Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/WNsjX6ioYzh5SMeVFMf_ZQdEejE.roa
File: WNsjX6ioYzh5SMeVFMf_ZQdEejE.roa (raw, json)
Hash identifier: zCpyVJpuhXAYOe+88Krwcowl159phvFWAR9ZM7KfFtg=
Subject key identifier: 58:DB:23:5F:A8:A8:63:38:79:48:C7:95:14:C7:FF:65:07:44:7A:31
Certificate issuer: /CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Certificate serial: 018D1C60F0E4DAEEDFA58BFBBE42F3F8FB31
Authority key identifier: A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/WNsjX6ioYzh5SMeVFMf_ZQdEejE.roa
Signing time: Thu 18 Jan 2024 11:42:11 +0000
ROA not before: Thu 18 Jan 2024 11:42:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20836
IP address blocks: 95.157.64.0/19 maxlen: 24
95.157.96.0/19 maxlen: 24
178.249.184.0/21 maxlen: 24
178.249.189.0/24 maxlen: 24
185.47.228.0/22 maxlen: 24
217.171.32.0/20 maxlen: 24
2001:b60::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:60:f0:e4:da:ee:df:a5:8b:fb:be:42:f3:f8:fb:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Validity
Not Before: Jan 18 11:42:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58db235fa8a863387948c79514c7ff6507447a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:59:8d:d3:38:80:f8:78:e8:6f:08:12:d3:9a:
0e:c1:ea:d3:94:89:4b:4d:d7:fa:2c:7b:5f:d9:5c:
8c:6a:29:9f:66:71:b8:bf:7b:7b:e1:1d:54:68:7d:
a1:cd:82:b6:d3:d6:fa:01:38:f2:60:64:66:fa:1c:
e5:d6:23:c1:b5:e3:9d:e4:dd:0b:74:fe:02:d0:96:
eb:08:bc:45:b2:97:c4:5c:eb:e7:92:d9:70:6d:c8:
df:22:ed:66:8d:ab:0a:ad:df:18:7f:c9:13:21:7e:
e6:7f:f2:3d:e6:a3:ae:40:58:a4:86:e4:4d:36:8e:
f6:08:a2:e0:42:54:87:0c:09:a9:88:49:ff:00:fb:
cf:b5:28:e8:24:86:05:d4:1c:dc:c0:36:b7:22:78:
10:88:36:5c:f7:be:bb:20:bf:9d:86:7e:d8:23:78:
9e:0b:8f:34:53:16:11:ed:cf:73:01:73:a7:82:f1:
20:73:05:a6:82:bb:82:12:95:32:31:a3:13:76:d9:
6b:75:51:05:48:fa:79:8a:b1:eb:27:a6:8f:35:99:
72:f5:44:90:42:ac:a6:25:0c:c5:f3:b6:2a:0e:50:
78:98:de:86:4d:d4:64:50:73:4d:f0:47:30:8a:04:
60:2b:6e:21:21:16:ce:8a:28:8e:85:9b:96:ad:87:
89:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DB:23:5F:A8:A8:63:38:79:48:C7:95:14:C7:FF:65:07:44:7A:31
X509v3 Authority Key Identifier:
keyid:A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/WNsjX6ioYzh5SMeVFMf_ZQdEejE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.157.64.0/18
178.249.184.0/21
185.47.228.0/22
217.171.32.0/20
IPv6:
2001:b60::/32
Signature Algorithm: sha256WithRSAEncryption
6a:53:de:e7:d0:d2:4d:ce:13:d2:97:45:68:a1:20:d7:81:85:
fd:e6:c9:3c:2d:ba:3c:43:b7:01:c1:9c:5a:eb:fd:d3:d6:f7:
d9:fa:96:4d:1e:3e:0f:c1:0f:8f:17:bb:8e:37:7c:6c:f5:3c:
bf:f0:30:2a:72:68:b3:6a:66:a3:58:47:0b:3c:02:99:72:a7:
db:e3:9a:b9:a8:c7:29:62:0c:1c:6f:f0:65:7a:2d:21:d6:2b:
6b:22:34:36:3a:98:6b:cf:d6:3e:10:8d:09:08:d6:42:50:25:
c4:5a:57:ae:dd:bb:83:e2:e9:f5:fd:11:33:5b:4c:f8:bd:49:
f6:5b:d3:e8:e1:d3:6a:3b:d7:7b:22:17:c7:50:9b:a4:a3:e7:
c4:ca:78:31:26:25:98:40:22:f1:a6:10:68:50:2a:52:ef:c6:
c3:57:97:49:83:49:24:38:51:2a:44:ac:64:9d:e2:fd:44:7f:
45:58:f0:31:e5:e6:ab:ab:b2:ab:95:27:33:e1:7d:3d:c6:ba:
d7:05:30:a9:a1:2a:a7:85:08:ec:ba:8f:bc:f4:5c:12:89:80:
f9:45:e1:57:e3:fd:96:91:d4:03:2f:71:57:ef:53:a0:d2:52:
da:b9:c1:d7:0a:2d:b2:68:45:90:1a:a9:c1:88:28:79:e8:8c:
0f:1d:3e:39
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY0cYPDk2u7fpYv7vkLz+PsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNmIwZDhhYjQ5NDM2NTUwYjZhYmY0NWI3OTAzNWFlYzZh
ZmYyM2MwHhcNMjQwMTE4MTE0MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGRiMjM1ZmE4YTg2MzM4Nzk0OGM3OTUxNGM3ZmY2NTA3NDQ3YTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlmN0ziA+HjobwgS05oOwerTlIlL
Tdf6LHtf2VyMaimfZnG4v3t74R1UaH2hzYK209b6ATjyYGRm+hzl1iPBteOd5N0L
dP4C0JbrCLxFspfEXOvnktlwbcjfIu1mjasKrd8Yf8kTIX7mf/I95qOuQFikhuRN
No72CKLgQlSHDAmpiEn/APvPtSjoJIYF1BzcwDa3IngQiDZc9767IL+dhn7YI3ie
C480UxYR7c9zAXOngvEgcwWmgruCEpUyMaMTdtlrdVEFSPp5irHrJ6aPNZly9USQ
QqymJQzF87YqDlB4mN6GTdRkUHNN8EcwigRgK24hIRbOiiiOhZuWrYeJvwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFjbI1+oqGM4eUjHlRTH/2UHRHoxMB8GA1UdIwQY
MBaAFKFrDYq0lDZVC2q/RbeQNa7Gr/I8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUt
MTVjYzlkYzdiZDg3LzEvV05zalg2aW9Zemg1U01lVkZNZl9aUWRFZWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUtMTVjYzlkYzdiZDg3
LzEvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGX51AAwQD
svm4AwQCuS/kAwQE2asgMA0EAgACMAcDBQAgAQtgMA0GCSqGSIb3DQEBCwUAA4IB
AQBqU97n0NJNzhPSl0VooSDXgYX95sk8Lbo8Q7cBwZxa6/3T1vfZ+pZNHj4PwQ+P
F7uON3xs9Ty/8DAqcmizamajWEcLPAKZcqfb45q5qMcpYgwcb/Blei0h1itrIjQ2
Ophrz9Y+EI0JCNZCUCXEWleu3buD4un1/REzW0z4vUn2W9Po4dNqO9d7IhfHUJuk
o+fEyngxJiWYQCLxphBoUCpS78bDV5dJg0kkOFEqRKxkneL9RH9FWPAx5earq7Kr
lScz4X09xrrXBTCpoSqnhQjsuo+89FwSiYD5ReFX4/2WkdQDL3FX71Og0lLaucHX
Ci2yaEWQGqnBiCh56IwPHT45
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:20:42 2024 by rpki-client on console-ams.rpki-client.org