Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/1G4w6dz5DFjQ_OkDjLbeEU0KBIU.roa
File: 1G4w6dz5DFjQ_OkDjLbeEU0KBIU.roa (raw, json)
Hash identifier: P0lMXJAyQULrRMdX6T2bFeEDW9qFJawasWG6IAP20g0=
Subject key identifier: D4:6E:30:E9:DC:F9:0C:58:D0:FC:E9:03:8C:B6:DE:11:4D:0A:04:85
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018CC5DC0D615E727835E27A25677BCC2CA5
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/1G4w6dz5DFjQ_OkDjLbeEU0KBIU.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208078
IP address blocks: 2a05:b0c6:5500::/40 maxlen: 40
2a05:b0c6:5530::/48 maxlen: 48
2a05:b0c6:5520::/48 maxlen: 48
2a05:b0c6:5510::/48 maxlen: 48
2a05:b0c6:5500::/48 maxlen: 48
2a05:b0c6:5503::/48 maxlen: 48
2a05:b0c6:5502::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0d:61:5e:72:78:35:e2:7a:25:67:7b:cc:2c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d46e30e9dcf90c58d0fce9038cb6de114d0a0485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:95:be:b2:c0:90:4d:d0:a4:da:64:d7:ed:0e:
da:83:33:3c:31:b6:e0:8b:7d:fc:51:0c:a5:d4:88:
d9:b8:0b:06:21:2f:43:82:7b:5f:63:e3:4e:7e:d5:
d7:ea:ae:23:98:4b:1b:ac:f1:89:11:17:43:cf:ac:
84:2a:0c:65:9e:3f:5a:c9:9c:d9:0a:a1:08:92:17:
88:c9:3c:b2:1c:3f:75:f6:55:e9:a8:2a:7b:5e:11:
1e:c9:de:eb:e9:3c:1f:65:28:42:c4:42:ef:82:c8:
aa:6f:64:cc:2e:7a:11:64:be:9f:ec:b7:e2:0d:58:
17:f2:4d:f0:14:40:2a:54:df:e2:81:0c:e7:96:e4:
77:8f:b2:26:38:de:5c:6c:9c:44:d7:93:3f:0b:54:
7d:2c:eb:b8:6e:00:4b:95:0f:5a:00:ae:cd:56:b2:
c1:7d:c9:07:79:e1:94:80:90:a0:53:60:e5:ce:a9:
ea:11:9c:c9:e8:a4:a6:60:56:ea:70:bd:15:af:e2:
d0:04:2f:30:ef:7e:8c:64:58:6a:fc:fe:c9:3f:4a:
e7:75:af:ec:ad:fc:22:3a:a4:e6:98:9c:04:19:03:
4f:50:9e:ac:e7:b6:5b:17:33:15:d3:10:a6:c0:1a:
1e:50:a8:fd:6b:76:72:9b:65:91:ee:02:46:65:2d:
82:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6E:30:E9:DC:F9:0C:58:D0:FC:E9:03:8C:B6:DE:11:4D:0A:04:85
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/1G4w6dz5DFjQ_OkDjLbeEU0KBIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:5500::/40
Signature Algorithm: sha256WithRSAEncryption
45:fb:60:28:2c:e5:96:4f:d1:6c:b4:f2:79:7a:41:89:fb:61:
43:b0:d8:ff:f1:a2:42:d0:f0:db:b3:1a:2b:d8:d7:45:9e:36:
22:f1:d6:a5:52:44:3d:ea:4a:7f:5e:73:1e:4d:35:6a:2c:ef:
b6:ac:5c:0b:d6:3b:fb:d5:9c:1f:6e:9b:e3:52:aa:1b:62:c0:
fa:b6:81:a7:2a:69:39:55:22:0b:0b:be:3b:8c:ac:cc:d6:d7:
4c:e9:a4:99:e4:55:0e:aa:5e:83:d6:8a:a3:6b:ab:ac:ac:21:
8a:5c:f2:92:4d:32:e0:fd:69:e8:16:4b:0e:83:5f:da:ce:e7:
29:17:62:44:c0:f2:52:c4:ad:52:c7:db:c5:ec:cb:6c:9d:88:
3a:38:4a:4a:0d:cb:cc:80:ce:b1:f7:08:1b:5e:ff:a2:2d:64:
f3:dd:30:1b:5f:b4:53:75:e5:e7:20:f0:0c:0c:82:04:07:98:
d8:4a:66:12:d9:3a:9b:80:4d:c2:65:d2:84:36:a9:7f:29:bc:
06:7f:14:70:29:61:c2:c1:44:92:26:be:1d:9d:a6:b5:05:db:
a1:1d:2a:43:8e:06:13:1c:49:fa:ce:2b:8e:ca:16:7f:e7:dd:
cb:a8:58:4a:30:11:53:4a:e0:9d:f6:27:0b:c8:65:1f:0b:96:
41:fd:19:35
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzF3A1hXnJ4NeJ6JWd7zCylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDZlMzBlOWRjZjkwYzU4ZDBmY2U5MDM4Y2I2ZGUxMTRkMGEwNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJW+ssCQTdCk2mTX7Q7agzM8Mbbg
i338UQyl1IjZuAsGIS9DgntfY+NOftXX6q4jmEsbrPGJERdDz6yEKgxlnj9ayZzZ
CqEIkheIyTyyHD919lXpqCp7XhEeyd7r6TwfZShCxELvgsiqb2TMLnoRZL6f7Lfi
DVgX8k3wFEAqVN/igQznluR3j7ImON5cbJxE15M/C1R9LOu4bgBLlQ9aAK7NVrLB
fckHeeGUgJCgU2DlzqnqEZzJ6KSmYFbqcL0Vr+LQBC8w736MZFhq/P7JP0rnda/s
rfwiOqTmmJwEGQNPUJ6s57ZbFzMV0xCmwBoeUKj9a3Zym2WR7gJGZS2CDwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNRuMOnc+QxY0PzpA4y23hFNCgSFMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvMUc0dzZkejVERmpRX09rRGpMYmVFVTBLQklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgWwxlUw
DQYJKoZIhvcNAQELBQADggEBAEX7YCgs5ZZP0Wy08nl6QYn7YUOw2P/xokLQ8Nuz
GivY10WeNiLx1qVSRD3qSn9ecx5NNWos77asXAvWO/vVnB9um+NSqhtiwPq2gacq
aTlVIgsLvjuMrMzW10zppJnkVQ6qXoPWiqNrq6ysIYpc8pJNMuD9aegWSw6DX9rO
5ykXYkTA8lLErVLH28Xsy2ydiDo4SkoNy8yAzrH3CBte/6ItZPPdMBtftFN15ecg
8AwMggQHmNhKZhLZOpuATcJl0oQ2qX8pvAZ/FHApYcLBRJImvh2dprUF26EdKkOO
BhMcSfrOK47KFn/n3cuoWEowEVNK4J32JwvIZR8LlkH9GTU=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:39:31 2024 by rpki-client on console-ams.rpki-client.org