Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/WYm6HiWXe7CcAoIXjgLxv1XOXYw.roa
File: WYm6HiWXe7CcAoIXjgLxv1XOXYw.roa (raw, json)
Hash identifier: K03E70cVsXxErmg8AIFq/uPTCdk29kiWYnncdRWLxpQ=
Subject key identifier: 59:89:BA:1E:25:97:7B:B0:9C:02:82:17:8E:02:F1:BF:55:CE:5D:8C
Certificate issuer: /CN=5a8f81366ffc43c71f5bb521f81501760ebeb074
Certificate serial: 018CC3488B5D0B58C97C3A05250CFB244A88
Authority key identifier: 5A:8F:81:36:6F:FC:43:C7:1F:5B:B5:21:F8:15:01:76:0E:BE:B0:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wo-BNm_8Q8cfW7Uh-BUBdg6-sHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/WYm6HiWXe7CcAoIXjgLxv1XOXYw.roa
Signing time: Mon 01 Jan 2024 04:29:20 +0000
ROA not before: Mon 01 Jan 2024 04:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61345
IP address blocks: 185.144.76.0/22 maxlen: 24
185.8.12.0/22 maxlen: 24
185.144.248.0/22 maxlen: 24
2a03:3140::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/Wo-BNm_8Q8cfW7Uh-BUBdg6-sHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/Wo-BNm_8Q8cfW7Uh-BUBdg6-sHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wo-BNm_8Q8cfW7Uh-BUBdg6-sHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8b:5d:0b:58:c9:7c:3a:05:25:0c:fb:24:4a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a8f81366ffc43c71f5bb521f81501760ebeb074
Validity
Not Before: Jan 1 04:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5989ba1e25977bb09c0282178e02f1bf55ce5d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:65:24:c3:27:5f:8b:dc:d8:8c:c9:3c:7d:e9:
cb:33:0b:be:27:d8:23:4b:df:01:ea:67:ce:28:a6:
8f:88:1b:f5:c4:b7:72:45:b3:9c:97:2c:8d:5c:0b:
21:84:8d:cb:c4:fa:f4:bf:38:9c:12:5b:9f:0d:d5:
64:96:4d:69:d2:73:2b:cd:a6:7e:1f:09:27:74:e6:
7e:c5:1c:e0:9e:4b:a7:fe:e0:3f:aa:43:b3:a1:b9:
02:95:03:e4:d5:bd:21:b6:49:0c:3c:bb:e0:ea:5e:
75:81:d3:77:cb:af:5f:80:98:1a:1b:23:b0:9c:83:
cd:6b:4e:8c:63:4d:7a:de:6a:40:6d:4a:b7:01:0d:
67:6d:2c:19:7e:43:9c:c9:c9:e2:77:d1:95:b2:55:
76:91:19:26:f2:f6:61:e2:94:ba:b1:58:cb:15:c0:
4e:3e:02:cb:90:e3:9d:91:76:74:f4:c0:09:7d:36:
7c:de:e0:9c:6b:49:c5:23:50:7c:99:32:50:59:6c:
f9:56:6f:e5:c7:69:25:0b:a6:44:34:f9:ae:66:eb:
85:6e:e4:eb:90:9f:e4:bd:8e:54:13:bf:18:2a:fc:
49:94:1d:fa:e9:89:db:e9:69:c2:8c:cf:58:4b:b4:
e9:02:af:a2:c4:89:af:bc:4d:b8:62:59:3e:90:ff:
89:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:89:BA:1E:25:97:7B:B0:9C:02:82:17:8E:02:F1:BF:55:CE:5D:8C
X509v3 Authority Key Identifier:
keyid:5A:8F:81:36:6F:FC:43:C7:1F:5B:B5:21:F8:15:01:76:0E:BE:B0:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wo-BNm_8Q8cfW7Uh-BUBdg6-sHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/WYm6HiWXe7CcAoIXjgLxv1XOXYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b83ab5-cdb2-4174-8093-802d09cfc835/1/Wo-BNm_8Q8cfW7Uh-BUBdg6-sHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.12.0/22
185.144.76.0/22
185.144.248.0/22
IPv6:
2a03:3140::/32
Signature Algorithm: sha256WithRSAEncryption
6e:18:2d:6e:9a:0a:3c:9f:66:d6:0a:ef:f2:cb:2b:11:05:b3:
a6:e3:fc:bb:97:80:67:11:2d:63:e4:3a:c7:31:98:d9:86:48:
57:d4:b7:42:75:49:5d:5f:8c:33:e4:f7:e2:84:56:bc:77:80:
f1:fe:1b:10:6d:a9:50:5f:09:75:4e:06:e2:48:c2:d2:78:e4:
11:00:58:f0:10:8d:56:a7:3f:ed:ff:16:28:b5:bd:78:e1:cb:
35:34:f3:2e:60:57:2f:7c:55:7f:24:23:75:ff:1d:80:6a:40:
92:0c:45:06:7b:c9:6e:3f:38:7c:39:4b:6e:e7:69:52:d3:5f:
c3:93:67:d4:55:d4:f6:e4:fe:18:cd:d8:4e:be:51:c6:e1:21:
21:f8:39:43:55:f6:a3:91:f0:a9:f9:6b:20:a1:e2:b7:04:09:
98:8c:8b:e6:f1:98:e2:29:62:82:b4:d2:30:3f:e9:77:dd:18:
f1:2f:e6:e5:99:8d:cb:bd:87:7e:ff:df:c6:ff:08:91:fa:dc:
fc:2d:0d:ac:d1:b6:00:71:23:2c:64:32:ec:00:16:7a:d9:cb:
b7:1d:78:07:b9:1c:9a:03:11:f6:c7:e9:ee:e4:ea:93:5e:76:
fe:91:81:a3:5b:44:76:ff:85:40:ae:cc:94:45:2a:d7:16:2d:
07:53:cd:c7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSItdC1jJfDoFJQz7JEqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOGY4MTM2NmZmYzQzYzcxZjViYjUyMWY4MTUwMTc2MGVi
ZWIwNzQwHhcNMjQwMTAxMDQyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTg5YmExZTI1OTc3YmIwOWMwMjgyMTc4ZTAyZjFiZjU1Y2U1ZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GUkwydfi9zYjMk8fenLMwu+J9gj
S98B6mfOKKaPiBv1xLdyRbOclyyNXAshhI3LxPr0vzicElufDdVklk1p0nMrzaZ+
HwkndOZ+xRzgnkun/uA/qkOzobkClQPk1b0htkkMPLvg6l51gdN3y69fgJgaGyOw
nIPNa06MY0163mpAbUq3AQ1nbSwZfkOcycnid9GVslV2kRkm8vZh4pS6sVjLFcBO
PgLLkOOdkXZ09MAJfTZ83uCca0nFI1B8mTJQWWz5Vm/lx2klC6ZENPmuZuuFbuTr
kJ/kvY5UE78YKvxJlB366Ynb6WnCjM9YS7TpAq+ixImvvE24Ylk+kP+J0QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFmJuh4ll3uwnAKCF44C8b9Vzl2MMB8GA1UdIwQY
MBaAFFqPgTZv/EPHH1u1IfgVAXYOvrB0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV28tQk5tXzhROGNmVzdVaC1CVUJkZzYtc0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iODNhYjUtY2RiMi00MTc0LTgwOTMt
ODAyZDA5Y2ZjODM1LzEvV1ltNkhpV1hlN0NjQW9JWGpnTHh2MVhPWFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iODNhYjUtY2RiMi00MTc0LTgwOTMtODAyZDA5Y2ZjODM1
LzEvV28tQk5tXzhROGNmVzdVaC1CVUJkZzYtc0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQgMAwQC
uZBMAwQCuZD4MA0EAgACMAcDBQAqAzFAMA0GCSqGSIb3DQEBCwUAA4IBAQBuGC1u
mgo8n2bWCu/yyysRBbOm4/y7l4BnES1j5DrHMZjZhkhX1LdCdUldX4wz5PfihFa8
d4Dx/hsQbalQXwl1TgbiSMLSeOQRAFjwEI1Wpz/t/xYotb144cs1NPMuYFcvfFV/
JCN1/x2AakCSDEUGe8luPzh8OUtu52lS01/Dk2fUVdT25P4YzdhOvlHG4SEh+DlD
VfajkfCp+WsgoeK3BAmYjIvm8ZjiKWKCtNIwP+l33RjxL+blmY3LvYd+/9/G/wiR
+tz8LQ2s0bYAcSMsZDLsABZ62cu3HXgHuRyaAxH2x+nu5OqTXnb+kYGjW0R2/4VA
rsyURSrXFi0HU83H
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:52 2024 by rpki-client on console-ams.rpki-client.org