Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/wjTkK7GHc66DVEOqN89sdlE2lBA.roa
File: wjTkK7GHc66DVEOqN89sdlE2lBA.roa (raw, json)
Hash identifier: oZai4+GhNQMgMEn0j9Sa2DF43h8kTcynxxFW1G2umZA=
Subject key identifier: C2:34:E4:2B:B1:87:73:AE:83:54:43:AA:37:CF:6C:76:51:36:94:10
Certificate issuer: /CN=a5f6a71a180dcf8b230c414f09f7b71baea9781c
Certificate serial: 01933F05E05B490DBA1CC7EFE747531D28F1
Authority key identifier: A5:F6:A7:1A:18:0D:CF:8B:23:0C:41:4F:09:F7:B7:1B:AE:A9:78:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pfanGhgNz4sjDEFPCfe3G66peBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/wjTkK7GHc66DVEOqN89sdlE2lBA.roa
Signing time: Mon 18 Nov 2024 11:26:09 +0000
ROA not before: Mon 18 Nov 2024 11:26:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201155
IP address blocks: 45.143.212.0/22 maxlen: 24
45.157.224.0/22 maxlen: 24
185.84.4.0/22 maxlen: 24
2a05:a1c0::/29 maxlen: 48
2a0f:6cc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/pfanGhgNz4sjDEFPCfe3G66peBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/pfanGhgNz4sjDEFPCfe3G66peBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pfanGhgNz4sjDEFPCfe3G66peBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:05:e0:5b:49:0d:ba:1c:c7:ef:e7:47:53:1d:28:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5f6a71a180dcf8b230c414f09f7b71baea9781c
Validity
Not Before: Nov 18 11:26:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c234e42bb18773ae835443aa37cf6c7651369410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:a0:34:8c:db:28:f5:ad:b1:ae:61:01:53:
76:18:c1:8c:b7:13:79:94:61:fa:ce:fe:fe:07:02:
8e:d4:22:b8:be:78:64:20:97:ec:cd:9f:c3:e9:d0:
25:ca:22:d1:2f:b1:1c:4f:fa:9e:c3:ce:0a:68:67:
1d:85:63:34:22:ab:99:fe:e2:55:bc:29:30:8c:02:
d2:11:e8:65:4d:76:da:1c:f9:38:c0:34:ea:12:8d:
45:fa:79:ed:fb:3b:51:d9:5c:bd:12:91:3c:33:5f:
f6:c2:52:ad:b3:47:94:b1:3b:93:d0:ae:60:9a:c4:
f8:58:07:af:f2:87:1c:6b:89:22:48:24:8a:8c:b3:
64:69:58:2d:52:70:a6:f5:4c:43:19:30:ef:74:26:
1e:6c:59:2f:f3:29:a7:fc:f6:33:fe:17:82:08:d4:
c1:f2:2a:68:51:0f:af:98:4e:8f:47:10:50:1c:f8:
84:11:38:d9:c6:9f:9f:ca:45:fc:d8:d2:7e:b4:21:
1f:fb:55:ab:53:4c:fa:b3:20:8e:03:e7:fa:de:98:
44:dc:6e:bf:5d:be:ed:e2:53:aa:96:34:1a:5a:65:
5c:6c:b5:65:c3:38:ea:ab:a2:df:96:c3:b6:20:4a:
59:2a:47:82:d2:62:b6:33:9a:b3:f0:b3:d3:4a:c4:
1f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:34:E4:2B:B1:87:73:AE:83:54:43:AA:37:CF:6C:76:51:36:94:10
X509v3 Authority Key Identifier:
keyid:A5:F6:A7:1A:18:0D:CF:8B:23:0C:41:4F:09:F7:B7:1B:AE:A9:78:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pfanGhgNz4sjDEFPCfe3G66peBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/wjTkK7GHc66DVEOqN89sdlE2lBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b3f912-36d1-4366-ac3c-6660238b03ce/1/pfanGhgNz4sjDEFPCfe3G66peBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.212.0/22
45.157.224.0/22
185.84.4.0/22
IPv6:
2a05:a1c0::/29
2a0f:6cc0::/29
Signature Algorithm: sha256WithRSAEncryption
0f:7f:fd:4c:a9:f9:21:e2:5a:a3:90:52:b3:1d:a7:63:20:e6:
ab:87:63:5a:71:0b:fc:57:b7:42:e2:c8:99:c6:01:5e:d9:39:
a6:e3:dd:61:2c:3a:f5:c5:58:1b:80:25:33:8c:15:70:65:24:
eb:79:e4:6a:31:25:93:39:83:aa:c8:be:53:a5:39:f0:7d:ee:
f6:cb:d4:3e:0e:99:17:8d:b7:68:46:ba:2c:14:68:0b:a3:46:
79:2b:85:00:94:28:65:cb:c7:87:dc:1f:b2:34:d3:30:fc:98:
7d:75:05:fd:54:c9:99:fb:1a:79:8e:f9:db:86:3e:4b:0d:98:
0f:b7:c0:0e:a8:13:6c:52:82:2c:91:a9:c5:2b:e7:0b:b8:2a:
50:23:85:5c:36:d0:f3:b0:8e:90:ba:0b:56:37:33:42:e7:4d:
d1:e2:f7:ba:54:ee:48:1f:d3:0a:aa:a2:34:10:70:b2:94:89:
47:88:40:03:ca:29:6d:52:8d:60:a4:7d:3a:43:50:3a:46:63:
45:49:11:c2:c1:d2:bd:a3:74:d7:ef:1d:7d:f3:b5:f3:f0:5b:
7a:b9:90:33:25:0b:a0:8c:dd:85:c8:bf:c7:6c:4b:af:42:70:
0f:82:d4:f0:d1:49:34:88:69:73:08:ec:9b:be:48:be:8c:2e:
9a:c7:7e:ad
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZM/BeBbSQ26HMfv50dTHSjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjZhNzFhMTgwZGNmOGIyMzBjNDE0ZjA5ZjdiNzFiYWVh
OTc4MWMwHhcNMjQxMTE4MTEyNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjM0ZTQyYmIxODc3M2FlODM1NDQzYWEzN2NmNmM3NjUxMzY5NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq2gNIzbKPWtsa5hAVN2GMGMtxN5
lGH6zv7+BwKO1CK4vnhkIJfszZ/D6dAlyiLRL7EcT/qew84KaGcdhWM0IquZ/uJV
vCkwjALSEehlTXbaHPk4wDTqEo1F+nnt+ztR2Vy9EpE8M1/2wlKts0eUsTuT0K5g
msT4WAev8occa4kiSCSKjLNkaVgtUnCm9UxDGTDvdCYebFkv8ymn/PYz/heCCNTB
8ipoUQ+vmE6PRxBQHPiEETjZxp+fykX82NJ+tCEf+1WrU0z6syCOA+f63phE3G6/
Xb7t4lOqljQaWmVcbLVlwzjqq6LflsO2IEpZKkeC0mK2M5qz8LPTSsQf0wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMI05Cuxh3Oug1RDqjfPbHZRNpQQMB8GA1UdIwQY
MBaAFKX2pxoYDc+LIwxBTwn3txuuqXgcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZhbkdoZ056NHNqREVGUENmZTNHNjZwZUJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iM2Y5MTItMzZkMS00MzY2LWFjM2Mt
NjY2MDIzOGIwM2NlLzEvd2pUa0s3R0hjNjZEVkVPcU44OXNkbEUybEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iM2Y5MTItMzZkMS00MzY2LWFjM2MtNjY2MDIzOGIwM2Nl
LzEvcGZhbkdoZ056NHNqREVGUENmZTNHNjZwZUJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLY/UAwQC
LZ3gAwQCuVQEMBQEAgACMA4DBQMqBaHAAwUDKg9swDANBgkqhkiG9w0BAQsFAAOC
AQEAD3/9TKn5IeJao5BSsx2nYyDmq4djWnEL/Fe3QuLImcYBXtk5puPdYSw69cVY
G4AlM4wVcGUk63nkajElkzmDqsi+U6U58H3u9svUPg6ZF423aEa6LBRoC6NGeSuF
AJQoZcvHh9wfsjTTMPyYfXUF/VTJmfsaeY7524Y+Sw2YD7fADqgTbFKCLJGpxSvn
C7gqUCOFXDbQ87COkLoLVjczQudN0eL3ulTuSB/TCqqiNBBwspSJR4hAA8opbVKN
YKR9OkNQOkZjRUkRwsHSvaN01+8dffO18/BbermQMyULoIzdhci/x2xLr0JwD4LU
8NFJNIhpcwjsm75Ivowumsd+rQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 08:46:35 2024 by rpki-client on console-fra.rpki-client.org