Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/W0ZOGB6TRppN67l1J0-XzX0tAVQ.roa
File: W0ZOGB6TRppN67l1J0-XzX0tAVQ.roa (raw, json)
Hash identifier: sb8wQfmaOUXl5bHQAS9j4aJ+N4qr8ja0GNJpT46XwoA=
Subject key identifier: 5B:46:4E:18:1E:93:46:9A:4D:EB:B9:75:27:4F:97:CD:7D:2D:01:54
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 01930107FE74314093096F53AAB1E7B21032
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/W0ZOGB6TRppN67l1J0-XzX0tAVQ.roa
Signing time: Wed 06 Nov 2024 10:32:01 +0000
ROA not before: Wed 06 Nov 2024 10:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198178
IP address blocks: 138.124.81.0/24 maxlen: 24
138.124.107.0/24 maxlen: 24
138.124.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:07:fe:74:31:40:93:09:6f:53:aa:b1:e7:b2:10:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Nov 6 10:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b464e181e93469a4debb975274f97cd7d2d0154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ed:e1:25:cf:ba:52:7f:91:8f:be:8a:d1:57:
90:e7:32:56:01:29:b3:b0:df:3f:26:1d:7a:d1:66:
36:69:44:35:3e:24:f7:8c:95:d6:ff:03:cb:fc:5a:
a9:ce:1b:df:ae:88:fa:dc:5c:07:69:f9:cc:58:e5:
5d:b7:31:9f:46:ef:5f:33:52:54:db:67:89:6a:de:
36:31:89:fb:63:be:1f:bc:0e:d9:44:77:55:0d:4a:
28:01:67:a5:64:7d:ca:0a:e7:6c:ef:5f:72:0a:ec:
f4:c7:bc:76:67:4d:1e:54:f5:1f:d0:75:24:66:49:
ec:0f:7a:d0:ec:b3:f4:22:28:7f:59:75:b4:e8:55:
2f:ea:7d:80:69:af:de:25:c0:12:ac:09:06:7f:d9:
1e:fe:b0:62:d5:3e:37:10:0b:8b:05:7b:43:f9:2f:
41:5a:62:bd:07:16:80:3e:58:ff:60:c0:8b:22:43:
77:20:c4:c9:7a:53:5d:0f:c4:b6:7c:dd:d5:41:e2:
c0:e7:f1:73:1a:d1:83:31:5f:f8:bd:00:37:ba:69:
53:81:e6:83:0a:71:c2:97:09:72:de:fc:9a:fc:5a:
b4:42:cb:7b:31:ba:b7:c5:2a:86:63:8b:6e:43:b6:
4c:2b:b1:9d:67:09:20:b6:3a:fc:d1:95:9a:f4:4e:
56:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:46:4E:18:1E:93:46:9A:4D:EB:B9:75:27:4F:97:CD:7D:2D:01:54
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/W0ZOGB6TRppN67l1J0-XzX0tAVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.81.0/24
138.124.107.0/24
138.124.111.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:bb:6c:90:74:c5:05:0e:b8:76:95:4f:7d:2b:1d:9b:0d:2b:
f1:5c:0f:c7:27:42:f7:36:50:d0:80:d6:3d:49:0b:74:03:ad:
24:20:11:df:5b:b2:5a:a3:cc:25:3d:da:9d:d9:1a:05:58:38:
f3:a2:01:fe:c9:3d:95:42:4f:1f:c6:e8:7b:09:5b:7a:62:d2:
45:46:c4:ba:23:d4:f0:aa:30:4c:f9:ad:25:4d:82:60:15:b0:
3b:ce:82:7c:a8:08:9b:1a:12:d7:5d:1f:6b:00:7a:73:63:9c:
44:c6:fc:62:ae:3a:ef:91:bf:3a:74:36:04:e1:78:c8:1a:b1:
c0:fb:40:b3:54:c1:cf:75:3b:f0:70:12:23:54:55:1d:41:0d:
c5:f3:5f:47:06:cc:12:46:7b:c2:43:43:2d:d1:20:c9:aa:42:
cc:3c:14:35:11:18:97:ef:86:7e:b7:8d:33:2f:4d:34:0e:1c:
de:2f:79:4b:7b:4b:6e:c9:b0:1e:48:57:52:b1:8a:d4:71:23:
8a:75:ce:e5:75:5a:bc:bd:77:de:d4:0a:36:1d:17:41:fb:00:
40:82:92:16:ad:38:ee:d4:47:7d:16:0f:68:fc:fe:ef:95:51:
34:25:24:8b:fe:08:0e:a3:c3:bf:7c:62:71:3a:1d:f4:9f:c4:
51:06:d8:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMBB/50MUCTCW9TqrHnshAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQxMTA2MTAzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjQ2NGUxODFlOTM0NjlhNGRlYmI5NzUyNzRmOTdjZDdkMmQwMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+3hJc+6Un+Rj76K0VeQ5zJWASmz
sN8/Jh160WY2aUQ1PiT3jJXW/wPL/Fqpzhvfroj63FwHafnMWOVdtzGfRu9fM1JU
22eJat42MYn7Y74fvA7ZRHdVDUooAWelZH3KCuds719yCuz0x7x2Z00eVPUf0HUk
ZknsD3rQ7LP0Iih/WXW06FUv6n2Aaa/eJcASrAkGf9ke/rBi1T43EAuLBXtD+S9B
WmK9BxaAPlj/YMCLIkN3IMTJelNdD8S2fN3VQeLA5/FzGtGDMV/4vQA3umlTgeaD
CnHClwly3vya/Fq0Qst7Mbq3xSqGY4tuQ7ZMK7GdZwkgtjr80ZWa9E5WswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFtGThgek0aaTeu5dSdPl819LQFUMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvVzBaT0dCNlRScHBONjdsMUowLVh6WDB0QVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAinxRAwQA
inxrAwQAinxvMA0GCSqGSIb3DQEBCwUAA4IBAQCbu2yQdMUFDrh2lU99Kx2bDSvx
XA/HJ0L3NlDQgNY9SQt0A60kIBHfW7Jao8wlPdqd2RoFWDjzogH+yT2VQk8fxuh7
CVt6YtJFRsS6I9TwqjBM+a0lTYJgFbA7zoJ8qAibGhLXXR9rAHpzY5xExvxirjrv
kb86dDYE4XjIGrHA+0CzVMHPdTvwcBIjVFUdQQ3F819HBswSRnvCQ0Mt0SDJqkLM
PBQ1ERiX74Z+t40zL000DhzeL3lLe0tuybAeSFdSsYrUcSOKdc7ldVq8vXfe1Ao2
HRdB+wBAgpIWrTju1Ed9Fg9o/P7vlVE0JSSL/ggOo8O/fGJxOh30n8RRBth1
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:11:20 2024 by rpki-client on console-ams.rpki-client.org