Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Wm0CnM3M7NtHaOhSPAD_0nGYbWI.roa
File: Wm0CnM3M7NtHaOhSPAD_0nGYbWI.roa (raw, json)
Hash identifier: arR04IPocQW+Az79xHXClExKF5/8FWV8Y4A9M8t9ATg=
Subject key identifier: 5A:6D:02:9C:CD:CC:EC:DB:47:68:E8:52:3C:00:FF:D2:71:98:6D:62
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018D2E321A7669850DA7749ABC11234B6A30
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Wm0CnM3M7NtHaOhSPAD_0nGYbWI.roa
Signing time: Sun 21 Jan 2024 22:44:11 +0000
ROA not before: Sun 21 Jan 2024 22:44:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216246
IP address blocks: 45.142.122.0/24 maxlen: 24
185.17.0.0/24 maxlen: 24
185.112.83.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.229.66.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2e:32:1a:76:69:85:0d:a7:74:9a:bc:11:23:4b:6a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 21 22:44:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a6d029ccdccecdb4768e8523c00ffd271986d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0a:45:60:f3:0b:e8:e2:13:0c:95:94:7a:78:
c0:09:53:10:75:ea:dd:fe:20:9f:f7:b5:af:a1:a7:
ff:70:cb:7b:62:42:c5:dc:86:08:03:7b:ef:48:59:
fd:26:5c:46:0d:d9:1d:32:b9:b5:3c:7e:94:e1:3e:
6d:4a:7f:37:2c:d1:ea:d0:38:6f:ac:f6:72:41:8e:
23:59:5a:35:0d:e4:18:85:5c:a1:ca:d4:8d:a8:62:
04:06:61:c1:9c:5f:b0:ae:4b:d3:10:2f:85:7a:75:
b3:1c:5d:7d:e3:8b:93:64:52:64:b3:08:4f:85:ad:
09:0b:45:3a:a1:b4:14:6e:a1:05:b2:73:14:e0:c2:
62:a0:3c:18:d9:18:86:72:6f:4d:88:54:3b:50:3a:
44:6e:a3:d8:01:1d:9b:44:6b:77:99:41:6a:21:d9:
bc:1a:49:49:73:6d:d1:aa:f8:59:29:b4:3c:82:66:
98:87:54:77:6f:57:cc:c7:6a:94:4d:9c:6f:ee:a4:
7e:e4:bb:1f:53:73:05:11:81:7a:4a:7d:4d:cc:5d:
f8:57:ca:43:65:b6:78:0b:03:34:0d:2f:b3:b1:2e:
e1:3e:18:02:68:4f:a7:73:bf:68:c8:4a:48:8e:ab:
06:38:ff:5d:a8:19:e3:67:30:29:10:d7:89:a1:5a:
85:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6D:02:9C:CD:CC:EC:DB:47:68:E8:52:3C:00:FF:D2:71:98:6D:62
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Wm0CnM3M7NtHaOhSPAD_0nGYbWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.122.0/24
185.17.0.0/24
185.112.83.0/24
185.174.136.0/24
185.229.66.0/24
194.67.201.0/24
Signature Algorithm: sha256WithRSAEncryption
28:a5:9f:dc:1d:9e:5f:db:7c:99:cd:a1:61:33:e9:82:e9:57:
61:83:5f:70:c2:d4:cf:4b:92:f4:4d:66:52:c1:ba:2d:f9:87:
96:17:62:02:55:3c:fb:da:43:11:7d:60:10:eb:77:5b:01:36:
7c:19:39:a8:e8:d5:08:01:1a:cc:47:e4:26:c6:b0:df:f7:f5:
f9:a5:28:49:f9:f1:1d:66:b8:15:72:11:c9:65:50:52:63:67:
a6:3b:76:5c:9f:e4:0c:8d:04:c0:1b:16:9e:25:42:bf:59:59:
6c:12:95:a0:c9:4f:c4:21:da:58:13:3b:d5:d7:2c:aa:82:ca:
91:9d:5b:1d:60:cf:0f:1f:d9:ce:37:a8:cd:7e:4d:d1:69:51:
d4:06:d7:c7:41:55:8a:8d:ff:5b:95:c4:ba:a6:b0:84:61:b9:
da:9d:2f:f6:d1:df:ee:b4:1e:04:5e:ea:f4:2e:76:74:c4:71:
75:b7:7a:99:9b:51:45:80:d1:36:42:ce:03:ee:f9:35:f8:dd:
0e:67:e3:36:4e:50:22:d3:7e:47:57:31:37:42:80:86:f2:8d:
e6:9e:b9:11:e4:6a:97:97:42:1b:e9:a0:8e:3a:01:62:1a:9f:
9d:8f:75:ff:b5:95:91:9a:a8:bf:16:34:66:e4:ae:79:35:86:
08:5f:c5:80
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY0uMhp2aYUNp3SavBEjS2owMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTIxMjI0NDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTZkMDI5Y2NkY2NlY2RiNDc2OGU4NTIzYzAwZmZkMjcxOTg2ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQpFYPML6OITDJWUenjACVMQderd
/iCf97Wvoaf/cMt7YkLF3IYIA3vvSFn9JlxGDdkdMrm1PH6U4T5tSn83LNHq0Dhv
rPZyQY4jWVo1DeQYhVyhytSNqGIEBmHBnF+wrkvTEC+FenWzHF1944uTZFJkswhP
ha0JC0U6obQUbqEFsnMU4MJioDwY2RiGcm9NiFQ7UDpEbqPYAR2bRGt3mUFqIdm8
GklJc23RqvhZKbQ8gmaYh1R3b1fMx2qUTZxv7qR+5LsfU3MFEYF6Sn1NzF34V8pD
ZbZ4CwM0DS+zsS7hPhgCaE+nc79oyEpIjqsGOP9dqBnjZzApENeJoVqFEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFptApzNzOzbR2joUjwA/9JxmG1iMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvV20wQ25NM003TnRIYU9oU1BBRF8wbkdZYldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALY56AwQA
uREAAwQAuXBTAwQAua6IAwQAueVCAwQAwkPJMA0GCSqGSIb3DQEBCwUAA4IBAQAo
pZ/cHZ5f23yZzaFhM+mC6Vdhg19wwtTPS5L0TWZSwbot+YeWF2ICVTz72kMRfWAQ
63dbATZ8GTmo6NUIARrMR+QmxrDf9/X5pShJ+fEdZrgVchHJZVBSY2emO3Zcn+QM
jQTAGxaeJUK/WVlsEpWgyU/EIdpYEzvV1yyqgsqRnVsdYM8PH9nON6jNfk3RaVHU
BtfHQVWKjf9blcS6prCEYbnanS/20d/utB4EXur0LnZ0xHF1t3qZm1FFgNE2Qs4D
7vk1+N0OZ+M2TlAi035HVzE3QoCG8o3mnrkR5GqXl0Ib6aCOOgFiGp+dj3X/tZWR
mqi/FjRm5K55NYYIX8WA
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:08:52 2024 by rpki-client on console-fra.rpki-client.org