Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/wP6M-mJFDgS28CfaLHFWVT2uT6g.roa
File: wP6M-mJFDgS28CfaLHFWVT2uT6g.roa (raw, json)
Hash identifier: 2hiG0zAlYMTEaJaTJeFRAAFbeJU4+RADPiy+8mr5HG0=
Subject key identifier: C0:FE:8C:FA:62:45:0E:04:B6:F0:27:DA:2C:71:56:55:3D:AE:4F:A8
Certificate issuer: /CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Certificate serial: 018CC6B8C3659928E6EBB7EDB52BC0380CB4
Authority key identifier: 79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/wP6M-mJFDgS28CfaLHFWVT2uT6g.roa
Signing time: Mon 01 Jan 2024 20:30:46 +0000
ROA not before: Mon 01 Jan 2024 20:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 194.45.100.0/24 maxlen: 24
45.145.96.0/22 maxlen: 22
185.21.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.mft
rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Dec 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:c3:65:99:28:e6:eb:b7:ed:b5:2b:c0:38:0c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Validity
Not Before: Jan 1 20:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0fe8cfa62450e04b6f027da2c7156553dae4fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bf:a1:55:ab:34:fa:94:71:97:33:a8:70:7b:
f4:46:aa:e9:4c:8c:07:eb:0a:96:03:86:3f:0a:29:
16:72:48:07:87:3a:a7:49:8f:ae:03:63:d7:14:c0:
a5:f9:04:95:6d:ce:c4:8c:47:3f:77:b1:1b:f4:66:
3e:51:f8:71:8b:41:f5:46:30:fb:c4:e4:67:7c:5d:
62:2b:14:d4:6d:84:17:51:c1:6f:86:db:6d:1c:6b:
b9:dc:9f:57:c2:e8:5b:89:92:dd:de:c6:ca:9e:d4:
33:1f:0d:ec:7f:45:25:58:c3:2d:b3:cc:f2:e6:b8:
2f:cb:f9:91:37:75:ef:c5:0c:5f:37:1f:cf:ed:3d:
21:f5:b8:b6:b1:b5:e4:32:ce:ec:cd:17:d9:bf:63:
cb:d1:86:96:44:e4:4e:ac:a4:55:1b:9f:e9:54:75:
a4:4e:ec:3f:fe:01:33:d0:aa:8c:89:7d:e6:1f:8e:
80:37:56:ae:e7:56:97:b3:6e:38:9d:3a:27:4d:ab:
34:a4:59:f7:fa:a7:b9:20:1e:b5:87:00:51:87:a6:
bd:13:31:ce:40:13:77:a6:58:7a:1b:54:4c:1d:8d:
9f:89:72:9e:bc:9d:1a:a3:c5:2e:58:bf:f5:fc:ea:
60:0e:6e:c1:9b:65:31:35:be:dc:26:3f:54:44:09:
c1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:FE:8C:FA:62:45:0E:04:B6:F0:27:DA:2C:71:56:55:3D:AE:4F:A8
X509v3 Authority Key Identifier:
keyid:79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/wP6M-mJFDgS28CfaLHFWVT2uT6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.96.0/22
185.21.50.0/24
194.45.100.0/24
Signature Algorithm: sha256WithRSAEncryption
60:b1:00:3d:70:5f:0d:44:e2:82:bb:b0:de:39:1f:0c:ba:89:
31:92:ff:7f:d8:2c:b0:35:fa:26:83:ac:52:10:6b:b0:b3:b0:
09:c5:49:bd:81:8a:eb:dc:07:89:e5:a2:26:2a:8e:47:b1:dd:
c6:8d:d5:b3:da:47:23:d4:da:f4:c6:e2:fc:f5:ea:77:3a:ae:
c5:8c:bf:4a:02:17:e3:02:53:b7:16:e7:5b:7c:f3:a1:b2:86:
89:91:8b:dd:4d:71:d8:1c:ec:97:d1:20:04:6c:bb:3e:2c:73:
1a:2e:5c:02:56:22:f1:0d:58:00:9f:09:13:28:3b:5b:7a:98:
46:f8:44:eb:38:44:6c:5f:73:b0:26:f8:68:fd:da:21:ab:2c:
f8:c2:47:84:13:a9:4e:64:b0:81:66:54:93:1d:f7:dc:9a:45:
0b:b3:ca:0c:eb:96:63:95:b8:c1:d3:c0:d0:ee:17:8e:e7:5d:
ab:06:13:78:3d:71:64:99:c3:89:f7:5d:25:65:a7:9c:d7:da:
29:31:ff:ad:26:99:ba:cb:e7:a5:96:88:95:d7:0c:d7:32:a3:
4e:c4:75:4f:33:71:93:f7:1f:11:eb:81:0b:30:20:81:30:a9:
4c:95:f6:51:f1:45:e4:ab:2b:d5:10:f7:99:db:36:a0:71:89:
a2:53:59:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuMNlmSjm67fttSvAOAy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTg0M2QzYTY3YmYyMDJkMGFlMjNkZjk1ZTE0ZWE4NzFk
OGYxNWQwHhcNMjQwMTAxMjAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGZlOGNmYTYyNDUwZTA0YjZmMDI3ZGEyYzcxNTY1NTNkYWU0ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr+hVas0+pRxlzOocHv0RqrpTIwH
6wqWA4Y/CikWckgHhzqnSY+uA2PXFMCl+QSVbc7EjEc/d7Eb9GY+Ufhxi0H1RjD7
xORnfF1iKxTUbYQXUcFvhtttHGu53J9XwuhbiZLd3sbKntQzHw3sf0UlWMMts8zy
5rgvy/mRN3XvxQxfNx/P7T0h9bi2sbXkMs7szRfZv2PL0YaWROROrKRVG5/pVHWk
Tuw//gEz0KqMiX3mH46AN1au51aXs244nTonTas0pFn3+qe5IB61hwBRh6a9EzHO
QBN3plh6G1RMHY2fiXKevJ0ao8UuWL/1/OpgDm7Bm2UxNb7cJj9URAnBbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMD+jPpiRQ4EtvAn2ixxVlU9rk+oMB8GA1UdIwQY
MBaAFHmoQ9Ome/IC0K4j35XhTqhx2PFdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEt
YjRkZDIyNzU4OTUxLzEvd1A2TS1tSkZEZ1MyOENmYUxIRldWVDJ1VDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEtYjRkZDIyNzU4OTUx
LzEvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZFgAwQA
uRUyAwQAwi1kMA0GCSqGSIb3DQEBCwUAA4IBAQBgsQA9cF8NROKCu7DeOR8Muokx
kv9/2CywNfomg6xSEGuws7AJxUm9gYrr3AeJ5aImKo5Hsd3GjdWz2kcj1Nr0xuL8
9ep3Oq7FjL9KAhfjAlO3FudbfPOhsoaJkYvdTXHYHOyX0SAEbLs+LHMaLlwCViLx
DVgAnwkTKDtbephG+ETrOERsX3OwJvho/dohqyz4wkeEE6lOZLCBZlSTHffcmkUL
s8oM65ZjlbjB08DQ7heO512rBhN4PXFkmcOJ910lZaec19opMf+tJpm6y+elloiV
1wzXMqNOxHVPM3GT9x8R64ELMCCBMKlMlfZR8UXkqyvVEPeZ2zagcYmiU1km
-----END CERTIFICATE-----
Generated at Fri Dec 13 18:39:23 2024 by rpki-client on console-fra.rpki-client.org