Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/WXfGx_Jy4g9IOn-iUkZSCrOvuNo.roa
File: WXfGx_Jy4g9IOn-iUkZSCrOvuNo.roa (raw, json)
Hash identifier: WqbXIWtmGl1nefCVa7Kw5IHYk+bgxbDFVo1WquzCENw=
Subject key identifier: 59:77:C6:C7:F2:72:E2:0F:48:3A:7F:A2:52:46:52:0A:B3:AF:B8:DA
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE14E948115127DBD449E88D0B3EAE37D
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/WXfGx_Jy4g9IOn-iUkZSCrOvuNo.roa
Signing time: Mon 15 Apr 2024 10:30:06 +0000
ROA not before: Mon 15 Apr 2024 10:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29069
IP address blocks: 95.215.96.0/21 maxlen: 21
185.13.112.0/22 maxlen: 22
185.13.112.0/25 maxlen: 25
185.13.112.128/25 maxlen: 25
195.128.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:4e:94:81:15:12:7d:bd:44:9e:88:d0:b3:ea:e3:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 15 10:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5977c6c7f272e20f483a7fa25246520ab3afb8da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:93:e7:e9:a0:d8:df:97:0c:86:45:db:09:ad:
de:db:87:9a:9d:56:95:a8:9d:90:93:8a:f5:2b:2e:
cc:69:85:61:46:b2:a1:cc:d2:0f:41:7f:c1:b1:24:
0a:72:fc:3b:77:1a:5b:7d:c0:d5:59:e6:92:8f:58:
2d:e0:fe:19:69:bf:af:f1:25:57:b5:f8:af:bd:b9:
6c:4f:64:8d:77:25:5a:80:c0:4b:5e:ab:a0:55:1b:
ee:6d:03:6f:99:3d:64:43:26:bf:67:1c:6c:5a:61:
75:d0:a1:92:9f:99:35:1c:0a:c1:63:6a:21:f5:e3:
ab:79:de:3c:85:f3:2c:c6:cd:fe:6e:b6:3a:2f:8d:
64:41:7d:1a:fb:11:0c:1b:ea:b8:12:98:ec:e1:b1:
99:3a:0c:b4:52:c7:b3:08:9c:ed:a3:7c:f1:3b:a2:
87:68:87:a8:7f:fe:c6:f0:d8:d1:4c:3d:1f:72:79:
fe:a2:ac:bc:9d:f0:4b:35:80:d9:10:0d:94:e7:47:
dd:22:f5:7f:ee:e7:e9:64:02:5b:e5:b8:55:31:60:
55:9a:70:38:5b:ec:83:0f:a4:dd:04:c4:fc:70:e6:
46:df:07:bf:d3:84:b6:0e:ba:4b:fa:95:ab:18:26:
86:a0:11:1c:d3:3f:64:fc:74:3a:58:a1:c7:5f:cc:
84:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:77:C6:C7:F2:72:E2:0F:48:3A:7F:A2:52:46:52:0A:B3:AF:B8:DA
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/WXfGx_Jy4g9IOn-iUkZSCrOvuNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.96.0/21
185.13.112.0/22
195.128.56.0/21
Signature Algorithm: sha256WithRSAEncryption
23:db:d6:bc:f3:a7:3e:85:8b:d0:bf:f3:2e:5f:40:77:f6:2d:
a8:29:fc:74:db:ef:da:2e:15:03:cb:5b:bf:68:a0:a9:02:44:
74:a4:c4:82:8e:4e:9d:4b:a2:f4:0b:26:db:55:fd:0f:0c:28:
87:23:cb:86:59:d8:7e:62:d1:62:5e:db:1c:5c:50:aa:11:e0:
4a:29:3d:ee:b1:67:b2:a5:43:20:96:2c:ae:f1:9e:25:f5:8f:
99:dc:44:eb:fd:27:78:5c:7b:61:39:d9:7b:67:1c:8f:fa:b1:
01:b3:14:0f:f7:cd:88:b7:fb:b0:ed:3f:0d:80:0e:c5:46:6a:
af:cb:45:35:ec:9c:f0:c9:f5:22:47:a7:42:f0:49:ef:66:8c:
dc:de:ae:f6:de:f2:e7:7e:8a:bc:23:d0:e7:e1:8f:c3:19:c8:
03:eb:44:b0:f9:d5:e4:06:56:27:4b:5e:43:db:35:30:2e:13:
db:a7:bb:0a:5e:ec:44:ce:29:fb:02:26:cc:79:92:20:ab:00:
cf:8d:d1:d5:81:1b:eb:79:b6:7a:e8:42:66:de:51:ea:ad:f3:
72:9a:03:ce:56:b7:4e:bd:25:d5:28:4d:7d:9e:bc:9a:4a:c4:
4b:7e:5d:1b:a2:c8:7f:2e:a3:5c:e2:90:72:f4:44:4e:05:b7:
3b:a7:ca:34
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7hTpSBFRJ9vUSeiNCz6uN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE1MTAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTc3YzZjN2YyNzJlMjBmNDgzYTdmYTI1MjQ2NTIwYWIzYWZiOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Pn6aDY35cMhkXbCa3e24eanVaV
qJ2Qk4r1Ky7MaYVhRrKhzNIPQX/BsSQKcvw7dxpbfcDVWeaSj1gt4P4Zab+v8SVX
tfivvblsT2SNdyVagMBLXqugVRvubQNvmT1kQya/ZxxsWmF10KGSn5k1HArBY2oh
9eOred48hfMsxs3+brY6L41kQX0a+xEMG+q4Epjs4bGZOgy0UsezCJzto3zxO6KH
aIeof/7G8NjRTD0fcnn+oqy8nfBLNYDZEA2U50fdIvV/7ufpZAJb5bhVMWBVmnA4
W+yDD6TdBMT8cOZG3we/04S2DrpL+pWrGCaGoBEc0z9k/HQ6WKHHX8yEAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFl3xsfycuIPSDp/olJGUgqzr7jaMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvV1hmR3hfSnk0ZzlJT24taVVrWlNDck92dU5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDX9dgAwQC
uQ1wAwQDw4A4MA0GCSqGSIb3DQEBCwUAA4IBAQAj29a886c+hYvQv/MuX0B39i2o
Kfx02+/aLhUDy1u/aKCpAkR0pMSCjk6dS6L0CybbVf0PDCiHI8uGWdh+YtFiXtsc
XFCqEeBKKT3usWeypUMgliyu8Z4l9Y+Z3ETr/Sd4XHthOdl7ZxyP+rEBsxQP982I
t/uw7T8NgA7FRmqvy0U17JzwyfUiR6dC8EnvZozc3q723vLnfoq8I9Dn4Y/DGcgD
60Sw+dXkBlYnS15D2zUwLhPbp7sKXuxEzin7AibMeZIgqwDPjdHVgRvrebZ66EJm
3lHqrfNymgPOVrdOvSXVKE19nryaSsRLfl0bosh/LqNc4pBy9EROBbc7p8o0
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:03:05 2024 by rpki-client on console-ams.rpki-client.org