Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/WZ5wK7brNJJaMjMlX9X96iN9yGo.roa
File: WZ5wK7brNJJaMjMlX9X96iN9yGo.roa (raw, json)
Hash identifier: LloY2mWha6RZIiKSSm/PV8AcrfTy62LlZiTvKR7HVxw=
Subject key identifier: 59:9E:70:2B:B6:EB:34:92:5A:32:33:25:5F:D5:FD:EA:23:7D:C8:6A
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 018CC26D53C37FB96B4CF24DC51040D3978B
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/WZ5wK7brNJJaMjMlX9X96iN9yGo.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 212.172.0.0/16 maxlen: 24
195.78.160.0/19 maxlen: 24
194.162.0.0/16 maxlen: 24
80.83.96.0/20 maxlen: 24
62.144.0.0/16 maxlen: 24
79.140.176.0/20 maxlen: 24
194.112.16.0/20 maxlen: 24
62.246.0.0/16 maxlen: 24
195.52.0.0/16 maxlen: 24
195.63.0.0/16 maxlen: 24
62.26.0.0/15 maxlen: 24
185.210.52.0/22 maxlen: 24
195.185.0.0/16 maxlen: 24
2001:4091::/32 maxlen: 48
2a01:5c8::/32 maxlen: 48
2001:4090::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:53:c3:7f:b9:6b:4c:f2:4d:c5:10:40:d3:97:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=599e702bb6eb34925a3233255fd5fdea237dc86a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:08:90:f9:10:6f:c8:0c:c1:cf:03:fa:80:d3:
24:d1:de:bb:91:ee:1e:12:59:3b:11:a1:ee:74:77:
32:52:04:84:99:48:05:ae:79:f5:61:b1:2f:f3:0f:
9b:52:4a:1e:4d:4f:bc:86:74:6d:ee:d7:30:c9:2a:
c5:5d:18:91:21:92:60:bc:1c:40:61:84:d8:48:6b:
f3:f4:44:41:e4:77:8f:59:1b:50:21:33:86:cc:6e:
57:7e:c4:ae:d9:07:fa:00:b6:97:08:b6:11:d6:6b:
9a:7a:54:1c:9e:77:3f:21:91:7e:30:72:26:06:a5:
f0:81:ed:6e:56:20:58:8e:df:fe:a5:7f:ab:87:e0:
42:58:66:72:aa:f8:7e:6e:65:e2:29:fc:7f:8a:b5:
86:93:e6:3a:35:23:5e:d7:08:0b:30:43:a8:7a:b6:
7b:2a:b3:fc:3e:3d:18:30:b6:27:ef:fb:17:60:40:
c9:4d:51:42:e4:50:b1:a4:96:4e:1e:f2:07:3d:5e:
39:e0:bc:84:bb:37:08:dc:fe:28:1b:52:db:c9:a9:
99:63:1c:6f:2c:30:e4:a7:39:3d:5a:8b:0c:b8:79:
95:d2:3a:e6:e3:5f:d9:5f:9b:4d:a7:84:58:ae:bf:
29:0c:0d:4e:07:2d:2d:5e:23:aa:7c:9b:c0:fb:e0:
52:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9E:70:2B:B6:EB:34:92:5A:32:33:25:5F:D5:FD:EA:23:7D:C8:6A
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/WZ5wK7brNJJaMjMlX9X96iN9yGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
1a:0a:16:23:3f:ad:f8:19:15:2f:6e:cb:85:81:bc:24:ca:4e:
ae:d5:db:ff:f6:dd:9c:63:b9:ba:01:17:57:b6:49:cf:51:43:
7c:b0:ae:ff:18:ef:c5:28:54:1d:25:51:51:2e:c7:59:99:f0:
9d:8a:75:74:5d:f2:49:88:de:70:e4:7c:d4:3b:62:5f:7b:30:
5e:81:7f:34:99:91:ae:6a:61:54:4f:0d:42:4f:64:46:6c:7b:
7e:a9:65:cd:b5:fc:25:6d:18:12:00:65:68:1d:ca:95:4c:be:
e0:8c:4f:ac:45:85:77:ce:08:9f:49:1a:dc:65:92:78:38:59:
5a:1d:eb:f7:f2:ae:b7:77:f5:39:bb:8e:c8:f0:70:fa:6c:9c:
c7:16:10:4b:12:f0:79:b4:78:8f:92:7d:83:56:8c:9b:ae:aa:
ce:8d:e1:e9:34:e7:2c:15:50:58:a8:b9:96:fe:80:cf:0d:aa:
44:70:21:13:17:3d:62:1c:a4:41:9c:b9:e1:55:d6:2e:cc:78:
8a:52:93:5b:78:1b:dd:58:6b:cb:ea:d2:94:ed:7d:c4:82:83:
28:2d:d6:f4:76:79:62:15:c2:50:60:09:b9:11:9b:21:2c:b6:
e1:23:79:8b:86:3f:71:ca:43:5e:24:9a:da:6f:61:6f:15:29:
21:68:7b:d7
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYzCbVPDf7lrTPJNxRBA05eLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTllNzAyYmI2ZWIzNDkyNWEzMjMzMjU1ZmQ1ZmRlYTIzN2RjODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigiQ+RBvyAzBzwP6gNMk0d67ke4e
Elk7EaHudHcyUgSEmUgFrnn1YbEv8w+bUkoeTU+8hnRt7tcwySrFXRiRIZJgvBxA
YYTYSGvz9ERB5HePWRtQITOGzG5XfsSu2Qf6ALaXCLYR1muaelQcnnc/IZF+MHIm
BqXwge1uViBYjt/+pX+rh+BCWGZyqvh+bmXiKfx/irWGk+Y6NSNe1wgLMEOoerZ7
KrP8Pj0YMLYn7/sXYEDJTVFC5FCxpJZOHvIHPV454LyEuzcI3P4oG1LbyamZYxxv
LDDkpzk9WosMuHmV0jrm41/ZX5tNp4RYrr8pDA1OBy0tXiOqfJvA++BSrQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFFmecCu26zSSWjIzJV/V/eojfchqMB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvV1o1d0s3YnJOSkphTWpNbFg5WDk2aU45eUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBMBAIAATBGAwMBPhoDAwA+
kAMDAD72AwQET4ywAwQEUFNgAwQCudI0AwQEwnAQAwMAwqIDAwDDNAMDAMM/AwQF
w06gAwMAw7kDAwDUrDAUBAIAAjAOAwUBIAFAkAMFACoBBcgwDQYJKoZIhvcNAQEL
BQADggEBABoKFiM/rfgZFS9uy4WBvCTKTq7V2//23ZxjuboBF1e2Sc9RQ3ywrv8Y
78UoVB0lUVEux1mZ8J2KdXRd8kmI3nDkfNQ7Yl97MF6BfzSZka5qYVRPDUJPZEZs
e36pZc21/CVtGBIAZWgdypVMvuCMT6xFhXfOCJ9JGtxlkng4WVod6/fyrrd39Tm7
jsjwcPpsnMcWEEsS8Hm0eI+SfYNWjJuuqs6N4ek05ywVUFiouZb+gM8NqkRwIRMX
PWIcpEGcueFV1i7MeIpSk1t4G91Ya8vq0pTtfcSCgygt1vR2eWIVwlBgCbkRmyEs
tuEjeYuGP3HKQ14kmtpvYW8VKSFoe9c=
-----END CERTIFICATE-----
Generated at Wed May 15 17:00:52 2024 by rpki-client on console-ams.rpki-client.org