Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/wFAaCKAOGaFSi2UBVaAJ_kU_Auo.roa
File: wFAaCKAOGaFSi2UBVaAJ_kU_Auo.roa (raw, json)
Hash identifier: ceOZtdkZwVbkBWL8eodgFQ5QXDsFEvSRZiTncDE/6lU=
Subject key identifier: C0:50:1A:08:A0:0E:19:A1:52:8B:65:01:55:A0:09:FE:45:3F:02:EA
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 018CC6B780ADD0C3448FB86C411A71CD4F00
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/wFAaCKAOGaFSi2UBVaAJ_kU_Auo.roa
Signing time: Mon 01 Jan 2024 20:29:23 +0000
ROA not before: Mon 01 Jan 2024 20:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35950
IP address blocks: 153.112.217.0/24 maxlen: 24
153.112.216.0/23 maxlen: 23
153.112.216.0/24 maxlen: 24
153.112.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:80:ad:d0:c3:44:8f:b8:6c:41:1a:71:cd:4f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 20:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0501a08a00e19a1528b650155a009fe453f02ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3c:22:06:81:66:09:aa:63:61:4e:c4:55:47:
47:24:d6:71:76:14:33:29:e8:47:62:6a:67:24:41:
6a:5b:11:fe:19:a2:ea:0d:bb:74:ae:d1:89:1f:8b:
40:dd:5a:7c:ce:50:eb:4b:0e:3b:19:55:8a:e1:04:
07:fd:45:69:8c:bd:af:4f:7a:bd:32:bc:a2:02:20:
f2:a9:61:c6:55:08:41:cf:e9:bc:f1:9e:bb:b3:e8:
d9:98:8a:a6:dd:e0:71:c0:55:6b:da:ba:07:ee:29:
28:e9:6b:29:5f:91:17:cd:ea:7e:d0:32:d2:68:85:
2f:5a:91:63:f0:8e:a6:ec:b1:69:9f:bf:d7:df:2f:
74:59:52:03:ab:63:8a:14:67:59:ce:d9:a7:1b:be:
9b:48:f3:d5:c4:d9:e3:a9:88:74:e4:70:2c:31:f9:
a7:33:b6:68:4d:bb:a9:69:09:9d:bf:c7:6e:4e:97:
c9:6d:06:a4:7d:4c:6c:34:c0:b9:8a:e0:4a:f3:94:
d3:27:7e:ce:7c:84:0f:2f:45:fc:c6:89:f8:5b:03:
70:7e:99:c7:05:60:32:f7:86:1b:0f:62:d2:09:4e:
9b:ff:9a:cc:9d:73:b7:c4:fa:71:ae:bc:ed:8c:6b:
94:9d:c1:c7:6e:78:b8:59:eb:26:0b:50:c4:24:38:
da:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:50:1A:08:A0:0E:19:A1:52:8B:65:01:55:A0:09:FE:45:3F:02:EA
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/wFAaCKAOGaFSi2UBVaAJ_kU_Auo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.216.0/23
153.112.223.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:72:5e:87:f0:cb:4c:3b:67:41:ed:fb:2e:ee:62:cc:d4:52:
36:6b:16:41:ec:84:c1:38:0b:7e:6e:0a:1b:f0:a6:7f:a4:06:
d8:f7:b3:bb:a5:5a:ef:ee:3b:39:d7:fa:fd:f1:88:f6:00:db:
47:dd:a7:14:2a:a0:08:1e:7c:50:83:12:f5:f9:78:ca:b3:3b:
15:49:be:70:de:53:17:73:6d:54:52:7c:14:21:1b:61:57:4c:
0e:a3:6b:6a:14:fd:80:50:a9:7c:e8:1d:1c:60:33:f8:93:fd:
c0:7b:0d:0e:d8:9c:e5:9e:ab:e5:9d:e3:ee:c5:07:90:41:c5:
25:c1:c5:63:89:c6:7b:e7:ff:81:83:f9:ec:fe:1d:97:92:01:
a7:e9:6e:f7:7e:58:97:e7:81:c8:a7:d5:1e:16:3a:d5:60:a3:
bb:df:32:52:a2:89:0c:32:bf:c0:11:7f:e7:cd:b8:1a:9a:39:
f3:ce:7f:5f:d0:95:7b:32:23:60:99:f8:d9:30:b0:39:ee:55:
04:72:84:ac:05:27:f9:5f:0e:84:32:3d:65:ae:34:9b:5c:be:
7f:1a:17:43:40:e6:22:f4:3f:be:6a:19:0f:b1:05:1f:c4:c0:
57:3d:d2:6d:72:55:f2:ed:fa:4a:f6:67:bd:0b:83:32:c9:fd:
d0:05:fd:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt4Ct0MNEj7hsQRpxzU8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjQwMTAxMjAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDUwMWEwOGEwMGUxOWExNTI4YjY1MDE1NWEwMDlmZTQ1M2YwMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljwiBoFmCapjYU7EVUdHJNZxdhQz
KehHYmpnJEFqWxH+GaLqDbt0rtGJH4tA3Vp8zlDrSw47GVWK4QQH/UVpjL2vT3q9
MryiAiDyqWHGVQhBz+m88Z67s+jZmIqm3eBxwFVr2roH7iko6WspX5EXzep+0DLS
aIUvWpFj8I6m7LFpn7/X3y90WVIDq2OKFGdZztmnG76bSPPVxNnjqYh05HAsMfmn
M7ZoTbupaQmdv8duTpfJbQakfUxsNMC5iuBK85TTJ37OfIQPL0X8xon4WwNwfpnH
BWAy94YbD2LSCU6b/5rMnXO3xPpxrrztjGuUncHHbni4WesmC1DEJDjaVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMBQGgigDhmhUotlAVWgCf5FPwLqMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvd0ZBYUNLQU9HYUZTaTJVQlZhQUpfa1VfQXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmXDYAwQA
mXDfMA0GCSqGSIb3DQEBCwUAA4IBAQAacl6H8MtMO2dB7fsu7mLM1FI2axZB7ITB
OAt+bgob8KZ/pAbY97O7pVrv7js51/r98Yj2ANtH3acUKqAIHnxQgxL1+XjKszsV
Sb5w3lMXc21UUnwUIRthV0wOo2tqFP2AUKl86B0cYDP4k/3Aew0O2JzlnqvlnePu
xQeQQcUlwcVjicZ75/+Bg/ns/h2XkgGn6W73fliX54HIp9UeFjrVYKO73zJSookM
Mr/AEX/nzbgamjnzzn9f0JV7MiNgmfjZMLA57lUEcoSsBSf5Xw6EMj1lrjSbXL5/
GhdDQOYi9D++ahkPsQUfxMBXPdJtclXy7fpK9me9C4Myyf3QBf1F
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:33:17 2024 by rpki-client on console-ams.rpki-client.org