Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/WtSuHOngN5ei7hc8cpKLle_3Hfo.roa
File: WtSuHOngN5ei7hc8cpKLle_3Hfo.roa (raw, json)
Hash identifier: slNEdEqON1/QptmSSqFSG7zX3Rv22oC2bXAPbXvtyCo=
Subject key identifier: 5A:D4:AE:1C:E9:E0:37:97:A2:EE:17:3C:72:92:8B:95:EF:F7:1D:FA
Certificate issuer: /CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Certificate serial: 018CC5DC6BCC90C017AF216F9AC7EDD3A8E8
Authority key identifier: B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/WtSuHOngN5ei7hc8cpKLle_3Hfo.roa
Signing time: Mon 01 Jan 2024 16:30:06 +0000
ROA not before: Mon 01 Jan 2024 16:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209220
IP address blocks: 185.104.122.0/24 maxlen: 24
185.104.122.0/23 maxlen: 23
185.104.123.0/24 maxlen: 24
2a06:3000:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.mft
rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:6b:cc:90:c0:17:af:21:6f:9a:c7:ed:d3:a8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Validity
Not Before: Jan 1 16:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ad4ae1ce9e03797a2ee173c72928b95eff71dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bc:30:6c:79:13:e0:c4:8e:2a:03:32:be:f0:
f3:46:89:7f:80:69:f4:28:ff:f1:95:bd:92:5f:88:
17:65:06:aa:2e:4d:d1:5d:0c:20:d1:f5:99:74:f0:
42:6f:1a:c7:86:73:f0:03:0a:6b:5e:5a:24:21:a4:
85:a5:16:ec:c2:42:66:0a:66:9c:bb:e2:99:1d:a4:
a4:a5:93:e0:3f:b2:d2:74:5e:b3:3c:b7:0a:51:40:
ba:53:f0:72:5a:57:0c:0a:25:0c:33:80:e1:3e:f7:
df:23:aa:13:c2:5b:78:05:d7:08:41:24:41:74:82:
36:86:78:2d:4a:a0:88:6d:8b:e9:42:d4:ba:9d:9d:
87:d3:9a:52:2a:f0:4f:1a:3e:7d:4f:0e:c5:06:ec:
75:db:41:1f:03:86:4b:9d:a6:15:e2:ff:37:b5:22:
42:2f:02:c5:5a:05:6d:24:3c:f6:eb:c9:f9:a1:7d:
99:10:12:78:52:a6:c5:54:81:eb:07:5b:15:63:1d:
e2:e0:fa:21:2a:e0:5b:f3:63:e2:b0:d4:39:7a:3e:
37:40:38:42:e6:64:20:54:9d:9c:e5:82:4e:6a:33:
14:13:73:27:fc:38:c8:66:02:2c:0b:a7:a1:84:fb:
08:f5:c2:3c:af:ac:7e:c7:3f:32:fe:2b:0b:9d:ae:
0e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D4:AE:1C:E9:E0:37:97:A2:EE:17:3C:72:92:8B:95:EF:F7:1D:FA
X509v3 Authority Key Identifier:
keyid:B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/WtSuHOngN5ei7hc8cpKLle_3Hfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.122.0/23
IPv6:
2a06:3000:1000::/36
Signature Algorithm: sha256WithRSAEncryption
7b:a7:92:b7:cc:ee:c1:65:2f:47:74:2c:73:9f:7f:28:eb:c2:
fc:a6:fa:1e:39:b2:e7:a2:48:dc:80:43:a7:50:d0:94:40:a7:
b3:12:8f:4a:d0:16:f6:9b:4a:89:25:9f:c1:11:9d:98:36:29:
5c:6b:a4:d6:b6:8d:c4:a1:c4:cb:17:d0:7a:00:82:06:6d:bb:
fe:fe:91:31:ae:f6:99:d5:43:e9:b6:a1:ab:74:8b:d2:ac:19:
bb:bb:5b:72:2b:10:21:8e:e7:f4:d8:80:98:b8:7b:fd:f9:ef:
19:c2:37:41:74:f5:0f:65:f8:87:71:31:f1:7a:cb:8b:35:50:
1b:7f:a6:37:cf:e2:17:49:24:83:fd:6f:ee:42:83:d1:85:4a:
40:9d:6b:fd:d3:78:69:9d:b1:5a:60:99:d7:06:59:c2:5b:61:
fc:23:5c:e1:58:8d:51:64:f5:54:d2:52:17:7c:06:f1:ee:02:
6d:28:b2:cb:12:09:e2:da:a7:7b:e7:28:4e:45:5d:f4:e7:7e:
13:2a:38:b4:58:11:72:9b:f2:35:66:b4:e3:7b:03:76:3b:de:
13:ab:06:25:30:b3:b8:19:67:fc:b4:d5:69:19:14:23:2f:58:
e3:11:9e:55:0a:8f:07:36:d6:20:62:d4:ac:e2:6a:14:27:3d:
c7:69:32:89
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzF3GvMkMAXryFvmsft06joMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzUzNzc5MDFhNzg3MWQzYmZmN2E3MDI3N2EyZjRlMmZj
MGUyNzcwHhcNMjQwMTAxMTYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQ0YWUxY2U5ZTAzNzk3YTJlZTE3M2M3MjkyOGI5NWVmZjcxZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LwwbHkT4MSOKgMyvvDzRol/gGn0
KP/xlb2SX4gXZQaqLk3RXQwg0fWZdPBCbxrHhnPwAwprXlokIaSFpRbswkJmCmac
u+KZHaSkpZPgP7LSdF6zPLcKUUC6U/ByWlcMCiUMM4DhPvffI6oTwlt4BdcIQSRB
dII2hngtSqCIbYvpQtS6nZ2H05pSKvBPGj59Tw7FBux120EfA4ZLnaYV4v83tSJC
LwLFWgVtJDz268n5oX2ZEBJ4UqbFVIHrB1sVYx3i4PohKuBb82PisNQ5ej43QDhC
5mQgVJ2c5YJOajMUE3Mn/DjIZgIsC6ehhPsI9cI8r6x+xz8y/isLna4OpwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFrUrhzp4DeXou4XPHKSi5Xv9x36MB8GA1UdIwQY
MBaAFLE1N3kBp4cdO/96cCd6L04vwOJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUt
OTEyMDQ3MTUzZTAxLzEvV3RTdUhPbmdONWVpN2hjOGNwS0xsZV8zSGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUtOTEyMDQ3MTUzZTAx
LzEvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuWh6MA4E
AgACMAgDBgQqBjAAEDANBgkqhkiG9w0BAQsFAAOCAQEAe6eSt8zuwWUvR3Qsc59/
KOvC/Kb6Hjmy56JI3IBDp1DQlECnsxKPStAW9ptKiSWfwRGdmDYpXGuk1raNxKHE
yxfQegCCBm27/v6RMa72mdVD6bahq3SL0qwZu7tbcisQIY7n9NiAmLh7/fnvGcI3
QXT1D2X4h3Ex8XrLizVQG3+mN8/iF0kkg/1v7kKD0YVKQJ1r/dN4aZ2xWmCZ1wZZ
wlth/CNc4ViNUWT1VNJSF3wG8e4CbSiyyxIJ4tqne+coTkVd9Od+Eyo4tFgRcpvy
NWa043sDdjveE6sGJTCzuBln/LTVaRkUIy9Y4xGeVQqPBzbWIGLUrOJqFCc9x2ky
iQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 00:56:35 2024 by rpki-client on console-fra.rpki-client.org