Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/WJHMhYdAg-cy15P5YxMabdEqndc.roa
File: WJHMhYdAg-cy15P5YxMabdEqndc.roa (raw, json)
Hash identifier: ueLxG/o4UqI6PNJVPZnl8VnyJd6h6nzbGe5t30UBEu4=
Subject key identifier: 58:91:CC:85:87:40:83:E7:32:D7:93:F9:63:13:1A:6D:D1:2A:9D:D7
Certificate issuer: /CN=e9057470fd56f1b773b2e40abaee79f9966e4436
Certificate serial: 018CCA2A42FBD473B939AA8616D33EAB2199
Authority key identifier: E9:05:74:70:FD:56:F1:B7:73:B2:E4:0A:BA:EE:79:F9:96:6E:44:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/WJHMhYdAg-cy15P5YxMabdEqndc.roa
Signing time: Tue 02 Jan 2024 12:33:36 +0000
ROA not before: Tue 02 Jan 2024 12:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58323
IP address blocks: 164.138.192.0/21 maxlen: 24
2a00:bac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/6QV0cP1W8bdzsuQKuu55-ZZuRDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/6QV0cP1W8bdzsuQKuu55-ZZuRDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:42:fb:d4:73:b9:39:aa:86:16:d3:3e:ab:21:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9057470fd56f1b773b2e40abaee79f9966e4436
Validity
Not Before: Jan 2 12:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5891cc85874083e732d793f963131a6dd12a9dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:76:40:85:fb:46:59:23:6e:fe:ae:d4:0b:0b:
82:4d:b7:0a:d6:f2:94:94:5e:30:95:f3:3d:22:88:
1c:8e:32:93:b6:cb:9e:9b:2a:3f:17:81:1e:8c:f5:
27:63:e4:b8:c0:39:2f:dd:ce:85:c7:35:f2:01:58:
c2:ec:8f:6b:9a:40:f5:91:b6:f5:6f:ba:cf:a2:bb:
3a:00:5e:cf:e4:fa:dd:53:06:58:c4:40:37:ae:7f:
6c:7a:42:d0:3d:41:cc:4e:82:bf:84:f0:a5:e7:b0:
7d:85:8a:28:e3:b4:a0:35:6d:8b:c4:df:88:c5:b6:
9b:64:8d:45:37:96:0e:0c:53:df:0c:2c:5d:4d:40:
82:09:39:33:2f:52:3a:7e:97:a0:47:93:e4:7a:13:
df:2c:76:bb:d4:e6:18:47:7a:c3:f7:bb:3f:5c:e5:
6b:aa:a2:73:8a:a9:09:59:df:58:4a:cd:dc:ee:7c:
59:31:99:15:63:86:db:3b:1c:65:8c:18:4f:43:6d:
33:88:69:54:d9:ba:2f:f7:f9:c5:aa:d2:f7:7c:af:
24:cd:ab:c4:1a:a3:2d:1b:3b:c7:d9:a0:a8:31:85:
1e:e3:2c:94:4c:13:67:f0:1e:64:de:10:05:71:37:
16:b5:5a:59:9e:a2:49:e7:4d:a5:dd:dd:19:cf:87:
ba:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:91:CC:85:87:40:83:E7:32:D7:93:F9:63:13:1A:6D:D1:2A:9D:D7
X509v3 Authority Key Identifier:
keyid:E9:05:74:70:FD:56:F1:B7:73:B2:E4:0A:BA:EE:79:F9:96:6E:44:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QV0cP1W8bdzsuQKuu55-ZZuRDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/WJHMhYdAg-cy15P5YxMabdEqndc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/45772a-a10f-429d-b5db-9218f92f3036/1/6QV0cP1W8bdzsuQKuu55-ZZuRDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.192.0/21
IPv6:
2a00:bac0::/32
Signature Algorithm: sha256WithRSAEncryption
90:da:8f:3a:11:bd:7d:64:f9:d4:40:81:b5:4e:25:84:e6:32:
32:ab:93:7d:07:d0:7d:7e:5a:4b:30:b1:bc:d4:4e:89:97:6f:
4b:5e:d5:2f:fe:ff:b4:57:f5:c5:a6:09:3d:fc:1e:1e:a4:6f:
16:f7:38:3d:98:7e:9d:23:9b:07:5b:74:75:2c:e6:0d:1b:7b:
3c:fc:51:ff:25:45:06:64:ae:27:e9:dc:09:2f:9e:04:a6:ab:
3d:82:de:d3:42:a1:cf:16:38:1d:69:44:9f:83:41:32:b5:ca:
8a:52:b0:fe:fa:64:70:c1:3d:1a:0f:8d:f0:dc:79:94:09:07:
99:c5:56:ec:26:cf:6d:b8:87:27:f4:54:04:6d:ae:a9:03:ea:
40:7f:f6:48:98:ef:b4:2a:a3:43:ff:27:b8:8b:1f:b0:e8:74:
0a:06:62:1d:ae:ca:70:8a:14:c9:fa:ad:de:f1:86:fc:90:26:
f8:37:5d:24:4f:d5:ff:fb:1e:aa:a0:63:d8:03:f2:06:c5:34:
d6:41:64:52:09:8e:b1:36:41:1b:81:a4:86:b2:e5:7d:5b:0c:
1e:7b:53:0d:8e:dc:c7:22:ba:42:a5:6d:67:38:0a:b9:72:ed:
89:4c:a4:0a:77:0f:fa:e3:b6:99:68:3f:91:91:2f:07:62:39:
27:4d:57:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKkL71HO5OaqGFtM+qyGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDU3NDcwZmQ1NmYxYjc3M2IyZTQwYWJhZWU3OWY5OTY2
ZTQ0MzYwHhcNMjQwMTAyMTIzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODkxY2M4NTg3NDA4M2U3MzJkNzkzZjk2MzEzMWE2ZGQxMmE5ZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3ZAhftGWSNu/q7UCwuCTbcK1vKU
lF4wlfM9IogcjjKTtsuemyo/F4EejPUnY+S4wDkv3c6FxzXyAVjC7I9rmkD1kbb1
b7rPors6AF7P5PrdUwZYxEA3rn9sekLQPUHMToK/hPCl57B9hYoo47SgNW2LxN+I
xbabZI1FN5YODFPfDCxdTUCCCTkzL1I6fpegR5PkehPfLHa71OYYR3rD97s/XOVr
qqJziqkJWd9YSs3c7nxZMZkVY4bbOxxljBhPQ20ziGlU2bov9/nFqtL3fK8kzavE
GqMtGzvH2aCoMYUe4yyUTBNn8B5k3hAFcTcWtVpZnqJJ502l3d0Zz4e6/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFiRzIWHQIPnMteT+WMTGm3RKp3XMB8GA1UdIwQY
MBaAFOkFdHD9VvG3c7LkCrruefmWbkQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFWMGNQMVc4YmR6c3VRS3V1NTUtWlp1UkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80NTc3MmEtYTEwZi00MjlkLWI1ZGIt
OTIxOGY5MmYzMDM2LzEvV0pITWhZZEFnLWN5MTVQNVl4TWFiZEVxbmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80NTc3MmEtYTEwZi00MjlkLWI1ZGItOTIxOGY5MmYzMDM2
LzEvNlFWMGNQMVc4YmR6c3VRS3V1NTUtWlp1UkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDpIrAMA0E
AgACMAcDBQAqALrAMA0GCSqGSIb3DQEBCwUAA4IBAQCQ2o86Eb19ZPnUQIG1TiWE
5jIyq5N9B9B9flpLMLG81E6Jl29LXtUv/v+0V/XFpgk9/B4epG8W9zg9mH6dI5sH
W3R1LOYNG3s8/FH/JUUGZK4n6dwJL54Epqs9gt7TQqHPFjgdaUSfg0EytcqKUrD+
+mRwwT0aD43w3HmUCQeZxVbsJs9tuIcn9FQEba6pA+pAf/ZImO+0KqND/ye4ix+w
6HQKBmIdrspwihTJ+q3e8Yb8kCb4N10kT9X/+x6qoGPYA/IGxTTWQWRSCY6xNkEb
gaSGsuV9Wwwee1MNjtzHIrpCpW1nOAq5cu2JTKQKdw/647aZaD+RkS8HYjknTVfr
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:43 2024 by rpki-client on console-ams.rpki-client.org