Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/wgvKM8zd1RT_ybsUkB48HTZ4nPo.roa
File: wgvKM8zd1RT_ybsUkB48HTZ4nPo.roa (raw, json)
Hash identifier: LtfDWNP7FFpuu8NBRYTicD2ZE29Tm/3fPy+vjKMPYiw=
Subject key identifier: C2:0B:CA:33:CC:DD:D5:14:FF:C9:BB:14:90:1E:3C:1D:36:78:9C:FA
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0190E8A5985D9D093E25029AB29118ECCCA0
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/wgvKM8zd1RT_ybsUkB48HTZ4nPo.roa
Signing time: Thu 25 Jul 2024 06:48:04 +0000
ROA not before: Thu 25 Jul 2024 06:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215427
IP address blocks: 2a07:f580::/29 maxlen: 29
2a0d:38c0::/29 maxlen: 29
2a13:c340::/29 maxlen: 29
2a14:41c0::/29 maxlen: 29
2a14:4240::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
2a14:6240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e8:a5:98:5d:9d:09:3e:25:02:9a:b2:91:18:ec:cc:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jul 25 06:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c20bca33ccddd514ffc9bb14901e3c1d36789cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d6:d2:bc:98:8e:fb:06:30:06:1c:d4:f6:6a:
f2:96:4f:b0:43:07:c2:de:06:d1:65:8e:4b:a7:0e:
b0:54:6d:39:ad:2a:ea:58:37:e7:63:08:3b:31:c8:
26:6e:4c:57:e6:23:75:22:1c:ea:b1:ee:23:ce:12:
95:66:ed:a3:a7:e9:d0:59:49:71:b4:89:40:81:8a:
7f:e4:c2:9b:73:33:fe:30:73:c0:1a:f8:f4:a0:9e:
52:0b:4c:dc:71:21:15:94:96:a3:b4:03:07:9f:32:
ba:06:30:7d:e4:60:ff:04:30:b8:1b:c3:d2:3d:64:
3d:f0:4a:0a:3d:07:c0:8c:66:38:1e:ac:5a:81:12:
d1:57:0d:f4:36:fc:bf:66:4c:f3:6f:72:45:e4:0b:
1a:1f:ed:a5:38:a0:9e:6b:b7:8a:e5:7f:1c:82:56:
2f:31:76:b1:24:fc:f6:3f:4d:f2:60:52:85:fb:d9:
2f:9d:5f:49:45:e2:5f:df:f7:32:b8:f5:43:31:79:
37:bd:6e:e5:c7:15:cc:84:bc:00:dd:ba:df:7e:e6:
af:01:1b:b8:e5:2b:f2:65:27:2b:40:e1:11:77:24:
0c:d0:fd:f1:44:62:b7:b6:fe:04:24:d9:c5:07:ca:
01:a1:97:5a:ee:af:ca:f2:df:91:30:35:53:ea:89:
81:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:0B:CA:33:CC:DD:D5:14:FF:C9:BB:14:90:1E:3C:1D:36:78:9C:FA
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/wgvKM8zd1RT_ybsUkB48HTZ4nPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f580::/29
2a0d:38c0::/29
2a13:c340::/29
2a14:41c0::/29
2a14:4240::/29
2a14:42c0::/29
2a14:6240::/29
Signature Algorithm: sha256WithRSAEncryption
11:34:af:23:3d:1a:71:2f:47:9d:2c:39:1e:93:4c:b8:b3:e0:
60:cb:58:92:54:b3:40:7e:82:9e:04:de:4a:ba:d7:a0:7e:95:
dc:e4:6d:06:f0:57:27:2a:db:ca:0c:9b:25:df:38:07:fb:8b:
59:6c:00:5b:48:af:d6:5d:a0:d9:91:89:73:7a:d2:9f:29:e2:
9f:b5:ac:fc:a6:c0:53:75:bc:19:df:a9:a0:bb:f6:04:f5:56:
0f:31:f9:5f:33:36:cf:93:78:fb:26:01:14:3c:b4:12:36:37:
d9:96:11:34:c8:99:90:d4:91:18:40:97:a5:19:8a:81:81:98:
12:83:d9:2c:5e:f4:f7:39:c4:a1:72:40:df:29:74:ed:a3:d1:
71:a9:2f:3d:33:76:ea:a0:c3:26:7d:e2:93:fb:a4:82:61:68:
73:0b:ea:45:4d:23:16:a1:c5:b2:74:be:2e:36:ca:53:86:df:
de:e6:4c:a0:54:0b:40:59:f0:08:12:20:29:0f:8a:7d:27:0d:
16:3c:8c:ed:aa:df:26:9d:fc:0a:72:10:26:d3:3c:b3:4d:2f:
2c:e6:2a:03:ec:04:e9:cc:24:e1:3d:9a:58:55:ff:4a:44:eb:
46:1c:5d:16:fb:7c:2b:ef:c2:80:3b:88:74:23:3a:0d:a6:0e:
31:2b:ff:21
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZDopZhdnQk+JQKaspEY7MygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNzI1MDY0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjBiY2EzM2NjZGRkNTE0ZmZjOWJiMTQ5MDFlM2MxZDM2Nzg5Y2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9bSvJiO+wYwBhzU9mrylk+wQwfC
3gbRZY5Lpw6wVG05rSrqWDfnYwg7McgmbkxX5iN1Ihzqse4jzhKVZu2jp+nQWUlx
tIlAgYp/5MKbczP+MHPAGvj0oJ5SC0zccSEVlJajtAMHnzK6BjB95GD/BDC4G8PS
PWQ98EoKPQfAjGY4HqxagRLRVw30Nvy/Zkzzb3JF5AsaH+2lOKCea7eK5X8cglYv
MXaxJPz2P03yYFKF+9kvnV9JReJf3/cyuPVDMXk3vW7lxxXMhLwA3brffuavARu4
5SvyZScrQOERdyQM0P3xRGK3tv4EJNnFB8oBoZda7q/K8t+RMDVT6omB+wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFMILyjPM3dUU/8m7FJAePB02eJz6MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvd2d2S004emQxUlRfeWJzVWtCNDhIVFo0blBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgf1gAMF
AyoNOMADBQMqE8NAAwUDKhRBwAMFAyoUQkADBQMqFELAAwUDKhRiQDANBgkqhkiG
9w0BAQsFAAOCAQEAETSvIz0acS9HnSw5HpNMuLPgYMtYklSzQH6CngTeSrrXoH6V
3ORtBvBXJyrbygybJd84B/uLWWwAW0iv1l2g2ZGJc3rSnynin7Ws/KbAU3W8Gd+p
oLv2BPVWDzH5XzM2z5N4+yYBFDy0EjY32ZYRNMiZkNSRGECXpRmKgYGYEoPZLF70
9znEoXJA3yl07aPRcakvPTN26qDDJn3ik/ukgmFocwvqRU0jFqHFsnS+LjbKU4bf
3uZMoFQLQFnwCBIgKQ+KfScNFjyM7arfJp38CnIQJtM8s00vLOYqA+wE6cwk4T2a
WFX/SkTrRhxdFvt8K+/CgDuIdCM6DaYOMSv/IQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:48 2024 by rpki-client on console-ams.rpki-client.org