Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/Wv8D2xiKWhnpjLEmHjSovV2X51A.roa
File: Wv8D2xiKWhnpjLEmHjSovV2X51A.roa (raw, json)
Hash identifier: uDSBc789BQxtCtlY99yYjdgGEimK8T9lkMQxatMFba8=
Subject key identifier: 5A:FF:03:DB:18:8A:5A:19:E9:8C:B1:26:1E:34:A8:BD:5D:97:E7:50
Certificate issuer: /CN=5f0f162afa7bfd7b847c1dd0eb4aebea93c469cf
Certificate serial: 018CC6B7EF4046598739D63E478BA4CB9643
Authority key identifier: 5F:0F:16:2A:FA:7B:FD:7B:84:7C:1D:D0:EB:4A:EB:EA:93:C4:69:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xw8WKvp7_XuEfB3Q60rr6pPEac8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/Wv8D2xiKWhnpjLEmHjSovV2X51A.roa
Signing time: Mon 01 Jan 2024 20:29:52 +0000
ROA not before: Mon 01 Jan 2024 20:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47737
IP address blocks: 94.124.168.0/21 maxlen: 21
78.142.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/Xw8WKvp7_XuEfB3Q60rr6pPEac8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/Xw8WKvp7_XuEfB3Q60rr6pPEac8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xw8WKvp7_XuEfB3Q60rr6pPEac8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:ef:40:46:59:87:39:d6:3e:47:8b:a4:cb:96:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0f162afa7bfd7b847c1dd0eb4aebea93c469cf
Validity
Not Before: Jan 1 20:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5aff03db188a5a19e98cb1261e34a8bd5d97e750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:03:37:bd:83:c5:11:22:e8:67:c2:47:10:5a:
d5:90:13:e3:72:11:e8:e6:d7:f4:90:e1:41:29:27:
86:c4:85:5d:ac:23:52:53:ac:ab:6b:0f:c8:16:8a:
96:ad:2a:ad:ff:ef:df:e9:0b:3a:e7:48:45:a3:77:
96:72:18:57:26:0f:67:4f:ed:c3:f5:ad:a4:11:ca:
aa:7a:6c:22:9e:53:83:54:b2:66:c6:7c:75:b5:9b:
e7:56:c5:e2:bc:8d:98:f3:d9:d3:04:5f:db:8a:35:
df:16:d3:25:a0:dd:3c:90:de:82:5b:9f:44:5a:f0:
dd:46:6b:00:ad:c4:09:a3:b2:c3:8d:27:bb:8d:48:
27:02:b1:bd:9c:1b:9a:42:83:70:74:04:39:9b:25:
49:1d:20:f1:29:09:8a:c6:e9:c7:20:22:a4:dc:31:
cc:15:1b:a2:eb:8f:8e:4e:ca:bf:99:fd:2c:d8:03:
6e:bd:17:f9:10:a6:40:b0:8f:7d:19:6c:79:88:43:
cb:24:b9:4b:ed:52:76:27:e1:df:b6:7e:44:de:5e:
c9:90:df:da:ec:6d:d0:5e:ef:b9:aa:19:06:ac:63:
d2:7e:9d:36:0d:2d:b3:39:55:90:30:b2:f5:80:43:
4c:25:d4:80:22:a5:92:20:38:cf:d2:49:4e:1b:73:
fa:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:FF:03:DB:18:8A:5A:19:E9:8C:B1:26:1E:34:A8:BD:5D:97:E7:50
X509v3 Authority Key Identifier:
keyid:5F:0F:16:2A:FA:7B:FD:7B:84:7C:1D:D0:EB:4A:EB:EA:93:C4:69:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw8WKvp7_XuEfB3Q60rr6pPEac8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/Wv8D2xiKWhnpjLEmHjSovV2X51A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/82d6af-eac8-4d18-9aea-cee4c518770d/1/Xw8WKvp7_XuEfB3Q60rr6pPEac8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.220.0/22
94.124.168.0/21
Signature Algorithm: sha256WithRSAEncryption
19:e7:f8:8b:1d:ce:01:b4:20:bc:65:4f:82:62:f6:e0:c4:a8:
cc:db:cb:1f:eb:55:1e:97:29:e7:fb:be:c9:77:01:a1:0c:d3:
78:b7:98:27:81:ce:02:cc:8b:8b:c7:c0:3e:cc:4c:d8:00:ec:
1c:ef:07:49:28:4a:2f:ce:09:2b:73:41:ee:bd:95:32:3e:7a:
f1:40:6b:7d:4c:81:b7:92:11:4e:69:ac:fb:e6:55:b9:a0:1a:
b0:75:33:97:7a:be:5c:61:79:93:ce:f9:4c:11:92:40:79:af:
f1:58:f5:f1:91:c0:f0:98:bd:8c:c2:03:5f:ca:17:ce:2e:2e:
b5:23:98:35:3d:97:78:62:32:94:c9:27:93:9b:9d:f8:31:b0:
ec:77:66:ec:16:0f:03:4f:96:e5:52:07:ff:a0:af:a9:b0:87:
fd:7f:e6:22:19:d3:e7:9d:25:19:23:be:d0:75:c1:70:57:3a:
b8:68:6a:55:9c:13:93:e7:54:6b:c9:e9:10:09:9d:7d:aa:04:
03:39:2a:82:e7:c1:80:1a:8e:d9:e0:ce:ff:b6:7f:5b:72:aa:
cf:4e:77:66:a7:26:20:e2:4d:8d:df:4c:2e:1e:5e:36:95:60:
b3:7f:9f:cf:51:0f:7b:a2:01:db:61:33:52:7f:35:65:54:9f:
6d:23:a5:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt+9ARlmHOdY+R4uky5ZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGYxNjJhZmE3YmZkN2I4NDdjMWRkMGViNGFlYmVhOTNj
NDY5Y2YwHhcNMjQwMTAxMjAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWZmMDNkYjE4OGE1YTE5ZTk4Y2IxMjYxZTM0YThiZDVkOTdlNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgM3vYPFESLoZ8JHEFrVkBPjchHo
5tf0kOFBKSeGxIVdrCNSU6yraw/IFoqWrSqt/+/f6Qs650hFo3eWchhXJg9nT+3D
9a2kEcqqemwinlODVLJmxnx1tZvnVsXivI2Y89nTBF/bijXfFtMloN08kN6CW59E
WvDdRmsArcQJo7LDjSe7jUgnArG9nBuaQoNwdAQ5myVJHSDxKQmKxunHICKk3DHM
FRui64+OTsq/mf0s2ANuvRf5EKZAsI99GWx5iEPLJLlL7VJ2J+Hftn5E3l7JkN/a
7G3QXu+5qhkGrGPSfp02DS2zOVWQMLL1gENMJdSAIqWSIDjP0klOG3P6KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFr/A9sYiloZ6YyxJh40qL1dl+dQMB8GA1UdIwQY
MBaAFF8PFir6e/17hHwd0OtK6+qTxGnPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHc4V0t2cDdfWHVFZkIzUTYwcnI2cFBFYWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy84MmQ2YWYtZWFjOC00ZDE4LTlhZWEt
Y2VlNGM1MTg3NzBkLzEvV3Y4RDJ4aUtXaG5wakxFbUhqU292VjJYNTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy84MmQ2YWYtZWFjOC00ZDE4LTlhZWEtY2VlNGM1MTg3NzBk
LzEvWHc4V0t2cDdfWHVFZkIzUTYwcnI2cFBFYWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTo7cAwQD
XnyoMA0GCSqGSIb3DQEBCwUAA4IBAQAZ5/iLHc4BtCC8ZU+CYvbgxKjM28sf61Ue
lynn+77JdwGhDNN4t5gngc4CzIuLx8A+zEzYAOwc7wdJKEovzgkrc0HuvZUyPnrx
QGt9TIG3khFOaaz75lW5oBqwdTOXer5cYXmTzvlMEZJAea/xWPXxkcDwmL2MwgNf
yhfOLi61I5g1PZd4YjKUySeTm534MbDsd2bsFg8DT5blUgf/oK+psIf9f+YiGdPn
nSUZI77QdcFwVzq4aGpVnBOT51RryekQCZ19qgQDOSqC58GAGo7Z4M7/tn9bcqrP
TndmpyYg4k2N30wuHl42lWCzf5/PUQ97ogHbYTNSfzVlVJ9tI6XU
-----END CERTIFICATE-----
Generated at Fri Sep 20 21:28:06 2024 by rpki-client on console-ams.rpki-client.org