Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/WIIsSIk0oAqZ-zpzLhEILB0lkyY.roa
File: WIIsSIk0oAqZ-zpzLhEILB0lkyY.roa (raw, json)
Hash identifier: 0Br8xx+/b87POLLjDVH4qSOOVCF3Jr2VYr/ulAFgp14=
Subject key identifier: 58:82:2C:48:89:34:A0:0A:99:FB:3A:73:2E:11:08:2C:1D:25:93:26
Certificate issuer: /CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Certificate serial: 018CC5DC5440A1AEC2BD68A8E6D36E699FA8
Authority key identifier: 29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/WIIsSIk0oAqZ-zpzLhEILB0lkyY.roa
Signing time: Mon 01 Jan 2024 16:30:00 +0000
ROA not before: Mon 01 Jan 2024 16:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48573
IP address blocks: 94.143.44.0/22 maxlen: 22
94.143.40.0/22 maxlen: 22
94.143.40.0/21 maxlen: 21
185.43.10.0/23 maxlen: 23
185.43.8.0/23 maxlen: 23
185.43.8.0/22 maxlen: 22
95.215.138.0/23 maxlen: 23
95.215.136.0/23 maxlen: 23
95.215.136.0/22 maxlen: 22
193.29.230.0/23 maxlen: 23
31.185.0.0/22 maxlen: 22
31.185.0.0/21 maxlen: 21
31.185.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 04:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:54:40:a1:ae:c2:bd:68:a8:e6:d3:6e:69:9f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Validity
Not Before: Jan 1 16:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58822c488934a00a99fb3a732e11082c1d259326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7f:17:84:e9:8e:db:9c:25:68:a7:a5:0c:d8:
74:b6:0e:40:20:90:c0:77:ec:03:9e:32:0d:1e:43:
bc:1f:ed:0b:b3:01:9a:42:11:9c:58:d3:59:71:10:
c0:64:cb:40:5d:34:b6:3c:b1:d5:34:95:cb:75:2a:
8f:df:b4:61:85:b3:bc:0f:c3:86:fd:f0:a7:c2:9d:
4c:ff:16:e5:07:cd:f4:21:66:b2:bf:2c:02:c0:5a:
ea:52:08:22:4e:18:85:7a:19:89:85:31:fd:5c:06:
33:01:99:4c:98:a6:68:21:c0:71:56:e8:5c:2b:75:
55:5a:43:ed:42:e5:9e:33:d7:56:95:8b:5c:4e:bc:
7e:20:b2:9d:f8:04:19:a4:c6:ea:c8:02:b1:52:9e:
0a:b8:24:8f:99:3f:a2:a2:62:bb:5e:df:fb:43:bf:
4d:bf:fc:56:84:1e:b1:d9:a8:cb:a5:e0:2c:06:a6:
9d:1b:d1:20:a7:e5:39:fc:99:b2:57:e7:0a:63:8b:
53:2f:01:3b:07:9f:2d:c9:41:72:bd:e5:8c:ad:8f:
5e:af:81:27:be:4b:12:b8:37:5c:ce:df:f4:61:f4:
12:a9:8d:ce:5f:41:3c:a2:5b:be:83:68:ab:3a:4c:
28:71:e3:2c:72:50:15:1d:9d:de:31:f0:6f:85:2c:
bf:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:82:2C:48:89:34:A0:0A:99:FB:3A:73:2E:11:08:2C:1D:25:93:26
X509v3 Authority Key Identifier:
keyid:29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/WIIsSIk0oAqZ-zpzLhEILB0lkyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.0.0/21
94.143.40.0/21
95.215.136.0/22
185.43.8.0/22
193.29.230.0/23
Signature Algorithm: sha256WithRSAEncryption
73:35:a6:d0:58:50:01:70:b5:eb:79:a2:f2:24:f4:6e:76:ef:
44:b5:f3:99:9f:2a:96:7a:ec:a3:dd:15:5e:c1:bb:96:1a:da:
e8:b7:85:4e:d7:fa:f4:91:8a:8e:39:51:4a:14:a0:46:93:45:
17:38:4a:cf:11:c1:9c:80:07:32:06:37:18:fc:3c:46:e8:6e:
11:16:40:a7:3b:22:75:fe:65:61:cd:87:d1:80:24:86:f5:bf:
7f:fc:90:2a:a0:0c:a7:84:36:53:71:52:6b:1b:df:9c:54:b6:
4d:1f:43:6b:21:af:bd:d3:ea:d2:bc:d0:4b:75:79:50:ad:63:
bb:77:1f:4f:1e:ac:b1:4d:7b:dc:2c:db:7e:ff:4e:41:c6:44:
0f:6d:1f:6f:bf:8f:c7:7b:21:28:1a:b9:31:7e:9e:c2:14:dd:
ad:40:c5:3f:f5:21:03:52:36:8d:d8:44:0e:97:34:29:73:1c:
28:1a:e1:1b:10:fb:c6:1b:35:f1:70:ce:b3:78:24:dd:64:a1:
ce:6b:de:ae:a8:1e:af:81:5b:b6:c1:f4:cf:9a:36:9c:2c:cd:
2b:b0:8c:47:9d:8e:d8:65:9e:54:09:31:4e:ad:4c:c8:5e:36:
3f:9c:95:09:54:da:1a:59:46:2d:08:40:11:51:00:97:9e:2b:
ff:74:57:44
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3FRAoa7CvWio5tNuaZ+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGJjYzUwYTlhMzNiYTU2NTFlZmQxYWZlNDBiNmZkYjAy
NTU2ZjAwHhcNMjQwMTAxMTYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODgyMmM0ODg5MzRhMDBhOTlmYjNhNzMyZTExMDgyYzFkMjU5MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj38XhOmO25wlaKelDNh0tg5AIJDA
d+wDnjINHkO8H+0LswGaQhGcWNNZcRDAZMtAXTS2PLHVNJXLdSqP37RhhbO8D8OG
/fCnwp1M/xblB830IWayvywCwFrqUggiThiFehmJhTH9XAYzAZlMmKZoIcBxVuhc
K3VVWkPtQuWeM9dWlYtcTrx+ILKd+AQZpMbqyAKxUp4KuCSPmT+iomK7Xt/7Q79N
v/xWhB6x2ajLpeAsBqadG9Egp+U5/JmyV+cKY4tTLwE7B58tyUFyveWMrY9er4En
vksSuDdczt/0YfQSqY3OX0E8olu+g2irOkwoceMsclAVHZ3eMfBvhSy/CwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFiCLEiJNKAKmfs6cy4RCCwdJZMmMB8GA1UdIwQY
MBaAFCkLzFCpozulZR79Gv5Atv2wJVbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYt
NzY5ODI0OTNlYTFhLzEvV0lJc1NJazBvQXFaLXpwekxoRUlMQjBsa3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYtNzY5ODI0OTNlYTFh
LzEvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDH7kAAwQD
Xo8oAwQCX9eIAwQCuSsIAwQBwR3mMA0GCSqGSIb3DQEBCwUAA4IBAQBzNabQWFAB
cLXreaLyJPRudu9EtfOZnyqWeuyj3RVewbuWGtrot4VO1/r0kYqOOVFKFKBGk0UX
OErPEcGcgAcyBjcY/DxG6G4RFkCnOyJ1/mVhzYfRgCSG9b9//JAqoAynhDZTcVJr
G9+cVLZNH0NrIa+90+rSvNBLdXlQrWO7dx9PHqyxTXvcLNt+/05BxkQPbR9vv4/H
eyEoGrkxfp7CFN2tQMU/9SEDUjaN2EQOlzQpcxwoGuEbEPvGGzXxcM6zeCTdZKHO
a96uqB6vgVu2wfTPmjacLM0rsIxHnY7YZZ5UCTFOrUzIXjY/nJUJVNoaWUYtCEAR
UQCXniv/dFdE
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:58:12 2024 by rpki-client on console-ams.rpki-client.org