b1:77:db:09:69:8c:71:e8:
69:54:74:ae:57:19:6c:0c:ec:84:98:99:e3:f7:35:
83:20:94:7d:29:8a:ad:a5:8c:d1:f3:11:69:8d:46:
62:8b:b7:5f:30:1e:4d:56:44:f5:0b:73:ef:6d:71:
ef:3f:1d:20:52:7c:23:79:7f:93:b3:2b:5e:05:c6:
b6:b0:02:5e:65:75:fc:2f:34:ef:ad:a6:39:7e:15:
e2:f4:ea:dd:f2:b3:9d:11:1b:74:87:c4:16:15:93:
b2:a9:02:8a:18:67:7e:09:01:b6:75:2f:31:96:66:
8c:20:b6:ac:95:1f:c6:55:58:df:5b:0d:85:08:0e:
d0:99:66:f6:9a:77:74:0d:d9:bc:35:a6:a0:33:6d:
43:bd:39:30:b5:49:be:39:2d:2c:04:eb:f4:80:a8:
db:08:ab:71:b0:a9:44:c6:5b:17:a0:52:59:ec:a4:
71:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E0:52:5F:27:E4:2E:9B:E9:56:0F:0C:1C:42:60:83:17:9C:C6:EC
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/WuBSXyfkLpvpVg8MHEJggxecxuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.40.81.0/24
95.87.253.0/24
Signature Algorithm: sha256WithRSAEncryption
17:b5:8e:54:42:34:66:e5:36:24:5a:2c:d0:27:85:42:f6:2e:
56:3b:11:0b:e8:5e:35:7f:b6:12:6c:83:64:2a:dc:8e:ae:cb:
9b:08:7d:3f:26:17:c3:94:ab:d5:a5:cc:9a:a8:ed:af:9b:c6:
5a:93:94:d3:48:75:06:a9:44:4f:63:6a:af:68:f5:e4:fc:eb:
16:c5:b2:4e:f9:32:cb:41:f3:98:ab:2d:cc:b8:11:8d:5e:5c:
f0:fa:09:f6:d8:0f:36:ee:df:a6:d9:d9:6a:ba:68:fc:a5:aa:
f0:78:9a:fb:b6:32:ac:ad:d1:10:87:42:96:6b:67:98:b9:77:
ff:14:f4:c9:21:e2:0c:76:d9:87:71:b4:b5:e9:4a:ea:c0:1e:
e5:fb:a1:bf:09:8b:2d:71:30:2b:47:36:88:f6:0a:e1:14:50:
df:3f:bf:82:91:7d:35:0b:87:b6:75:81:95:29:b8:4a:87:ae:
df:24:eb:1d:59:a9:ae:7a:2e:9b:9a:d1:67:c8:77:57:69:44:
8d:4a:df:d0:11:49:5c:c4:52:80:3d:e0:ca:1c:5e:40:08:ca:
55:83:ee:77:06:f3:9a:63:91:0f:68:f7:b9:ab:ea:2c:85:29:
50:68:6f:a7:2d:cc:6b:b3:b7:99:e1:47:0a:cd:be:52:d9:14:
e0:b0:4b:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbV6FQcwqJ+o74uW47ACDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWUwNTI1ZjI3ZTQyZTliZTk1NjBmMGMxYzQyNjA4MzE3OWNjNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsnZYdfSliwsclsWNBoYkujfPLjv
gL92+eJX1QpLKn6h2aMUD1ktQwgB2S6gBbWubZLxN+fwHLXnkIapPZZq/WPEugls
efs4In1AHhtb65iwsXfbCWmMcehpVHSuVxlsDOyEmJnj9zWDIJR9KYqtpYzR8xFp
jUZii7dfMB5NVkT1C3PvbXHvPx0gUnwjeX+TsyteBca2sAJeZXX8LzTvraY5fhXi
9Ord8rOdERt0h8QWFZOyqQKKGGd+CQG2dS8xlmaMILaslR/GVVjfWw2FCA7QmWb2
mnd0Ddm8NaagM21DvTkwtUm+OS0sBOv0gKjbCKtxsKlExlsXoFJZ7KRxSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFrgUl8n5C6b6VYPDBxCYIMXnMbsMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvV3VCU1h5ZmtMcHZwVmc4TUhFSmdneGVjeHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVChRAwQA
X1f9MA0GCSqGSIb3DQEBCwUAA4IBAQAXtY5UQjRm5TYkWizQJ4VC9i5WOxEL6F41
f7YSbINkKtyOrsubCH0/JhfDlKvVpcyaqO2vm8Zak5TTSHUGqURPY2qvaPXk/OsW
xbJO+TLLQfOYqy3MuBGNXlzw+gn22A827t+m2dlqumj8parweJr7tjKsrdEQh0KW
a2eYuXf/FPTJIeIMdtmHcbS16UrqwB7l+6G/CYstcTArRzaI9grhFFDfP7+CkX01
C4e2dYGVKbhKh67fJOsdWamuei6bmtFnyHdXaUSNSt/QEUlcxFKAPeDKHF5ACMpV
g+53BvOaY5EPaPe5q+oshSlQaG+nLcxrs7eZ4UcKzb5S2RTgsEsa
-----END CERTIFICATE-----
Generated at Thu Oct 31 19:05:29 2024 by rpki-client on console-ams.rpki-client.org