Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/wYLo5A5kujXgpc-VWYv8-KgETTc.roa
File: wYLo5A5kujXgpc-VWYv8-KgETTc.roa (raw, json)
Hash identifier: Yf1A1N2QAT8S1y+tqs5Vk1bVhsG0JInE6U6uUxU6X2g=
Subject key identifier: C1:82:E8:E4:0E:64:BA:35:E0:A5:CF:95:59:8B:FC:F8:A8:04:4D:37
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC1F1ACF5E6317B851D49B08596C8
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/wYLo5A5kujXgpc-VWYv8-KgETTc.roa
Signing time: Mon 01 Jan 2024 02:29:25 +0000
ROA not before: Mon 01 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47507
IP address blocks: 212.104.160.0/19 maxlen: 24
86.105.234.0/24 maxlen: 24
193.91.0.0/24 maxlen: 24
193.91.10.0/24 maxlen: 24
185.43.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jul 2024 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c1:f1:ac:f5:e6:31:7b:85:1d:49:b0:85:96:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c182e8e40e64ba35e0a5cf95598bfcf8a8044d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:20:7e:ef:1a:89:21:c7:6e:bf:30:ef:23:32:
ed:6e:0e:4d:95:43:d1:05:33:23:c2:85:d8:0d:3e:
10:be:1d:99:f3:b1:2a:a5:65:93:50:54:4f:29:60:
2a:28:77:70:90:8b:1b:d8:06:53:19:c2:93:68:ea:
a0:6a:3e:d2:2c:65:0a:2c:c7:04:86:d8:59:fa:e2:
00:c8:99:6b:01:38:0f:46:44:80:61:53:30:99:66:
5c:0a:70:57:52:6d:2b:1f:66:69:2a:ec:99:4c:72:
3f:fa:28:09:5d:77:54:81:ec:e8:10:cb:6d:5e:0b:
f5:54:1f:2a:e0:5f:ea:9f:25:2a:74:b8:34:de:67:
90:75:0f:6f:7c:0e:2a:2f:2b:d4:a0:a3:72:af:c2:
86:04:29:ca:db:3d:8c:ce:c4:f5:c8:d8:d6:da:4c:
84:21:d9:5c:52:fd:2c:d0:0c:f6:b6:46:68:26:15:
e6:dd:a1:4d:5a:4d:52:8b:fc:66:ec:e6:60:16:11:
6b:95:12:50:b3:5d:b3:c2:3f:e9:b2:29:a4:d3:a9:
fb:39:d4:64:65:3e:77:aa:dc:ec:33:15:ad:a0:0f:
cb:ea:af:26:d7:65:58:78:77:c4:05:22:2c:3a:f6:
03:f5:87:8c:74:e3:91:80:5b:62:8b:3b:a7:f0:bd:
fd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:82:E8:E4:0E:64:BA:35:E0:A5:CF:95:59:8B:FC:F8:A8:04:4D:37
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/wYLo5A5kujXgpc-VWYv8-KgETTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.234.0/24
185.43.252.0/22
193.91.0.0/24
193.91.10.0/24
212.104.160.0/19
Signature Algorithm: sha256WithRSAEncryption
57:b7:a9:e4:f9:2e:bb:35:c3:00:68:d1:e6:08:22:5c:98:4d:
d8:8f:47:e2:b8:a8:dc:b4:8b:0a:e3:97:28:d5:dd:b8:a4:e1:
98:eb:a5:99:fd:5b:bc:bc:39:4c:86:a6:13:34:73:1d:b5:57:
0e:49:74:76:23:31:31:ab:36:69:37:7f:9a:5c:9f:08:27:84:
30:a3:77:f0:db:6a:e0:00:dc:f0:9f:c2:c4:e2:69:86:21:fb:
68:a5:0a:53:ae:ef:6e:1a:cf:2d:60:89:52:7b:5b:3d:f4:7e:
27:42:5b:fd:14:08:7c:a4:76:f9:5f:5f:78:f8:62:2d:5c:c8:
60:35:cc:b2:79:f8:54:46:36:49:6a:c5:32:25:a1:94:d6:a7:
3c:e3:12:e1:9c:57:95:31:30:70:c6:b9:68:e9:8b:85:ee:0a:
97:c2:16:2c:d5:38:12:97:90:13:c2:1b:56:fc:3d:ee:82:7f:
98:ba:26:42:b4:7b:cc:da:0a:94:6f:65:88:62:09:57:4f:42:
c3:e5:86:dc:55:81:7e:31:db:bb:94:4c:fa:9e:fe:74:29:fd:
85:9b:67:c5:b8:b8:50:9a:05:39:96:3d:16:b8:5c:e9:69:39:
64:dc:3d:4a:68:d4:e3:b7:10:23:31:e5:56:aa:70:27:96:58:
76:d9:0d:91
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC2sHxrPXmMXuFHUmwhZbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTgyZThlNDBlNjRiYTM1ZTBhNWNmOTU1OThiZmNmOGE4MDQ0ZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSB+7xqJIcduvzDvIzLtbg5NlUPR
BTMjwoXYDT4Qvh2Z87EqpWWTUFRPKWAqKHdwkIsb2AZTGcKTaOqgaj7SLGUKLMcE
hthZ+uIAyJlrATgPRkSAYVMwmWZcCnBXUm0rH2ZpKuyZTHI/+igJXXdUgezoEMtt
Xgv1VB8q4F/qnyUqdLg03meQdQ9vfA4qLyvUoKNyr8KGBCnK2z2MzsT1yNjW2kyE
IdlcUv0s0Az2tkZoJhXm3aFNWk1Si/xm7OZgFhFrlRJQs12zwj/psimk06n7OdRk
ZT53qtzsMxWtoA/L6q8m12VYeHfEBSIsOvYD9YeMdOORgFtiizun8L39mwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMGC6OQOZLo14KXPlVmL/PioBE03MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvd1lMbzVBNWt1alhncGMtVldZdjgtS2dFVFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmnqAwQC
uSv8AwQAwVsAAwQAwVsKAwQF1GigMA0GCSqGSIb3DQEBCwUAA4IBAQBXt6nk+S67
NcMAaNHmCCJcmE3Yj0fiuKjctIsK45co1d24pOGY66WZ/Vu8vDlMhqYTNHMdtVcO
SXR2IzExqzZpN3+aXJ8IJ4Qwo3fw22rgANzwn8LE4mmGIftopQpTru9uGs8tYIlS
e1s99H4nQlv9FAh8pHb5X194+GItXMhgNcyyefhURjZJasUyJaGU1qc84xLhnFeV
MTBwxrlo6YuF7gqXwhYs1TgSl5ATwhtW/D3ugn+YuiZCtHvM2gqUb2WIYglXT0LD
5YbcVYF+Mdu7lEz6nv50Kf2Fm2fFuLhQmgU5lj0WuFzpaTlk3D1KaNTjtxAjMeVW
qnAnllh22Q2R
-----END CERTIFICATE-----
Generated at Sun Jul 7 06:11:48 2024 by rpki-client on console-ams.rpki-client.org