Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WhqS_RF-1kTaaAUwH21b3td__NI.roa
File: WhqS_RF-1kTaaAUwH21b3td__NI.roa (raw, json)
Hash identifier: exPrzwUjPpY6bJQE6KuIqUWnJiEriAcSAKJSg/F53Wc=
Subject key identifier: 5A:1A:92:FD:11:7E:D6:44:DA:68:05:30:1F:6D:5B:DE:D7:7F:FC:D2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0191763E58830CABA7CA9BDEEF16E05FBBD1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WhqS_RF-1kTaaAUwH21b3td__NI.roa
Signing time: Wed 21 Aug 2024 18:41:22 +0000
ROA not before: Wed 21 Aug 2024 18:41:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.85.104.0/24 maxlen: 24
188.240.73.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
194.242.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:3e:58:83:0c:ab:a7:ca:9b:de:ef:16:e0:5f:bb:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 21 18:41:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a1a92fd117ed644da6805301f6d5bded77ffcd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7a:6b:a5:70:37:62:49:98:9b:73:1c:33:df:
c5:fa:1a:00:d4:19:a2:0b:21:20:3a:44:29:a5:3e:
bb:5b:de:99:94:61:3b:ce:7d:96:e1:5c:e1:dd:b3:
9a:e0:f5:d3:8a:47:ca:42:99:65:b1:eb:4a:11:3f:
6c:a7:f5:81:7a:a4:84:05:76:d1:6d:93:81:d0:95:
9f:f8:d1:7e:d9:d4:86:10:49:6a:05:5f:b1:47:88:
6a:eb:dd:49:a9:16:83:3d:46:42:b3:7f:fa:a4:83:
3e:2e:6c:df:c8:86:75:48:35:39:a6:07:97:b9:58:
41:a6:ec:3e:db:89:39:25:74:9d:f3:96:d4:1b:73:
21:4e:95:fc:4a:23:5f:38:f2:29:55:46:bc:2e:fb:
f0:ab:28:dc:ae:e0:bd:1b:a4:c5:8d:4c:c9:b2:0e:
2b:09:4b:97:fb:0a:77:0d:73:f4:2f:77:af:b1:a0:
ec:46:43:2d:b9:fa:76:dd:61:0b:06:50:63:8a:9e:
a6:be:5d:6b:48:54:8d:d8:dc:fc:e9:fa:42:20:80:
34:ca:08:8f:91:46:61:5a:03:e5:ea:9a:2b:32:5c:
fb:ac:08:4c:28:b1:2c:c4:81:c2:d1:a8:c9:69:0c:
53:90:6f:fb:33:6f:3a:5a:f7:ce:bc:65:e6:1e:46:
17:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1A:92:FD:11:7E:D6:44:DA:68:05:30:1F:6D:5B:DE:D7:7F:FC:D2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WhqS_RF-1kTaaAUwH21b3td__NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.104.0/24
188.240.73.0/24
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:2b:12:11:34:7e:56:df:bb:c3:27:4f:4c:ee:f0:d1:a0:2e:
68:04:7a:db:eb:68:26:94:41:e5:ff:00:0c:db:89:01:36:ed:
13:3c:dd:4b:8b:05:f8:25:89:8b:34:86:58:1e:c6:fc:c0:a4:
c1:6a:5e:d5:91:18:2b:00:f0:e6:f2:17:22:3a:5e:8a:13:11:
7b:15:a1:a7:be:47:92:16:88:8f:71:21:bc:e8:c5:81:32:3b:
2f:bb:ed:22:ab:04:04:08:3b:07:e6:ee:e4:a0:f3:e7:5f:f1:
5e:a6:2e:56:3f:a1:68:27:4d:97:9c:67:9c:08:c5:06:63:5e:
0e:0c:93:1c:af:04:b3:52:57:1b:1f:a6:94:50:5a:98:1f:44:
11:08:78:75:07:48:7c:61:e3:9c:87:c5:be:81:28:34:c2:5d:
22:54:0b:d0:14:3f:49:3c:49:69:06:a1:c6:cb:98:b7:ab:11:
73:20:72:0c:c6:32:cd:ed:e7:6d:c5:58:eb:20:4d:f3:48:eb:
ce:fc:89:6b:e6:28:ef:44:b5:65:09:a8:64:ce:42:a0:8a:7c:
11:57:e1:ed:42:74:89:f1:04:01:19:0d:75:a7:8c:a4:cc:fa:
55:42:90:cf:f3:ed:db:68:b8:2e:80:6c:23:7a:00:d4:4a:3e:
4a:85:6b:8b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZF2PliDDKunypve7xbgX7vRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwODIxMTg0MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFhOTJmZDExN2VkNjQ0ZGE2ODA1MzAxZjZkNWJkZWQ3N2ZmY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHprpXA3YkmYm3McM9/F+hoA1Bmi
CyEgOkQppT67W96ZlGE7zn2W4Vzh3bOa4PXTikfKQpllsetKET9sp/WBeqSEBXbR
bZOB0JWf+NF+2dSGEElqBV+xR4hq691JqRaDPUZCs3/6pIM+LmzfyIZ1SDU5pgeX
uVhBpuw+24k5JXSd85bUG3MhTpX8SiNfOPIpVUa8LvvwqyjcruC9G6TFjUzJsg4r
CUuX+wp3DXP0L3evsaDsRkMtufp23WELBlBjip6mvl1rSFSN2Nz86fpCIIA0ygiP
kUZhWgPl6porMlz7rAhMKLEsxIHC0ajJaQxTkG/7M286WvfOvGXmHkYXKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFoakv0RftZE2mgFMB9tW97Xf/zSMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvV2hxU19SRi0xa1RhYUFVd0gyMWIzdGRfX05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVVoAwQA
vPBJAwQAwRNsAwQAwvICMA0GCSqGSIb3DQEBCwUAA4IBAQB+KxIRNH5W37vDJ09M
7vDRoC5oBHrb62gmlEHl/wAM24kBNu0TPN1LiwX4JYmLNIZYHsb8wKTBal7VkRgr
APDm8hciOl6KExF7FaGnvkeSFoiPcSG86MWBMjsvu+0iqwQECDsH5u7koPPnX/Fe
pi5WP6FoJ02XnGecCMUGY14ODJMcrwSzUlcbH6aUUFqYH0QRCHh1B0h8YeOch8W+
gSg0wl0iVAvQFD9JPElpBqHGy5i3qxFzIHIMxjLN7edtxVjrIE3zSOvO/Ilr5ijv
RLVlCahkzkKginwRV+HtQnSJ8QQBGQ11p4ykzPpVQpDP8+3baLgugGwjegDUSj5K
hWuL
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:06:50 2024 by rpki-client on console-ams.rpki-client.org