Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/99d9a6-13be-40ab-be53-b42a4c3e916b/1/Wmhg8UIaZMehsKfDI1hxg11ZqmU.roa
File: Wmhg8UIaZMehsKfDI1hxg11ZqmU.roa (raw, json)
Hash identifier: nxV9E6u9czyms0nqLOJbcbskC7rG0ZgJQl+1E9ouyGs=
Subject key identifier: 5A:68:60:F1:42:1A:64:C7:A1:B0:A7:C3:23:58:71:83:5D:59:AA:65
Certificate issuer: /CN=87b3cb2d6fb68e6edb8442feb0abfc95aeb5b157
Certificate serial: 018E58D124304525259E7B02EDD43ADC4533
Authority key identifier: 87:B3:CB:2D:6F:B6:8E:6E:DB:84:42:FE:B0:AB:FC:95:AE:B5:B1:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7PLLW-2jm7bhEL-sKv8la61sVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/99d9a6-13be-40ab-be53-b42a4c3e916b/1/Wmhg8UIaZMehsKfDI1hxg11ZqmU.roa
Signing time: Tue 19 Mar 2024 22:24:44 +0000
ROA not before: Tue 19 Mar 2024 22:24:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8145
IP address blocks: 85.208.92.0/22 maxlen: 22
85.208.92.0/24 maxlen: 24
85.208.93.0/24 maxlen: 24
85.208.94.0/24 maxlen: 24
2a09:84c0::/30 maxlen: 30
2a09:84c0::/32 maxlen: 32
2a09:84c0:200::/40 maxlen: 40
2a09:84c0:400::/40 maxlen: 40
2a09:84c0:600::/40 maxlen: 40
2a09:84c1::/32 maxlen: 32
2a09:84c2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/99d9a6-13be-40ab-be53-b42a4c3e916b/1/h7PLLW-2jm7bhEL-sKv8la61sVc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/99d9a6-13be-40ab-be53-b42a4c3e916b/1/h7PLLW-2jm7bhEL-sKv8la61sVc.mft
rsync://rpki.ripe.net/repository/DEFAULT/h7PLLW-2jm7bhEL-sKv8la61sVc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:58:d1:24:30:45:25:25:9e:7b:02:ed:d4:3a:dc:45:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87b3cb2d6fb68e6edb8442feb0abfc95aeb5b157
Validity
Not Before: Mar 19 22:24:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a6860f1421a64c7a1b0a7c3235871835d59aa65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c9:41:da:e0:81:d0:e2:68:09:66:78:8f:55:
a6:a7:31:08:4d:cc:42:b9:84:ea:08:f1:f0:70:7d:
7a:cc:56:89:e2:7f:19:49:fb:7b:1d:fa:e2:86:c3:
f9:ff:93:f0:21:43:39:89:b3:f1:54:ba:0a:6e:31:
19:02:57:a5:0f:fa:36:62:bd:09:ee:b2:04:a1:87:
f6:57:20:c5:c9:79:c6:95:47:06:a6:69:08:b1:66:
66:4b:33:b0:72:ee:8d:46:bf:eb:41:f2:94:a5:4e:
ac:08:65:d1:34:90:45:f4:7c:bf:75:fe:50:a0:e6:
68:5b:43:98:99:f3:65:2e:03:a7:94:fd:68:b4:e8:
71:92:85:8f:e9:5f:bf:91:29:7c:b8:23:3d:99:30:
97:7e:99:8d:95:4c:b1:20:48:ed:ac:53:02:da:7f:
a0:1e:6c:67:80:01:e2:ab:64:74:33:e5:88:8b:d5:
1b:d0:57:03:63:68:c8:cf:b4:ab:36:b1:89:5e:1d:
9d:26:74:d9:fe:13:84:06:0a:af:ef:80:4b:99:07:
c3:b9:ec:cc:84:dd:ce:a3:a4:bd:70:34:31:56:2d:
7a:aa:c6:ae:4e:79:ea:dc:8c:8a:c9:f4:37:69:5f:
94:b8:90:fd:d5:38:01:52:53:04:fc:2d:8b:69:ff:
26:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:68:60:F1:42:1A:64:C7:A1:B0:A7:C3:23:58:71:83:5D:59:AA:65
X509v3 Authority Key Identifier:
keyid:87:B3:CB:2D:6F:B6:8E:6E:DB:84:42:FE:B0:AB:FC:95:AE:B5:B1:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7PLLW-2jm7bhEL-sKv8la61sVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/99d9a6-13be-40ab-be53-b42a4c3e916b/1/Wmhg8UIaZMehsKfDI1hxg11ZqmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/99d9a6-13be-40ab-be53-b42a4c3e916b/1/h7PLLW-2jm7bhEL-sKv8la61sVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.92.0/22
IPv6:
2a09:84c0::/30
Signature Algorithm: sha256WithRSAEncryption
29:ff:f7:3e:e8:d4:d1:19:15:f4:82:de:74:25:2d:62:0a:6f:
74:49:52:c5:02:a1:0c:6f:e7:3c:7b:dd:a0:bb:cd:5b:12:09:
ce:87:e6:44:59:bc:0f:f0:74:c3:92:5b:a9:46:ab:03:c5:9f:
f4:84:3b:f4:51:b7:3f:91:5f:91:01:ed:2c:ae:d9:9e:cd:f3:
09:2a:1a:fe:fb:5b:8f:30:9f:b1:e4:5e:6f:05:00:b3:c3:c9:
2e:79:d6:1f:fe:25:72:b2:50:11:cc:ba:65:eb:1d:e5:61:c7:
49:b1:18:7f:bb:15:45:d5:a2:7a:74:87:f2:82:d5:4a:a0:b0:
d6:51:51:e8:e7:4b:dc:b1:03:53:9d:17:d6:80:09:d0:ed:0f:
bf:e9:e6:d1:d3:d5:1d:7e:d2:cc:e6:a0:9b:cf:93:05:78:e4:
50:6d:91:f9:ae:6e:aa:d2:ff:c4:25:3a:72:8e:61:5f:d9:88:
c7:e5:95:42:98:2d:8c:83:0d:95:bf:7f:62:9b:5c:72:63:f8:
54:58:8c:26:bc:b4:ad:1f:dc:54:d2:50:ee:2d:d9:63:30:c2:
55:72:08:e1:cd:25:b1:1f:0e:35:dd:26:00:fd:ef:75:36:1d:
e8:ec:47:dc:dc:33:8c:6a:75:f7:5d:de:ec:eb:6f:c3:b0:e5:
2c:4c:b1:5b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5Y0SQwRSUlnnsC7dQ63EUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YjNjYjJkNmZiNjhlNmVkYjg0NDJmZWIwYWJmYzk1YWVi
NWIxNTcwHhcNMjQwMzE5MjIyNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTY4NjBmMTQyMWE2NGM3YTFiMGE3YzMyMzU4NzE4MzVkNTlhYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjclB2uCB0OJoCWZ4j1WmpzEITcxC
uYTqCPHwcH16zFaJ4n8ZSft7HfrihsP5/5PwIUM5ibPxVLoKbjEZAlelD/o2Yr0J
7rIEoYf2VyDFyXnGlUcGpmkIsWZmSzOwcu6NRr/rQfKUpU6sCGXRNJBF9Hy/df5Q
oOZoW0OYmfNlLgOnlP1otOhxkoWP6V+/kSl8uCM9mTCXfpmNlUyxIEjtrFMC2n+g
HmxngAHiq2R0M+WIi9Ub0FcDY2jIz7SrNrGJXh2dJnTZ/hOEBgqv74BLmQfDuezM
hN3Oo6S9cDQxVi16qsauTnnq3IyKyfQ3aV+UuJD91TgBUlME/C2Laf8mUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFpoYPFCGmTHobCnwyNYcYNdWaplMB8GA1UdIwQY
MBaAFIezyy1vto5u24RC/rCr/JWutbFXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDdQTExXLTJqbTdiaEVMLXNLdjhsYTYxc1ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85OWQ5YTYtMTNiZS00MGFiLWJlNTMt
YjQyYTRjM2U5MTZiLzEvV21oZzhVSWFaTWVoc0tmREkxaHhnMTFacW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85OWQ5YTYtMTNiZS00MGFiLWJlNTMtYjQyYTRjM2U5MTZi
LzEvaDdQTExXLTJqbTdiaEVMLXNLdjhsYTYxc1ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdBcMA0E
AgACMAcDBQIqCYTAMA0GCSqGSIb3DQEBCwUAA4IBAQAp//c+6NTRGRX0gt50JS1i
Cm90SVLFAqEMb+c8e92gu81bEgnOh+ZEWbwP8HTDklupRqsDxZ/0hDv0Ubc/kV+R
Ae0srtmezfMJKhr++1uPMJ+x5F5vBQCzw8kuedYf/iVyslARzLpl6x3lYcdJsRh/
uxVF1aJ6dIfygtVKoLDWUVHo50vcsQNTnRfWgAnQ7Q+/6ebR09UdftLM5qCbz5MF
eORQbZH5rm6q0v/EJTpyjmFf2YjH5ZVCmC2Mgw2Vv39im1xyY/hUWIwmvLStH9xU
0lDuLdljMMJVcgjhzSWxHw413SYA/e91Nh3o7Efc3DOManX3Xd7s62/DsOUsTLFb
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:25 2024 by rpki-client on console-fra.rpki-client.org