Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/WmuO4430dipVwcV9YcML1bI8soI.roa
File: WmuO4430dipVwcV9YcML1bI8soI.roa (raw, json)
Hash identifier: PiWy8JdrdEUva+9cIWbgfJRHzu02Yha8M4h5NNHv40w=
Subject key identifier: 5A:6B:8E:E3:8D:F4:76:2A:55:C1:C5:7D:61:C3:0B:D5:B2:3C:B2:82
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CE7AE9F1208EE1A07D10CEF4D284530C7
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/WmuO4430dipVwcV9YcML1bI8soI.roa
Signing time: Mon 08 Jan 2024 06:07:10 +0000
ROA not before: Mon 08 Jan 2024 06:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 89.23.112.0/24 maxlen: 24
89.23.115.0/24 maxlen: 24
89.23.116.0/24 maxlen: 24
89.23.117.0/24 maxlen: 24
89.23.118.0/24 maxlen: 24
89.23.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e7:ae:9f:12:08:ee:1a:07:d1:0c:ef:4d:28:45:30:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 8 06:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a6b8ee38df4762a55c1c57d61c30bd5b23cb282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:3e:aa:c5:d4:ab:e5:29:32:42:c8:d0:03:fe:
27:b8:88:8f:2c:bf:68:9a:3e:6f:ab:2f:a4:a5:fe:
3e:87:33:f4:5e:a8:3f:ed:4e:e8:60:44:52:49:e4:
81:ef:2f:71:52:0f:af:db:bf:e1:ed:55:5e:17:ec:
33:a8:19:47:79:78:8a:88:48:26:0e:8f:af:47:20:
6c:f1:51:0f:3b:f5:e6:7e:b9:74:8b:5d:9b:14:b1:
53:6d:77:cd:6e:2b:62:77:dd:f1:ce:c4:a2:46:b2:
49:c1:b9:f8:08:d4:55:c1:44:41:38:bd:7c:a1:e0:
b8:d7:c3:c4:f0:e6:ec:35:e9:b9:fe:85:26:d6:7d:
2c:5f:32:fb:08:ba:db:25:e6:60:02:ad:6f:63:32:
ce:e4:21:82:76:03:a6:7c:d3:cb:3a:c0:23:47:a5:
1a:31:74:58:fb:77:85:b9:fb:56:cd:5f:0c:cc:ac:
65:5a:02:d1:65:7c:4e:d5:83:4c:39:07:59:65:62:
d4:d8:58:b1:46:34:54:f8:28:11:49:bd:9c:04:7f:
ef:2c:91:91:62:52:9a:77:ce:d8:91:d2:c3:ed:98:
00:35:33:75:1f:17:0f:9f:2c:72:68:d8:6d:95:24:
ff:94:39:27:10:fa:33:ad:c0:37:bb:d0:58:81:a4:
7a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6B:8E:E3:8D:F4:76:2A:55:C1:C5:7D:61:C3:0B:D5:B2:3C:B2:82
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/WmuO4430dipVwcV9YcML1bI8soI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.112.0/24
89.23.115.0-89.23.119.255
Signature Algorithm: sha256WithRSAEncryption
73:26:b7:13:87:40:c0:70:40:bd:88:10:93:11:4f:a8:7a:26:
42:e6:52:a4:ae:00:dd:9e:46:c9:5c:64:e7:18:4c:02:40:6c:
42:3d:ec:b6:31:7e:37:4e:9d:58:9e:80:21:66:d6:54:a6:de:
d5:60:15:b0:91:c4:7a:c1:03:48:e7:f6:04:08:dc:c3:52:85:
74:fe:ed:fd:e0:0c:0f:04:81:f0:b5:8b:8b:1b:c3:f6:1d:36:
7e:29:7b:c2:c4:7b:d5:73:91:a1:3f:38:aa:65:f0:d3:df:51:
d9:3a:c9:38:64:b1:83:24:46:e2:b3:99:f8:0f:fd:90:d0:72:
16:ff:ef:99:17:35:67:c2:0c:23:36:c0:97:92:14:89:80:23:
38:89:ee:6d:df:6c:dc:7d:5a:e2:68:90:3e:31:bd:ab:18:18:
33:ab:09:9f:3f:fb:27:4b:00:2b:1f:de:80:6c:ab:96:11:30:
d0:35:50:31:57:9b:73:a6:b9:ab:4d:11:48:eb:3b:c7:c9:4b:
4e:47:60:ff:93:79:1f:73:f7:36:45:08:05:14:f5:6c:f9:f5:
42:14:27:17:43:f3:ae:37:4f:d1:57:1b:3d:11:ed:09:5c:92:
c3:75:b4:16:6c:f0:28:77:42:f1:bf:23:e7:d2:95:85:cf:59:
d1:a1:82:b3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYznrp8SCO4aB9EM700oRTDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTA4MDYwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTZiOGVlMzhkZjQ3NjJhNTVjMWM1N2Q2MWMzMGJkNWIyM2NiMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgD6qxdSr5SkyQsjQA/4nuIiPLL9o
mj5vqy+kpf4+hzP0Xqg/7U7oYERSSeSB7y9xUg+v27/h7VVeF+wzqBlHeXiKiEgm
Do+vRyBs8VEPO/Xmfrl0i12bFLFTbXfNbitid93xzsSiRrJJwbn4CNRVwURBOL18
oeC418PE8ObsNem5/oUm1n0sXzL7CLrbJeZgAq1vYzLO5CGCdgOmfNPLOsAjR6Ua
MXRY+3eFuftWzV8MzKxlWgLRZXxO1YNMOQdZZWLU2FixRjRU+CgRSb2cBH/vLJGR
YlKad87YkdLD7ZgANTN1HxcPnyxyaNhtlST/lDknEPozrcA3u9BYgaR6AwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFprjuON9HYqVcHFfWHDC9WyPLKCMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvV211TzQ0MzBkaXBWd2NWOVljTUwxYkk4c29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWRdwMAwD
BABZF3MDBANZF3AwDQYJKoZIhvcNAQELBQADggEBAHMmtxOHQMBwQL2IEJMRT6h6
JkLmUqSuAN2eRslcZOcYTAJAbEI97LYxfjdOnViegCFm1lSm3tVgFbCRxHrBA0jn
9gQI3MNShXT+7f3gDA8EgfC1i4sbw/YdNn4pe8LEe9VzkaE/OKpl8NPfUdk6yThk
sYMkRuKzmfgP/ZDQchb/75kXNWfCDCM2wJeSFImAIziJ7m3fbNx9WuJokD4xvasY
GDOrCZ8/+ydLACsf3oBsq5YRMNA1UDFXm3OmuatNEUjrO8fJS05HYP+TeR9z9zZF
CAUU9Wz59UIUJxdD8643T9FXGz0R7QlcksN1tBZs8Ch3QvG/I+fSlYXPWdGhgrM=
-----END CERTIFICATE-----
Generated at Sun May 19 21:24:05 2024 by rpki-client on console-fra.rpki-client.org