Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d2cec5-b245-4547-a9cd-f6c644c94608/1/wHxLK1OpzbWRT12gSPjhO5-TkEk.roa
File: wHxLK1OpzbWRT12gSPjhO5-TkEk.roa (raw, json)
Hash identifier: L3gclDxqdCa9IiR8tU0u/GGRK9AVcWrRLydtYvV1Fm4=
Subject key identifier: C0:7C:4B:2B:53:A9:CD:B5:91:4F:5D:A0:48:F8:E1:3B:9F:93:90:49
Certificate issuer: /CN=73fba682d69c1d10708ed7b6aeaa232ee89b901d
Certificate serial: 018CC5DC27A834F3FBEB63D6D9CE8836E929
Authority key identifier: 73:FB:A6:82:D6:9C:1D:10:70:8E:D7:B6:AE:AA:23:2E:E8:9B:90:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_umgtacHRBwjte2rqojLuibkB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d2cec5-b245-4547-a9cd-f6c644c94608/1/wHxLK1OpzbWRT12gSPjhO5-TkEk.roa
Signing time: Mon 01 Jan 2024 16:29:48 +0000
ROA not before: Mon 01 Jan 2024 16:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29121
IP address blocks: 195.69.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/d2cec5-b245-4547-a9cd-f6c644c94608/1/c_umgtacHRBwjte2rqojLuibkB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/d2cec5-b245-4547-a9cd-f6c644c94608/1/c_umgtacHRBwjte2rqojLuibkB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/c_umgtacHRBwjte2rqojLuibkB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:27:a8:34:f3:fb:eb:63:d6:d9:ce:88:36:e9:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73fba682d69c1d10708ed7b6aeaa232ee89b901d
Validity
Not Before: Jan 1 16:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c07c4b2b53a9cdb5914f5da048f8e13b9f939049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ac:0d:13:7b:5c:28:8d:17:90:6d:13:4a:22:
7d:24:ec:40:0f:de:4e:c7:de:7a:2f:68:ba:ae:da:
1e:d2:26:7d:31:77:a8:ba:78:04:72:2e:83:c6:4e:
29:50:75:87:8c:19:7d:06:86:a3:27:ec:34:8f:a4:
3e:bd:73:fb:3d:7b:d4:7e:97:83:13:b9:34:21:d5:
95:fa:f0:51:c1:e3:0e:de:95:f8:db:67:0b:7c:43:
13:9b:09:ac:7f:53:52:a1:e0:7e:1d:1b:6a:8f:45:
99:82:3c:14:df:32:e1:a5:28:75:0b:fc:f1:77:24:
5d:c8:6d:f0:8b:eb:3f:ee:61:1f:a1:85:c2:f5:c1:
68:64:5e:b2:41:a8:c9:df:51:0d:d3:01:d0:40:d7:
7e:df:a2:40:cd:7e:6e:46:aa:0c:5a:a3:f5:61:a1:
70:cc:21:87:ac:5f:a1:d7:a1:d6:7b:f3:d8:8d:1b:
00:65:d6:a6:7d:08:d7:6b:94:9a:85:75:c2:4a:b0:
1d:48:45:f5:43:9d:ae:bb:40:72:e1:53:de:7a:db:
f6:74:67:65:88:f1:1f:5c:a9:64:34:cb:da:64:60:
ec:40:f2:83:84:e5:be:8c:74:10:44:f2:7b:ec:9c:
27:bf:a0:c7:61:21:a0:7d:f0:51:ab:6b:8c:fb:fc:
6d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:7C:4B:2B:53:A9:CD:B5:91:4F:5D:A0:48:F8:E1:3B:9F:93:90:49
X509v3 Authority Key Identifier:
keyid:73:FB:A6:82:D6:9C:1D:10:70:8E:D7:B6:AE:AA:23:2E:E8:9B:90:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_umgtacHRBwjte2rqojLuibkB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d2cec5-b245-4547-a9cd-f6c644c94608/1/wHxLK1OpzbWRT12gSPjhO5-TkEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d2cec5-b245-4547-a9cd-f6c644c94608/1/c_umgtacHRBwjte2rqojLuibkB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.69.96.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:ad:fe:3b:be:d6:33:8a:f2:1a:41:ff:6a:fe:a7:7b:9f:a9:
ac:18:6c:06:dd:9a:93:9f:5e:cc:bc:e7:ff:83:e5:20:1d:5c:
fd:51:a7:45:c9:bf:ab:71:6c:b8:a2:a4:48:1a:5c:b6:ab:98:
17:70:54:58:09:7c:f3:22:8c:dc:58:5c:f8:c0:52:20:87:7c:
b3:e9:e5:8d:3e:a7:0b:c8:23:2b:62:a9:f4:9d:b0:3c:04:a0:
93:82:f9:42:56:79:fd:a8:89:99:9d:39:8c:af:b1:e7:b5:41:
3b:d5:54:9b:7e:79:f9:77:f9:7b:90:a0:20:b1:fc:e6:ad:4f:
8e:f8:09:90:b5:ce:cb:3e:01:67:cf:be:ae:d8:71:09:a1:24:
ab:39:eb:de:fb:78:11:bd:0f:01:9b:4b:e4:c1:27:b6:00:11:
50:ab:1c:f8:5c:ae:f2:ca:d4:b9:a4:12:84:ae:a7:69:60:06:
80:cb:be:f7:3b:5d:68:2a:7b:f2:00:5d:b7:5e:1a:75:97:a7:
63:d2:ef:47:3a:8e:7c:44:d2:18:3b:81:1a:76:b9:d6:bd:db:
02:ea:da:d7:5c:76:f4:37:9a:ac:6e:93:20:e2:2e:0e:59:ba:
42:67:a1:db:6b:7a:88:e3:06:0b:53:d3:b6:ad:cf:d3:68:1a:
e4:49:e1:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3CeoNPP762PW2c6INukpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZmJhNjgyZDY5YzFkMTA3MDhlZDdiNmFlYWEyMzJlZTg5
YjkwMWQwHhcNMjQwMTAxMTYyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDdjNGIyYjUzYTljZGI1OTE0ZjVkYTA0OGY4ZTEzYjlmOTM5MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqwNE3tcKI0XkG0TSiJ9JOxAD95O
x956L2i6rtoe0iZ9MXeoungEci6Dxk4pUHWHjBl9BoajJ+w0j6Q+vXP7PXvUfpeD
E7k0IdWV+vBRweMO3pX422cLfEMTmwmsf1NSoeB+HRtqj0WZgjwU3zLhpSh1C/zx
dyRdyG3wi+s/7mEfoYXC9cFoZF6yQajJ31EN0wHQQNd+36JAzX5uRqoMWqP1YaFw
zCGHrF+h16HWe/PYjRsAZdamfQjXa5SahXXCSrAdSEX1Q52uu0By4VPeetv2dGdl
iPEfXKlkNMvaZGDsQPKDhOW+jHQQRPJ77Jwnv6DHYSGgffBRq2uM+/xtTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMB8SytTqc21kU9doEj44Tufk5BJMB8GA1UdIwQY
MBaAFHP7poLWnB0QcI7Xtq6qIy7om5AdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY191bWd0YWNIUkJ3anRlMnJxb2pMdWlia0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kMmNlYzUtYjI0NS00NTQ3LWE5Y2Qt
ZjZjNjQ0Yzk0NjA4LzEvd0h4TEsxT3B6YldSVDEyZ1NQamhPNS1Ua0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kMmNlYzUtYjI0NS00NTQ3LWE5Y2QtZjZjNjQ0Yzk0NjA4
LzEvY191bWd0YWNIUkJ3anRlMnJxb2pMdWlia0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw0VgMA0G
CSqGSIb3DQEBCwUAA4IBAQC2rf47vtYzivIaQf9q/qd7n6msGGwG3ZqTn17MvOf/
g+UgHVz9UadFyb+rcWy4oqRIGly2q5gXcFRYCXzzIozcWFz4wFIgh3yz6eWNPqcL
yCMrYqn0nbA8BKCTgvlCVnn9qImZnTmMr7HntUE71VSbfnn5d/l7kKAgsfzmrU+O
+AmQtc7LPgFnz76u2HEJoSSrOeve+3gRvQ8Bm0vkwSe2ABFQqxz4XK7yytS5pBKE
rqdpYAaAy773O11oKnvyAF23Xhp1l6dj0u9HOo58RNIYO4EadrnWvdsC6trXXHb0
N5qsbpMg4i4OWbpCZ6Hba3qI4wYLU9O2rc/TaBrkSeFk
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:36 2024 by rpki-client on console-fra.rpki-client.org