Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/WGmg21-eG71FfWI4PYqW-_2rA8o.roa
File: WGmg21-eG71FfWI4PYqW-_2rA8o.roa (raw, json)
Hash identifier: FAqsBub4Y37TJV7t6ErEJIjrXIaUvOXcYOKE1HBlZLM=
Subject key identifier: 58:69:A0:DB:5F:9E:1B:BD:45:7D:62:38:3D:8A:96:FB:FD:AB:03:CA
Certificate issuer: /CN=c000da36c5842ce130fd068912ebfc0c69e76606
Certificate serial: 018F8650F8ABB925EED685D99D6C7B12E794
Authority key identifier: C0:00:DA:36:C5:84:2C:E1:30:FD:06:89:12:EB:FC:0C:69:E7:66:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wADaNsWELOEw_QaJEuv8DGnnZgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/WGmg21-eG71FfWI4PYqW-_2rA8o.roa
Signing time: Fri 17 May 2024 11:30:04 +0000
ROA not before: Fri 17 May 2024 11:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29086
IP address blocks: 217.64.0.0/20 maxlen: 20
217.64.0.0/22 maxlen: 22
217.64.4.0/22 maxlen: 22
217.64.8.0/22 maxlen: 22
217.64.12.0/22 maxlen: 22
2a03:bc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/wADaNsWELOEw_QaJEuv8DGnnZgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/wADaNsWELOEw_QaJEuv8DGnnZgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wADaNsWELOEw_QaJEuv8DGnnZgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 02:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:50:f8:ab:b9:25:ee:d6:85:d9:9d:6c:7b:12:e7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c000da36c5842ce130fd068912ebfc0c69e76606
Validity
Not Before: May 17 11:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5869a0db5f9e1bbd457d62383d8a96fbfdab03ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:18:c7:0e:61:cc:0b:b1:69:a5:d4:9c:27:48:
d8:e5:7c:11:95:ad:3b:01:d4:ea:9e:4a:2f:b8:f4:
01:81:38:54:7d:5a:c1:a2:ea:f4:b6:3c:8f:40:8a:
cc:57:92:3b:b2:b3:55:e5:79:11:8e:14:cd:26:65:
2f:e5:28:e7:80:9a:68:7d:74:bd:d2:c5:ac:07:c0:
23:89:b3:5e:84:9c:91:fd:8f:52:11:d8:c3:d4:04:
d7:3b:5c:08:1b:6d:6e:e7:10:9b:60:24:e0:84:08:
58:3d:5a:4f:cb:ff:70:c5:8f:04:3e:59:c8:6c:48:
2b:5e:e5:15:7d:1f:90:0a:3f:c4:96:b2:5d:ee:f0:
fc:17:51:25:3a:a3:88:03:82:15:d4:49:a5:77:d6:
aa:9d:cd:b2:fc:e9:35:72:42:d3:fa:0d:7c:0b:ca:
94:2c:4d:ec:f0:94:de:ac:42:11:2b:e8:8f:1f:b4:
de:6a:5a:95:f1:02:a1:2e:e8:c6:8e:c3:f9:16:fa:
4f:1d:4b:cf:36:69:f0:55:bb:a4:ac:76:24:59:2c:
ff:86:df:78:13:64:f6:7e:46:6d:67:5c:dc:71:cb:
7f:bb:87:7f:9d:87:e5:ae:53:63:53:86:5b:46:ae:
e0:23:bb:f0:37:7f:37:02:1d:ca:71:16:ca:10:a7:
f7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:69:A0:DB:5F:9E:1B:BD:45:7D:62:38:3D:8A:96:FB:FD:AB:03:CA
X509v3 Authority Key Identifier:
keyid:C0:00:DA:36:C5:84:2C:E1:30:FD:06:89:12:EB:FC:0C:69:E7:66:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wADaNsWELOEw_QaJEuv8DGnnZgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/WGmg21-eG71FfWI4PYqW-_2rA8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/00314c-9660-4558-908b-399c10b3aac5/1/wADaNsWELOEw_QaJEuv8DGnnZgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.64.0.0/20
IPv6:
2a03:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
9a:1a:ef:ed:bc:67:03:98:78:76:18:01:98:a9:b2:88:91:9c:
99:77:1d:d8:2a:73:09:e1:38:74:02:2f:8c:d8:19:20:a4:65:
b0:23:b6:f0:77:a4:6f:7d:98:b8:10:b5:92:5d:2a:f1:3d:2f:
8e:5a:4d:fc:c9:9b:50:9d:8d:bf:a1:80:5f:06:c0:22:ca:f4:
ce:cf:49:59:c0:aa:dc:2d:ed:06:3f:72:f3:96:af:df:21:8a:
53:a3:2f:a6:0c:fe:38:3b:d4:24:07:d1:72:2e:e7:c1:6f:e8:
3d:fd:0d:21:08:5c:3f:80:8b:db:3f:1d:ab:ff:7f:0b:29:b2:
33:cd:f4:4a:1c:e4:1b:db:57:9b:65:b1:42:5b:bf:e1:ed:ca:
81:7e:60:5d:f0:89:79:7f:fb:20:ed:57:21:4f:e1:60:d6:b7:
86:cd:d3:a0:05:44:15:51:1a:73:f5:ab:bb:29:08:3b:2a:ce:
7e:19:5d:b0:0f:4c:8e:d0:89:fe:f5:99:db:d0:87:95:b5:93:
c0:65:2b:75:62:6e:fe:52:ad:93:f0:4b:25:71:c7:7c:61:7b:
e5:5d:0f:ce:de:3a:bf:0b:59:6a:2e:c3:c4:c3:0d:5d:ae:16:
3a:be:ec:28:ca:f5:50:7b:54:64:01:62:6d:1c:f2:2e:fc:80:
39:14:76:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+GUPiruSXu1oXZnWx7EueUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMDBkYTM2YzU4NDJjZTEzMGZkMDY4OTEyZWJmYzBjNjll
NzY2MDYwHhcNMjQwNTE3MTEzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODY5YTBkYjVmOWUxYmJkNDU3ZDYyMzgzZDhhOTZmYmZkYWIwM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBjHDmHMC7FppdScJ0jY5XwRla07
AdTqnkovuPQBgThUfVrBour0tjyPQIrMV5I7srNV5XkRjhTNJmUv5SjngJpofXS9
0sWsB8AjibNehJyR/Y9SEdjD1ATXO1wIG21u5xCbYCTghAhYPVpPy/9wxY8EPlnI
bEgrXuUVfR+QCj/ElrJd7vD8F1ElOqOIA4IV1Emld9aqnc2y/Ok1ckLT+g18C8qU
LE3s8JTerEIRK+iPH7TealqV8QKhLujGjsP5FvpPHUvPNmnwVbukrHYkWSz/ht94
E2T2fkZtZ1zccct/u4d/nYflrlNjU4ZbRq7gI7vwN383Ah3KcRbKEKf38wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFhpoNtfnhu9RX1iOD2Klvv9qwPKMB8GA1UdIwQY
MBaAFMAA2jbFhCzhMP0GiRLr/Axp52YGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0FEYU5zV0VMT0V3X1FhSkV1djhER25uWmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8wMDMxNGMtOTY2MC00NTU4LTkwOGIt
Mzk5YzEwYjNhYWM1LzEvV0dtZzIxLWVHNzFGZldJNFBZcVctXzJyQThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8wMDMxNGMtOTY2MC00NTU4LTkwOGItMzk5YzEwYjNhYWM1
LzEvd0FEYU5zV0VMT0V3X1FhSkV1djhER25uWmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UAAMA0E
AgACMAcDBQAqA7wAMA0GCSqGSIb3DQEBCwUAA4IBAQCaGu/tvGcDmHh2GAGYqbKI
kZyZdx3YKnMJ4Th0Ai+M2BkgpGWwI7bwd6RvfZi4ELWSXSrxPS+OWk38yZtQnY2/
oYBfBsAiyvTOz0lZwKrcLe0GP3Lzlq/fIYpToy+mDP44O9QkB9FyLufBb+g9/Q0h
CFw/gIvbPx2r/38LKbIzzfRKHOQb21ebZbFCW7/h7cqBfmBd8Il5f/sg7VchT+Fg
1reGzdOgBUQVURpz9au7KQg7Ks5+GV2wD0yO0In+9Znb0IeVtZPAZSt1Ym7+Uq2T
8Eslccd8YXvlXQ/O3jq/C1lqLsPEww1drhY6vuwoyvVQe1RkAWJtHPIu/IA5FHYr
-----END CERTIFICATE-----
Generated at Mon Jul 1 11:31:28 2024 by rpki-client on console-fra.rpki-client.org