Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/w0NehATFC4M4LKTTlspFda5Qcpk.roa
File: w0NehATFC4M4LKTTlspFda5Qcpk.roa (raw, json)
Hash identifier: VxSG6hBL52eBW32uNM2JXVRKcK9igtiNryv2WQ3fESs=
Subject key identifier: C3:43:5E:84:04:C5:0B:83:38:2C:A4:D3:96:CA:45:75:AE:50:72:99
Certificate issuer: /CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Certificate serial: 018CCA2B481D64D57482B37AD234F6580EB4
Authority key identifier: 27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/w0NehATFC4M4LKTTlspFda5Qcpk.roa
Signing time: Tue 02 Jan 2024 12:34:43 +0000
ROA not before: Tue 02 Jan 2024 12:34:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15623
IP address blocks: 193.247.205.0/24 maxlen: 24
193.246.253.0/24 maxlen: 24
212.45.192.0/19 maxlen: 19
195.226.0.0/19 maxlen: 19
213.189.128.0/19 maxlen: 19
217.75.16.0/21 maxlen: 21
217.75.24.0/21 maxlen: 21
212.55.192.0/19 maxlen: 19
213.158.128.0/19 maxlen: 19
195.144.160.0/19 maxlen: 19
62.12.128.0/17 maxlen: 17
217.14.64.0/20 maxlen: 20
193.5.123.0/24 maxlen: 24
2001:8a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/J_UYD5uTrnVzwIqJS9RSvXfOVs0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/J_UYD5uTrnVzwIqJS9RSvXfOVs0.mft
rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:48:1d:64:d5:74:82:b3:7a:d2:34:f6:58:0e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f5180f9b93ae7573c08a894bd452bd77ce56cd
Validity
Not Before: Jan 2 12:34:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3435e8404c50b83382ca4d396ca4575ae507299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4e:f7:4f:a0:29:87:64:b0:92:eb:f9:65:51:
18:16:0c:d2:01:50:fa:8f:db:d8:c1:ac:84:8a:23:
6b:5d:80:29:e3:f4:d4:a4:be:a0:58:1e:74:84:1f:
23:24:f7:a6:d6:0d:b2:18:b1:fc:2d:92:d0:c8:7e:
27:43:60:f2:7f:a4:de:b5:79:70:d6:2f:2d:48:c8:
5f:df:fe:e9:3f:b2:19:d2:58:51:26:b2:fe:93:c0:
3c:b9:f0:f7:8a:13:50:9f:ae:44:e2:4e:4b:01:33:
ca:4a:ff:f6:ae:72:62:3f:c5:2d:0a:f5:ff:70:39:
fe:b8:24:c2:74:ea:fb:99:14:e4:2f:a3:a1:82:7b:
f5:35:a4:b1:c0:3d:2b:01:19:e5:36:c7:01:8b:81:
65:af:57:18:73:fa:7f:8a:d5:20:7b:2b:e7:50:61:
fa:37:93:25:29:02:ba:ec:54:2e:4c:a3:a8:1b:95:
dc:de:ae:45:10:47:da:40:55:5d:18:ef:50:e2:26:
a1:52:82:f0:9a:fa:e7:f0:7a:31:81:13:03:80:f5:
cc:b4:41:e4:ba:86:ae:c7:39:ef:d8:8b:92:26:bd:
5f:75:a4:96:a8:2a:ec:f3:a3:62:97:b5:f2:8c:23:
37:27:00:b0:db:4a:08:d0:c0:bf:3d:b4:21:bf:1b:
1a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:43:5E:84:04:C5:0B:83:38:2C:A4:D3:96:CA:45:75:AE:50:72:99
X509v3 Authority Key Identifier:
keyid:27:F5:18:0F:9B:93:AE:75:73:C0:8A:89:4B:D4:52:BD:77:CE:56:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_UYD5uTrnVzwIqJS9RSvXfOVs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/w0NehATFC4M4LKTTlspFda5Qcpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e1b84b-39a6-4ac8-be63-30fee27e84cb/1/J_UYD5uTrnVzwIqJS9RSvXfOVs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.12.128.0/17
193.5.123.0/24
193.246.253.0/24
193.247.205.0/24
195.144.160.0/19
195.226.0.0/19
212.45.192.0/19
212.55.192.0/19
213.158.128.0/19
213.189.128.0/19
217.14.64.0/20
217.75.16.0/20
IPv6:
2001:8a8::/32
Signature Algorithm: sha256WithRSAEncryption
18:41:0c:a6:03:fc:b5:50:2a:91:72:fa:a7:62:01:6d:02:25:
20:dd:a8:8a:4b:f6:a0:ec:c4:be:25:12:26:a9:4c:e9:e7:59:
a2:a6:cf:e6:81:21:fe:a1:83:fa:55:cc:16:29:4a:41:04:a0:
7d:d6:53:51:d2:e4:52:86:de:89:24:bf:0f:57:f0:4a:47:8f:
75:67:41:5c:bd:02:ec:78:00:00:bf:a3:36:d4:3e:a5:f0:4a:
3b:5b:04:ce:bf:3c:97:7e:52:a7:b5:74:96:92:2e:8c:08:b8:
4a:ab:25:c1:09:d9:06:d3:20:63:9f:0b:60:60:fc:96:d5:05:
2b:75:bd:54:8f:3f:a7:bb:22:0f:28:62:d3:25:2a:5e:1e:e7:
c7:14:ba:8c:f2:b1:21:fc:85:6d:c9:6e:b9:f5:64:ab:44:84:
1c:6f:e1:22:50:ed:31:71:80:a9:db:47:f0:52:9a:cd:75:6b:
3f:83:f5:33:10:ea:cf:61:6a:52:2a:26:d7:77:fb:99:98:52:
8f:f7:d4:20:9a:a3:e5:ec:9b:a5:f1:3f:1f:10:b5:de:1f:46:
c9:7d:28:4b:3f:dc:9e:09:09:f5:07:9a:6d:be:6b:30:97:29:
ba:75:af:6a:78:49:cc:30:0e:8e:a3:8d:2f:28:c4:90:ce:5b:
39:20:a0:0b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzKK0gdZNV0grN60jT2WA60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZjUxODBmOWI5M2FlNzU3M2MwOGE4OTRiZDQ1MmJkNzdj
ZTU2Y2QwHhcNMjQwMTAyMTIzNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzQzNWU4NDA0YzUwYjgzMzgyY2E0ZDM5NmNhNDU3NWFlNTA3Mjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk73T6Aph2Swkuv5ZVEYFgzSAVD6
j9vYwayEiiNrXYAp4/TUpL6gWB50hB8jJPem1g2yGLH8LZLQyH4nQ2Dyf6TetXlw
1i8tSMhf3/7pP7IZ0lhRJrL+k8A8ufD3ihNQn65E4k5LATPKSv/2rnJiP8UtCvX/
cDn+uCTCdOr7mRTkL6Ohgnv1NaSxwD0rARnlNscBi4Flr1cYc/p/itUgeyvnUGH6
N5MlKQK67FQuTKOoG5Xc3q5FEEfaQFVdGO9Q4iahUoLwmvrn8HoxgRMDgPXMtEHk
uoauxznv2IuSJr1fdaSWqCrs86Nil7XyjCM3JwCw20oI0MC/PbQhvxsaVwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFMNDXoQExQuDOCyk05bKRXWuUHKZMB8GA1UdIwQY
MBaAFCf1GA+bk651c8CKiUvUUr13zlbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMt
MzBmZWUyN2U4NGNiLzEvdzBOZWhBVEZDNE00TEtUVGxzcEZkYTVRY3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lMWI4NGItMzlhNi00YWM4LWJlNjMtMzBmZWUyN2U4NGNi
LzEvSl9VWUQ1dVRyblZ6d0lxSlM5UlN2WGZPVnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQHPgyAAwQA
wQV7AwQAwfb9AwQAwffNAwQFw5CgAwQFw+IAAwQF1C3AAwQF1DfAAwQF1Z6AAwQF
1b2AAwQE2Q5AAwQE2UsQMA0EAgACMAcDBQAgAQioMA0GCSqGSIb3DQEBCwUAA4IB
AQAYQQymA/y1UCqRcvqnYgFtAiUg3aiKS/ag7MS+JRImqUzp51mips/mgSH+oYP6
VcwWKUpBBKB91lNR0uRSht6JJL8PV/BKR491Z0FcvQLseAAAv6M21D6l8Eo7WwTO
vzyXflKntXSWki6MCLhKqyXBCdkG0yBjnwtgYPyW1QUrdb1Ujz+nuyIPKGLTJSpe
HufHFLqM8rEh/IVtyW659WSrRIQcb+EiUO0xcYCp20fwUprNdWs/g/UzEOrPYWpS
KibXd/uZmFKP99QgmqPl7Jul8T8fELXeH0bJfShLP9yeCQn1B5ptvmswlym6da9q
eEnMMA6Oo40vKMSQzls5IKAL
-----END CERTIFICATE-----
Generated at Mon May 20 05:52:19 2024 by rpki-client on console-ams.rpki-client.org