Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Wxn92WoBVGgluyYm4i3oKhsk9rk.roa
File: Wxn92WoBVGgluyYm4i3oKhsk9rk.roa (raw, json)
Hash identifier: mBut43UPPE06f1b6GhkTyn2MKcEWgqTitgLfXGQ7qts=
Subject key identifier: 5B:19:FD:D9:6A:01:54:68:25:BB:26:26:E2:2D:E8:2A:1B:24:F6:B9
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018F94ACD1AA084943096D85783BE41C9AD4
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Wxn92WoBVGgluyYm4i3oKhsk9rk.roa
Signing time: Mon 20 May 2024 06:25:04 +0000
ROA not before: Mon 20 May 2024 06:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197537
IP address blocks: 178.255.246.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:94:ac:d1:aa:08:49:43:09:6d:85:78:3b:e4:1c:9a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: May 20 06:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b19fdd96a01546825bb2626e22de82a1b24f6b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ea:c3:a8:5f:8d:47:87:0f:36:47:5d:b2:20:
5a:64:f6:d6:e0:1d:54:78:8b:d9:66:14:15:5c:86:
03:6e:2e:44:5b:19:9e:9a:c4:37:78:f9:24:2a:1c:
f2:97:da:61:11:0d:de:89:b1:f0:cf:b7:8c:51:c0:
8f:87:48:38:47:05:95:a3:57:e9:68:3f:54:fa:5c:
bf:7b:3d:27:73:ce:7e:9c:19:e4:2a:94:61:0f:ef:
46:3f:8f:b0:1e:cb:bb:92:20:5e:70:37:c2:0d:14:
01:a8:a2:0a:21:93:fb:87:19:b6:22:d9:f7:e7:ee:
e9:e9:37:11:7d:fa:3d:2f:84:d9:f8:ed:df:19:65:
d4:9f:88:78:e4:04:0e:ce:23:86:31:b5:d9:00:88:
26:93:d3:b3:32:6f:b9:d9:d4:0a:13:e3:11:28:61:
e6:9d:0f:82:a8:94:84:f1:c8:1f:d8:40:77:2b:4f:
b4:03:59:e1:16:3a:29:d7:f6:65:49:32:ee:93:e5:
8c:20:20:4a:ad:cb:e6:1d:0c:8e:39:97:dc:3a:89:
64:a6:55:c5:fa:df:d9:8f:4d:2f:d0:47:88:27:0a:
1d:a0:ae:4b:6e:5c:e9:d8:b8:2c:7d:bb:6c:4f:87:
dc:e7:16:f1:e0:50:6b:a9:8b:5e:aa:55:fe:a1:78:
34:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:19:FD:D9:6A:01:54:68:25:BB:26:26:E2:2D:E8:2A:1B:24:F6:B9
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Wxn92WoBVGgluyYm4i3oKhsk9rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.246.0/23
Signature Algorithm: sha256WithRSAEncryption
59:71:7f:19:07:7e:f1:a4:18:77:3a:8c:a3:fc:9c:85:77:55:
39:31:e4:23:30:61:31:4c:f4:a6:71:0f:08:ec:31:f9:f0:08:
0a:eb:f3:dc:47:3a:56:e3:fe:04:18:09:86:5d:7f:5e:de:da:
25:03:7b:8c:f6:d4:d2:ea:65:b4:ff:95:2b:0e:e6:19:5e:b9:
31:fe:0a:bc:66:d8:fa:78:54:29:a6:aa:8c:31:ce:09:58:df:
c1:70:aa:ed:82:4d:6f:a7:04:76:31:ef:ac:22:e2:e2:8f:c5:
9a:ae:cd:0e:65:14:45:f6:80:4c:2a:07:7c:bf:de:c4:90:9b:
4b:ee:e6:23:30:93:f5:88:e1:ae:4b:3b:c2:01:8a:33:24:b5:
9d:97:b3:10:de:de:51:49:38:a3:8a:4b:4b:14:48:f5:9c:03:
e6:45:15:92:48:fc:0d:6d:fd:a8:e4:76:59:f2:e1:d7:1d:40:
55:b7:fb:b3:58:81:c9:66:f0:11:46:c7:ba:c0:32:29:cc:c3:
31:5c:04:38:f1:c1:90:a2:f1:11:97:a0:57:44:60:66:67:17:
1b:37:58:e2:71:c9:95:f0:71:70:05:5b:d6:45:75:ae:39:57:
c8:6c:ec:84:ea:bd:a0:0a:a5:39:5e:78:47:01:9d:25:83:0e:
94:1a:0d:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+UrNGqCElDCW2FeDvkHJrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNTIwMDYyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjE5ZmRkOTZhMDE1NDY4MjViYjI2MjZlMjJkZTgyYTFiMjRmNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsurDqF+NR4cPNkddsiBaZPbW4B1U
eIvZZhQVXIYDbi5EWxmemsQ3ePkkKhzyl9phEQ3eibHwz7eMUcCPh0g4RwWVo1fp
aD9U+ly/ez0nc85+nBnkKpRhD+9GP4+wHsu7kiBecDfCDRQBqKIKIZP7hxm2Itn3
5+7p6TcRffo9L4TZ+O3fGWXUn4h45AQOziOGMbXZAIgmk9OzMm+52dQKE+MRKGHm
nQ+CqJSE8cgf2EB3K0+0A1nhFjop1/ZlSTLuk+WMICBKrcvmHQyOOZfcOolkplXF
+t/Zj00v0EeIJwodoK5Lblzp2LgsfbtsT4fc5xbx4FBrqYteqlX+oXg0VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsZ/dlqAVRoJbsmJuIt6CobJPa5MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvV3huOTJXb0JWR2dsdXlZbTRpM29LaHNrOXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsv/2MA0G
CSqGSIb3DQEBCwUAA4IBAQBZcX8ZB37xpBh3Ooyj/JyFd1U5MeQjMGExTPSmcQ8I
7DH58AgK6/PcRzpW4/4EGAmGXX9e3tolA3uM9tTS6mW0/5UrDuYZXrkx/gq8Ztj6
eFQppqqMMc4JWN/BcKrtgk1vpwR2Me+sIuLij8Wars0OZRRF9oBMKgd8v97EkJtL
7uYjMJP1iOGuSzvCAYozJLWdl7MQ3t5RSTijiktLFEj1nAPmRRWSSPwNbf2o5HZZ
8uHXHUBVt/uzWIHJZvARRse6wDIpzMMxXAQ48cGQovERl6BXRGBmZxcbN1jiccmV
8HFwBVvWRXWuOVfIbOyE6r2gCqU5XnhHAZ0lgw6UGg2d
-----END CERTIFICATE-----
Generated at Wed Jun 26 05:50:34 2024 by rpki-client on console-ams.rpki-client.org