Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/WSiXGl0rnUXoY4JIZnpBwmNR9Cs.roa
File: WSiXGl0rnUXoY4JIZnpBwmNR9Cs.roa (raw, json)
Hash identifier: oII2Mov7V296ekHinkt1Ul5VG4cAviAily1Uj7GAJUU=
Subject key identifier: 59:28:97:1A:5D:2B:9D:45:E8:63:82:48:66:7A:41:C2:63:51:F4:2B
Certificate issuer: /CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Certificate serial: 018CC5DCD17634B25DDF5EA0FAEAD9A123FE
Authority key identifier: 43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/WSiXGl0rnUXoY4JIZnpBwmNR9Cs.roa
Signing time: Mon 01 Jan 2024 16:30:32 +0000
ROA not before: Mon 01 Jan 2024 16:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60185
IP address blocks: 185.2.245.0/24 maxlen: 24
185.2.244.0/23 maxlen: 23
185.2.244.0/22 maxlen: 22
185.2.246.0/24 maxlen: 24
185.2.246.0/23 maxlen: 23
185.2.244.0/24 maxlen: 24
185.2.247.0/24 maxlen: 24
2a02:4440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/Q68umH0rY63apa3BePMekNh2qqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/Q68umH0rY63apa3BePMekNh2qqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d1:76:34:b2:5d:df:5e:a0:fa:ea:d9:a1:23:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Validity
Not Before: Jan 1 16:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5928971a5d2b9d45e8638248667a41c26351f42b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:45:96:2b:5f:8e:bf:47:78:39:61:64:bb:2f:
70:41:19:b1:f6:cd:bf:4d:63:bc:b6:2c:f5:38:33:
30:1f:ee:5c:ed:44:13:44:31:c4:cc:44:77:a6:b5:
33:a8:93:84:d1:93:ee:15:8a:53:79:d6:5b:7a:65:
6f:01:77:11:1f:97:85:86:0e:83:b3:ed:77:ae:37:
bc:b6:21:2c:04:60:c3:65:a5:b3:d9:ff:87:7f:cc:
10:e0:75:a6:3c:42:ed:f6:f1:6b:2a:e7:8e:8d:9e:
5f:25:2c:1d:d8:46:2e:26:38:79:ba:02:ae:66:29:
b9:93:f3:30:59:0b:d8:67:e2:40:21:0b:c9:d4:bc:
e1:9e:db:9c:4b:d4:a7:49:ce:03:b1:47:70:3c:0f:
6b:f2:67:04:6c:7f:75:46:e9:bc:92:c5:4a:b5:03:
24:31:0a:00:fd:80:8f:81:4e:97:33:42:27:fc:1c:
e7:0e:cc:02:76:45:75:ae:d6:00:e1:44:6a:24:6d:
12:1b:e5:16:f9:d4:8b:9f:a5:cc:30:d0:3b:d4:0d:
c6:45:e9:18:29:35:da:ee:5c:7b:51:a3:a6:c7:21:
14:cb:5d:d7:2f:2d:18:de:ce:1c:dc:b6:65:fb:da:
34:b7:9a:cb:af:b0:1c:9e:5b:87:df:ff:77:69:21:
f3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:28:97:1A:5D:2B:9D:45:E8:63:82:48:66:7A:41:C2:63:51:F4:2B
X509v3 Authority Key Identifier:
keyid:43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/WSiXGl0rnUXoY4JIZnpBwmNR9Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/Q68umH0rY63apa3BePMekNh2qqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.244.0/22
IPv6:
2a02:4440::/32
Signature Algorithm: sha256WithRSAEncryption
47:4f:c5:9d:db:7b:62:9b:31:17:0c:94:d3:17:34:c6:74:ac:
fd:50:19:2f:89:02:67:b5:64:c6:2d:7b:d2:e6:24:7c:5e:69:
ec:70:8c:d4:79:74:bc:bf:07:30:45:15:61:8b:b4:31:43:00:
74:ab:9e:f4:c0:b7:e7:7a:55:dd:d1:63:ce:07:23:b8:ad:5f:
8d:04:d9:95:18:cf:8d:0c:8f:71:28:c8:75:84:99:73:38:e9:
d2:ae:6a:db:e1:51:d4:d4:8c:84:61:19:08:86:6d:d8:15:86:
4a:e7:ff:51:b7:57:be:81:e4:69:47:4a:7b:92:12:62:ab:1f:
24:65:b6:f0:28:87:7e:a9:44:20:b4:3c:cc:ab:34:93:1b:40:
3b:8a:02:84:96:59:1e:02:ca:18:61:f9:fd:b8:0d:59:b5:f3:
86:68:6e:37:ce:13:47:65:7b:bc:9f:47:a8:2a:7e:fc:9c:71:
de:6f:e1:ca:7f:0d:68:27:9e:cc:e7:80:9a:63:a1:34:33:27:
72:e8:50:ac:87:8e:26:9f:21:4b:ec:8b:aa:5e:e6:64:cb:3d:
7f:24:63:e1:d9:db:9e:36:b8:ee:3d:0c:96:61:29:f7:09:80:
76:2a:5d:0c:13:93:56:db:d7:d4:09:a6:57:42:c3:2c:7b:be:
9b:2c:f2:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3NF2NLJd316g+urZoSP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYWYyZTk4N2QyYjYzYWRkYWE1YWRjMTc4ZjMxZTkwZDg3
NmFhYTcwHhcNMjQwMTAxMTYzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTI4OTcxYTVkMmI5ZDQ1ZTg2MzgyNDg2NjdhNDFjMjYzNTFmNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0WWK1+Ov0d4OWFkuy9wQRmx9s2/
TWO8tiz1ODMwH+5c7UQTRDHEzER3prUzqJOE0ZPuFYpTedZbemVvAXcRH5eFhg6D
s+13rje8tiEsBGDDZaWz2f+Hf8wQ4HWmPELt9vFrKueOjZ5fJSwd2EYuJjh5ugKu
Zim5k/MwWQvYZ+JAIQvJ1LzhntucS9SnSc4DsUdwPA9r8mcEbH91Rum8ksVKtQMk
MQoA/YCPgU6XM0In/BznDswCdkV1rtYA4URqJG0SG+UW+dSLn6XMMNA71A3GRekY
KTXa7lx7UaOmxyEUy13XLy0Y3s4c3LZl+9o0t5rLr7AcnluH3/93aSHzpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFkolxpdK51F6GOCSGZ6QcJjUfQrMB8GA1UdIwQY
MBaAFEOvLph9K2Ot2qWtwXjzHpDYdqqnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3Yzgt
Y2M3NzQ2NzE5NDA2LzEvV1NpWEdsMHJuVVhvWTRKSVpucEJ3bU5SOUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3YzgtY2M3NzQ2NzE5NDA2
LzEvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQL0MA0E
AgACMAcDBQAqAkRAMA0GCSqGSIb3DQEBCwUAA4IBAQBHT8Wd23timzEXDJTTFzTG
dKz9UBkviQJntWTGLXvS5iR8XmnscIzUeXS8vwcwRRVhi7QxQwB0q570wLfnelXd
0WPOByO4rV+NBNmVGM+NDI9xKMh1hJlzOOnSrmrb4VHU1IyEYRkIhm3YFYZK5/9R
t1e+geRpR0p7khJiqx8kZbbwKId+qUQgtDzMqzSTG0A7igKEllkeAsoYYfn9uA1Z
tfOGaG43zhNHZXu8n0eoKn78nHHeb+HKfw1oJ57M54CaY6E0Mydy6FCsh44mnyFL
7IuqXuZkyz1/JGPh2dueNrjuPQyWYSn3CYB2Kl0ME5NW29fUCaZXQsMse76bLPIl
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:58:59 2024 by rpki-client on console-ams.rpki-client.org