Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/93uDTqiDk5Y6zluqZBHW7E0mnxY.roa
File: 93uDTqiDk5Y6zluqZBHW7E0mnxY.roa (raw, json)
Hash identifier: NcVLCSXVplDv7JYafVZ09Z2FfV0ZL/eLS2c6flhO1kA=
Subject key identifier: F7:7B:83:4E:A8:83:93:96:3A:CE:5B:AA:64:11:D6:EC:4D:26:9F:16
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018CC5DC0E4B39B445F29298D0D9774BDE18
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/93uDTqiDk5Y6zluqZBHW7E0mnxY.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211139
IP address blocks: 2a05:b0c6:6006::/48 maxlen: 48
2a05:b0c6:6000::/48 maxlen: 48
2a05:b0c6:6007::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0e:4b:39:b4:45:f2:92:98:d0:d9:77:4b:de:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f77b834ea88393963ace5baa6411d6ec4d269f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:77:27:f9:48:a9:e1:11:08:e2:62:bc:95:99:
55:9e:01:9a:5e:31:6d:9e:25:73:bc:ff:cd:24:89:
fe:51:5b:1e:86:05:bc:5c:b3:1a:75:a3:fb:1a:de:
74:f2:ec:74:85:24:0b:8a:1e:20:b7:a1:26:fd:03:
13:11:e6:8c:e2:c1:23:d2:08:3d:7c:c0:19:67:81:
97:3c:44:78:c0:25:ea:f9:97:93:18:b3:d2:65:3d:
67:52:b3:6a:51:90:4e:80:c5:87:4d:ac:74:d9:25:
f7:02:15:a6:7f:0f:1c:fe:03:a7:bf:ba:04:cd:87:
aa:cf:64:9e:0d:7e:af:d9:ec:bf:9b:fa:40:2d:81:
67:97:a6:62:30:be:9e:ef:57:9a:39:3b:22:36:5c:
b8:e7:b6:71:c6:68:64:1e:3a:74:47:a1:64:1b:88:
b6:10:d2:42:f9:37:8d:1a:8b:51:1d:14:f5:9c:d2:
e1:90:5e:80:e0:6e:ad:42:29:9b:79:74:2d:e4:67:
6f:0d:c8:71:b8:e5:5b:d3:10:7e:14:af:2c:ca:8f:
a4:d3:de:80:3e:85:b1:4d:c3:dc:1e:94:60:2d:3b:
c6:00:3b:43:28:0f:6a:57:4b:e3:0c:98:a8:49:27:
18:e9:b1:c1:0b:b6:31:a2:81:6b:7d:d9:2c:4b:a1:
53:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:7B:83:4E:A8:83:93:96:3A:CE:5B:AA:64:11:D6:EC:4D:26:9F:16
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/93uDTqiDk5Y6zluqZBHW7E0mnxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:6000::/48
2a05:b0c6:6006::/47
Signature Algorithm: sha256WithRSAEncryption
55:87:32:2d:59:a7:ff:ba:3a:f3:99:6f:49:7f:b6:ad:4d:d4:
21:93:c6:69:07:25:84:f0:28:84:16:da:6e:8d:90:58:37:88:
07:7c:bb:0e:62:bf:a2:29:0d:2d:98:42:91:9d:7b:d9:e5:89:
90:37:2d:74:54:9e:c1:cc:ec:d5:3d:ff:11:58:6d:e7:2b:ce:
12:b8:20:2a:36:2c:86:d1:91:4b:c1:66:de:6e:f1:00:cb:3c:
a0:d5:dd:77:80:0c:9d:5d:9e:dc:00:c2:15:60:ba:c3:73:d7:
18:1b:0b:28:09:60:0e:ba:c5:80:61:4e:be:9b:ce:2d:c2:20:
5b:e9:2c:19:94:b6:99:fd:36:f7:31:e2:d2:d4:64:6f:01:36:
2a:58:14:f9:54:fa:06:38:fb:cd:3e:21:66:d6:93:73:de:d6:
fc:7d:ba:b2:7d:09:43:10:dd:40:87:e1:31:93:c1:78:87:d7:
cc:ea:25:4f:f5:bb:8c:f3:96:dc:a2:a8:2c:18:81:d8:f9:e3:
aa:15:a9:fd:d9:a5:42:77:83:57:4b:85:56:2b:fa:d9:04:8c:
4d:b2:ca:a8:6e:7e:78:db:82:4a:9d:28:9c:63:29:44:76:69:
f5:7b:96:bc:56:60:05:8b:0c:c6:7c:2a:f9:fe:d9:c5:0e:47:
c6:0b:8b:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzF3A5LObRF8pKY0Nl3S94YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzdiODM0ZWE4ODM5Mzk2M2FjZTViYWE2NDExZDZlYzRkMjY5ZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Hcn+Uip4REI4mK8lZlVngGaXjFt
niVzvP/NJIn+UVsehgW8XLMadaP7Gt508ux0hSQLih4gt6Em/QMTEeaM4sEj0gg9
fMAZZ4GXPER4wCXq+ZeTGLPSZT1nUrNqUZBOgMWHTax02SX3AhWmfw8c/gOnv7oE
zYeqz2SeDX6v2ey/m/pALYFnl6ZiML6e71eaOTsiNly457ZxxmhkHjp0R6FkG4i2
ENJC+TeNGotRHRT1nNLhkF6A4G6tQimbeXQt5GdvDchxuOVb0xB+FK8syo+k096A
PoWxTcPcHpRgLTvGADtDKA9qV0vjDJioSScY6bHBC7YxooFrfdksS6FTKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPd7g06og5OWOs5bqmQR1uxNJp8WMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvOTN1RFRxaURrNVk2emx1cVpCSFc3RTBtbnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgWwxmAA
AwcBKgWwxmAGMA0GCSqGSIb3DQEBCwUAA4IBAQBVhzItWaf/ujrzmW9Jf7atTdQh
k8ZpByWE8CiEFtpujZBYN4gHfLsOYr+iKQ0tmEKRnXvZ5YmQNy10VJ7BzOzVPf8R
WG3nK84SuCAqNiyG0ZFLwWbebvEAyzyg1d13gAydXZ7cAMIVYLrDc9cYGwsoCWAO
usWAYU6+m84twiBb6SwZlLaZ/Tb3MeLS1GRvATYqWBT5VPoGOPvNPiFm1pNz3tb8
fbqyfQlDEN1Ah+Exk8F4h9fM6iVP9buM85bcoqgsGIHY+eOqFan92aVCd4NXS4VW
K/rZBIxNssqobn5424JKnSicYylEdmn1e5a8VmAFiwzGfCr5/tnFDkfGC4vm
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:55:19 2024 by rpki-client on console-ams.rpki-client.org