Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/WJhSPfwP3gOw8o1WN23ZhgNdQJc.roa
File: WJhSPfwP3gOw8o1WN23ZhgNdQJc.roa (raw, json)
Hash identifier: GUtVmRGh8HWdQYnD7xb/UsUV/lRJmkekQOt1WX7eciM=
Subject key identifier: 58:98:52:3D:FC:0F:DE:03:B0:F2:8D:56:37:6D:D9:86:03:5D:40:97
Certificate issuer: /CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Certificate serial: 018CC26D0D14B9D6EDD0E75B2CB3F1B2737E
Authority key identifier: 8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/WJhSPfwP3gOw8o1WN23ZhgNdQJc.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33309
IP address blocks: 185.241.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0d:14:b9:d6:ed:d0:e7:5b:2c:b3:f1:b2:73:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5898523dfc0fde03b0f28d56376dd986035d4097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1a:97:84:6a:ad:85:53:13:05:ac:d1:28:f2:
4b:4c:ad:0b:03:31:d4:5d:6a:6f:4c:06:96:43:d6:
68:ce:cf:fe:45:92:b7:e9:6f:16:7c:7e:ba:65:9c:
46:a9:c9:b8:97:6e:bd:69:8c:52:d1:0f:c4:94:2a:
b7:bb:c8:b0:f4:f0:97:f2:06:74:b0:8e:c1:9b:a7:
f7:54:b4:e0:74:d8:1a:53:9c:67:7d:41:c9:84:c9:
fe:3a:9f:a1:c7:3b:fd:11:58:25:2b:b2:d1:2c:e7:
65:60:59:a5:75:77:94:a3:54:51:b4:a7:81:4c:e4:
ce:9d:92:88:08:9d:e5:a0:13:8d:66:13:78:68:64:
93:9d:66:b4:47:52:7e:cd:7f:5d:0a:d0:9c:36:c4:
b7:b3:13:8c:03:a9:66:bb:01:68:04:30:de:12:e9:
00:40:21:49:51:11:b0:98:aa:9d:ce:fa:27:5b:47:
34:b4:c7:09:57:1a:a1:1d:7f:a0:83:85:e2:78:e3:
83:f4:70:08:bd:8d:ae:44:b6:07:aa:fe:b0:8b:76:
e5:e5:8f:42:ef:2c:e0:67:74:76:9d:1c:58:ff:1e:
52:a2:8a:a7:1d:c1:07:52:54:16:22:3a:bd:7b:9c:
fb:38:1a:03:41:bd:ea:b2:28:fe:83:8b:42:8f:73:
01:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:98:52:3D:FC:0F:DE:03:B0:F2:8D:56:37:6D:D9:86:03:5D:40:97
X509v3 Authority Key Identifier:
keyid:8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/WJhSPfwP3gOw8o1WN23ZhgNdQJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.46.0/24
Signature Algorithm: sha256WithRSAEncryption
89:f9:87:f1:b7:17:55:9b:57:7c:1b:9c:d4:90:2e:6c:78:1f:
fa:91:f8:d4:c2:70:65:5b:ac:41:ef:15:f3:26:5e:99:0c:eb:
5c:1c:6f:ef:c6:4b:75:9e:1b:e6:da:00:59:a3:02:d3:3a:ff:
e9:21:33:27:78:ac:ff:ef:c5:4d:b2:17:0a:ee:39:07:54:ee:
ef:4f:c7:06:4c:cc:ea:91:66:74:e5:3a:cd:10:8c:6d:43:9a:
75:f2:a9:cf:46:65:ca:fa:0e:9f:3d:45:0c:84:83:af:2c:08:
69:0a:09:65:89:d9:b7:47:fe:bc:52:78:90:55:9a:ac:5d:1d:
16:b3:f6:f6:38:a8:52:3a:29:09:df:c8:09:b1:79:16:0c:89:
0e:e1:07:8e:8c:c9:61:4c:d4:ab:3f:80:70:38:fd:41:a1:43:
75:a7:7f:1e:2c:4c:1d:50:a7:30:ce:c4:2b:2e:84:f7:b3:fd:
1a:6a:c2:87:c4:14:68:dc:26:da:d1:d6:2a:26:db:a1:ef:80:
35:47:bf:7d:1c:36:91:2d:15:c3:41:14:ca:ad:39:c3:ab:a6:
95:88:48:10:e7:41:eb:ac:1d:dd:b3:41:47:7f:7a:77:e7:b4:
95:31:ee:13:9f:c8:bc:3b:ae:ea:80:2d:3d:0a:7b:56:f7:2e:
26:96:6f:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQ0Uudbt0OdbLLPxsnN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTFmZTlhNGMwM2QwMTVhZWM5NzRlMmQyOTcwOWE5Nzll
YjgyZjEwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODk4NTIzZGZjMGZkZTAzYjBmMjhkNTYzNzZkZDk4NjAzNWQ0MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhqXhGqthVMTBazRKPJLTK0LAzHU
XWpvTAaWQ9Zozs/+RZK36W8WfH66ZZxGqcm4l269aYxS0Q/ElCq3u8iw9PCX8gZ0
sI7Bm6f3VLTgdNgaU5xnfUHJhMn+Op+hxzv9EVglK7LRLOdlYFmldXeUo1RRtKeB
TOTOnZKICJ3loBONZhN4aGSTnWa0R1J+zX9dCtCcNsS3sxOMA6lmuwFoBDDeEukA
QCFJURGwmKqdzvonW0c0tMcJVxqhHX+gg4XieOOD9HAIvY2uRLYHqv6wi3bl5Y9C
7yzgZ3R2nRxY/x5SooqnHcEHUlQWIjq9e5z7OBoDQb3qsij+g4tCj3MB5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFiYUj38D94DsPKNVjdt2YYDXUCXMB8GA1UdIwQY
MBaAFIqh/ppMA9AVrsl04tKXCal564LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYt
MWY5YWUwNTU2NDZmLzEvV0poU1Bmd1AzZ093OG8xV04yM1poZ05kUUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYtMWY5YWUwNTU2NDZm
LzEvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufEuMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ+YfxtxdVm1d8G5zUkC5seB/6kfjUwnBlW6xB7xXz
Jl6ZDOtcHG/vxkt1nhvm2gBZowLTOv/pITMneKz/78VNshcK7jkHVO7vT8cGTMzq
kWZ05TrNEIxtQ5p18qnPRmXK+g6fPUUMhIOvLAhpCgllidm3R/68UniQVZqsXR0W
s/b2OKhSOikJ38gJsXkWDIkO4QeOjMlhTNSrP4BwOP1BoUN1p38eLEwdUKcwzsQr
LoT3s/0aasKHxBRo3Cba0dYqJtuh74A1R799HDaRLRXDQRTKrTnDq6aViEgQ50Hr
rB3ds0FHf3p357SVMe4Tn8i8O67qgC09CntW9y4mlm8w
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:56:55 2024 by rpki-client on console-ams.rpki-client.org