Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/oesfll56GqbXsybxmTWijxofM-Y.roa
File: oesfll56GqbXsybxmTWijxofM-Y.roa (raw, json)
Hash identifier: gQChqUal+Tsovkv0JdN6MhklbtT5yygeyROafn9APog=
Subject key identifier: A1:EB:1F:96:5E:7A:1A:A6:D7:B3:26:F1:99:35:A2:8F:1A:1F:33:E6
Certificate issuer: /CN=59a9e9f8ea47486d80c9d6dcfd568f654d4f07ee
Certificate serial: 018D4F3A55F27808E34AAA767C3E2880687B
Authority key identifier: 59:A9:E9:F8:EA:47:48:6D:80:C9:D6:DC:FD:56:8F:65:4D:4F:07:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wanp-OpHSG2Aydbc_VaPZU1PB-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/oesfll56GqbXsybxmTWijxofM-Y.roa
Signing time: Sun 28 Jan 2024 08:40:39 +0000
ROA not before: Sun 28 Jan 2024 08:40:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51539
IP address blocks: 46.30.224.0/21 maxlen: 21
46.30.226.0/23 maxlen: 23
46.30.228.0/23 maxlen: 23
2a06:d980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/Wanp-OpHSG2Aydbc_VaPZU1PB-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/Wanp-OpHSG2Aydbc_VaPZU1PB-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wanp-OpHSG2Aydbc_VaPZU1PB-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4f:3a:55:f2:78:08:e3:4a:aa:76:7c:3e:28:80:68:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59a9e9f8ea47486d80c9d6dcfd568f654d4f07ee
Validity
Not Before: Jan 28 08:40:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1eb1f965e7a1aa6d7b326f19935a28f1a1f33e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6e:f3:94:79:84:a1:0c:3e:da:7b:7a:62:89:
40:4f:b6:6a:1c:ac:e8:df:8b:95:df:e4:79:d3:d7:
45:b0:3e:01:db:36:78:11:1d:3b:f8:8d:65:5c:40:
f7:12:04:d6:4e:e4:12:91:96:7e:b1:3a:24:97:91:
ff:05:48:0c:73:d7:d9:b0:e8:6b:2d:a6:8b:35:b4:
b1:fc:0d:54:a4:af:47:43:50:a2:4d:b8:7f:b1:ca:
df:67:28:d9:c9:24:ad:57:02:92:f5:7c:da:3c:cb:
77:1e:54:75:5f:48:08:7a:a7:d9:31:e4:70:49:f6:
1b:46:50:0f:e5:44:c7:bd:03:a4:09:c0:1c:83:d2:
d0:8a:96:24:26:c2:08:d7:9b:4e:31:53:4c:11:42:
b1:49:d4:88:06:92:f2:9b:9e:fe:28:ad:22:9c:ae:
a1:f9:92:21:d6:f1:e3:18:b6:7a:a9:5e:aa:2a:ee:
2e:b4:d8:0e:7a:c1:01:b6:b6:c1:d0:a4:60:a0:da:
13:ef:05:67:f1:a5:4e:2d:88:49:b3:e6:6e:7f:b8:
00:07:32:b2:c6:4c:06:a4:5c:5d:12:25:e5:9b:a6:
1f:c4:2f:42:70:73:f8:5a:2b:a0:8b:7f:4a:3f:ec:
d2:92:0a:f7:31:52:0a:70:c1:d4:a8:92:64:62:34:
b1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:EB:1F:96:5E:7A:1A:A6:D7:B3:26:F1:99:35:A2:8F:1A:1F:33:E6
X509v3 Authority Key Identifier:
keyid:59:A9:E9:F8:EA:47:48:6D:80:C9:D6:DC:FD:56:8F:65:4D:4F:07:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wanp-OpHSG2Aydbc_VaPZU1PB-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/oesfll56GqbXsybxmTWijxofM-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/53ad2b-359b-436a-a2eb-afe84e18d56f/1/Wanp-OpHSG2Aydbc_VaPZU1PB-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.224.0/21
IPv6:
2a06:d980::/29
Signature Algorithm: sha256WithRSAEncryption
43:ac:0d:e3:58:f8:f5:78:8b:a1:dc:87:98:28:ba:63:0a:5a:
21:81:b9:9e:7e:da:de:2c:dc:93:bb:54:b3:fb:3b:1a:72:f6:
ee:f8:c4:1d:47:83:45:fb:f3:98:e2:5d:e0:ca:09:a0:35:b9:
10:34:bc:47:52:ac:47:65:23:67:b9:6c:63:c8:f9:d5:6a:d8:
7c:ec:10:b2:98:b7:d2:a2:93:b7:79:9d:90:2e:6e:9b:2b:f2:
cd:21:4a:84:61:7a:ab:37:0e:de:0f:6f:99:01:b6:2b:54:2c:
3e:7c:68:79:ac:83:10:40:f3:9e:4d:19:82:9b:60:77:d7:75:
58:16:9a:57:8e:63:ef:c8:bf:5f:dd:a9:53:bc:43:62:fd:c1:
ce:ca:eb:bf:98:31:78:53:a5:60:00:c9:04:81:07:17:55:1d:
7f:ee:6d:3f:3f:e3:12:ae:60:8c:53:55:a3:53:01:83:9f:3a:
b1:78:4f:38:61:1f:77:f4:49:26:74:23:c8:e0:8f:e3:c3:4c:
f3:24:ed:00:42:f5:8d:f8:ff:f4:69:83:60:c6:f1:6f:a8:42:
f1:c8:4e:21:98:d2:8d:2a:f5:91:67:9a:69:70:54:2c:55:78:
f9:32:9f:82:cd:d1:32:7b:f8:0e:43:5b:15:be:6f:92:06:be:
f4:cd:38:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1POlXyeAjjSqp2fD4ogGh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YTllOWY4ZWE0NzQ4NmQ4MGM5ZDZkY2ZkNTY4ZjY1NGQ0
ZjA3ZWUwHhcNMjQwMTI4MDg0MDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWViMWY5NjVlN2ExYWE2ZDdiMzI2ZjE5OTM1YTI4ZjFhMWYzM2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW7zlHmEoQw+2nt6YolAT7ZqHKzo
34uV3+R509dFsD4B2zZ4ER07+I1lXED3EgTWTuQSkZZ+sTokl5H/BUgMc9fZsOhr
LaaLNbSx/A1UpK9HQ1CiTbh/scrfZyjZySStVwKS9XzaPMt3HlR1X0gIeqfZMeRw
SfYbRlAP5UTHvQOkCcAcg9LQipYkJsII15tOMVNMEUKxSdSIBpLym57+KK0inK6h
+ZIh1vHjGLZ6qV6qKu4utNgOesEBtrbB0KRgoNoT7wVn8aVOLYhJs+Zuf7gABzKy
xkwGpFxdEiXlm6YfxC9CcHP4Wiugi39KP+zSkgr3MVIKcMHUqJJkYjSxnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKHrH5Zeehqm17Mm8Zk1oo8aHzPmMB8GA1UdIwQY
MBaAFFmp6fjqR0htgMnW3P1Wj2VNTwfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2FucC1PcEhTRzJBeWRiY19WYVBaVTFQQi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81M2FkMmItMzU5Yi00MzZhLWEyZWIt
YWZlODRlMThkNTZmLzEvb2VzZmxsNTZHcWJYc3lieG1UV2lqeG9mTS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81M2FkMmItMzU5Yi00MzZhLWEyZWItYWZlODRlMThkNTZm
LzEvV2FucC1PcEhTRzJBeWRiY19WYVBaVTFQQi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLh7gMA0E
AgACMAcDBQMqBtmAMA0GCSqGSIb3DQEBCwUAA4IBAQBDrA3jWPj1eIuh3IeYKLpj
ClohgbmeftreLNyTu1Sz+zsacvbu+MQdR4NF+/OY4l3gygmgNbkQNLxHUqxHZSNn
uWxjyPnVath87BCymLfSopO3eZ2QLm6bK/LNIUqEYXqrNw7eD2+ZAbYrVCw+fGh5
rIMQQPOeTRmCm2B313VYFppXjmPvyL9f3alTvENi/cHOyuu/mDF4U6VgAMkEgQcX
VR1/7m0/P+MSrmCMU1WjUwGDnzqxeE84YR939EkmdCPI4I/jw0zzJO0AQvWN+P/0
aYNgxvFvqELxyE4hmNKNKvWRZ5ppcFQsVXj5Mp+CzdEye/gOQ1sVvm+SBr70zTjL
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:40:02 2024 by rpki-client on console-ams.rpki-client.org