Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/wToPZdoXJWHlnb1OKiu-CqfEPbw.roa
File: wToPZdoXJWHlnb1OKiu-CqfEPbw.roa (raw, json)
Hash identifier: 5MdqQwCOvFiQ4m5jniXB6QEWkAi2G7KL/9y/28JbRRQ=
Subject key identifier: C1:3A:0F:65:DA:17:25:61:E5:9D:BD:4E:2A:2B:BE:0A:A7:C4:3D:BC
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 018CCA2B52E9929BAD27789DE799DF3665BD
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/wToPZdoXJWHlnb1OKiu-CqfEPbw.roa
Signing time: Tue 02 Jan 2024 12:34:46 +0000
ROA not before: Tue 02 Jan 2024 12:34:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203000
IP address blocks: 185.79.96.0/22 maxlen: 32
185.79.96.0/24 maxlen: 32
185.79.98.0/24 maxlen: 32
185.79.97.0/24 maxlen: 32
185.129.119.0/24 maxlen: 32
185.79.99.0/24 maxlen: 32
185.129.116.0/24 maxlen: 32
185.129.116.0/22 maxlen: 32
185.129.118.0/24 maxlen: 32
185.129.117.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:52:e9:92:9b:ad:27:78:9d:e7:99:df:36:65:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 2 12:34:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c13a0f65da172561e59dbd4e2a2bbe0aa7c43dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:df:d5:57:ac:24:23:4a:80:50:f0:54:93:8e:
ab:80:05:ce:09:47:6a:ec:af:7e:25:d0:b0:52:2b:
52:ed:a7:dd:ed:1d:2c:fa:3a:d5:a9:f2:25:59:e4:
09:35:06:44:0b:20:d5:dd:90:d2:6d:0a:a0:68:19:
ba:3e:fc:2f:37:95:20:7f:82:12:31:e0:e4:1c:45:
46:d1:bf:eb:27:b4:b8:98:b2:81:1a:22:2c:b9:23:
c9:f5:94:24:97:e0:50:6b:14:2f:47:4b:12:b2:06:
fe:ba:95:47:74:ae:c7:82:7e:08:c1:7c:e3:0a:43:
a4:bd:1e:7f:9a:60:4f:6f:be:cd:92:3f:01:00:54:
f6:6d:a5:23:10:29:49:62:26:06:09:a1:29:df:24:
b0:2f:0f:8f:30:34:36:0c:9d:d2:99:e5:ee:ff:2c:
bd:ca:b6:44:9c:21:cd:f0:0c:7b:09:ed:00:fb:5f:
d5:e4:d3:be:46:a1:41:34:7c:14:be:c0:42:de:94:
05:5c:57:92:27:d1:4d:51:d5:61:76:da:b9:83:40:
ec:36:7b:59:02:0b:7a:c7:75:05:8b:51:d7:9c:87:
7b:cb:35:12:9d:9f:7a:79:2c:32:ec:dd:18:0e:51:
54:63:15:df:96:a6:95:e2:31:c4:bd:6a:ae:0d:d7:
5d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3A:0F:65:DA:17:25:61:E5:9D:BD:4E:2A:2B:BE:0A:A7:C4:3D:BC
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/wToPZdoXJWHlnb1OKiu-CqfEPbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.96.0/22
185.129.116.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:de:61:a0:8e:65:23:38:12:1f:2d:0a:96:e2:7a:88:04:1d:
11:00:af:3c:31:e9:ed:c3:5b:09:8d:d1:04:7c:74:e7:a6:65:
5c:fd:81:b8:54:4f:8f:a7:30:28:46:27:f3:8f:3e:3b:95:68:
fc:f4:2b:11:02:89:0f:2c:c4:33:6a:b4:38:a3:30:28:41:e2:
49:d7:ca:e0:f7:c8:9a:82:10:d0:9a:7b:e8:e3:1a:ba:7e:06:
8c:29:37:ff:02:da:d8:42:58:b4:0e:0c:d3:c5:15:d5:b4:6e:
0d:85:ee:6d:bd:7e:70:69:ec:2a:61:67:c4:7c:9e:d4:af:52:
c5:5d:c9:23:55:06:ae:0a:9d:fc:3d:67:10:81:78:04:a2:fa:
83:b1:3d:17:2c:10:72:ae:47:31:c9:1a:16:45:0b:d9:ff:b6:
e7:9f:16:8d:5c:bd:73:43:d6:9a:03:43:aa:c4:9d:1c:29:a1:
9a:a5:89:f1:e6:b6:91:80:2b:eb:82:75:a5:b3:46:7e:76:12:
0a:ac:36:0e:a3:ea:96:e1:59:f4:ff:23:66:a6:e7:0a:de:d7:
2e:d9:e7:4a:01:aa:8f:9d:40:bd:15:60:e6:d1:c8:ae:48:75:
2f:6d:c0:23:37:fd:04:45:93:48:9a:71:79:20:2e:79:f7:28:
02:8c:4b:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK1LpkputJ3id55nfNmW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjQwMTAyMTIzNDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTNhMGY2NWRhMTcyNTYxZTU5ZGJkNGUyYTJiYmUwYWE3YzQzZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid/VV6wkI0qAUPBUk46rgAXOCUdq
7K9+JdCwUitS7afd7R0s+jrVqfIlWeQJNQZECyDV3ZDSbQqgaBm6PvwvN5Ugf4IS
MeDkHEVG0b/rJ7S4mLKBGiIsuSPJ9ZQkl+BQaxQvR0sSsgb+upVHdK7Hgn4IwXzj
CkOkvR5/mmBPb77Nkj8BAFT2baUjEClJYiYGCaEp3ySwLw+PMDQ2DJ3SmeXu/yy9
yrZEnCHN8Ax7Ce0A+1/V5NO+RqFBNHwUvsBC3pQFXFeSJ9FNUdVhdtq5g0DsNntZ
Agt6x3UFi1HXnId7yzUSnZ96eSwy7N0YDlFUYxXflqaV4jHEvWquDdddowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFME6D2XaFyVh5Z29TiorvgqnxD28MB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvd1RvUFpkb1hKV0hsbmIxT0tpdS1DcWZFUGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuU9gAwQC
uYF0MA0GCSqGSIb3DQEBCwUAA4IBAQDD3mGgjmUjOBIfLQqW4nqIBB0RAK88Ment
w1sJjdEEfHTnpmVc/YG4VE+PpzAoRifzjz47lWj89CsRAokPLMQzarQ4ozAoQeJJ
18rg98iaghDQmnvo4xq6fgaMKTf/AtrYQli0DgzTxRXVtG4Nhe5tvX5waewqYWfE
fJ7Ur1LFXckjVQauCp38PWcQgXgEovqDsT0XLBByrkcxyRoWRQvZ/7bnnxaNXL1z
Q9aaA0OqxJ0cKaGapYnx5raRgCvrgnWls0Z+dhIKrDYOo+qW4Vn0/yNmpucK3tcu
2edKAaqPnUC9FWDm0ciuSHUvbcAjN/0ERZNImnF5IC559ygCjEur
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:41 2024 by rpki-client on console-fra.rpki-client.org