Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/waV-YDs4RU3KLvpohNOK1CVY2ik.roa
File: waV-YDs4RU3KLvpohNOK1CVY2ik.roa (raw, json)
Hash identifier: nl0rTkyfJf7zrtwF/ihO0Jh9PsEKHpl+nT2GyfBjqCk=
Subject key identifier: C1:A5:7E:60:3B:38:45:4D:CA:2E:FA:68:84:D3:8A:D4:25:58:DA:29
Certificate issuer: /CN=a65fbcb4ea308a98b09397625e63866383c16dd0
Certificate serial: 019297CB8BCE0E7E3D6BE69A38BEFA1EB08C
Authority key identifier: A6:5F:BC:B4:EA:30:8A:98:B0:93:97:62:5E:63:86:63:83:C1:6D:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pl-8tOowipiwk5diXmOGY4PBbdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/waV-YDs4RU3KLvpohNOK1CVY2ik.roa
Signing time: Thu 17 Oct 2024 00:05:52 +0000
ROA not before: Thu 17 Oct 2024 00:05:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32708
IP address blocks: 45.65.44.0/22 maxlen: 22
45.65.44.0/24 maxlen: 24
45.65.45.0/24 maxlen: 24
45.65.46.0/23 maxlen: 23
45.65.47.0/24 maxlen: 24
85.92.100.0/22 maxlen: 22
85.92.100.0/24 maxlen: 24
85.92.101.0/24 maxlen: 24
85.92.102.0/24 maxlen: 24
85.92.103.0/24 maxlen: 24
103.91.56.0/22 maxlen: 22
103.91.56.0/24 maxlen: 24
103.91.57.0/24 maxlen: 24
103.91.58.0/24 maxlen: 24
103.91.59.0/24 maxlen: 24
103.108.188.0/23 maxlen: 23
103.108.188.0/24 maxlen: 24
103.108.189.0/24 maxlen: 24
103.115.204.0/23 maxlen: 23
103.115.204.0/24 maxlen: 24
103.115.205.0/24 maxlen: 24
103.143.86.0/23 maxlen: 23
103.143.86.0/24 maxlen: 24
103.143.87.0/24 maxlen: 24
103.211.0.0/22 maxlen: 22
103.211.0.0/24 maxlen: 24
103.211.1.0/24 maxlen: 24
103.211.2.0/24 maxlen: 24
103.211.3.0/24 maxlen: 24
123.253.104.0/22 maxlen: 22
123.253.104.0/24 maxlen: 24
123.253.105.0/24 maxlen: 24
123.253.106.0/24 maxlen: 24
123.253.107.0/24 maxlen: 24
185.211.78.0/24 maxlen: 24
2a0d:b8c0::/48 maxlen: 48
2a0d:b8c0:1::/48 maxlen: 48
2a11:b000:1::/48 maxlen: 48
2a11:b000:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/pl-8tOowipiwk5diXmOGY4PBbdA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/pl-8tOowipiwk5diXmOGY4PBbdA.mft
rsync://rpki.ripe.net/repository/DEFAULT/pl-8tOowipiwk5diXmOGY4PBbdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:97:cb:8b:ce:0e:7e:3d:6b:e6:9a:38:be:fa:1e:b0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65fbcb4ea308a98b09397625e63866383c16dd0
Validity
Not Before: Oct 17 00:05:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1a57e603b38454dca2efa6884d38ad42558da29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ad:60:a1:1f:33:80:67:4e:53:7f:57:93:a0:
bd:13:0f:c8:78:87:b1:06:77:fe:39:ed:bc:8e:02:
03:f1:14:0d:f7:60:48:69:35:fc:12:cd:69:a7:c5:
fa:bf:a7:eb:13:84:bc:e5:25:f0:77:ed:57:d0:51:
2c:39:8f:bb:dc:e8:4d:40:a3:13:e2:47:ab:95:23:
33:e0:ba:01:08:14:13:96:bd:4a:34:b7:8e:77:64:
51:c8:f7:3f:9a:5c:f7:dc:b8:9a:9a:ad:d3:88:d6:
7d:9d:3e:9d:58:a8:48:32:ee:5c:24:df:5e:54:35:
2e:86:a2:9a:76:5e:a6:3d:60:12:a2:7f:be:07:e4:
ce:ca:62:a4:31:2a:80:3c:0b:98:33:77:5b:75:8d:
0e:5e:50:8e:1a:a8:a7:ac:73:6e:4e:bc:c3:bd:58:
0c:f7:97:da:24:16:bb:27:c6:35:c8:32:3e:76:e5:
9e:0c:91:74:5e:d1:6d:1b:15:46:59:44:56:d7:0c:
9d:3c:29:6a:c1:06:0b:b4:fe:3b:be:f4:a6:42:48:
97:7c:93:6e:46:31:a4:2b:6d:78:2a:2d:e2:6b:ef:
fb:18:7b:49:1b:b5:ca:b1:b3:d4:29:7b:76:92:a4:
c2:71:20:c2:71:45:21:6a:51:28:f0:50:37:c7:42:
63:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A5:7E:60:3B:38:45:4D:CA:2E:FA:68:84:D3:8A:D4:25:58:DA:29
X509v3 Authority Key Identifier:
keyid:A6:5F:BC:B4:EA:30:8A:98:B0:93:97:62:5E:63:86:63:83:C1:6D:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pl-8tOowipiwk5diXmOGY4PBbdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/waV-YDs4RU3KLvpohNOK1CVY2ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/pl-8tOowipiwk5diXmOGY4PBbdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.44.0/22
85.92.100.0/22
103.91.56.0/22
103.108.188.0/23
103.115.204.0/23
103.143.86.0/23
103.211.0.0/22
123.253.104.0/22
185.211.78.0/24
IPv6:
2a0d:b8c0::/47
2a11:b000:1::-2a11:b000:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ac:8c:cb:8f:fa:5b:56:0a:f7:58:7f:08:8e:77:dc:16:85:a6:
e3:01:b9:53:9a:14:b3:92:eb:32:56:3d:41:fc:13:9b:b4:21:
86:b3:0e:8e:36:b0:6b:5c:52:63:59:9d:1c:22:5f:fc:99:cd:
01:5f:48:44:89:ed:75:f9:7d:69:8b:1e:04:cc:9e:ba:61:9e:
ba:de:2e:e4:5a:52:b2:3a:de:b7:b0:6a:9f:c0:3d:b8:9d:87:
86:d2:d9:03:2b:61:39:f6:ae:2d:71:21:9a:d8:32:eb:24:1c:
81:a5:2e:8c:81:ad:39:bc:8d:4c:47:a9:02:70:55:37:bb:ad:
0a:b8:f6:87:34:4b:e6:15:e2:37:2b:63:51:4c:6b:56:68:40:
6e:f1:8c:d7:c8:2b:e6:6a:d5:18:97:63:04:47:82:33:e5:2f:
f1:63:04:0a:75:5f:37:4e:9d:ae:71:5a:1d:8a:8a:f2:e6:59:
b7:24:f1:7f:97:ef:d7:c0:9c:b3:a2:98:79:e9:01:bd:68:8e:
28:df:3a:3c:30:57:c4:c0:75:04:29:38:79:3e:3e:e3:ba:8a:
6e:00:a8:a4:c6:d3:0f:50:48:25:ce:07:82:81:0c:bc:8d:0a:
ed:ab:c9:5a:cc:c4:67:37:37:ca:f5:b8:eb:04:59:1e:54:62:
bb:4a:61:6f
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZKXy4vODn49a+aaOL76HrCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NWZiY2I0ZWEzMDhhOThiMDkzOTc2MjVlNjM4NjYzODNj
MTZkZDAwHhcNMjQxMDE3MDAwNTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWE1N2U2MDNiMzg0NTRkY2EyZWZhNjg4NGQzOGFkNDI1NThkYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs61goR8zgGdOU39Xk6C9Ew/IeIex
Bnf+Oe28jgID8RQN92BIaTX8Es1pp8X6v6frE4S85SXwd+1X0FEsOY+73OhNQKMT
4kerlSMz4LoBCBQTlr1KNLeOd2RRyPc/mlz33Liamq3TiNZ9nT6dWKhIMu5cJN9e
VDUuhqKadl6mPWASon++B+TOymKkMSqAPAuYM3dbdY0OXlCOGqinrHNuTrzDvVgM
95faJBa7J8Y1yDI+duWeDJF0XtFtGxVGWURW1wydPClqwQYLtP47vvSmQkiXfJNu
RjGkK214Ki3ia+/7GHtJG7XKsbPUKXt2kqTCcSDCcUUhalEo8FA3x0JjfQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFMGlfmA7OEVNyi76aITTitQlWNopMB8GA1UdIwQY
MBaAFKZfvLTqMIqYsJOXYl5jhmODwW3QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGwtOHRPb3dpcGl3azVkaVhtT0dZNFBCYmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9mNzIzMWQtYzU2MS00YWEyLWI4MGUt
NjJkNDJmZTZmZDNjLzEvd2FWLVlEczRSVTNLTHZwb2hOT0sxQ1ZZMmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9mNzIzMWQtYzU2MS00YWEyLWI4MGUtNjJkNDJmZTZmZDNj
LzEvcGwtOHRPb3dpcGl3azVkaVhtT0dZNFBCYmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzA8BAIAATA2AwQCLUEsAwQC
VVxkAwQCZ1s4AwQBZ2y8AwQBZ3PMAwQBZ49WAwQCZ9MAAwQCe/1oAwQAudNOMCME
AgACMB0DBwEqDbjAAAAwEgMHACoRsAAAAQMHACoRsAAAAjANBgkqhkiG9w0BAQsF
AAOCAQEArIzLj/pbVgr3WH8IjnfcFoWm4wG5U5oUs5LrMlY9QfwTm7QhhrMOjjaw
a1xSY1mdHCJf/JnNAV9IRIntdfl9aYseBMyeumGeut4u5FpSsjret7Bqn8A9uJ2H
htLZAythOfauLXEhmtgy6yQcgaUujIGtObyNTEepAnBVN7utCrj2hzRL5hXiNytj
UUxrVmhAbvGM18gr5mrVGJdjBEeCM+Uv8WMECnVfN06drnFaHYqK8uZZtyTxf5fv
18Ccs6KYeekBvWiOKN86PDBXxMB1BCk4eT4+47qKbgCopMbTD1BIJc4HgoEMvI0K
7avJWszEZzc3yvW46wRZHlRiu0phbw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:30:04 2024 by rpki-client on console-ams.rpki-client.org