Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/WHQw5KZja82B-HEIsOVkUgCfk0g.roa
File: WHQw5KZja82B-HEIsOVkUgCfk0g.roa (raw, json)
Hash identifier: RlsGR6y25bkUmIz8imuJ3Wm6hD67mp8fHR7QDJHf6CA=
Subject key identifier: 58:74:30:E4:A6:63:6B:CD:81:F8:71:08:B0:E5:64:52:00:9F:93:48
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 018F0AFDFCD97406A1FC3DF25FC505415817
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/WHQw5KZja82B-HEIsOVkUgCfk0g.roa
Signing time: Tue 23 Apr 2024 12:46:08 +0000
ROA not before: Tue 23 Apr 2024 12:46:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7342
IP address blocks: 81.19.192.0/24 maxlen: 24
81.19.193.0/24 maxlen: 24
81.19.196.0/24 maxlen: 24
81.19.197.0/24 maxlen: 24
81.19.198.0/24 maxlen: 24
81.19.199.0/24 maxlen: 24
81.19.200.0/24 maxlen: 24
81.19.201.0/24 maxlen: 24
81.19.204.0/24 maxlen: 24
81.19.205.0/24 maxlen: 24
81.19.206.0/24 maxlen: 24
81.19.207.0/24 maxlen: 24
193.109.220.0/24 maxlen: 24
194.110.75.0/24 maxlen: 24
217.30.80.0/24 maxlen: 24
217.30.81.0/24 maxlen: 24
217.30.82.0/24 maxlen: 24
217.30.83.0/24 maxlen: 24
217.30.84.0/24 maxlen: 24
217.30.85.0/24 maxlen: 24
217.30.87.0/24 maxlen: 24
217.30.92.0/24 maxlen: 24
2a10:eec0::/48 maxlen: 48
2a10:eec0:1::/48 maxlen: 48
2a10:eec0:2::/48 maxlen: 48
2a10:eec0:3::/48 maxlen: 48
2a10:eec0:4::/48 maxlen: 48
2a10:eec0:5::/48 maxlen: 48
2a10:eec0:7::/48 maxlen: 48
2a10:eec0:8::/48 maxlen: 48
2a10:eec0:a::/48 maxlen: 48
2a10:eec0:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 08:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:fd:fc:d9:74:06:a1:fc:3d:f2:5f:c5:05:41:58:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 23 12:46:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=587430e4a6636bcd81f87108b0e56452009f9348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:46:b4:a5:a9:34:8c:5a:1d:f1:e0:9f:04:b2:
da:e2:21:9a:b6:3d:f7:82:5e:59:ab:df:8a:93:eb:
e2:0d:60:21:2d:7f:6c:09:61:73:eb:8f:93:7d:7c:
8b:4d:d8:e0:b0:be:f4:44:85:9c:2d:74:d3:4f:41:
23:b0:a1:40:cd:12:f4:04:92:c9:a8:69:e0:96:a6:
40:49:da:af:5e:37:00:41:73:b2:e6:ef:74:54:10:
c6:68:37:a0:7b:53:63:56:dc:49:95:ea:25:ce:83:
dc:a8:a3:08:81:15:81:6d:0a:7f:07:56:53:16:3a:
4c:8f:c5:6b:59:8b:b9:14:b3:96:73:c1:85:86:94:
56:9d:04:0c:8e:88:89:2e:97:84:58:02:46:f2:6d:
e7:9d:b5:dc:a0:7d:51:88:20:5e:65:78:2c:20:93:
67:73:b7:14:ec:1e:98:df:56:18:b2:94:9a:47:13:
70:23:bb:04:ac:6f:bc:64:1e:77:0f:46:1f:72:d4:
03:c0:60:ff:ef:5b:38:2a:9b:c5:3d:bd:20:c1:8d:
12:26:c8:29:43:39:76:3f:41:8f:7e:e1:a9:c7:09:
b1:4d:ae:68:af:31:9d:ed:38:e0:e3:ee:fe:87:92:
46:78:16:41:3f:33:f3:e8:c9:0c:d4:a1:9a:65:68:
bb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:74:30:E4:A6:63:6B:CD:81:F8:71:08:B0:E5:64:52:00:9F:93:48
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/WHQw5KZja82B-HEIsOVkUgCfk0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.192.0/23
81.19.196.0-81.19.201.255
81.19.204.0/22
193.109.220.0/24
194.110.75.0/24
217.30.80.0-217.30.85.255
217.30.87.0/24
217.30.92.0/24
IPv6:
2a10:eec0::-2a10:eec0:5:ffff:ffff:ffff:ffff:ffff
2a10:eec0:7::-2a10:eec0:8:ffff:ffff:ffff:ffff:ffff
2a10:eec0:a::/48
2a10:eec0:c::/48
Signature Algorithm: sha256WithRSAEncryption
bf:e6:ad:8c:9d:e4:42:9c:4b:4d:cd:dc:9d:1a:93:3e:a0:14:
fa:9f:dd:7d:80:85:74:60:4c:31:97:7b:c3:9c:c9:96:6e:f6:
0a:3f:7d:dd:5e:f1:13:d8:05:6c:6c:34:85:e5:9f:d2:68:fc:
d6:bb:42:a9:91:c7:bd:1a:63:08:86:d5:73:65:ba:9c:23:81:
4e:21:9e:04:23:e7:de:c7:40:60:41:de:5a:21:f9:cd:19:2b:
39:a5:37:1c:50:da:c7:43:40:7a:b6:96:65:ed:10:da:b2:5f:
a6:ba:0b:6f:4d:03:bb:ba:09:6d:e9:3f:0b:f0:17:c5:fc:45:
55:76:c3:83:d8:84:4a:46:d0:b4:22:e9:1e:ee:f6:3b:8d:4e:
82:21:65:3b:bb:a6:50:53:cf:24:2c:48:71:98:43:30:91:35:
00:bf:12:b5:28:f8:25:15:32:ec:62:26:d3:f4:39:65:36:a7:
ea:7f:1e:94:7c:c2:0d:bd:d9:91:02:f8:33:ee:44:96:e2:42:
7b:f5:1c:1c:8b:82:20:1c:48:d6:27:8b:bd:18:bb:ed:b1:0e:
6a:54:5e:a3:c1:34:8b:d2:ea:91:3d:0f:be:ca:69:34:14:c2:
be:1f:25:0c:2f:05:41:d4:c8:9e:bf:a2:45:8f:90:d1:87:3a:
09:70:5e:8f
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAY8K/fzZdAah/D3yX8UFQVgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQwNDIzMTI0NjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODc0MzBlNGE2NjM2YmNkODFmODcxMDhiMGU1NjQ1MjAwOWY5MzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEa0pak0jFod8eCfBLLa4iGatj33
gl5Zq9+Kk+viDWAhLX9sCWFz64+TfXyLTdjgsL70RIWcLXTTT0EjsKFAzRL0BJLJ
qGnglqZASdqvXjcAQXOy5u90VBDGaDege1NjVtxJleolzoPcqKMIgRWBbQp/B1ZT
FjpMj8VrWYu5FLOWc8GFhpRWnQQMjoiJLpeEWAJG8m3nnbXcoH1RiCBeZXgsIJNn
c7cU7B6Y31YYspSaRxNwI7sErG+8ZB53D0YfctQDwGD/71s4KpvFPb0gwY0SJsgp
Qzl2P0GPfuGpxwmxTa5orzGd7Tjg4+7+h5JGeBZBPzPz6MkM1KGaZWi7pwIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFFh0MOSmY2vNgfhxCLDlZFIAn5NIMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvV0hRdzVLWmphODJCLUhFSXNPVmtVZ0NmazBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBGBAIAATBAAwQBURPA
MAwDBAJRE8QDBAFRE8gDBAJRE8wDBADBbdwDBADCbkswDAMEBNkeUAMEAdkeVAME
ANkeVwMEANkeXDA+BAIAAjA4MBADBQYqEO7AAwcBKhDuwAAEMBIDBwAqEO7AAAcD
BwAqEO7AAAgDBwAqEO7AAAoDBwAqEO7AAAwwDQYJKoZIhvcNAQELBQADggEBAL/m
rYyd5EKcS03N3J0akz6gFPqf3X2AhXRgTDGXe8OcyZZu9go/fd1e8RPYBWxsNIXl
n9Jo/Na7QqmRx70aYwiG1XNlupwjgU4hngQj597HQGBB3loh+c0ZKzmlNxxQ2sdD
QHq2lmXtENqyX6a6C29NA7u6CW3pPwvwF8X8RVV2w4PYhEpG0LQi6R7u9juNToIh
ZTu7plBTzyQsSHGYQzCRNQC/ErUo+CUVMuxiJtP0OWU2p+p/HpR8wg292ZEC+DPu
RJbiQnv1HByLgiAcSNYni70Yu+2xDmpUXqPBNIvS6pE9D77KaTQUwr4fJQwvBUHU
yJ6/okWPkNGHOglwXo8=
-----END CERTIFICATE-----
Generated at Thu Apr 25 13:35:54 2024 by rpki-client on console-fra.rpki-client.org