Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c7bb18-df0b-450b-bd11-870828808f88/1/WDL7rgXvho8HJ-48FiTqVF4i0W0.roa
File: WDL7rgXvho8HJ-48FiTqVF4i0W0.roa (raw, json)
Hash identifier: LXKl/OXUdl/7rzywPOE3NWbFDQL1GhEeNQV7jj0UwUo=
Subject key identifier: 58:32:FB:AE:05:EF:86:8F:07:27:EE:3C:16:24:EA:54:5E:22:D1:6D
Certificate issuer: /CN=b5217a84f715ea48e5cc3783b138ce8c7e70398c
Certificate serial: 018CC5005DCAD5720D3B233E22445B4EF7F6
Authority key identifier: B5:21:7A:84:F7:15:EA:48:E5:CC:37:83:B1:38:CE:8C:7E:70:39:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSF6hPcV6kjlzDeDsTjOjH5wOYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c7bb18-df0b-450b-bd11-870828808f88/1/WDL7rgXvho8HJ-48FiTqVF4i0W0.roa
Signing time: Mon 01 Jan 2024 12:29:44 +0000
ROA not before: Mon 01 Jan 2024 12:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205228
IP address blocks: 31.42.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/c7bb18-df0b-450b-bd11-870828808f88/1/tSF6hPcV6kjlzDeDsTjOjH5wOYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/c7bb18-df0b-450b-bd11-870828808f88/1/tSF6hPcV6kjlzDeDsTjOjH5wOYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/tSF6hPcV6kjlzDeDsTjOjH5wOYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 09:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5d:ca:d5:72:0d:3b:23:3e:22:44:5b:4e:f7:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5217a84f715ea48e5cc3783b138ce8c7e70398c
Validity
Not Before: Jan 1 12:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5832fbae05ef868f0727ee3c1624ea545e22d16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:04:85:af:79:7d:68:d5:08:42:aa:7e:d7:e4:
7a:02:57:8b:f7:5b:93:f2:ff:a6:b9:d8:5d:42:5a:
40:ed:b7:3c:32:51:73:83:0b:5a:aa:b0:b7:8e:76:
36:39:f7:67:ff:70:bd:67:95:02:e0:0a:c3:7c:a3:
2c:e7:8d:8a:51:ad:a1:e3:04:6b:ff:88:a0:59:b8:
9b:e9:97:12:d9:6a:6b:68:9c:2f:cb:fe:a2:db:5e:
2f:7b:2d:12:42:e2:f7:8a:ee:a4:4b:58:16:b3:b4:
c1:5e:59:35:89:2d:24:2a:93:e4:d9:00:67:93:73:
5e:31:f2:68:8d:1c:2e:ea:0a:f8:62:f4:74:b1:6e:
e0:8b:27:51:3e:9a:eb:da:d2:49:06:20:eb:2b:0b:
b2:1c:23:f2:98:98:51:eb:eb:21:dd:e9:de:e4:52:
e6:21:5b:98:17:61:42:02:20:07:45:81:e9:b2:77:
5d:82:81:64:92:b1:cb:4a:27:ae:bc:fd:96:4e:02:
ef:83:8c:1e:cb:4f:ed:0f:b3:af:9e:12:56:95:85:
f9:1a:87:e1:4d:ac:2e:f1:d6:93:93:09:d1:23:f9:
b9:27:f5:5b:fd:cd:8b:e1:57:d9:a9:fd:f4:8d:71:
9d:cd:d4:08:5b:a0:f7:66:f4:8f:53:a2:45:6c:0e:
e1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:32:FB:AE:05:EF:86:8F:07:27:EE:3C:16:24:EA:54:5E:22:D1:6D
X509v3 Authority Key Identifier:
keyid:B5:21:7A:84:F7:15:EA:48:E5:CC:37:83:B1:38:CE:8C:7E:70:39:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSF6hPcV6kjlzDeDsTjOjH5wOYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c7bb18-df0b-450b-bd11-870828808f88/1/WDL7rgXvho8HJ-48FiTqVF4i0W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c7bb18-df0b-450b-bd11-870828808f88/1/tSF6hPcV6kjlzDeDsTjOjH5wOYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.182.0/24
Signature Algorithm: sha256WithRSAEncryption
24:46:f3:24:53:4b:99:4d:ca:50:e7:77:cd:2d:bc:ab:94:30:
09:1a:94:dd:b7:8d:de:26:35:75:b0:57:00:98:89:e5:77:3a:
c6:ff:de:91:d2:6c:5a:78:c1:7a:ae:ca:95:93:d3:c7:f3:e0:
40:15:04:f1:81:83:45:17:1c:a2:ae:3a:c8:c1:b5:8f:31:38:
96:c9:b2:ec:d8:1a:41:4a:57:44:54:95:b6:62:d8:8b:6e:07:
9c:b3:b3:f1:9a:3f:32:85:7f:47:4c:0d:ad:89:a0:2e:f1:02:
5a:12:80:74:b6:cf:65:a8:63:54:41:70:a1:2b:ad:b6:4e:72:
a7:b3:ac:21:ed:b7:e9:61:1a:96:bd:c4:b7:46:55:38:dc:6d:
8a:d4:83:e9:9b:6a:ff:f5:53:a2:24:98:46:85:f6:1f:b7:d2:
3f:e4:1b:62:d9:77:8a:6b:88:18:f7:3b:8f:1c:1f:7d:63:23:
c3:c5:d5:5b:4e:69:dc:38:cb:52:6c:e0:52:9f:63:11:14:1c:
d2:3d:c9:2d:08:29:c2:c4:c1:b7:4c:4b:a3:67:5c:36:20:cc:
2a:e5:b5:67:eb:de:3e:e6:ff:2a:92:87:47:f0:0d:f0:e4:dc:
f4:3e:9b:70:f2:ec:11:62:16:b0:11:38:34:43:78:09:c4:6a:
73:34:41:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAF3K1XINOyM+IkRbTvf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjE3YTg0ZjcxNWVhNDhlNWNjMzc4M2IxMzhjZThjN2U3
MDM5OGMwHhcNMjQwMTAxMTIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODMyZmJhZTA1ZWY4NjhmMDcyN2VlM2MxNjI0ZWE1NDVlMjJkMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwSFr3l9aNUIQqp+1+R6AleL91uT
8v+mudhdQlpA7bc8MlFzgwtaqrC3jnY2Ofdn/3C9Z5UC4ArDfKMs542KUa2h4wRr
/4igWbib6ZcS2WpraJwvy/6i214vey0SQuL3iu6kS1gWs7TBXlk1iS0kKpPk2QBn
k3NeMfJojRwu6gr4YvR0sW7giydRPprr2tJJBiDrKwuyHCPymJhR6+sh3ene5FLm
IVuYF2FCAiAHRYHpsnddgoFkkrHLSieuvP2WTgLvg4wey0/tD7OvnhJWlYX5Gofh
Tawu8daTkwnRI/m5J/Vb/c2L4VfZqf30jXGdzdQIW6D3ZvSPU6JFbA7hpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFgy+64F74aPByfuPBYk6lReItFtMB8GA1UdIwQY
MBaAFLUheoT3FepI5cw3g7E4zox+cDmMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNGNmhQY1Y2a2psekRlRHNUak9qSDV3T1l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jN2JiMTgtZGYwYi00NTBiLWJkMTEt
ODcwODI4ODA4Zjg4LzEvV0RMN3JnWHZobzhISi00OEZpVHFWRjRpMFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jN2JiMTgtZGYwYi00NTBiLWJkMTEtODcwODI4ODA4Zjg4
LzEvdFNGNmhQY1Y2a2psekRlRHNUak9qSDV3T1l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyq2MA0G
CSqGSIb3DQEBCwUAA4IBAQAkRvMkU0uZTcpQ53fNLbyrlDAJGpTdt43eJjV1sFcA
mInldzrG/96R0mxaeMF6rsqVk9PH8+BAFQTxgYNFFxyirjrIwbWPMTiWybLs2BpB
SldEVJW2YtiLbgecs7Pxmj8yhX9HTA2tiaAu8QJaEoB0ts9lqGNUQXChK622TnKn
s6wh7bfpYRqWvcS3RlU43G2K1IPpm2r/9VOiJJhGhfYft9I/5Bti2XeKa4gY9zuP
HB99YyPDxdVbTmncOMtSbOBSn2MRFBzSPcktCCnCxMG3TEujZ1w2IMwq5bVn694+
5v8qkodH8A3w5Nz0Pptw8uwRYhawETg0Q3gJxGpzNEFC
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:57:06 2024 by rpki-client on console-ams.rpki-client.org