Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/wgcQpLqP2CRIXvvYDcuGSZzIS98.roa
File: wgcQpLqP2CRIXvvYDcuGSZzIS98.roa (raw, json)
Hash identifier: 0aiFrn6CzhSQQgEeY1beZjbqST72X4y1zN20MZRj7NE=
Subject key identifier: C2:07:10:A4:BA:8F:D8:24:48:5E:FB:D8:0D:CB:86:49:9C:C8:4B:DF
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 018CC6B8F15C16385C3710511A55522BA917
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/wgcQpLqP2CRIXvvYDcuGSZzIS98.roa
Signing time: Mon 01 Jan 2024 20:30:58 +0000
ROA not before: Mon 01 Jan 2024 20:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134450
IP address blocks: 103.240.180.0/22 maxlen: 32
45.114.8.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.mft
rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f1:5c:16:38:5c:37:10:51:1a:55:52:2b:a9:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Jan 1 20:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c20710a4ba8fd824485efbd80dcb86499cc84bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:23:d3:9e:a8:b1:08:3b:6f:8c:46:bb:25:be:
9f:48:0f:36:7a:0d:db:5e:48:9d:77:f4:fc:1b:d6:
b6:d5:b7:dd:1f:65:68:2d:2b:a1:bd:09:aa:a3:66:
6d:4b:37:5c:ef:a2:5c:64:fa:04:13:3e:7c:c1:c1:
8c:9c:99:c3:de:c8:40:e7:84:4a:1b:a8:0a:6f:6f:
ca:b5:a7:20:0b:ca:cd:32:02:1a:2a:75:52:ca:cb:
b7:0b:2b:73:7a:e7:c7:f1:f7:13:43:96:d7:73:68:
21:72:4c:46:21:83:f4:57:13:c8:c1:40:af:4f:e7:
51:e7:26:81:e8:90:cd:95:74:ce:0b:2e:44:16:58:
5a:07:96:f2:d9:7f:61:cc:a3:68:cc:21:ee:ef:10:
01:fc:ff:77:84:2a:2e:f7:e1:aa:38:b4:21:72:64:
3a:27:b7:da:30:27:7c:89:e6:99:a0:6b:0e:9b:05:
b6:4f:f7:57:14:a2:28:91:27:9b:2d:52:7d:d7:00:
ed:62:ec:29:4a:df:5c:f7:4e:fb:5d:42:02:5b:55:
a5:dd:a3:1b:b3:02:b9:c1:49:55:79:bd:71:df:70:
37:54:56:9e:d9:70:27:be:c8:14:72:eb:7d:2d:91:
1b:fd:74:c8:89:7b:51:08:05:d7:39:54:69:8d:8d:
8c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:07:10:A4:BA:8F:D8:24:48:5E:FB:D8:0D:CB:86:49:9C:C8:4B:DF
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/wgcQpLqP2CRIXvvYDcuGSZzIS98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.8.0/22
103.240.180.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:95:1f:2d:fb:d8:a3:d1:f1:5e:a1:28:b4:0a:80:68:70:8c:
96:9e:6f:4f:92:0e:40:0e:ef:51:6d:18:48:d3:1a:c2:f8:da:
e0:fc:b3:6a:72:31:a1:ec:98:50:5b:00:16:48:5f:99:4f:92:
b7:a7:f9:09:32:c9:2d:63:bf:55:3c:91:a0:03:37:77:04:4f:
2b:43:d8:77:43:28:4d:cd:9d:cf:09:bc:d2:bd:c2:ae:fe:1e:
04:4b:74:68:d4:7b:20:48:3d:24:ec:8b:62:d6:9d:7b:00:0c:
37:3f:02:98:27:19:2d:aa:ec:10:4d:30:a2:bb:6a:a7:11:aa:
4c:77:6e:8d:1c:ca:0e:66:07:7a:ac:36:94:b5:15:22:b7:59:
2d:e6:a0:fc:b3:e7:b9:f0:7b:a8:ea:71:cf:ec:a8:3d:85:0c:
e0:3b:a6:75:a0:09:24:99:66:85:31:72:ab:a6:33:d0:2f:0e:
1f:1a:57:2f:0b:30:4f:07:35:0f:0b:98:0b:a7:cc:82:60:13:
6b:b6:f4:23:4b:14:16:7b:8d:01:4b:9c:04:f7:13:71:91:2d:
36:e8:55:6f:11:42:c0:4d:30:50:df:e6:47:51:d1:27:e5:93:
dc:28:9b:0c:cf:55:0b:2d:6c:a5:70:9f:ba:b1:cd:41:cf:41:
a7:e0:7b:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuPFcFjhcNxBRGlVSK6kXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjQwMTAxMjAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjA3MTBhNGJhOGZkODI0NDg1ZWZiZDgwZGNiODY0OTljYzg0YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiPTnqixCDtvjEa7Jb6fSA82eg3b
Xkidd/T8G9a21bfdH2VoLSuhvQmqo2ZtSzdc76JcZPoEEz58wcGMnJnD3shA54RK
G6gKb2/KtacgC8rNMgIaKnVSysu3CytzeufH8fcTQ5bXc2ghckxGIYP0VxPIwUCv
T+dR5yaB6JDNlXTOCy5EFlhaB5by2X9hzKNozCHu7xAB/P93hCou9+GqOLQhcmQ6
J7faMCd8ieaZoGsOmwW2T/dXFKIokSebLVJ91wDtYuwpSt9c9077XUICW1Wl3aMb
swK5wUlVeb1x33A3VFae2XAnvsgUcut9LZEb/XTIiXtRCAXXOVRpjY2MEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMIHEKS6j9gkSF772A3LhkmcyEvfMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvd2djUXBMcVAyQ1JJWHZ2WURjdUdTWnpJUzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLXIIAwQC
Z/C0MA0GCSqGSIb3DQEBCwUAA4IBAQCglR8t+9ij0fFeoSi0CoBocIyWnm9Pkg5A
Du9RbRhI0xrC+Nrg/LNqcjGh7JhQWwAWSF+ZT5K3p/kJMsktY79VPJGgAzd3BE8r
Q9h3QyhNzZ3PCbzSvcKu/h4ES3Ro1HsgSD0k7Iti1p17AAw3PwKYJxktquwQTTCi
u2qnEapMd26NHMoOZgd6rDaUtRUit1kt5qD8s+e58Huo6nHP7Kg9hQzgO6Z1oAkk
mWaFMXKrpjPQLw4fGlcvCzBPBzUPC5gLp8yCYBNrtvQjSxQWe40BS5wE9xNxkS02
6FVvEULATTBQ3+ZHUdEn5ZPcKJsMz1ULLWylcJ+6sc1Bz0Gn4HsE
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:46:58 2024 by rpki-client on console-ams.rpki-client.org