Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/WGpbVtRMCFeY0kXG1iMGHvGnAzg.roa
File: WGpbVtRMCFeY0kXG1iMGHvGnAzg.roa (raw, json)
Hash identifier: RQsxcvOVFJkbUQag6cXjNtdflKlTMxHv6l8IASfcOEs=
Subject key identifier: 58:6A:5B:56:D4:4C:08:57:98:D2:45:C6:D6:23:06:1E:F1:A7:03:38
Certificate issuer: /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial: 018CC56E42B450A62F922753066979E57064
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/WGpbVtRMCFeY0kXG1iMGHvGnAzg.roa
Signing time: Mon 01 Jan 2024 14:29:46 +0000
ROA not before: Mon 01 Jan 2024 14:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197706
IP address blocks: 2a0d:4941::/32 maxlen: 48
2a0d:4943::/32 maxlen: 48
2a0d:4947::/32 maxlen: 48
2a0d:4940::/29 maxlen: 48
2a0d:4944::/32 maxlen: 48
2a0e:abc0::/29 maxlen: 48
2a0d:1dc0::/29 maxlen: 48
2a0f:4780::/29 maxlen: 48
2a0d:4946::/32 maxlen: 48
2a0d:4945::/32 maxlen: 48
2a0d:4942::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:42:b4:50:a6:2f:92:27:53:06:69:79:e5:70:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Validity
Not Before: Jan 1 14:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=586a5b56d44c085798d245c6d623061ef1a70338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2c:85:a2:eb:bc:9d:e2:b5:62:67:bb:14:58:
b3:37:aa:3f:e3:29:05:73:4c:81:ac:f9:5a:5e:e6:
b3:34:8f:3c:a5:10:6e:55:bb:b1:a1:d2:14:83:ec:
70:65:7d:88:6a:d6:e1:a7:c1:fe:a9:1c:3e:10:79:
b3:af:53:60:1b:38:d0:02:43:8d:2e:c9:27:d5:0a:
36:85:9a:82:5c:99:64:63:76:35:a4:07:97:5d:96:
8b:88:47:5f:e7:24:96:91:c6:6d:13:a7:4c:2a:42:
20:e9:31:b0:50:15:9d:c1:e3:4c:9a:ca:7d:46:76:
9b:7a:d3:05:f1:9d:4c:a9:dc:55:7a:3d:9c:d7:89:
1e:d2:8d:d1:52:87:93:13:66:5b:70:fc:55:b1:df:
40:2f:44:12:cb:19:9f:3e:6a:e1:b1:fc:c0:e6:cb:
bd:a3:b0:d5:7b:df:0b:62:79:9c:5c:3d:c0:7c:2f:
c5:e6:b7:f0:06:2b:5c:51:ee:51:26:c4:fa:0f:40:
cf:7b:71:89:bc:d0:39:d8:8c:86:45:01:91:39:fa:
33:66:21:aa:e5:21:e6:5e:2c:a7:1e:4f:4d:c2:f3:
cf:72:a2:3e:87:c6:3e:6b:14:e7:0f:64:fe:48:64:
9e:56:07:47:77:44:af:fb:8c:9d:e3:af:2f:ba:1f:
f4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:6A:5B:56:D4:4C:08:57:98:D2:45:C6:D6:23:06:1E:F1:A7:03:38
X509v3 Authority Key Identifier:
keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/WGpbVtRMCFeY0kXG1iMGHvGnAzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1dc0::/29
2a0d:4940::/29
2a0e:abc0::/29
2a0f:4780::/29
Signature Algorithm: sha256WithRSAEncryption
61:21:8f:3c:a6:2c:f5:e0:f4:7c:ff:14:7d:9b:cc:f4:ab:d4:
5e:26:c8:6d:26:1d:e7:52:7b:f4:f6:89:2a:1e:10:d7:88:94:
d1:e3:3a:43:fa:ad:9e:2a:32:7f:a8:3d:8f:a2:db:f0:6f:7c:
9a:bd:c7:08:6d:19:96:5a:34:83:ba:21:31:c1:e6:10:09:e1:
a2:c5:0f:0d:32:5d:f6:df:fb:0a:c0:60:54:69:f1:63:3f:8e:
bd:89:04:89:4e:7c:37:80:c7:49:a3:06:72:03:04:52:d8:8b:
2b:c2:be:c9:44:18:05:ed:6e:fb:a2:5c:f2:31:59:ee:f8:15:
15:48:2a:48:e6:1e:14:71:84:0b:9a:3b:df:0e:1c:3e:73:00:
ba:65:fe:ed:22:d2:35:20:2e:6b:9d:93:ce:3a:aa:f8:12:49:
21:4f:e3:c5:66:9d:ec:31:85:78:61:c2:d1:60:8a:2d:b1:87:
38:4f:5c:14:f3:ad:9f:ae:e8:cc:9f:2b:34:6e:1e:06:90:33:
ae:10:f7:63:7b:c9:fd:4e:68:b2:fe:3c:1d:f2:d3:b9:29:24:
19:1f:8b:f9:53:15:65:18:12:6b:47:01:02:63:5b:6f:00:af:
f3:07:e5:1b:7a:42:ed:bc:8f:17:4e:a3:df:df:3f:bc:5c:10:
10:cf:6f:c0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFbkK0UKYvkidTBml55XBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjQwMTAxMTQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODZhNWI1NmQ0NGMwODU3OThkMjQ1YzZkNjIzMDYxZWYxYTcwMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyyFouu8neK1Yme7FFizN6o/4ykF
c0yBrPlaXuazNI88pRBuVbuxodIUg+xwZX2Iatbhp8H+qRw+EHmzr1NgGzjQAkON
Lskn1Qo2hZqCXJlkY3Y1pAeXXZaLiEdf5ySWkcZtE6dMKkIg6TGwUBWdweNMmsp9
RnabetMF8Z1MqdxVej2c14ke0o3RUoeTE2ZbcPxVsd9AL0QSyxmfPmrhsfzA5su9
o7DVe98LYnmcXD3AfC/F5rfwBitcUe5RJsT6D0DPe3GJvNA52IyGRQGROfozZiGq
5SHmXiynHk9NwvPPcqI+h8Y+axTnD2T+SGSeVgdHd0Sv+4yd468vuh/0iwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFhqW1bUTAhXmNJFxtYjBh7xpwM4MB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvV0dwYlZ0Uk1DRmVZMGtYRzFpTUdIdkduQXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTItYmE0YzU2ZDhjMGNl
LzEvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg0dwAMF
AyoNSUADBQMqDqvAAwUDKg9HgDANBgkqhkiG9w0BAQsFAAOCAQEAYSGPPKYs9eD0
fP8UfZvM9KvUXibIbSYd51J79PaJKh4Q14iU0eM6Q/qtnioyf6g9j6Lb8G98mr3H
CG0Zllo0g7ohMcHmEAnhosUPDTJd9t/7CsBgVGnxYz+OvYkEiU58N4DHSaMGcgME
UtiLK8K+yUQYBe1u+6Jc8jFZ7vgVFUgqSOYeFHGEC5o73w4cPnMAumX+7SLSNSAu
a52Tzjqq+BJJIU/jxWad7DGFeGHC0WCKLbGHOE9cFPOtn67ozJ8rNG4eBpAzrhD3
Y3vJ/U5osv48HfLTuSkkGR+L+VMVZRgSa0cBAmNbbwCv8wflG3pC7byPF06j398/
vFwQEM9vwA==
-----END CERTIFICATE-----
Generated at Mon May 27 22:37:59 2024 by rpki-client on console-fra.rpki-client.org