Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/wrclbfr42kPGJVoASwhBNH-_0yI.roa
File: wrclbfr42kPGJVoASwhBNH-_0yI.roa (raw, json)
Hash identifier: Z8DXKYHH7JGxVJ4DbjS4/aAjH7Bqj7lKEhjT62UpBEA=
Subject key identifier: C2:B7:25:6D:FA:F8:DA:43:C6:25:5A:00:4B:08:41:34:7F:BF:D3:22
Certificate issuer: /CN=f26920bbd7fb70ef5dbcf2d0fea202bd95765eba
Certificate serial: 018CC3B71B38FC3BCCDD1EBBC2ECDE6643EA
Authority key identifier: F2:69:20:BB:D7:FB:70:EF:5D:BC:F2:D0:FE:A2:02:BD:95:76:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8mkgu9f7cO9dvPLQ_qICvZV2Xro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/wrclbfr42kPGJVoASwhBNH-_0yI.roa
Signing time: Mon 01 Jan 2024 06:30:06 +0000
ROA not before: Mon 01 Jan 2024 06:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24929
IP address blocks: 45.66.140.0/22 maxlen: 24
83.175.168.0/22 maxlen: 24
109.232.240.0/24 maxlen: 24
194.54.24.0/22 maxlen: 22
2a0e:84c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/8mkgu9f7cO9dvPLQ_qICvZV2Xro.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/8mkgu9f7cO9dvPLQ_qICvZV2Xro.mft
rsync://rpki.ripe.net/repository/DEFAULT/8mkgu9f7cO9dvPLQ_qICvZV2Xro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:1b:38:fc:3b:cc:dd:1e:bb:c2:ec:de:66:43:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f26920bbd7fb70ef5dbcf2d0fea202bd95765eba
Validity
Not Before: Jan 1 06:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2b7256dfaf8da43c6255a004b0841347fbfd322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0f:91:11:fc:ae:e8:31:4d:a9:93:dd:d5:0f:
13:89:a1:30:e3:5a:6d:bc:1c:60:1b:e2:3f:ca:5e:
60:6b:b7:30:9d:61:e0:c4:f6:41:fe:0b:b0:e1:fb:
96:78:18:fd:56:72:89:42:f3:29:00:5e:b3:87:e1:
46:e3:cc:2d:89:9d:48:6e:be:21:ef:8a:fc:e1:bb:
2d:a3:52:7e:28:ec:84:7e:ea:0c:f0:87:b4:9c:a5:
70:61:36:36:d0:6e:ac:a9:bc:46:f7:aa:58:68:11:
bf:9c:63:83:89:f5:e0:82:e2:61:f9:1b:e5:09:04:
bc:c9:43:14:ac:4d:d9:b2:84:5a:d6:09:0c:f0:cd:
11:d3:79:2e:f7:e9:ab:4b:ff:50:59:a2:73:f8:12:
ac:f8:87:07:3c:a9:4a:05:e5:44:aa:e2:3e:af:e9:
7a:8c:19:53:39:ab:9f:24:cb:38:5c:f8:e8:13:0d:
38:e2:c7:3c:75:30:d8:7b:e4:30:cc:9c:66:54:71:
17:b3:12:cd:f0:9b:09:c9:ab:9e:0d:c2:8d:fe:f0:
80:e8:e2:ee:15:a2:cf:f9:d5:a3:5e:c3:c1:14:af:
e0:23:b2:86:94:77:0d:e0:af:91:4e:64:a7:c3:39:
0f:c6:60:c3:55:f2:47:c1:51:f1:5d:06:df:56:ac:
aa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B7:25:6D:FA:F8:DA:43:C6:25:5A:00:4B:08:41:34:7F:BF:D3:22
X509v3 Authority Key Identifier:
keyid:F2:69:20:BB:D7:FB:70:EF:5D:BC:F2:D0:FE:A2:02:BD:95:76:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8mkgu9f7cO9dvPLQ_qICvZV2Xro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/wrclbfr42kPGJVoASwhBNH-_0yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a18a97-8fc7-4955-87af-0bcfc532933c/1/8mkgu9f7cO9dvPLQ_qICvZV2Xro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.140.0/22
83.175.168.0/22
109.232.240.0/24
194.54.24.0/22
IPv6:
2a0e:84c0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:1e:5e:14:64:57:c4:4c:f6:51:4f:75:19:ad:9c:df:41:03:
1e:13:61:2e:01:92:09:c0:5d:a0:eb:d7:e8:1b:e9:56:4e:40:
75:7e:fa:54:7d:07:f8:b9:9f:db:c9:8d:ef:38:a4:9e:c9:65:
45:26:ec:b3:25:1d:4d:f1:4e:30:67:2c:e5:98:a1:e1:cb:68:
25:04:2b:e8:d3:6c:87:22:42:d6:12:75:4c:7c:e1:f7:99:cc:
07:24:a5:b2:e3:b0:f3:c2:dc:a4:69:8d:8f:e6:31:e4:58:8e:
97:83:cc:2b:55:23:16:9d:ea:c5:6a:f4:0a:6e:2e:87:22:1f:
dd:39:e9:42:fc:c2:2a:d2:d4:63:ef:ff:ec:f8:e7:d9:69:84:
9c:0b:1a:c0:aa:4b:13:07:69:08:dc:cf:6b:c2:2e:c7:93:64:
ce:e5:6c:fb:29:ff:e6:ea:27:12:0c:3d:0a:eb:85:b4:08:f7:
05:66:18:18:e9:05:24:a7:e6:67:3f:12:bc:c9:b1:42:f8:6b:
1a:40:60:34:53:7d:d9:21:b9:37:93:dd:cc:82:0c:44:7b:a7:
20:29:20:42:7f:7b:63:0c:9c:76:61:83:52:45:2c:ee:6a:ca:
0e:c9:5a:1a:bf:54:c1:e4:50:81:9d:8e:52:2c:0b:50:c0:05:
66:b0:39:2b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDtxs4/DvM3R67wuzeZkPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjkyMGJiZDdmYjcwZWY1ZGJjZjJkMGZlYTIwMmJkOTU3
NjVlYmEwHhcNMjQwMTAxMDYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI3MjU2ZGZhZjhkYTQzYzYyNTVhMDA0YjA4NDEzNDdmYmZkMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg+REfyu6DFNqZPd1Q8TiaEw41pt
vBxgG+I/yl5ga7cwnWHgxPZB/guw4fuWeBj9VnKJQvMpAF6zh+FG48wtiZ1Ibr4h
74r84bsto1J+KOyEfuoM8Ie0nKVwYTY20G6sqbxG96pYaBG/nGODifXgguJh+Rvl
CQS8yUMUrE3ZsoRa1gkM8M0R03ku9+mrS/9QWaJz+BKs+IcHPKlKBeVEquI+r+l6
jBlTOaufJMs4XPjoEw044sc8dTDYe+QwzJxmVHEXsxLN8JsJyaueDcKN/vCA6OLu
FaLP+dWjXsPBFK/gI7KGlHcN4K+RTmSnwzkPxmDDVfJHwVHxXQbfVqyqbwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMK3JW36+NpDxiVaAEsIQTR/v9MiMB8GA1UdIwQY
MBaAFPJpILvX+3DvXbzy0P6iAr2Vdl66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1rZ3U5ZjdjTzlkdlBMUV9xSUN2WlYyWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMThhOTctOGZjNy00OTU1LTg3YWYt
MGJjZmM1MzI5MzNjLzEvd3JjbGJmcjQya1BHSlZvQVN3aEJOSC1fMHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMThhOTctOGZjNy00OTU1LTg3YWYtMGJjZmM1MzI5MzNj
LzEvOG1rZ3U5ZjdjTzlkdlBMUV9xSUN2WlYyWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLUKMAwQC
U6+oAwQAbejwAwQCwjYYMA0EAgACMAcDBQAqDoTAMA0GCSqGSIb3DQEBCwUAA4IB
AQB+Hl4UZFfETPZRT3UZrZzfQQMeE2EuAZIJwF2g69foG+lWTkB1fvpUfQf4uZ/b
yY3vOKSeyWVFJuyzJR1N8U4wZyzlmKHhy2glBCvo02yHIkLWEnVMfOH3mcwHJKWy
47DzwtykaY2P5jHkWI6Xg8wrVSMWnerFavQKbi6HIh/dOelC/MIq0tRj7//s+OfZ
aYScCxrAqksTB2kI3M9rwi7Hk2TO5Wz7Kf/m6icSDD0K64W0CPcFZhgY6QUkp+Zn
PxK8ybFC+GsaQGA0U33ZIbk3k93MggxEe6cgKSBCf3tjDJx2YYNSRSzuasoOyVoa
v1TB5FCBnY5SLAtQwAVmsDkr
-----END CERTIFICATE-----
Generated at Sun May 19 09:41:01 2024 by rpki-client on console-fra.rpki-client.org