Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Wh3e5wNmHns1QYwyzP2IY-rZUAY.roa
File: Wh3e5wNmHns1QYwyzP2IY-rZUAY.roa (raw, json)
Hash identifier: oOlAn/+MMgC+Wi3nXNLlX+uC+V5LxHWROIUA5cM2D5k=
Subject key identifier: 5A:1D:DE:E7:03:66:1E:7B:35:41:8C:32:CC:FD:88:63:EA:D9:50:06
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018CF7F7CEE31CF97CD81AEBC154974F9B1E
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Wh3e5wNmHns1QYwyzP2IY-rZUAY.roa
Signing time: Thu 11 Jan 2024 10:01:01 +0000
ROA not before: Thu 11 Jan 2024 10:01:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 188.68.0.0/23 maxlen: 32
80.246.28.0/24 maxlen: 24
45.67.0.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 08:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:f7:ce:e3:1c:f9:7c:d8:1a:eb:c1:54:97:4f:9b:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 11 10:01:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a1ddee703661e7b35418c32ccfd8863ead95006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c9:c9:9b:81:0c:f5:51:9b:e0:84:0e:5d:bc:
77:49:39:ba:58:12:56:d4:d0:ad:f5:63:75:84:73:
aa:df:4e:63:37:00:06:97:9f:52:ef:b0:46:6a:2b:
61:8b:77:8c:74:e1:f0:7e:53:17:af:a6:12:95:70:
5d:05:cf:8c:a4:6e:8f:64:b9:6d:3b:03:0d:57:6f:
85:e6:45:b1:1c:a2:15:e5:d1:e4:23:7d:ee:78:60:
ae:e7:22:89:d4:00:3f:03:94:0f:91:a2:af:d1:ea:
08:87:e1:d4:b2:41:73:61:a7:aa:ce:74:dd:63:84:
61:5d:60:02:09:80:2e:75:eb:89:c1:af:15:33:bf:
d8:f4:aa:c1:b6:11:f1:c6:db:3e:93:13:29:31:07:
61:35:f9:7d:59:1b:11:f3:a7:b6:ac:46:52:04:ff:
d4:72:de:c4:19:52:60:7b:b0:d9:73:5a:3a:e0:82:
dd:3a:15:16:c6:dc:47:00:bb:e7:fb:fa:66:a5:01:
04:40:fa:a6:2f:f2:d0:5b:e4:e8:14:03:b7:91:5d:
21:1b:9c:6c:a7:4f:e2:f7:2a:c2:23:d3:20:73:96:
4c:ca:d7:b3:ca:aa:9b:c7:b6:18:8c:bf:75:5b:04:
ba:aa:6c:e6:e8:86:40:60:51:af:75:ed:4b:04:b8:
ad:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1D:DE:E7:03:66:1E:7B:35:41:8C:32:CC:FD:88:63:EA:D9:50:06
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/Wh3e5wNmHns1QYwyzP2IY-rZUAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.0.0/22
80.246.28.0/24
188.68.0.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:e6:6a:39:e6:ba:eb:e0:83:1c:c7:6f:1c:28:43:f3:4e:96:
45:76:9a:04:cd:1c:17:ce:8c:ce:7a:3f:23:f1:16:77:13:7d:
35:88:62:44:22:a2:4c:0c:3a:55:f8:4c:fa:cc:da:d3:6b:87:
05:ba:51:16:94:15:73:de:0c:96:10:99:df:e5:3f:52:65:1e:
82:92:43:f8:14:2d:cf:74:09:e1:d9:70:28:03:e7:e9:12:cf:
4d:2e:b8:2f:94:cd:72:c7:00:eb:27:6c:f6:05:dd:89:f9:0e:
e1:de:b7:a4:79:4d:12:65:3a:e2:f5:3c:9c:04:dc:c2:36:3b:
92:b7:8c:93:71:c5:ea:73:a4:8a:17:e2:b0:2c:eb:b9:e7:53:
b0:e2:19:a3:7c:f2:44:96:78:2f:14:21:cd:1f:08:dc:16:05:
ab:57:ea:18:fd:9f:99:d1:4f:e7:d2:40:54:f7:7e:55:d8:c8:
2a:17:04:3a:6f:bb:03:f9:f5:79:fc:49:07:fc:55:48:bb:ba:
13:6d:b8:eb:b4:b0:c8:ed:8b:88:31:fd:66:02:9e:d9:50:46:
78:21:3e:56:41:8e:7f:15:6d:4e:6f:1d:e1:84:08:d8:25:8a:
b9:93:08:93:28:ec:3b:23:47:29:b2:2d:43:02:12:b7:09:57:
f2:d0:37:7b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYz3987jHPl82BrrwVSXT5seMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMTExMTAwMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFkZGVlNzAzNjYxZTdiMzU0MThjMzJjY2ZkODg2M2VhZDk1MDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsnJm4EM9VGb4IQOXbx3STm6WBJW
1NCt9WN1hHOq305jNwAGl59S77BGaithi3eMdOHwflMXr6YSlXBdBc+MpG6PZLlt
OwMNV2+F5kWxHKIV5dHkI33ueGCu5yKJ1AA/A5QPkaKv0eoIh+HUskFzYaeqznTd
Y4RhXWACCYAudeuJwa8VM7/Y9KrBthHxxts+kxMpMQdhNfl9WRsR86e2rEZSBP/U
ct7EGVJge7DZc1o64ILdOhUWxtxHALvn+/pmpQEEQPqmL/LQW+ToFAO3kV0hG5xs
p0/i9yrCI9Mgc5ZMytezyqqbx7YYjL91WwS6qmzm6IZAYFGvde1LBLitWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFod3ucDZh57NUGMMsz9iGPq2VAGMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvV2gzZTV3Tm1IbnMxUVl3eXpQMklZLXJaVUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLUMAAwQA
UPYcAwQBvEQAMA0GCSqGSIb3DQEBCwUAA4IBAQCk5mo55rrr4IMcx28cKEPzTpZF
dpoEzRwXzozOej8j8RZ3E301iGJEIqJMDDpV+Ez6zNrTa4cFulEWlBVz3gyWEJnf
5T9SZR6CkkP4FC3PdAnh2XAoA+fpEs9NLrgvlM1yxwDrJ2z2Bd2J+Q7h3rekeU0S
ZTri9TycBNzCNjuSt4yTccXqc6SKF+KwLOu551Ow4hmjfPJElngvFCHNHwjcFgWr
V+oY/Z+Z0U/n0kBU935V2MgqFwQ6b7sD+fV5/EkH/FVIu7oTbbjrtLDI7YuIMf1m
Ap7ZUEZ4IT5WQY5/FW1Obx3hhAjYJYq5kwiTKOw7I0cpsi1DAhK3CVfy0Dd7
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:47:25 2024 by rpki-client on console-fra.rpki-client.org