Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/wSd219Z4hgM0eN75LZzsv85ElDU.roa
File: wSd219Z4hgM0eN75LZzsv85ElDU.roa (raw, json)
Hash identifier: qPdI34JZbHGy1g4XjSdQX8OTwz/pkfGYSVqMXihhMO8=
Subject key identifier: C1:27:76:D7:D6:78:86:03:34:78:DE:F9:2D:9C:EC:BF:CE:44:94:35
Certificate issuer: /CN=0277acd112f1c6c833bec22f8b53cc70d2390876
Certificate serial: 018CC86F5515CB99AEC0E4BF492469FA7826
Authority key identifier: 02:77:AC:D1:12:F1:C6:C8:33:BE:C2:2F:8B:53:CC:70:D2:39:08:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Anes0RLxxsgzvsIvi1PMcNI5CHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/wSd219Z4hgM0eN75LZzsv85ElDU.roa
Signing time: Tue 02 Jan 2024 04:29:48 +0000
ROA not before: Tue 02 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56995
IP address blocks: 176.58.64.0/20 maxlen: 20
176.58.64.0/24 maxlen: 24
176.58.66.0/23 maxlen: 23
185.6.16.0/22 maxlen: 24
176.58.68.0/22 maxlen: 22
176.58.76.0/22 maxlen: 22
176.58.77.0/24 maxlen: 24
176.58.72.0/22 maxlen: 22
2a03:c40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/Anes0RLxxsgzvsIvi1PMcNI5CHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/Anes0RLxxsgzvsIvi1PMcNI5CHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Anes0RLxxsgzvsIvi1PMcNI5CHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:55:15:cb:99:ae:c0:e4:bf:49:24:69:fa:78:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0277acd112f1c6c833bec22f8b53cc70d2390876
Validity
Not Before: Jan 2 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c12776d7d67886033478def92d9cecbfce449435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:92:a1:bb:f5:dc:30:f9:2d:0b:ff:cc:6b:bc:
17:2c:4e:b9:cd:80:51:d1:03:d5:c9:0c:75:8e:fb:
c4:df:b5:63:17:a4:af:c9:dd:20:c2:1d:3c:05:ff:
74:29:93:96:bc:47:81:96:8c:34:12:dd:3d:d2:54:
32:00:b7:28:84:04:3b:da:5a:00:90:80:da:47:b9:
d1:50:53:d8:28:91:1f:e8:27:db:af:08:7b:b7:55:
78:1a:b9:e9:9a:7b:8e:b2:d5:b6:18:7d:12:92:6c:
23:a8:98:17:4a:2a:b3:4b:41:b8:44:db:78:aa:db:
45:f9:0a:14:23:c0:84:83:ac:32:a7:8a:75:86:42:
a0:8f:33:8a:f3:ae:13:17:f4:d9:a1:83:c6:7f:9d:
ad:f0:fd:67:fc:dc:ec:96:37:49:94:49:ef:d5:7f:
91:02:a2:0d:d3:8f:f8:82:3f:9c:f1:a5:b1:8b:a9:
e5:c8:6c:1e:01:b0:67:fa:b0:b2:b1:33:d4:0b:41:
5f:72:92:71:16:be:dc:cd:ce:9e:76:3e:6e:89:94:
d0:2e:f1:1f:7a:af:87:e3:13:7e:a0:70:4d:db:12:
ae:3a:05:4e:36:33:8d:79:3c:14:d6:06:26:2a:c9:
ad:35:15:37:8c:ae:ca:db:03:fa:78:e3:11:d6:b9:
a5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:27:76:D7:D6:78:86:03:34:78:DE:F9:2D:9C:EC:BF:CE:44:94:35
X509v3 Authority Key Identifier:
keyid:02:77:AC:D1:12:F1:C6:C8:33:BE:C2:2F:8B:53:CC:70:D2:39:08:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Anes0RLxxsgzvsIvi1PMcNI5CHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/wSd219Z4hgM0eN75LZzsv85ElDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/2c0f0b-7831-41d3-916d-d9655987874a/1/Anes0RLxxsgzvsIvi1PMcNI5CHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.64.0/20
185.6.16.0/22
IPv6:
2a03:c40::/32
Signature Algorithm: sha256WithRSAEncryption
7f:b3:76:e2:85:a3:f5:74:20:cd:89:d2:83:f8:30:a7:87:b6:
1a:ec:e2:99:a2:8d:dd:d7:1c:f1:8b:78:b1:42:10:ee:85:ee:
47:c7:10:c8:72:b1:9f:a8:f2:96:89:36:30:fb:10:80:28:d8:
79:c5:26:0f:74:42:38:b9:29:f1:c3:87:f4:6d:3d:c2:b1:24:
7a:69:0d:31:66:3a:f0:21:94:15:a2:96:af:b3:d4:5d:87:f2:
43:03:49:4a:f5:98:a7:c9:af:3f:4b:0b:58:96:d0:2a:b4:7e:
1b:21:8e:db:1e:63:45:07:cd:c7:8a:06:d1:81:91:ff:ad:ba:
d6:0f:88:07:a1:0f:d6:23:ad:ae:91:39:bd:1b:0d:2d:70:26:
89:5f:4c:9d:fc:76:36:e2:75:58:03:46:3d:02:e5:0a:9f:4d:
f5:81:7a:36:ca:10:a8:87:f9:8d:48:f5:38:2c:e7:2f:07:2d:
a2:af:c4:1b:09:29:e6:72:7e:f6:f4:8d:cd:14:79:ea:ea:7f:
68:da:08:3e:f1:58:15:05:2c:31:68:ea:e9:62:85:40:c5:a3:
1c:cc:69:c5:4e:05:05:79:41:ce:8b:01:2e:7e:69:dc:7c:84:
76:9c:b9:76:2b:6a:c3:a8:27:06:c4:a5:32:dd:93:f8:61:0e:
ae:44:01:e2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIb1UVy5muwOS/SSRp+ngmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNzdhY2QxMTJmMWM2YzgzM2JlYzIyZjhiNTNjYzcwZDIz
OTA4NzYwHhcNMjQwMTAyMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTI3NzZkN2Q2Nzg4NjAzMzQ3OGRlZjkyZDljZWNiZmNlNDQ5NDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZKhu/XcMPktC//Ma7wXLE65zYBR
0QPVyQx1jvvE37VjF6Svyd0gwh08Bf90KZOWvEeBlow0Et090lQyALcohAQ72loA
kIDaR7nRUFPYKJEf6Cfbrwh7t1V4GrnpmnuOstW2GH0SkmwjqJgXSiqzS0G4RNt4
qttF+QoUI8CEg6wyp4p1hkKgjzOK864TF/TZoYPGf52t8P1n/NzsljdJlEnv1X+R
AqIN04/4gj+c8aWxi6nlyGweAbBn+rCysTPUC0FfcpJxFr7czc6edj5uiZTQLvEf
eq+H4xN+oHBN2xKuOgVONjONeTwU1gYmKsmtNRU3jK7K2wP6eOMR1rmlFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMEndtfWeIYDNHje+S2c7L/ORJQ1MB8GA1UdIwQY
MBaAFAJ3rNES8cbIM77CL4tTzHDSOQh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW5lczBSTHh4c2d6dnNJdmkxUE1jTkk1Q0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yYzBmMGItNzgzMS00MWQzLTkxNmQt
ZDk2NTU5ODc4NzRhLzEvd1NkMjE5WjRoZ00wZU43NUxaenN2ODVFbERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yYzBmMGItNzgzMS00MWQzLTkxNmQtZDk2NTU5ODc4NzRh
LzEvQW5lczBSTHh4c2d6dnNJdmkxUE1jTkk1Q0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEsDpAAwQC
uQYQMA0EAgACMAcDBQAqAwxAMA0GCSqGSIb3DQEBCwUAA4IBAQB/s3bihaP1dCDN
idKD+DCnh7Ya7OKZoo3d1xzxi3ixQhDuhe5HxxDIcrGfqPKWiTYw+xCAKNh5xSYP
dEI4uSnxw4f0bT3CsSR6aQ0xZjrwIZQVopavs9Rdh/JDA0lK9Zinya8/SwtYltAq
tH4bIY7bHmNFB83HigbRgZH/rbrWD4gHoQ/WI62ukTm9Gw0tcCaJX0yd/HY24nVY
A0Y9AuUKn031gXo2yhCoh/mNSPU4LOcvBy2ir8QbCSnmcn729I3NFHnq6n9o2gg+
8VgVBSwxaOrpYoVAxaMczGnFTgUFeUHOiwEufmncfIR2nLl2K2rDqCcGxKUy3ZP4
YQ6uRAHi
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:34:43 2024 by rpki-client on console-fra.rpki-client.org