Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/WdjLo1cTS7N_R8HDCg1karLJ5_s.roa
File: WdjLo1cTS7N_R8HDCg1karLJ5_s.roa (raw, json)
Hash identifier: sNTycinr7xdhth8/Jgikai8D+aUKiaAHusvIz4Srrdk=
Subject key identifier: 59:D8:CB:A3:57:13:4B:B3:7F:47:C1:C3:0A:0D:64:6A:B2:C9:E7:FB
Certificate issuer: /CN=8686ae8e49374bac84caa3de0d26070b6b190054
Certificate serial: 018DC5C0253BD17CDF864FD83A843394AD5D
Authority key identifier: 86:86:AE:8E:49:37:4B:AC:84:CA:A3:DE:0D:26:07:0B:6B:19:00:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hoaujkk3S6yEyqPeDSYHC2sZAFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/WdjLo1cTS7N_R8HDCg1karLJ5_s.roa
Signing time: Tue 20 Feb 2024 09:02:00 +0000
ROA not before: Tue 20 Feb 2024 09:02:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200023
IP address blocks: 88.218.4.0/22 maxlen: 22
88.218.6.0/24 maxlen: 24
94.177.105.0/24 maxlen: 24
176.103.219.0/24 maxlen: 24
185.39.44.0/22 maxlen: 22
2a04:7c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/hoaujkk3S6yEyqPeDSYHC2sZAFQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/hoaujkk3S6yEyqPeDSYHC2sZAFQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hoaujkk3S6yEyqPeDSYHC2sZAFQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:c0:25:3b:d1:7c:df:86:4f:d8:3a:84:33:94:ad:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8686ae8e49374bac84caa3de0d26070b6b190054
Validity
Not Before: Feb 20 09:02:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59d8cba357134bb37f47c1c30a0d646ab2c9e7fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ec:a4:52:db:5e:e2:80:24:58:04:c6:e4:e2:
34:6f:7b:72:f1:5c:f2:f6:26:a5:79:bf:90:61:3d:
57:e2:0c:e8:1c:be:77:71:db:10:87:bf:cd:0f:5c:
99:30:08:79:0d:de:a0:bf:d6:a6:f7:e2:30:dd:37:
10:10:74:40:f8:8a:60:e5:94:f0:b8:b7:a3:b9:45:
76:7c:f8:77:49:e8:75:1f:0f:dd:25:0a:65:76:2f:
6e:bb:52:da:1f:12:39:98:ec:1a:a2:f2:37:83:e6:
c9:0b:32:b0:a3:f1:83:ed:85:cc:6c:19:b2:f2:1f:
a8:54:a3:e2:81:cb:43:f6:8b:27:c5:40:0e:5e:f3:
fa:c6:90:ad:18:22:de:f2:b5:68:06:c4:8a:8e:c0:
ba:94:80:e0:d7:65:2d:cb:c3:45:b7:50:18:d5:5d:
35:63:66:a1:ad:90:85:e2:55:56:ce:49:4f:7e:71:
9c:d0:9d:50:e7:b1:59:ec:a3:73:9b:ba:25:fa:b8:
3c:65:58:ba:4b:ed:12:27:79:da:28:4e:0a:54:fa:
95:03:af:01:03:43:3c:e4:f5:40:c2:f5:e2:26:a8:
54:d8:38:a2:3e:9e:d6:6e:6e:b7:1b:a7:75:38:0b:
0f:3d:d9:94:d1:f3:78:67:46:5a:9a:43:f9:01:a9:
ab:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:D8:CB:A3:57:13:4B:B3:7F:47:C1:C3:0A:0D:64:6A:B2:C9:E7:FB
X509v3 Authority Key Identifier:
keyid:86:86:AE:8E:49:37:4B:AC:84:CA:A3:DE:0D:26:07:0B:6B:19:00:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hoaujkk3S6yEyqPeDSYHC2sZAFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/WdjLo1cTS7N_R8HDCg1karLJ5_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c1962a-c678-4e46-a076-a74f50e00dd5/1/hoaujkk3S6yEyqPeDSYHC2sZAFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.4.0/22
94.177.105.0/24
176.103.219.0/24
185.39.44.0/22
IPv6:
2a04:7c00::/29
Signature Algorithm: sha256WithRSAEncryption
e3:77:44:42:7c:1b:70:7d:a1:6e:eb:36:6e:a0:88:d4:de:a7:
88:e1:d5:ff:96:c6:33:b1:51:c8:de:4b:d4:be:08:23:04:2b:
bf:f0:a9:20:85:ef:9c:59:94:9e:b8:5f:b2:ab:70:47:94:1d:
f0:05:d8:c3:54:17:22:80:97:46:6b:1b:30:69:97:23:c0:b7:
32:6c:52:15:18:9e:08:ca:fc:78:0e:69:e7:0c:22:a0:46:35:
d0:63:55:3a:76:bc:12:7e:73:c8:58:7e:c8:1e:32:6b:a0:24:
3a:7d:76:49:60:9c:13:be:62:fd:d2:3d:86:43:82:84:10:d8:
3d:a9:f5:dc:bb:6e:d1:e5:20:43:4e:20:d3:9f:1a:5e:19:e6:
e4:9d:37:f2:3c:0f:e8:52:54:ba:69:30:35:ca:f0:84:6e:ac:
67:af:39:54:ee:24:8c:74:b6:95:19:1a:2f:0f:a1:ca:f5:7e:
25:ca:90:a3:98:2e:1b:88:76:57:fb:3d:7c:de:57:27:77:e5:
e6:14:75:c1:25:7f:54:3e:30:b4:b5:31:fa:89:40:9a:af:35:
bb:bb:c9:05:14:f5:63:dd:6f:9b:b5:95:8e:17:bd:e4:03:4f:
36:ef:a3:39:c1:0b:e4:8b:b2:1e:65:9c:21:32:ad:ae:65:98:
95:0e:dd:fd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY3FwCU70Xzfhk/YOoQzlK1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ODZhZThlNDkzNzRiYWM4NGNhYTNkZTBkMjYwNzBiNmIx
OTAwNTQwHhcNMjQwMjIwMDkwMjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWQ4Y2JhMzU3MTM0YmIzN2Y0N2MxYzMwYTBkNjQ2YWIyYzllN2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+ykUtte4oAkWATG5OI0b3ty8Vzy
9ialeb+QYT1X4gzoHL53cdsQh7/ND1yZMAh5Dd6gv9am9+Iw3TcQEHRA+Ipg5ZTw
uLejuUV2fPh3Seh1Hw/dJQpldi9uu1LaHxI5mOwaovI3g+bJCzKwo/GD7YXMbBmy
8h+oVKPigctD9osnxUAOXvP6xpCtGCLe8rVoBsSKjsC6lIDg12Uty8NFt1AY1V01
Y2ahrZCF4lVWzklPfnGc0J1Q57FZ7KNzm7ol+rg8ZVi6S+0SJ3naKE4KVPqVA68B
A0M85PVAwvXiJqhU2DiiPp7Wbm63G6d1OAsPPdmU0fN4Z0ZamkP5AamrJwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFnYy6NXE0uzf0fBwwoNZGqyyef7MB8GA1UdIwQY
MBaAFIaGro5JN0ushMqj3g0mBwtrGQBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG9hdWprazNTNnlFeXFQZURTWUhDMnNaQUZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jMTk2MmEtYzY3OC00ZTQ2LWEwNzYt
YTc0ZjUwZTAwZGQ1LzEvV2RqTG8xY1RTN05fUjhIRENnMWthckxKNV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jMTk2MmEtYzY3OC00ZTQ2LWEwNzYtYTc0ZjUwZTAwZGQ1
LzEvaG9hdWprazNTNnlFeXFQZURTWUhDMnNaQUZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCWNoEAwQA
XrFpAwQAsGfbAwQCuScsMA0EAgACMAcDBQMqBHwAMA0GCSqGSIb3DQEBCwUAA4IB
AQDjd0RCfBtwfaFu6zZuoIjU3qeI4dX/lsYzsVHI3kvUvggjBCu/8Kkghe+cWZSe
uF+yq3BHlB3wBdjDVBcigJdGaxswaZcjwLcybFIVGJ4Iyvx4DmnnDCKgRjXQY1U6
drwSfnPIWH7IHjJroCQ6fXZJYJwTvmL90j2GQ4KEENg9qfXcu27R5SBDTiDTnxpe
GebknTfyPA/oUlS6aTA1yvCEbqxnrzlU7iSMdLaVGRovD6HK9X4lypCjmC4biHZX
+z183lcnd+XmFHXBJX9UPjC0tTH6iUCarzW7u8kFFPVj3W+btZWOF73kA08276M5
wQvki7IeZZwhMq2uZZiVDt39
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:00:49 2024 by rpki-client on console-fra.rpki-client.org