Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f59ee1-6afe-4e38-b995-419b5723eef9/1/wvdynAJlKFHjoAQqfBhIg9B5o_M.roa
File: wvdynAJlKFHjoAQqfBhIg9B5o_M.roa (raw, json)
Hash identifier: uumJHVTjKCv1ZOpLhWWc03ZZkFRGOo3iTIaLrWJtwLc=
Subject key identifier: C2:F7:72:9C:02:65:28:51:E3:A0:04:2A:7C:18:48:83:D0:79:A3:F3
Certificate issuer: /CN=099f12f3fa7311cd993ab6bc5bb29a1bf2ad48a1
Certificate serial: 018CC3B6AF5DC43593438C4D377768742CBA
Authority key identifier: 09:9F:12:F3:FA:73:11:CD:99:3A:B6:BC:5B:B2:9A:1B:F2:AD:48:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZ8S8_pzEc2ZOra8W7KaG_KtSKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/f59ee1-6afe-4e38-b995-419b5723eef9/1/wvdynAJlKFHjoAQqfBhIg9B5o_M.roa
Signing time: Mon 01 Jan 2024 06:29:38 +0000
ROA not before: Mon 01 Jan 2024 06:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49250
IP address blocks: 45.149.248.0/23 maxlen: 23
45.149.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/f59ee1-6afe-4e38-b995-419b5723eef9/1/CZ8S8_pzEc2ZOra8W7KaG_KtSKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/f59ee1-6afe-4e38-b995-419b5723eef9/1/CZ8S8_pzEc2ZOra8W7KaG_KtSKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZ8S8_pzEc2ZOra8W7KaG_KtSKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:af:5d:c4:35:93:43:8c:4d:37:77:68:74:2c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099f12f3fa7311cd993ab6bc5bb29a1bf2ad48a1
Validity
Not Before: Jan 1 06:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2f7729c02652851e3a0042a7c184883d079a3f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:10:93:ab:c1:fa:b3:da:cc:1b:c4:94:c0:9e:
5c:a4:21:c2:b9:42:ee:e1:4c:86:f8:0d:f8:f0:bf:
71:45:4f:96:fc:10:7f:ee:2b:f1:a4:88:7d:27:aa:
4b:47:24:b8:ee:d7:8f:fa:67:eb:9d:97:86:c0:d0:
74:48:bf:86:56:57:3c:bb:b7:18:53:f3:15:9c:e8:
5e:5a:dd:a0:87:d9:54:2b:b5:36:8c:fe:31:68:a7:
1d:9b:83:00:c0:e0:54:e8:1c:5b:0e:c3:3a:9d:63:
a3:d8:9b:90:2f:9d:93:5e:a1:16:7e:de:5e:3a:4c:
aa:db:1e:ee:3a:92:09:02:74:89:19:2d:3e:43:10:
66:6f:75:47:69:9b:98:a0:81:59:76:f6:ab:39:c3:
8a:8b:32:eb:97:29:f1:c9:63:ab:c1:7d:c3:e0:6b:
f1:b1:db:94:7d:05:3d:71:93:c2:c7:40:f0:48:e8:
81:11:09:66:79:df:8f:0c:2a:10:d3:23:32:08:44:
25:e1:08:80:f3:54:79:d1:c2:85:7f:23:4d:56:9e:
23:09:42:0b:14:cf:84:e3:1a:16:76:43:a6:03:1a:
9d:78:84:e1:4c:b5:18:07:ce:e4:16:d5:08:34:0f:
af:bd:5d:99:8f:9f:81:1e:51:24:4e:20:95:4a:a8:
19:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F7:72:9C:02:65:28:51:E3:A0:04:2A:7C:18:48:83:D0:79:A3:F3
X509v3 Authority Key Identifier:
keyid:09:9F:12:F3:FA:73:11:CD:99:3A:B6:BC:5B:B2:9A:1B:F2:AD:48:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZ8S8_pzEc2ZOra8W7KaG_KtSKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f59ee1-6afe-4e38-b995-419b5723eef9/1/wvdynAJlKFHjoAQqfBhIg9B5o_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f59ee1-6afe-4e38-b995-419b5723eef9/1/CZ8S8_pzEc2ZOra8W7KaG_KtSKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.248.0-45.149.250.255
Signature Algorithm: sha256WithRSAEncryption
72:61:1d:8a:24:1e:dd:8e:3e:d9:74:c0:d6:0d:3a:97:60:95:
57:0f:10:bc:ff:70:85:da:3e:74:65:6f:d5:97:37:d9:de:91:
04:38:24:b5:02:11:a5:b7:94:ef:3f:9a:84:45:42:72:a1:ab:
de:31:bd:79:bc:39:54:00:71:d4:24:fd:06:88:f2:7a:17:19:
28:e9:85:fb:43:60:13:0f:69:23:c4:93:30:a1:7e:85:e0:1f:
26:8c:65:8f:8f:93:00:c9:c4:22:1e:83:91:ea:28:9e:99:44:
a3:09:22:f8:40:dc:73:57:ac:be:ec:03:6d:7b:52:14:3e:95:
7b:d9:7d:8d:68:08:5d:96:91:96:6b:92:10:68:b0:08:4b:09:
40:7a:ac:32:ab:d3:21:b8:c6:f3:b2:02:d2:31:06:dd:07:94:
22:d6:ff:47:8b:ad:99:5e:27:78:ca:09:e6:82:96:82:e5:5d:
fa:ab:eb:c4:77:f0:ee:b5:19:b3:a8:6a:7e:91:33:e8:d4:0f:
20:4a:42:bc:a0:5f:e2:42:14:6d:cb:e1:f2:15:68:34:60:85:
b7:0e:c6:3b:49:e0:fc:2e:54:7d:bf:3e:6c:b0:15:aa:6f:45:
63:2c:cc:37:9d:bc:e2:df:13:9b:74:cf:de:8a:c0:81:7c:15:
1b:66:be:62
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDtq9dxDWTQ4xNN3dodCy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWYxMmYzZmE3MzExY2Q5OTNhYjZiYzViYjI5YTFiZjJh
ZDQ4YTEwHhcNMjQwMTAxMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmY3NzI5YzAyNjUyODUxZTNhMDA0MmE3YzE4NDg4M2QwNzlhM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBCTq8H6s9rMG8SUwJ5cpCHCuULu
4UyG+A348L9xRU+W/BB/7ivxpIh9J6pLRyS47teP+mfrnZeGwNB0SL+GVlc8u7cY
U/MVnOheWt2gh9lUK7U2jP4xaKcdm4MAwOBU6BxbDsM6nWOj2JuQL52TXqEWft5e
Okyq2x7uOpIJAnSJGS0+QxBmb3VHaZuYoIFZdvarOcOKizLrlynxyWOrwX3D4Gvx
sduUfQU9cZPCx0DwSOiBEQlmed+PDCoQ0yMyCEQl4QiA81R50cKFfyNNVp4jCUIL
FM+E4xoWdkOmAxqdeIThTLUYB87kFtUINA+vvV2Zj5+BHlEkTiCVSqgZHwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFML3cpwCZShR46AEKnwYSIPQeaPzMB8GA1UdIwQY
MBaAFAmfEvP6cxHNmTq2vFuymhvyrUihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1o4UzhfcHpFYzJaT3JhOFc3S2FHX0t0U0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mNTllZTEtNmFmZS00ZTM4LWI5OTUt
NDE5YjU3MjNlZWY5LzEvd3ZkeW5BSmxLRkhqb0FRcWZCaElnOUI1b19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mNTllZTEtNmFmZS00ZTM4LWI5OTUtNDE5YjU3MjNlZWY5
LzEvQ1o4UzhfcHpFYzJaT3JhOFc3S2FHX0t0U0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMtlfgD
BAAtlfowDQYJKoZIhvcNAQELBQADggEBAHJhHYokHt2OPtl0wNYNOpdglVcPELz/
cIXaPnRlb9WXN9nekQQ4JLUCEaW3lO8/moRFQnKhq94xvXm8OVQAcdQk/QaI8noX
GSjphftDYBMPaSPEkzChfoXgHyaMZY+PkwDJxCIeg5HqKJ6ZRKMJIvhA3HNXrL7s
A217UhQ+lXvZfY1oCF2WkZZrkhBosAhLCUB6rDKr0yG4xvOyAtIxBt0HlCLW/0eL
rZleJ3jKCeaCloLlXfqr68R38O61GbOoan6RM+jUDyBKQrygX+JCFG3L4fIVaDRg
hbcOxjtJ4PwuVH2/PmywFapvRWMszDedvOLfE5t0z96KwIF8FRtmvmI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:17 2024 by rpki-client on console-fra.rpki-client.org