Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wYxTKtl3Tk4WoMhjhbVQgisiIV8.roa
File: wYxTKtl3Tk4WoMhjhbVQgisiIV8.roa (raw, json)
Hash identifier: VbAijKJXQoy41Ft/3NOTlfJ2+Nu+3Q5DLRGCsB64t/I=
Subject key identifier: C1:8C:53:2A:D9:77:4E:4E:16:A0:C8:63:85:B5:50:82:2B:22:21:5F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50108DB0AADFB0F005B857F0D70E3D9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wYxTKtl3Tk4WoMhjhbVQgisiIV8.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14178
IP address blocks: 194.61.42.0/23 maxlen: 24
185.35.228.0/22 maxlen: 24
45.65.92.0/22 maxlen: 24
193.187.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:08:db:0a:ad:fb:0f:00:5b:85:7f:0d:70:e3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c18c532ad9774e4e16a0c86385b550822b22215f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d9:77:79:df:0f:44:ad:0a:ef:f9:ad:fe:07:
28:3e:f6:3d:f5:18:b5:c2:65:5c:3a:0e:97:c2:44:
46:b2:50:b0:1a:91:b8:8e:6f:e3:40:80:1e:31:92:
8b:3e:73:00:96:da:99:35:c3:d9:c3:6f:07:97:e6:
2c:05:90:a8:59:70:92:2a:89:d1:79:15:31:6d:47:
e1:09:18:9e:25:b7:7a:4c:a5:1e:82:b5:e9:80:74:
7e:79:cf:fa:80:fd:5b:b0:15:66:27:fc:ba:18:a9:
e3:bd:79:8d:55:f2:d3:7a:6f:fc:fb:b8:a0:b0:c5:
f9:c4:14:ac:13:63:2b:1a:6c:50:a2:12:c5:87:ea:
8d:fd:5a:89:a8:e1:d9:9c:b7:57:b7:7d:83:3c:a7:
a6:5f:b4:e0:93:a2:59:a0:fc:59:8a:24:9f:3a:4f:
9f:f9:86:a5:c7:2c:20:ca:63:1e:8d:ad:8e:55:f0:
73:66:ec:17:40:99:98:51:d0:b5:71:aa:ce:8c:0e:
1f:bf:b7:dc:21:d1:44:b3:ab:cc:e9:cd:93:45:cf:
06:a1:02:0c:d9:5c:bf:fa:2b:00:24:3d:5e:ca:8f:
8b:7c:0f:b6:07:fd:7c:f6:e4:0b:3c:13:92:20:24:
d4:cb:01:d8:81:26:38:54:ac:a4:1e:e5:b8:16:51:
57:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:8C:53:2A:D9:77:4E:4E:16:A0:C8:63:85:B5:50:82:2B:22:21:5F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wYxTKtl3Tk4WoMhjhbVQgisiIV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.92.0/22
185.35.228.0/22
193.187.136.0/22
194.61.42.0/23
Signature Algorithm: sha256WithRSAEncryption
09:d3:aa:ec:ff:07:e0:4d:d9:9a:63:5e:de:b8:46:5f:1d:52:
a6:f2:80:1e:3e:bf:cb:9e:e3:84:e3:38:69:db:48:7d:a6:60:
89:44:26:73:ea:80:0b:fa:47:f8:19:2d:d5:1f:a5:be:d0:5b:
02:93:fa:cc:6f:fc:2b:4a:b0:04:27:67:2d:a2:30:52:2c:0b:
58:1b:e0:84:35:23:cb:43:c7:35:6d:66:56:7d:54:36:48:4c:
55:cf:f8:83:ac:02:57:c7:4b:b2:63:b8:45:24:67:fc:d8:f7:
ca:9f:33:2f:04:1c:1c:3d:c1:b5:ce:3f:08:79:59:96:c8:ac:
36:e9:4e:ce:4c:7a:d7:f7:a7:c0:0e:52:07:79:f9:78:91:0a:
6b:84:a2:90:d6:a3:a4:fe:48:74:ae:b2:e6:69:78:21:02:29:
cd:7b:d8:6b:e0:7d:5a:c1:b9:b9:94:bc:c3:a0:35:9b:8f:b6:
66:87:32:88:7c:3a:d3:b4:b4:65:64:18:74:34:90:a7:c9:09:
c9:b6:c7:ef:c8:f2:5f:4b:e5:e4:21:6e:fd:bf:78:d3:48:95:
8f:fe:0b:c4:e5:a3:59:74:24:b0:4d:0c:4f:77:51:50:60:bf:
1b:33:14:e3:d5:b7:90:5d:87:ba:17:1e:79:3b:1a:09:9e:c2:
38:3f:2a:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFAQjbCq37DwBbhX8NcOPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMThjNTMyYWQ5Nzc0ZTRlMTZhMGM4NjM4NWI1NTA4MjJiMjIyMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNl3ed8PRK0K7/mt/gcoPvY99Ri1
wmVcOg6XwkRGslCwGpG4jm/jQIAeMZKLPnMAltqZNcPZw28Hl+YsBZCoWXCSKonR
eRUxbUfhCRieJbd6TKUegrXpgHR+ec/6gP1bsBVmJ/y6GKnjvXmNVfLTem/8+7ig
sMX5xBSsE2MrGmxQohLFh+qN/VqJqOHZnLdXt32DPKemX7Tgk6JZoPxZiiSfOk+f
+YalxywgymMeja2OVfBzZuwXQJmYUdC1carOjA4fv7fcIdFEs6vM6c2TRc8GoQIM
2Vy/+isAJD1eyo+LfA+2B/189uQLPBOSICTUywHYgSY4VKykHuW4FlFXmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMGMUyrZd05OFqDIY4W1UIIrIiFfMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvd1l4VEt0bDNUazRXb01oamhiVlFnaXNpSVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLUFcAwQC
uSPkAwQCwbuIAwQBwj0qMA0GCSqGSIb3DQEBCwUAA4IBAQAJ06rs/wfgTdmaY17e
uEZfHVKm8oAePr/LnuOE4zhp20h9pmCJRCZz6oAL+kf4GS3VH6W+0FsCk/rMb/wr
SrAEJ2ctojBSLAtYG+CENSPLQ8c1bWZWfVQ2SExVz/iDrAJXx0uyY7hFJGf82PfK
nzMvBBwcPcG1zj8IeVmWyKw26U7OTHrX96fADlIHefl4kQprhKKQ1qOk/kh0rrLm
aXghAinNe9hr4H1awbm5lLzDoDWbj7ZmhzKIfDrTtLRlZBh0NJCnyQnJtsfvyPJf
S+XkIW79v3jTSJWP/gvE5aNZdCSwTQxPd1FQYL8bMxTj1beQXYe6Fx55OxoJnsI4
Pyqz
-----END CERTIFICATE-----
Generated at Mon May 6 02:13:25 2024 by rpki-client on console-ams.rpki-client.org