Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/FjVCt3lDA0gNrbIww7oBrGJ_kl0.roa
File: FjVCt3lDA0gNrbIww7oBrGJ_kl0.roa (raw, json)
Hash identifier: sOKvXWdQFNDsrrE4/PsAXqrx0PEUiySZZoBq5CiA1mc=
Subject key identifier: 16:35:42:B7:79:43:03:48:0D:AD:B2:30:C3:BA:01:AC:62:7F:92:5D
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018CC5DC0ACFB7BCBC0533376E8E3E42346F
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/FjVCt3lDA0gNrbIww7oBrGJ_kl0.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198412
IP address blocks: 176.124.112.0/23 maxlen: 24
176.124.112.0/24 maxlen: 24
185.187.152.0/24 maxlen: 24
176.124.113.0/24 maxlen: 24
185.187.153.0/24 maxlen: 24
2a05:b0c0::/48 maxlen: 48
2a05:b0c4:1::/48 maxlen: 48
2a05:b0c1::/48 maxlen: 48
2a05:b0c4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0a:cf:b7:bc:bc:05:33:37:6e:8e:3e:42:34:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=163542b7794303480dadb230c3ba01ac627f925d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d3:e5:c6:2b:e0:6b:95:30:b3:ca:d0:d2:43:
60:e7:b9:f0:79:68:d0:35:52:f5:48:a2:66:b1:aa:
26:11:2c:05:0f:54:bb:1d:1e:ae:ef:8c:45:0d:97:
f1:53:56:ba:0a:44:0f:58:0a:3d:d7:09:50:4e:70:
8a:de:b6:f3:64:a0:b7:71:77:44:a0:6b:b1:1c:c3:
51:54:c2:6c:70:5a:68:cf:d8:bb:c7:f5:16:b2:45:
1e:21:11:19:65:ed:42:bc:d2:f6:99:dc:2f:bd:4c:
6d:48:a1:04:ba:8d:eb:1b:ef:1c:4c:17:71:7a:7c:
13:b4:01:a0:23:86:be:a6:99:73:ed:dc:a0:84:c1:
ee:6c:75:5e:57:d9:67:09:d6:ce:39:59:52:5e:20:
c1:d8:5e:83:40:7a:a0:57:8a:7d:e8:a3:ad:ac:96:
ce:ca:59:c3:a8:50:95:10:c6:33:6a:26:ab:66:a5:
29:47:0f:b6:38:b5:37:0e:ce:eb:bd:e9:1e:2f:c6:
86:2d:2b:e5:6f:71:5e:82:44:60:5a:a5:04:5b:f8:
74:44:56:2a:1a:5e:37:35:a4:63:54:f5:3c:b7:da:
45:a1:21:7c:da:b0:d5:ee:49:ae:64:77:aa:5e:4d:
03:84:d1:38:e6:fd:dd:92:f2:2c:5a:da:e6:76:1a:
04:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:35:42:B7:79:43:03:48:0D:AD:B2:30:C3:BA:01:AC:62:7F:92:5D
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/FjVCt3lDA0gNrbIww7oBrGJ_kl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.112.0/23
185.187.152.0/23
IPv6:
2a05:b0c0::/48
2a05:b0c1::/48
2a05:b0c4::/47
Signature Algorithm: sha256WithRSAEncryption
67:4f:68:29:50:41:d9:55:ae:16:69:e2:8a:28:7d:37:bf:a6:
b0:6c:c9:e7:9f:cf:e5:1e:05:3e:4d:24:bc:a6:b7:03:1b:c5:
4a:86:fa:d1:95:6e:5d:25:37:1b:c8:0d:7f:75:a8:d5:53:02:
f1:3e:d1:4a:e2:4f:ed:b7:06:6f:73:63:55:3b:8d:7b:14:ed:
ce:0e:58:79:e1:7c:2d:85:57:a2:ad:9e:74:80:65:6a:07:71:
0e:28:d2:51:f0:94:99:34:0c:3c:50:61:78:8e:f3:e6:86:45:
3c:02:c2:bb:40:60:1b:2a:9b:b5:c4:f8:72:52:8a:20:be:d7:
9e:e6:cd:ea:29:eb:3e:dc:e9:22:26:69:e3:2c:73:aa:e3:58:
ef:d1:fa:15:d4:c7:97:82:8e:c0:a0:12:ac:0b:c9:8c:2e:f2:
41:ee:70:17:39:05:2a:79:4f:0c:e2:d9:09:49:40:2e:c2:47:
99:53:cc:07:80:a6:da:75:54:3a:b7:29:34:b3:c2:e6:b7:ac:
50:95:d9:75:8c:ff:52:e9:86:31:b1:e0:ab:0d:a7:18:ac:9c:
92:d1:f5:93:51:9f:08:55:ea:36:20:7b:2e:99:80:50:37:f7:
c1:96:bb:8e:9b:e6:ce:95:8c:ed:13:ad:04:32:16:7a:ee:a0:
51:b8:81:68
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzF3ArPt7y8BTM3bo4+QjRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjM1NDJiNzc5NDMwMzQ4MGRhZGIyMzBjM2JhMDFhYzYyN2Y5MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9Plxivga5Uws8rQ0kNg57nweWjQ
NVL1SKJmsaomESwFD1S7HR6u74xFDZfxU1a6CkQPWAo91wlQTnCK3rbzZKC3cXdE
oGuxHMNRVMJscFpoz9i7x/UWskUeIREZZe1CvNL2mdwvvUxtSKEEuo3rG+8cTBdx
enwTtAGgI4a+pplz7dyghMHubHVeV9lnCdbOOVlSXiDB2F6DQHqgV4p96KOtrJbO
ylnDqFCVEMYzaiarZqUpRw+2OLU3Ds7rvekeL8aGLSvlb3FegkRgWqUEW/h0RFYq
Gl43NaRjVPU8t9pFoSF82rDV7kmuZHeqXk0DhNE45v3dkvIsWtrmdhoEnwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBY1Qrd5QwNIDa2yMMO6Aaxif5JdMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvRmpWQ3QzbERBMGdOcmJJd3c3b0JyR0pfa2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQBsHxwAwQB
ubuYMCEEAgACMBsDBwAqBbDAAAADBwAqBbDBAAADBwEqBbDEAAAwDQYJKoZIhvcN
AQELBQADggEBAGdPaClQQdlVrhZp4ooofTe/prBsyeefz+UeBT5NJLymtwMbxUqG
+tGVbl0lNxvIDX91qNVTAvE+0UriT+23Bm9zY1U7jXsU7c4OWHnhfC2FV6KtnnSA
ZWoHcQ4o0lHwlJk0DDxQYXiO8+aGRTwCwrtAYBsqm7XE+HJSiiC+157mzeop6z7c
6SImaeMsc6rjWO/R+hXUx5eCjsCgEqwLyYwu8kHucBc5BSp5Twzi2QlJQC7CR5lT
zAeAptp1VDq3KTSzwua3rFCV2XWM/1LphjGx4KsNpxisnJLR9ZNRnwhV6jYgey6Z
gFA398GWu46b5s6VjO0TrQQyFnruoFG4gWg=
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:27:48 2024 by rpki-client on console-ams.rpki-client.org