Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/WS2XOWLR_RTbvcpzD4nzIsX0cLI.roa
File: WS2XOWLR_RTbvcpzD4nzIsX0cLI.roa (raw, json)
Hash identifier: RHw5MaSTIPHXjIzLMkX/D7CQ10eDnTJb8xuGeDnG0x4=
Subject key identifier: 59:2D:97:39:62:D1:FD:14:DB:BD:CA:73:0F:89:F3:22:C5:F4:70:B2
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018CC348C07258EDA6D122EFDF9C4F1DA351
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/WS2XOWLR_RTbvcpzD4nzIsX0cLI.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399641
IP address blocks: 46.37.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 12:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c0:72:58:ed:a6:d1:22:ef:df:9c:4f:1d:a3:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=592d973962d1fd14dbbdca730f89f322c5f470b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d6:41:ca:b8:96:4e:e0:8b:a3:ef:d3:31:1f:
03:8e:e4:35:ce:96:d4:fd:10:fd:04:ed:b5:db:37:
6d:33:60:bb:8b:52:7e:04:cd:4d:b5:1c:98:04:a5:
48:75:43:37:66:91:30:9a:43:34:9c:cc:ec:82:da:
61:df:43:67:8c:ee:9a:4b:60:21:03:5a:c2:6d:c2:
0f:2c:aa:d1:00:21:8c:4e:5c:59:54:bf:de:14:89:
1d:e8:a9:eb:33:c6:59:1d:ef:3f:f7:6c:a5:48:3b:
6f:8d:81:f5:1b:b5:5a:72:b6:70:46:bc:82:f3:30:
31:1a:00:a2:09:f0:a1:ba:ca:45:c9:58:56:70:74:
dc:24:6d:c5:94:24:c6:f4:a3:c9:1d:38:6f:8b:6a:
ff:33:e7:97:3d:cb:ba:5f:c2:c9:f3:06:9b:94:73:
7e:64:7b:b1:cf:b8:4f:50:be:9f:34:9f:af:c5:14:
48:8b:2c:e5:87:4c:de:ed:96:94:f6:ac:76:30:37:
48:2e:d1:1f:25:bd:87:ef:01:c4:1f:38:99:b0:02:
5f:50:4c:4b:62:0d:14:29:5c:5a:ce:3d:a9:7e:ea:
e3:03:db:7e:0d:66:2a:eb:37:93:0a:f8:b0:81:e6:
ab:4c:69:b3:e9:16:7e:52:8b:5e:27:15:6f:40:17:
af:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2D:97:39:62:D1:FD:14:DB:BD:CA:73:0F:89:F3:22:C5:F4:70:B2
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/WS2XOWLR_RTbvcpzD4nzIsX0cLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.102.0/24
Signature Algorithm: sha256WithRSAEncryption
73:90:39:8b:00:1e:6e:61:c3:67:07:2f:c8:fb:32:11:64:fd:
da:20:a5:47:f9:56:2a:3d:74:ac:2c:9e:0b:cf:11:bc:7c:0e:
e3:a7:1b:b8:09:21:d4:1f:01:e2:fe:18:6d:e7:06:8b:ec:b9:
f6:d8:da:13:25:e3:f4:33:37:dd:b6:4c:1b:b1:8f:2f:5a:18:
e2:45:d3:97:76:c6:3b:2a:ed:08:39:7a:2e:00:b6:4c:52:3c:
20:5c:fc:c1:91:b5:c1:4a:28:4e:5b:73:7e:b0:d8:b7:44:81:
ab:69:84:a7:ef:ff:59:42:cf:a2:67:65:fd:82:c4:2b:d1:b1:
50:23:7a:3b:be:7e:f0:93:8c:e4:4f:e7:f2:45:63:94:8d:ca:
6e:59:2c:8c:ed:15:87:e7:d6:1a:95:03:c3:64:00:04:8b:b4:
33:37:65:a2:50:5c:bb:3b:4d:4c:73:7c:b1:f3:b0:64:a8:df:
5f:87:b9:04:d7:e6:72:e8:cd:a4:a2:ca:0e:d2:ca:67:84:71:
3b:ef:77:dd:c9:1b:fe:9e:d6:b3:96:cf:8c:8e:52:bd:6f:13:
35:a8:b3:88:ef:af:02:3c:0e:2b:f0:7a:b9:78:12:c9:57:92:
37:10:b3:f6:75:3f:9b:ee:60:a6:c5:f0:65:bc:b3:3e:10:ca:
eb:f8:7d:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSMByWO2m0SLv35xPHaNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTJkOTczOTYyZDFmZDE0ZGJiZGNhNzMwZjg5ZjMyMmM1ZjQ3MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9ZByriWTuCLo+/TMR8DjuQ1zpbU
/RD9BO212zdtM2C7i1J+BM1NtRyYBKVIdUM3ZpEwmkM0nMzsgtph30NnjO6aS2Ah
A1rCbcIPLKrRACGMTlxZVL/eFIkd6KnrM8ZZHe8/92ylSDtvjYH1G7VacrZwRryC
8zAxGgCiCfChuspFyVhWcHTcJG3FlCTG9KPJHThvi2r/M+eXPcu6X8LJ8wablHN+
ZHuxz7hPUL6fNJ+vxRRIiyzlh0ze7ZaU9qx2MDdILtEfJb2H7wHEHziZsAJfUExL
Yg0UKVxazj2pfurjA9t+DWYq6zeTCviwgearTGmz6RZ+UoteJxVvQBevaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFktlzli0f0U273Kcw+J8yLF9HCyMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvV1MyWE9XTFJfUlRidmNwekQ0bnpJc1gwY0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVmMA0G
CSqGSIb3DQEBCwUAA4IBAQBzkDmLAB5uYcNnBy/I+zIRZP3aIKVH+VYqPXSsLJ4L
zxG8fA7jpxu4CSHUHwHi/hht5waL7Ln22NoTJeP0MzfdtkwbsY8vWhjiRdOXdsY7
Ku0IOXouALZMUjwgXPzBkbXBSihOW3N+sNi3RIGraYSn7/9ZQs+iZ2X9gsQr0bFQ
I3o7vn7wk4zkT+fyRWOUjcpuWSyM7RWH59YalQPDZAAEi7QzN2WiUFy7O01Mc3yx
87BkqN9fh7kE1+Zy6M2kosoO0spnhHE773fdyRv+ntazls+MjlK9bxM1qLOI768C
PA4r8Hq5eBLJV5I3ELP2dT+b7mCmxfBlvLM+EMrr+H3Z
-----END CERTIFICATE-----
Generated at Sun Apr 28 17:48:58 2024 by rpki-client on console-fra.rpki-client.org