Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/wFNgIS4CIN10Qr9ru59SFhTzw5E.roa
File: wFNgIS4CIN10Qr9ru59SFhTzw5E.roa (raw, json)
Hash identifier: D/tIzyfvRQOytNT6WwB/ijA+Z+DbAvuF7aOWfUR3JwE=
Subject key identifier: C0:53:60:21:2E:02:20:DD:74:42:BF:6B:BB:9F:52:16:14:F3:C3:91
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 018CC6B7817E87F37A274434312ECCB81823
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/wFNgIS4CIN10Qr9ru59SFhTzw5E.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58653
IP address blocks: 192.157.15.0/24 maxlen: 24
192.157.14.0/24 maxlen: 24
153.112.224.0/22 maxlen: 22
153.112.228.0/22 maxlen: 22
193.53.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:81:7e:87:f3:7a:27:44:34:31:2e:cc:b8:18:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c05360212e0220dd7442bf6bbb9f521614f3c391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d3:05:a6:f8:13:c0:25:70:fd:97:ab:d4:8f:
7a:51:79:54:65:a2:6a:25:4d:6f:bb:36:3c:cb:ba:
bf:f1:57:0a:4d:48:f8:8b:61:dd:b4:ab:53:38:00:
0b:5b:62:88:b5:56:02:09:3c:6c:af:f8:79:f8:30:
57:fb:35:58:8f:df:fd:8b:9e:1e:87:31:86:ee:7f:
71:1f:7a:41:66:d1:6c:d1:62:8a:d7:2d:df:60:99:
53:76:a1:ac:94:69:04:b7:11:3d:b8:a7:1e:20:ff:
97:7e:bb:37:14:43:2c:9c:7e:21:49:c0:cf:ac:61:
bd:82:69:e9:e0:fd:b3:6d:b4:d8:f5:51:22:de:e2:
af:60:42:e8:7d:16:92:6d:f0:c9:76:1b:21:18:58:
85:67:9f:b2:60:56:4f:3d:6c:15:2a:6f:2d:b5:d8:
93:5d:10:06:be:2d:de:43:dc:bf:97:d9:bf:70:e1:
f1:06:02:4a:06:08:d2:70:91:c8:db:cb:18:fb:51:
80:ba:3e:6b:38:1a:c4:93:b3:56:b8:45:01:88:61:
52:68:60:c6:26:55:c2:1e:73:e4:5c:b2:29:2e:1d:
d7:94:25:f4:71:9d:d3:fe:f5:6a:d5:88:4c:da:5a:
36:31:a3:e0:52:a9:b3:f1:7f:76:29:1c:ec:5f:49:
80:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:53:60:21:2E:02:20:DD:74:42:BF:6B:BB:9F:52:16:14:F3:C3:91
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/wFNgIS4CIN10Qr9ru59SFhTzw5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.224.0/21
192.157.14.0/23
193.53.29.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:15:ca:82:15:ae:ef:5c:1f:ac:39:f9:bc:6f:86:03:af:d2:
d6:87:35:e6:f2:87:0d:35:95:16:f3:45:22:96:ab:f0:15:4f:
61:c6:58:6c:74:74:aa:bc:7d:bf:e9:99:6c:2b:4b:cf:3c:c4:
92:37:9c:23:73:91:e8:c8:ce:38:f7:06:30:56:0b:04:45:f4:
d3:5b:00:64:d4:d2:5d:d5:59:44:88:82:4f:3a:39:10:f4:86:
31:35:cd:19:5f:3d:0b:24:04:b3:bd:69:68:5c:b9:41:08:af:
7b:94:4e:47:40:3c:fc:af:82:d0:5c:21:58:61:b2:b2:7b:f2:
99:3b:fc:9b:a0:95:e8:a7:54:1d:89:51:f7:b5:7a:3c:19:b0:
57:14:6a:de:72:09:1b:1b:a5:62:0a:9f:dd:d5:86:54:7f:07:
da:28:ed:6d:de:dc:ac:82:2d:fa:86:b4:f4:9c:d5:20:91:7a:
00:e2:50:e6:8e:ba:25:06:83:8b:1d:83:61:85:6f:e1:2a:ca:
58:b3:f7:23:e7:7e:4d:e0:92:8d:e1:e7:81:ba:d4:41:fe:5a:
b9:26:2c:56:f4:1f:6f:5b:b6:90:cd:97:8c:50:40:4e:33:bc:
54:58:27:80:ac:b4:17:c4:73:fc:de:5e:3b:b2:cb:67:b7:ec:
b7:65:7c:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGt4F+h/N6J0Q0MS7MuBgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDUzNjAyMTJlMDIyMGRkNzQ0MmJmNmJiYjlmNTIxNjE0ZjNjMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtMFpvgTwCVw/Zer1I96UXlUZaJq
JU1vuzY8y7q/8VcKTUj4i2HdtKtTOAALW2KItVYCCTxsr/h5+DBX+zVYj9/9i54e
hzGG7n9xH3pBZtFs0WKK1y3fYJlTdqGslGkEtxE9uKceIP+Xfrs3FEMsnH4hScDP
rGG9gmnp4P2zbbTY9VEi3uKvYELofRaSbfDJdhshGFiFZ5+yYFZPPWwVKm8ttdiT
XRAGvi3eQ9y/l9m/cOHxBgJKBgjScJHI28sY+1GAuj5rOBrEk7NWuEUBiGFSaGDG
JlXCHnPkXLIpLh3XlCX0cZ3T/vVq1YhM2lo2MaPgUqmz8X92KRzsX0mA5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMBTYCEuAiDddEK/a7ufUhYU88ORMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvd0ZOZ0lTNENJTjEwUXI5cnU1OVNGaFR6dzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDmXDgAwQB
wJ0OAwQAwTUdMA0GCSqGSIb3DQEBCwUAA4IBAQBaFcqCFa7vXB+sOfm8b4YDr9LW
hzXm8ocNNZUW80UilqvwFU9hxlhsdHSqvH2/6ZlsK0vPPMSSN5wjc5HoyM449wYw
VgsERfTTWwBk1NJd1VlEiIJPOjkQ9IYxNc0ZXz0LJASzvWloXLlBCK97lE5HQDz8
r4LQXCFYYbKye/KZO/yboJXop1QdiVH3tXo8GbBXFGrecgkbG6ViCp/d1YZUfwfa
KO1t3tysgi36hrT0nNUgkXoA4lDmjrolBoOLHYNhhW/hKspYs/cj535N4JKN4eeB
utRB/lq5JixW9B9vW7aQzZeMUEBOM7xUWCeArLQXxHP83l47sstnt+y3ZXwC
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:24:38 2024 by rpki-client on console-ams.rpki-client.org