Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/WydGF6Iu5i3-xdoGOZg3Qq9BCHE.roa
File: WydGF6Iu5i3-xdoGOZg3Qq9BCHE.roa (raw, json)
Hash identifier: fbvDNnlwXPEmjVPUvgSGtqij+fFWlWusjUbuUmQXv3Q=
Subject key identifier: 5B:27:46:17:A2:2E:E6:2D:FE:C5:DA:06:39:98:37:42:AF:41:08:71
Certificate issuer: /CN=16a28a0e241fff7aa2e64aa388156f223e2d215f
Certificate serial: 0191C6C37030A833852AF92DE2EB8605A56B
Authority key identifier: 16:A2:8A:0E:24:1F:FF:7A:A2:E6:4A:A3:88:15:6F:22:3E:2D:21:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FqKKDiQf_3qi5kqjiBVvIj4tIV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/WydGF6Iu5i3-xdoGOZg3Qq9BCHE.roa
Signing time: Fri 06 Sep 2024 09:56:22 +0000
ROA not before: Fri 06 Sep 2024 09:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51069
IP address blocks: 31.129.64.0/19 maxlen: 19
178.219.80.0/20 maxlen: 20
193.194.108.0/22 maxlen: 22
2a13:fb40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/FqKKDiQf_3qi5kqjiBVvIj4tIV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/FqKKDiQf_3qi5kqjiBVvIj4tIV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/FqKKDiQf_3qi5kqjiBVvIj4tIV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c6:c3:70:30:a8:33:85:2a:f9:2d:e2:eb:86:05:a5:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16a28a0e241fff7aa2e64aa388156f223e2d215f
Validity
Not Before: Sep 6 09:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b274617a22ee62dfec5da0639983742af410871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cb:2c:76:86:99:f5:bc:e9:04:ff:50:0a:d5:
18:32:f1:f7:d6:6f:3e:8b:20:c7:2a:55:d7:19:e6:
a3:6e:69:22:42:a1:08:d2:b1:3a:c0:87:fa:a3:9c:
81:2a:ae:2d:a4:27:f6:47:c6:5d:b0:95:7a:43:57:
14:15:e4:61:a8:f8:8f:27:d2:67:45:e7:3f:ad:4b:
41:20:41:4f:56:42:9d:33:f7:04:b2:79:47:c5:6a:
f1:e3:53:bd:20:f9:e2:b1:78:89:a3:37:b4:ba:7a:
be:eb:ca:d1:a4:59:b6:b7:ab:52:d6:4f:5c:b5:4c:
17:94:e5:6a:09:ba:9d:7c:34:b4:40:7f:48:fe:09:
10:19:76:0e:38:d1:68:e4:0c:30:91:a5:a5:50:81:
35:bf:33:58:e8:b2:bc:2c:9a:67:ef:26:64:34:a5:
4c:d5:91:e6:e3:bc:19:17:9c:95:64:ee:e3:21:43:
2c:c4:da:8e:d1:d2:60:54:32:cf:b3:4d:68:15:e3:
f3:df:d6:b9:f5:84:98:6b:f5:c4:1d:31:74:42:8f:
03:88:fa:73:ca:b9:7a:e4:c4:2e:81:43:30:5a:81:
6f:19:84:9b:35:8d:e9:7b:10:7e:fc:d9:97:9d:23:
78:2d:fb:6b:53:02:19:62:d6:98:dc:8f:80:4f:31:
0f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:27:46:17:A2:2E:E6:2D:FE:C5:DA:06:39:98:37:42:AF:41:08:71
X509v3 Authority Key Identifier:
keyid:16:A2:8A:0E:24:1F:FF:7A:A2:E6:4A:A3:88:15:6F:22:3E:2D:21:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FqKKDiQf_3qi5kqjiBVvIj4tIV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/WydGF6Iu5i3-xdoGOZg3Qq9BCHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/FqKKDiQf_3qi5kqjiBVvIj4tIV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.64.0/19
178.219.80.0/20
193.194.108.0/22
IPv6:
2a13:fb40::/29
Signature Algorithm: sha256WithRSAEncryption
15:c9:c6:21:5c:1f:88:ef:e4:72:35:ff:a5:47:af:6e:a0:b0:
a9:cf:0e:e9:e3:df:73:f3:1b:84:d0:1a:55:3d:c7:fd:f6:b5:
9f:37:50:0a:78:bb:a5:dd:34:2e:62:42:9a:29:16:18:bf:dd:
76:c7:bc:40:1a:c0:e9:ad:4b:16:0c:63:7d:50:71:af:f0:71:
08:74:78:3b:56:c2:68:02:bc:c0:7f:58:dc:6b:64:44:42:a2:
9a:f6:d4:05:60:6b:c9:a2:1f:de:4f:e7:14:a5:f6:4b:43:34:
00:4b:7f:64:73:8b:e5:f3:0d:e4:bc:a8:2a:22:2c:0f:87:3d:
b1:fa:99:09:d6:78:1d:ce:41:2f:c3:d7:9c:c3:35:5b:b7:d0:
63:ac:7b:69:b1:5c:04:ab:82:5a:73:c1:8b:6f:1e:d7:f5:3f:
cd:92:63:28:ed:11:c2:ed:8a:f1:91:2c:fc:e2:53:ca:be:ce:
25:7c:e4:40:b4:5f:4f:03:ff:93:8f:d7:56:87:a6:b1:e5:99:
a0:25:d4:bf:8e:12:7b:fe:77:29:36:fa:4f:18:3e:72:1f:df:
97:2c:cc:30:9e:8d:20:53:94:24:bb:7a:45:f7:93:8f:23:cf:
14:42:f8:6f:9d:21:4f:62:54:81:48:fd:bd:db:10:3c:ca:8c:
45:66:80:e5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZHGw3AwqDOFKvkt4uuGBaVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2YTI4YTBlMjQxZmZmN2FhMmU2NGFhMzg4MTU2ZjIyM2Uy
ZDIxNWYwHhcNMjQwOTA2MDk1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjI3NDYxN2EyMmVlNjJkZmVjNWRhMDYzOTk4Mzc0MmFmNDEwODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8ssdoaZ9bzpBP9QCtUYMvH31m8+
iyDHKlXXGeajbmkiQqEI0rE6wIf6o5yBKq4tpCf2R8ZdsJV6Q1cUFeRhqPiPJ9Jn
Rec/rUtBIEFPVkKdM/cEsnlHxWrx41O9IPnisXiJoze0unq+68rRpFm2t6tS1k9c
tUwXlOVqCbqdfDS0QH9I/gkQGXYOONFo5AwwkaWlUIE1vzNY6LK8LJpn7yZkNKVM
1ZHm47wZF5yVZO7jIUMsxNqO0dJgVDLPs01oFePz39a59YSYa/XEHTF0Qo8DiPpz
yrl65MQugUMwWoFvGYSbNY3pexB+/NmXnSN4LftrUwIZYtaY3I+ATzEPaQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFsnRheiLuYt/sXaBjmYN0KvQQhxMB8GA1UdIwQY
MBaAFBaiig4kH/96ouZKo4gVbyI+LSFfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnFLS0RpUWZfM3FpNWtxamlCVnZJajR0SVY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kOTVmMWQtMGU3Ny00ZWM2LWJiY2Et
ZmIyYTk4M2NjNjZhLzEvV3lkR0Y2SXU1aTMteGRvR09aZzNRcTlCQ0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kOTVmMWQtMGU3Ny00ZWM2LWJiY2EtZmIyYTk4M2NjNjZh
LzEvRnFLS0RpUWZfM3FpNWtxamlCVnZJajR0SVY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFH4FAAwQE
sttQAwQCwcJsMA0EAgACMAcDBQMqE/tAMA0GCSqGSIb3DQEBCwUAA4IBAQAVycYh
XB+I7+RyNf+lR69uoLCpzw7p499z8xuE0BpVPcf99rWfN1AKeLul3TQuYkKaKRYY
v912x7xAGsDprUsWDGN9UHGv8HEIdHg7VsJoArzAf1jca2REQqKa9tQFYGvJoh/e
T+cUpfZLQzQAS39kc4vl8w3kvKgqIiwPhz2x+pkJ1ngdzkEvw9ecwzVbt9BjrHtp
sVwEq4Jac8GLbx7X9T/NkmMo7RHC7YrxkSz84lPKvs4lfORAtF9PA/+Tj9dWh6ax
5ZmgJdS/jhJ7/ncpNvpPGD5yH9+XLMwwno0gU5Qku3pF95OPI88UQvhvnSFPYlSB
SP292xA8yoxFZoDl
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:16:23 2024 by rpki-client on console-fra.rpki-client.org