Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/WasOD4ouVJwjLcR1ZlSopZdGFCs.roa
File: WasOD4ouVJwjLcR1ZlSopZdGFCs.roa (raw, json)
Hash identifier: UVNePGgCWrlnt1dub0GC8B6xDgoaOamSewboPW0LcbI=
Subject key identifier: 59:AB:0E:0F:8A:2E:54:9C:23:2D:C4:75:66:54:A8:A5:97:46:14:2B
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018CC649E1C9A73CB588A10353FF6A0F33D6
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/WasOD4ouVJwjLcR1ZlSopZdGFCs.roa
Signing time: Mon 01 Jan 2024 18:29:39 +0000
ROA not before: Mon 01 Jan 2024 18:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56479
IP address blocks: 195.229.177.0/24 maxlen: 24
195.229.176.0/24 maxlen: 24
195.229.179.0/24 maxlen: 24
195.229.178.0/24 maxlen: 24
195.229.175.0/24 maxlen: 24
195.229.181.0/24 maxlen: 24
195.229.180.0/24 maxlen: 24
194.170.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e1:c9:a7:3c:b5:88:a1:03:53:ff:6a:0f:33:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 1 18:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59ab0e0f8a2e549c232dc4756654a8a59746142b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:60:b4:64:0e:01:b8:4a:48:c1:5b:85:7b:59:
6b:4b:e4:92:a1:6e:81:6b:f4:00:2a:00:d1:a4:3d:
f4:b9:e4:29:f1:b2:32:53:e2:05:ea:bf:82:f2:5f:
e0:60:45:e3:19:f0:01:71:cd:f7:39:a9:2c:c3:ee:
7c:4f:ab:e4:5f:d1:e2:79:5e:40:a0:8a:21:9d:1e:
7d:94:66:8b:9c:85:7d:1d:15:59:6e:da:84:a4:a9:
37:80:2f:b9:0b:d5:db:3a:01:b6:de:67:f1:67:ca:
5e:71:0c:ab:51:f3:00:86:4a:fb:9e:c9:65:cf:d9:
5e:fc:1a:b8:9a:12:53:ac:89:96:c5:0c:c8:8c:16:
ce:0e:2e:d8:5e:f0:0b:84:0b:f3:04:64:94:8d:0c:
3f:d2:63:09:9e:ef:fc:2a:79:07:57:b4:d2:31:8c:
5f:4d:cc:16:36:61:a1:69:8d:74:4d:ad:fa:8a:14:
c3:a9:64:1a:c1:be:4a:82:18:3c:aa:32:6b:23:47:
ef:9d:44:34:4f:55:d1:5b:3f:12:1e:10:ea:62:3e:
9b:9f:49:61:d5:99:ef:51:16:4d:74:85:f4:f1:30:
86:e1:8e:5f:4f:5a:c7:cc:db:95:a6:76:21:12:84:
fb:be:63:c9:92:68:f0:52:e0:f0:d1:4c:01:02:2b:
b6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:AB:0E:0F:8A:2E:54:9C:23:2D:C4:75:66:54:A8:A5:97:46:14:2B
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/WasOD4ouVJwjLcR1ZlSopZdGFCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.170.32.0/19
195.229.175.0-195.229.181.255
Signature Algorithm: sha256WithRSAEncryption
93:3b:0c:69:63:71:ad:4e:df:dd:81:e1:0d:9e:de:fa:07:5c:
3d:23:0c:d0:a4:1d:3a:46:06:1b:81:9e:80:04:38:eb:60:13:
de:47:bd:5d:5b:7e:a0:e8:ad:2f:5b:f1:28:5a:0f:ba:4f:2f:
89:86:7c:8f:b3:ab:32:b9:00:6f:7f:b2:91:a5:7b:0e:7c:b2:
bf:f7:1a:d2:bf:7e:9b:dc:eb:77:33:6a:ba:dd:fc:6d:57:5b:
a3:1e:9b:56:0a:07:c9:0d:bf:90:5e:0c:30:89:e0:54:e5:6e:
65:f9:5c:bc:5f:f4:fa:76:8f:19:d7:21:4c:fc:8e:b7:f2:ad:
69:29:9e:61:4b:16:d4:49:f1:4e:ab:2b:38:6b:2f:d3:87:0a:
97:30:a2:90:df:85:c6:4e:18:b1:76:62:72:0b:ad:1a:da:22:
bd:c8:83:6a:37:8e:1c:36:5a:b5:df:86:7d:f1:9f:22:1d:78:
ef:77:fd:66:ea:4d:5a:c9:98:8e:f7:a1:64:5a:dc:33:ac:93:
0c:00:60:08:ea:ec:f3:e6:9b:9a:e1:53:40:bc:06:01:9d:68:
3e:65:24:f8:57:c3:14:46:83:f8:6c:ee:a3:5a:5b:81:65:59:
a7:b7:1d:48:1f:03:5a:a1:2c:ec:ef:96:91:dc:7e:55:e4:62:
f1:17:f4:c9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGSeHJpzy1iKEDU/9qDzPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjQwMTAxMTgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWFiMGUwZjhhMmU1NDljMjMyZGM0NzU2NjU0YThhNTk3NDYxNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymC0ZA4BuEpIwVuFe1lrS+SSoW6B
a/QAKgDRpD30ueQp8bIyU+IF6r+C8l/gYEXjGfABcc33Oaksw+58T6vkX9HieV5A
oIohnR59lGaLnIV9HRVZbtqEpKk3gC+5C9XbOgG23mfxZ8pecQyrUfMAhkr7nsll
z9le/Bq4mhJTrImWxQzIjBbODi7YXvALhAvzBGSUjQw/0mMJnu/8KnkHV7TSMYxf
TcwWNmGhaY10Ta36ihTDqWQawb5Kghg8qjJrI0fvnUQ0T1XRWz8SHhDqYj6bn0lh
1ZnvURZNdIX08TCG4Y5fT1rHzNuVpnYhEoT7vmPJkmjwUuDw0UwBAiu29QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFmrDg+KLlScIy3EdWZUqKWXRhQrMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvV2FzT0Q0b3VWSndqTGNSMVpsU29wWmRHRkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQFwqogMAwD
BADD5a8DBAHD5bQwDQYJKoZIhvcNAQELBQADggEBAJM7DGljca1O392B4Q2e3voH
XD0jDNCkHTpGBhuBnoAEOOtgE95HvV1bfqDorS9b8ShaD7pPL4mGfI+zqzK5AG9/
spGlew58sr/3GtK/fpvc63czarrd/G1XW6Mem1YKB8kNv5BeDDCJ4FTlbmX5XLxf
9Pp2jxnXIUz8jrfyrWkpnmFLFtRJ8U6rKzhrL9OHCpcwopDfhcZOGLF2YnILrRra
Ir3Ig2o3jhw2WrXfhn3xnyIdeO93/WbqTVrJmI73oWRa3DOskwwAYAjq7PPmm5rh
U0C8BgGdaD5lJPhXwxRGg/hs7qNaW4FlWae3HUgfA1qhLOzvlpHcflXkYvEX9Mk=
-----END CERTIFICATE-----
Generated at Tue Jun 25 23:51:54 2024 by rpki-client on console-ams.rpki-client.org