Route Origin Authorization
$ rpki-client -vvf oto.wakuwaku.ne.jp/pki/h/0/3139342e3131362e3232372e302f32342d3234203d3e20313937353337.roa
File: 3139342e3131362e3232372e302f32342d3234203d3e20313937353337.roa (raw, json)
Hash identifier: WGFsTh01kX1u3mUmf33IsC/dGo4/YGAaW3IJpMwrmo4=
Subject key identifier: 9B:C2:FE:6A:FF:1C:97:38:07:90:E4:91:B1:BF:50:CD:84:5C:C3:B8
Certificate issuer: /CN=a1d52bbfb40f9aa437edef08a81d30e906636e67
Certificate serial: 5A11254860BB044F0BC7A9FEACD143B560C284E4
Authority key identifier: A1:D5:2B:BF:B4:0F:9A:A4:37:ED:EF:08:A8:1D:30:E9:06:63:6E:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odUrv7QPmqQ37e8IqB0w6QZjbmc.cer
Subject info access: rsync://oto.wakuwaku.ne.jp/pki/h/0/3139342e3131362e3232372e302f32342d3234203d3e20313937353337.roa
Signing time: Mon 25 Nov 2024 21:15:00 +0000
ROA not before: Mon 25 Nov 2024 21:10:00 +0000
ROA not after: Mon 24 Nov 2025 21:15:00 +0000
asID: 197537
IP address blocks: 194.116.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://oto.wakuwaku.ne.jp/pki/h/0/A1D52BBFB40F9AA437EDEF08A81D30E906636E67.crl
rsync://oto.wakuwaku.ne.jp/pki/h/0/A1D52BBFB40F9AA437EDEF08A81D30E906636E67.mft
rsync://rpki.ripe.net/repository/DEFAULT/odUrv7QPmqQ37e8IqB0w6QZjbmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:11:25:48:60:bb:04:4f:0b:c7:a9:fe:ac:d1:43:b5:60:c2:84:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d52bbfb40f9aa437edef08a81d30e906636e67
Validity
Not Before: Nov 25 21:10:00 2024 GMT
Not After : Nov 24 21:15:00 2025 GMT
Subject: CN=9BC2FE6AFF1C97380790E491B1BF50CD845CC3B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:86:af:ec:d9:2b:79:fb:41:6e:6e:14:be:56:
a9:41:4b:98:81:9c:1e:30:80:94:98:10:9a:30:94:
19:02:fd:e2:af:4a:cd:af:78:df:d1:47:a0:01:01:
5d:d6:40:ae:c4:98:53:13:37:21:22:f1:74:73:c6:
9d:ba:46:92:fe:d7:c4:19:75:9c:af:52:b0:17:0d:
7d:49:5b:7e:58:b5:10:0d:5a:de:d3:85:f2:86:ff:
fb:5e:e4:68:8c:73:37:e9:85:47:a6:11:10:f7:25:
33:c1:e8:84:1d:c7:40:b3:c1:6f:70:24:eb:9c:0f:
7a:0d:55:3f:a0:b3:6e:46:ce:41:08:ab:52:be:b9:
72:90:0c:10:0a:74:15:42:0c:9e:85:29:46:79:56:
3d:0f:72:4f:0a:72:2e:a9:20:24:08:97:d9:da:9d:
e2:8d:de:c6:2d:40:7c:d1:44:6b:71:b7:f8:37:4a:
d2:e2:66:a6:d5:e6:ee:6a:95:b4:5b:ca:10:87:7f:
13:fd:f3:11:eb:9b:1b:fa:b4:be:9b:b6:be:0e:56:
ea:92:81:68:b0:38:a7:71:67:4e:61:c2:b3:8d:64:
c5:a2:53:b5:af:30:79:2e:d9:3a:f1:09:13:24:f4:
c8:0b:7a:1b:9b:ff:c0:6c:28:30:50:88:c8:01:68:
8d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C2:FE:6A:FF:1C:97:38:07:90:E4:91:B1:BF:50:CD:84:5C:C3:B8
X509v3 Authority Key Identifier:
keyid:A1:D5:2B:BF:B4:0F:9A:A4:37:ED:EF:08:A8:1D:30:E9:06:63:6E:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://oto.wakuwaku.ne.jp/pki/h/0/A1D52BBFB40F9AA437EDEF08A81D30E906636E67.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odUrv7QPmqQ37e8IqB0w6QZjbmc.cer
Subject Information Access:
Signed Object - URI:rsync://oto.wakuwaku.ne.jp/pki/h/0/3139342e3131362e3232372e302f32342d3234203d3e20313937353337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.227.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f4:77:d8:d0:49:0e:f1:7e:91:21:eb:f5:b6:4a:26:11:dd:
50:3e:ca:c7:71:cc:5a:f1:ee:4c:7c:26:3d:92:96:f8:e4:e3:
82:0c:3f:2d:d0:a8:25:e4:d2:05:66:8d:ff:75:9c:51:3a:2f:
64:11:b9:a4:78:16:a3:eb:28:09:c2:a5:cb:28:dd:76:d0:63:
f0:4f:38:27:89:d9:28:f6:94:4f:3c:d4:08:94:86:da:e2:96:
c9:b9:ce:9f:52:6e:44:75:05:59:46:2f:2d:d5:7f:b1:3d:11:
07:cb:a7:48:72:2f:79:c4:ef:b8:4c:be:4b:b8:78:86:79:cd:
41:14:f8:fa:3e:fd:ea:55:44:21:f1:95:97:e5:ec:84:b2:a4:
28:e6:cc:1f:f7:fd:08:11:ba:4c:6e:4a:c0:ef:22:44:45:d6:
fd:2c:da:7f:32:a6:4a:87:27:a4:47:8f:8d:52:45:42:3f:ba:
3c:05:80:2f:d4:f7:fc:b0:9d:66:d7:94:24:ad:7a:ca:1d:e2:
52:b4:01:68:ea:a6:2b:85:12:d0:1c:fe:00:09:8d:f9:29:37:
8d:25:42:72:0b:31:01:c3:f7:63:39:2a:fe:11:f5:dc:5e:79:
5b:e8:f3:36:d4:16:9a:19:c3:43:80:69:c9:2e:5b:ba:57:50:
19:b2:7c:56
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIUWhElSGC7BE8Lx6n+rNFDtWDChOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTFkNTJiYmZiNDBmOWFhNDM3ZWRlZjA4YTgxZDMwZTkw
NjYzNmU2NzAeFw0yNDExMjUyMTEwMDBaFw0yNTExMjQyMTE1MDBaMDMxMTAvBgNV
BAMTKDlCQzJGRTZBRkYxQzk3MzgwNzkwRTQ5MUIxQkY1MENEODQ1Q0MzQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQhq/s2St5+0FubhS+VqlBS5iB
nB4wgJSYEJowlBkC/eKvSs2veN/RR6ABAV3WQK7EmFMTNyEi8XRzxp26RpL+18QZ
dZyvUrAXDX1JW35YtRANWt7ThfKG//te5GiMczfphUemERD3JTPB6IQdx0CzwW9w
JOucD3oNVT+gs25GzkEIq1K+uXKQDBAKdBVCDJ6FKUZ5Vj0Pck8Kci6pICQIl9na
neKN3sYtQHzRRGtxt/g3StLiZqbV5u5qlbRbyhCHfxP98xHrmxv6tL6btr4OVuqS
gWiwOKdxZ05hwrONZMWiU7WvMHku2TrxCRMk9MgLehub/8BsKDBQiMgBaI2vAgMB
AAGjggHWMIIB0jAdBgNVHQ4EFgQUm8L+av8clzgHkOSRsb9QzYRcw7gwHwYDVR0j
BBgwFoAUodUrv7QPmqQ37e8IqB0w6QZjbmcwDgYDVR0PAQH/BAQDAgeAMGAGA1Ud
HwRZMFcwVaBToFGGT3JzeW5jOi8vb3RvLndha3V3YWt1Lm5lLmpwL3BraS9oLzAv
QTFENTJCQkZCNDBGOUFBNDM3RURFRjA4QTgxRDMwRTkwNjYzNkU2Ny5jcmwwZAYI
KwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQv
cmVwb3NpdG9yeS9ERUZBVUxUL29kVXJ2N1FQbXFRMzdlOElxQjB3NlFaamJtYy5j
ZXIwfQYIKwYBBQUHAQsEcTBvMG0GCCsGAQUFBzALhmFyc3luYzovL290by53YWt1
d2FrdS5uZS5qcC9wa2kvaC8wLzMxMzkzNDJlMzEzMTM2MmUzMjMyMzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM5MzczNTMzMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCdOMwDQYJ
KoZIhvcNAQELBQADggEBAJL0d9jQSQ7xfpEh6/W2SiYR3VA+ysdxzFrx7kx8Jj2S
lvjk44IMPy3QqCXk0gVmjf91nFE6L2QRuaR4FqPrKAnCpcso3XbQY/BPOCeJ2Sj2
lE881AiUhtrilsm5zp9SbkR1BVlGLy3Vf7E9EQfLp0hyL3nE77hMvku4eIZ5zUEU
+Po+/epVRCHxlZfl7ISypCjmzB/3/QgRukxuSsDvIkRF1v0s2n8ypkqHJ6RHj41S
RUI/ujwFgC/U9/ywnWbXlCStesod4lK0AWjqpiuFEtAc/gAJjfkpN40lQnILMQHD
92M5Kv4R9dxeeVvo8zbUFpoZw0OAackuW7pXUBmyfFY=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:59:30 2025 by rpki-client