Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/w2lj_w1whx0NXHLzhViOWiY0iEM.roa
File: w2lj_w1whx0NXHLzhViOWiY0iEM.roa (raw, json)
Hash identifier: 4pdmjktZdeY1MAGFcbwBa8WdANG+ioxli+G+PEOI53Q=
Subject key identifier: C3:69:63:FF:0D:70:87:1D:0D:5C:72:F3:85:58:8E:5A:26:34:88:43
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0192B35A1098B5ABDB719F97A48A48ACBC1E
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/w2lj_w1whx0NXHLzhViOWiY0iEM.roa
Signing time: Tue 22 Oct 2024 08:31:16 +0000
ROA not before: Tue 22 Oct 2024 08:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33652
IP address blocks: 45.147.159.0/24 maxlen: 24
77.111.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:5a:10:98:b5:ab:db:71:9f:97:a4:8a:48:ac:bc:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Oct 22 08:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c36963ff0d70871d0d5c72f385588e5a26348843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8c:92:f3:15:0a:e5:4a:55:0b:4c:ca:e9:0f:
46:4c:e8:ef:b7:92:fd:12:9f:9c:1c:e2:b9:74:be:
21:c7:20:6f:5b:64:06:e1:a1:7c:d7:8b:c3:3e:1d:
29:94:78:56:7e:c3:de:96:e4:98:78:ca:0d:c4:17:
4a:01:17:ee:2b:db:db:70:29:f7:db:ca:11:aa:50:
b9:0c:71:17:39:c2:bc:b5:74:61:0e:4b:26:aa:f0:
44:50:ce:a7:38:cf:7f:e0:3b:40:35:fd:a3:80:6e:
a5:fb:5a:5b:7a:d8:c0:50:31:d4:8a:7a:71:ef:2d:
c3:22:19:ae:ef:53:d6:35:f2:70:75:b4:6f:96:18:
9b:2e:ac:a8:cc:1e:9e:9c:79:dd:86:a0:00:4f:52:
19:cb:46:19:3f:61:f1:91:4d:c9:75:2d:35:47:a4:
3a:bd:ad:c4:e5:55:e7:0b:6b:95:16:fa:02:03:1f:
38:30:76:47:74:6e:44:8b:5e:d2:bc:fe:dd:94:82:
f1:99:52:fa:54:2e:23:97:a6:48:0c:33:91:06:2d:
da:06:d1:e2:2a:39:c9:b2:d7:f6:f6:c9:d5:89:7d:
23:46:d8:26:bc:44:2d:ba:7a:3e:bb:f5:4c:7e:43:
c4:3c:7e:63:96:25:2f:eb:d7:4e:d2:49:b3:95:08:
c4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:69:63:FF:0D:70:87:1D:0D:5C:72:F3:85:58:8E:5A:26:34:88:43
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/w2lj_w1whx0NXHLzhViOWiY0iEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.159.0/24
77.111.118.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:66:f6:73:46:3c:c4:59:be:d0:b4:8f:3d:7b:4d:78:a9:38:
af:c5:ba:55:9c:ea:ce:bd:6b:07:79:59:3c:d1:89:b1:7b:2d:
d5:cc:f0:00:ce:55:60:de:e8:77:14:92:61:a8:15:2f:01:19:
91:b1:d4:5a:ce:c3:7a:93:83:e9:f9:4d:d1:0b:b9:eb:40:dd:
0d:c4:e7:38:ae:87:ea:20:24:b6:b9:00:ce:0e:18:47:f0:4d:
df:af:95:13:85:c2:f6:ce:6c:98:0e:70:71:4d:77:de:b8:33:
b3:8b:37:eb:0d:0c:d4:7f:b3:24:fe:6c:86:f0:49:0f:9e:44:
49:d5:2a:e1:82:80:bf:fc:c4:3a:66:5c:0d:a8:ea:79:42:a5:
7a:e4:a4:ad:37:1a:69:fc:01:e8:ba:f7:70:cc:ad:51:61:58:
d1:58:20:97:a6:ae:9c:ed:b5:a7:e5:49:e7:39:ec:cf:5a:9b:
eb:a2:88:76:84:de:06:3f:75:f2:c5:e4:f9:21:52:3a:c1:93:
0f:58:93:36:b4:9e:28:57:f9:65:5e:43:33:36:fb:de:d8:a8:
15:62:0c:f4:ec:c7:ef:3c:74:5f:ae:3c:c4:a0:5b:86:34:f8:
76:b7:76:4b:c3:01:49:8c:17:79:af:92:32:27:eb:10:8f:23:
5a:e3:ae:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKzWhCYtavbcZ+XpIpIrLweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQxMDIyMDgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzY5NjNmZjBkNzA4NzFkMGQ1YzcyZjM4NTU4OGU1YTI2MzQ4ODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34yS8xUK5UpVC0zK6Q9GTOjvt5L9
Ep+cHOK5dL4hxyBvW2QG4aF814vDPh0plHhWfsPeluSYeMoNxBdKARfuK9vbcCn3
28oRqlC5DHEXOcK8tXRhDksmqvBEUM6nOM9/4DtANf2jgG6l+1pbetjAUDHUinpx
7y3DIhmu71PWNfJwdbRvlhibLqyozB6enHndhqAAT1IZy0YZP2HxkU3JdS01R6Q6
va3E5VXnC2uVFvoCAx84MHZHdG5Ei17SvP7dlILxmVL6VC4jl6ZIDDORBi3aBtHi
KjnJstf29snViX0jRtgmvEQtuno+u/VMfkPEPH5jliUv69dO0kmzlQjE3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMNpY/8NcIcdDVxy84VYjlomNIhDMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvdzJsal93MXdoeDBOWEhMemhWaU9XaVkwaUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZOfAwQA
TW92MA0GCSqGSIb3DQEBCwUAA4IBAQCOZvZzRjzEWb7QtI89e014qTivxbpVnOrO
vWsHeVk80Ymxey3VzPAAzlVg3uh3FJJhqBUvARmRsdRazsN6k4Pp+U3RC7nrQN0N
xOc4rofqICS2uQDODhhH8E3fr5UThcL2zmyYDnBxTXfeuDOzizfrDQzUf7Mk/myG
8EkPnkRJ1SrhgoC//MQ6ZlwNqOp5QqV65KStNxpp/AHouvdwzK1RYVjRWCCXpq6c
7bWn5UnnOezPWpvrooh2hN4GP3XyxeT5IVI6wZMPWJM2tJ4oV/llXkMzNvve2KgV
Ygz07MfvPHRfrjzEoFuGNPh2t3ZLwwFJjBd5r5IyJ+sQjyNa4653
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:10:08 2024 by rpki-client on console-fra.rpki-client.org