Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WkpiWxO7Q-yN6mOR59de0rNwfRA.roa
File: WkpiWxO7Q-yN6mOR59de0rNwfRA.roa (raw, json)
Hash identifier: OBBIqIIsoThvXGD9Jzx7zMSllUyC3gW2i5JZ0/eDPzw=
Subject key identifier: 5A:4A:62:5B:13:BB:43:EC:8D:EA:63:91:E7:D7:5E:D2:B3:70:7D:10
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B52D024A6A8BD4BD21D73584D80F3
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WkpiWxO7Q-yN6mOR59de0rNwfRA.roa
Signing time: Tue 02 Jan 2024 12:34:46 +0000
ROA not before: Tue 02 Jan 2024 12:34:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44103
IP address blocks: 185.142.142.0/24 maxlen: 32
194.34.230.0/24 maxlen: 32
45.93.119.0/24 maxlen: 32
185.249.217.0/24 maxlen: 32
2a06:8e01::/44 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:52:d0:24:a6:a8:bd:4b:d2:1d:73:58:4d:80:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a4a625b13bb43ec8dea6391e7d75ed2b3707d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:db:57:3a:55:ae:e6:00:b6:c4:33:72:fb:cd:
39:c8:07:12:53:7b:f0:34:97:c0:11:47:ca:12:f3:
91:3c:96:d2:9c:ac:fe:06:e9:2e:8f:51:be:82:80:
ae:a9:48:5b:20:c4:89:c1:4f:92:ac:e2:d5:ac:c6:
a9:03:65:c2:60:18:9f:86:8f:a6:f0:ab:01:50:cf:
c3:d1:93:e0:56:42:1b:3d:a1:40:b9:df:e5:89:89:
59:7a:07:82:24:d4:10:fb:e3:b4:6a:18:1b:80:3b:
e1:45:5b:38:a5:fc:53:3a:b9:99:42:58:57:c7:c5:
53:ce:2a:f1:f5:f8:5a:91:80:48:d4:47:24:a8:22:
6f:24:21:47:9e:bf:26:10:57:6f:05:b9:2d:b9:13:
89:6c:fe:25:a1:9a:0a:55:4f:73:11:c2:cb:b1:ed:
94:35:0f:a6:22:9b:7f:8e:2a:7c:d1:98:02:25:90:
7c:54:26:5f:64:f4:c6:54:b9:50:ab:29:d4:a3:37:
33:9d:8a:dd:f0:a6:eb:b7:94:d7:3a:ec:73:b3:9d:
3b:e8:45:bf:52:7c:11:b8:1f:73:bb:fc:63:f5:32:
52:9f:68:05:9b:41:43:fb:98:4c:8a:37:2e:11:2b:
95:aa:c4:41:08:0d:35:76:d8:2b:1a:82:10:37:a1:
4f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4A:62:5B:13:BB:43:EC:8D:EA:63:91:E7:D7:5E:D2:B3:70:7D:10
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WkpiWxO7Q-yN6mOR59de0rNwfRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.119.0/24
185.142.142.0/24
185.249.217.0/24
194.34.230.0/24
IPv6:
2a06:8e01::/44
Signature Algorithm: sha256WithRSAEncryption
b0:c3:1e:e5:8d:2f:69:e0:ba:77:5a:23:d7:28:79:fa:8b:74:
38:8a:a8:8f:23:7e:95:8c:67:e0:39:cc:cc:54:ba:9a:b6:89:
fd:a6:1b:ff:59:f8:ef:ab:c8:52:ec:1b:1a:5c:5f:9e:2f:4e:
5d:82:78:0e:7e:eb:5a:21:1e:12:c6:d4:a4:31:29:5c:35:43:
de:ba:eb:cc:48:21:31:23:d2:a3:a6:8f:10:86:e8:0c:17:70:
23:f1:1a:6c:a5:53:d1:69:7f:2e:ac:48:83:13:93:c6:66:9b:
4f:45:9a:0d:03:cc:d5:45:b6:f5:24:7b:26:fc:8a:6c:8b:99:
fc:02:98:d7:b5:91:2d:d3:62:04:19:35:89:fa:77:59:f1:44:
e6:50:8e:1f:3c:96:fb:1e:89:9a:c3:81:0b:86:4e:1b:a6:df:
2a:38:81:32:22:69:a5:74:5b:cc:d4:60:d7:0c:89:db:33:5e:
bf:6a:48:65:e9:09:ce:92:82:e9:e6:d7:24:5f:4b:01:e0:a0:
97:65:31:b1:00:bf:bc:16:f5:03:bd:a2:52:52:ea:21:86:7b:
70:95:f4:bb:59:11:0f:40:cd:6f:5f:00:39:a9:09:f9:3e:09:
d6:38:6a:ae:34:31:9f:a2:71:1c:af:44:6e:a0:a2:16:88:1c:
91:64:44:ad
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzKK1LQJKaovUvSHXNYTYDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTRhNjI1YjEzYmI0M2VjOGRlYTYzOTFlN2Q3NWVkMmIzNzA3ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNtXOlWu5gC2xDNy+805yAcSU3vw
NJfAEUfKEvORPJbSnKz+Bukuj1G+goCuqUhbIMSJwU+SrOLVrMapA2XCYBifho+m
8KsBUM/D0ZPgVkIbPaFAud/liYlZegeCJNQQ++O0ahgbgDvhRVs4pfxTOrmZQlhX
x8VTzirx9fhakYBI1EckqCJvJCFHnr8mEFdvBbktuROJbP4loZoKVU9zEcLLse2U
NQ+mIpt/jip80ZgCJZB8VCZfZPTGVLlQqynUozcznYrd8Kbrt5TXOuxzs5076EW/
UnwRuB9zu/xj9TJSn2gFm0FD+5hMijcuESuVqsRBCA01dtgrGoIQN6FPYwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFpKYlsTu0PsjepjkefXXtKzcH0QMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvV2twaVd4TzdRLXlONm1PUjU5ZGUwck53ZlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQALV13AwQA
uY6OAwQAufnZAwQAwiLmMA8EAgACMAkDBwQqBo4BAAAwDQYJKoZIhvcNAQELBQAD
ggEBALDDHuWNL2ngundaI9coefqLdDiKqI8jfpWMZ+A5zMxUupq2if2mG/9Z+O+r
yFLsGxpcX54vTl2CeA5+61ohHhLG1KQxKVw1Q96668xIITEj0qOmjxCG6AwXcCPx
GmylU9Fpfy6sSIMTk8Zmm09Fmg0DzNVFtvUkeyb8imyLmfwCmNe1kS3TYgQZNYn6
d1nxROZQjh88lvseiZrDgQuGThum3yo4gTIiaaV0W8zUYNcMidszXr9qSGXpCc6S
gunm1yRfSwHgoJdlMbEAv7wW9QO9olJS6iGGe3CV9LtZEQ9AzW9fADmpCfk+CdY4
aq40MZ+icRyvRG6gohaIHJFkRK0=
-----END CERTIFICATE-----
Generated at Sun May 5 00:35:58 2024 by rpki-client on console-fra.rpki-client.org