Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/WzPXO7PxsN1YNBHmDVszV56sKso.roa
File: WzPXO7PxsN1YNBHmDVszV56sKso.roa (raw, json)
Hash identifier: TUnA69hvmT+IOh1JARJCgyPA9aHb3ztmOU83V5qOXRs=
Subject key identifier: 5B:33:D7:3B:B3:F1:B0:DD:58:34:11:E6:0D:5B:33:57:9E:AC:2A:CA
Certificate issuer: /CN=04a5ec5f52668be50b4518b687cf8bd95930ae39
Certificate serial: 018CC4938BD2E025FF5C4AF48C1A4B3E98FD
Authority key identifier: 04:A5:EC:5F:52:66:8B:E5:0B:45:18:B6:87:CF:8B:D9:59:30:AE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/WzPXO7PxsN1YNBHmDVszV56sKso.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25415
IP address blocks: 185.60.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8b:d2:e0:25:ff:5c:4a:f4:8c:1a:4b:3e:98:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a5ec5f52668be50b4518b687cf8bd95930ae39
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b33d73bb3f1b0dd583411e60d5b33579eac2aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:03:a9:a8:56:62:a5:9b:04:b6:0f:20:6e:b5:
dc:86:27:e6:20:3f:55:0d:40:54:97:cd:40:be:9c:
ea:6f:02:f6:17:17:ea:8a:01:db:78:9f:44:e6:5b:
59:97:f2:8c:5f:1a:a3:f7:49:14:d9:00:b3:b8:f9:
90:5c:b0:1c:8f:81:4a:53:55:81:42:f3:69:88:f6:
4b:c9:75:3b:59:a8:ad:03:37:46:03:d0:52:28:26:
38:96:f9:e5:ed:be:80:3c:7a:2e:22:d4:68:09:2a:
9b:12:e4:26:94:39:eb:69:c3:ca:39:41:93:36:21:
f1:69:a2:43:b2:b9:ad:03:6d:f7:f7:8d:09:2f:ce:
6d:55:c7:ff:c3:f6:30:31:a4:3c:87:c4:bd:25:38:
9a:13:fc:8e:92:e0:78:d8:fb:00:82:da:06:51:d2:
5d:ea:00:97:d2:2c:4e:e3:6e:d6:71:70:88:2e:4a:
c8:67:30:2c:95:05:d3:be:7b:6a:ff:8a:6e:f1:e3:
5a:ef:68:2f:90:69:52:a5:ff:ba:a0:41:ec:fb:33:
78:83:33:d3:94:01:b5:11:24:8d:98:fe:ac:51:6b:
a0:e6:66:df:7b:76:64:a5:50:38:50:1b:56:f0:33:
9a:0d:0e:00:08:eb:fc:8d:aa:02:93:3a:21:c1:97:
30:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:33:D7:3B:B3:F1:B0:DD:58:34:11:E6:0D:5B:33:57:9E:AC:2A:CA
X509v3 Authority Key Identifier:
keyid:04:A5:EC:5F:52:66:8B:E5:0B:45:18:B6:87:CF:8B:D9:59:30:AE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/WzPXO7PxsN1YNBHmDVszV56sKso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/00e33e-fd74-4583-984e-c6b84cc58610/1/BKXsX1Jmi-ULRRi2h8-L2Vkwrjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.21.0/24
Signature Algorithm: sha256WithRSAEncryption
70:ac:04:a1:b9:fe:66:98:d1:14:d3:26:db:88:c6:8f:9e:00:
29:4f:fa:07:67:0d:85:4c:c6:80:b8:93:88:17:a7:f2:5b:85:
02:c7:94:e1:1d:b9:b7:f2:87:0b:cd:e7:4b:88:11:8e:2d:51:
05:ff:25:e6:68:60:cc:05:e3:98:6b:3d:40:ed:40:18:e9:b5:
2f:34:8e:5c:f0:81:e8:90:ed:0d:ee:93:76:b4:8e:af:72:c9:
ce:27:26:5f:9a:50:ed:65:0e:a6:da:c3:37:34:b1:44:fd:4e:
4d:95:c4:68:af:89:17:e7:69:99:1f:78:8e:41:39:c9:27:b7:
d8:ae:89:7c:4c:ff:b7:5e:16:e4:ec:e0:e8:ba:54:de:75:ee:
53:03:2b:40:ea:3d:c3:56:84:32:e7:d1:94:89:33:1c:51:c3:
e3:23:23:08:99:6a:ad:42:ae:63:79:46:93:c0:93:cf:17:c7:
51:b8:b4:f2:2f:c4:1a:01:0c:49:e4:f4:ff:1e:e4:c8:34:16:
2d:16:54:31:c7:41:b6:74:1c:ed:36:67:86:3a:ba:b3:bb:de:
87:1a:72:27:5f:8e:83:3a:6f:a5:42:37:06:8f:b7:8c:45:a9:
b7:0d:81:54:1f:9f:8c:0c:02:9d:57:7f:2b:fa:88:bc:b7:d0:
7f:5c:2e:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk4vS4CX/XEr0jBpLPpj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTVlYzVmNTI2NjhiZTUwYjQ1MThiNjg3Y2Y4YmQ5NTkz
MGFlMzkwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjMzZDczYmIzZjFiMGRkNTgzNDExZTYwZDViMzM1NzllYWMyYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwOpqFZipZsEtg8gbrXchifmID9V
DUBUl81AvpzqbwL2FxfqigHbeJ9E5ltZl/KMXxqj90kU2QCzuPmQXLAcj4FKU1WB
QvNpiPZLyXU7WaitAzdGA9BSKCY4lvnl7b6APHouItRoCSqbEuQmlDnracPKOUGT
NiHxaaJDsrmtA233940JL85tVcf/w/YwMaQ8h8S9JTiaE/yOkuB42PsAgtoGUdJd
6gCX0ixO427WcXCILkrIZzAslQXTvntq/4pu8eNa72gvkGlSpf+6oEHs+zN4gzPT
lAG1ESSNmP6sUWug5mbfe3ZkpVA4UBtW8DOaDQ4ACOv8jaoCkzohwZcwgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsz1zuz8bDdWDQR5g1bM1eerCrKMB8GA1UdIwQY
MBaAFASl7F9SZovlC0UYtofPi9lZMK45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktYc1gxSm1pLVVMUlJpMmg4LUwyVmt3cmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8wMGUzM2UtZmQ3NC00NTgzLTk4NGUt
YzZiODRjYzU4NjEwLzEvV3pQWE83UHhzTjFZTkJIbURWc3pWNTZzS3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8wMGUzM2UtZmQ3NC00NTgzLTk4NGUtYzZiODRjYzU4NjEw
LzEvQktYc1gxSm1pLVVMUlJpMmg4LUwyVmt3cmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTwVMA0G
CSqGSIb3DQEBCwUAA4IBAQBwrAShuf5mmNEU0ybbiMaPngApT/oHZw2FTMaAuJOI
F6fyW4UCx5ThHbm38ocLzedLiBGOLVEF/yXmaGDMBeOYaz1A7UAY6bUvNI5c8IHo
kO0N7pN2tI6vcsnOJyZfmlDtZQ6m2sM3NLFE/U5NlcRor4kX52mZH3iOQTnJJ7fY
rol8TP+3Xhbk7ODoulTede5TAytA6j3DVoQy59GUiTMcUcPjIyMImWqtQq5jeUaT
wJPPF8dRuLTyL8QaAQxJ5PT/HuTINBYtFlQxx0G2dBztNmeGOrqzu96HGnInX46D
Om+lQjcGj7eMRam3DYFUH5+MDAKdV38r+oi8t9B/XC4y
-----END CERTIFICATE-----
Generated at Fri May 17 18:46:38 2024 by rpki-client on console-ams.rpki-client.org