Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/397dfe-dc98-4584-8585-4d1d37dc81b4/1/WgfbdRdtGBLrTfJAZJmbekwBFZo.roa
File: WgfbdRdtGBLrTfJAZJmbekwBFZo.roa (raw, json)
Hash identifier: KQKzEtxtvoylbQ2uL1wbDc4jUYLYkFckHedEVOE5mWo=
Subject key identifier: 5A:07:DB:75:17:6D:18:12:EB:4D:F2:40:64:99:9B:7A:4C:01:15:9A
Certificate issuer: /CN=0a3e08ef3d754bc6afa91fa6c10020f58505c161
Certificate serial: 01936C8D74434F4145CB1158A0DC2F242898
Authority key identifier: 0A:3E:08:EF:3D:75:4B:C6:AF:A9:1F:A6:C1:00:20:F5:85:05:C1:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cj4I7z11S8avqR-mwQAg9YUFwWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/397dfe-dc98-4584-8585-4d1d37dc81b4/1/WgfbdRdtGBLrTfJAZJmbekwBFZo.roa
Signing time: Wed 27 Nov 2024 07:37:09 +0000
ROA not before: Wed 27 Nov 2024 07:37:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16168
IP address blocks: 82.144.96.0/19 maxlen: 19
82.144.110.0/24 maxlen: 24
193.41.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/397dfe-dc98-4584-8585-4d1d37dc81b4/1/Cj4I7z11S8avqR-mwQAg9YUFwWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/397dfe-dc98-4584-8585-4d1d37dc81b4/1/Cj4I7z11S8avqR-mwQAg9YUFwWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cj4I7z11S8avqR-mwQAg9YUFwWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 16:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:8d:74:43:4f:41:45:cb:11:58:a0:dc:2f:24:28:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a3e08ef3d754bc6afa91fa6c10020f58505c161
Validity
Not Before: Nov 27 07:37:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a07db75176d1812eb4df24064999b7a4c01159a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:04:ae:1d:da:b0:e3:d9:f1:06:0c:73:11:0b:
d8:3f:d3:47:6d:84:5c:b3:b1:1c:de:64:cd:2c:cd:
0f:fa:71:ac:3e:22:7a:a7:5b:2b:cf:f5:01:ce:db:
38:22:e8:a8:5f:d2:e9:1f:42:dd:b7:8d:3d:36:c4:
b8:71:f7:a1:d9:11:a1:da:7d:58:a0:71:5e:31:76:
84:58:25:6d:2b:c0:db:51:24:8e:08:d4:90:af:d4:
7f:5b:5e:24:1a:05:a7:6b:1a:6b:06:8c:7b:fc:05:
86:e5:5d:61:c2:1d:d0:5e:eb:55:dc:be:3a:d3:89:
c1:5a:3e:da:a0:a9:57:fa:09:77:2e:d3:fb:3c:c4:
17:f1:ba:f7:f3:dd:c8:77:88:f7:bf:cb:58:e2:6b:
83:6b:42:42:02:bf:65:30:1a:e4:5e:3d:24:c6:f1:
50:2c:dd:b0:aa:22:94:37:07:0a:0e:12:af:68:81:
34:c2:88:8b:88:c4:df:eb:c6:79:bb:5f:b3:7e:0e:
0b:05:2d:8d:56:c6:ef:49:78:43:13:77:ac:16:2e:
03:9f:87:f1:35:4d:23:b4:83:f7:d9:78:c3:64:8b:
5c:60:dd:cb:64:98:d0:9a:31:d2:97:d0:8a:2e:be:
0f:6d:29:2d:2b:1a:33:70:24:53:90:ab:95:70:f1:
9f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:07:DB:75:17:6D:18:12:EB:4D:F2:40:64:99:9B:7A:4C:01:15:9A
X509v3 Authority Key Identifier:
keyid:0A:3E:08:EF:3D:75:4B:C6:AF:A9:1F:A6:C1:00:20:F5:85:05:C1:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cj4I7z11S8avqR-mwQAg9YUFwWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/397dfe-dc98-4584-8585-4d1d37dc81b4/1/WgfbdRdtGBLrTfJAZJmbekwBFZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/397dfe-dc98-4584-8585-4d1d37dc81b4/1/Cj4I7z11S8avqR-mwQAg9YUFwWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.144.96.0/19
193.41.240.0/22
Signature Algorithm: sha256WithRSAEncryption
26:14:a7:46:c6:e9:7a:05:d6:fb:0c:54:3e:ed:be:e9:81:bf:
08:1e:91:e4:b4:6b:a4:37:e9:bf:7d:a4:03:72:10:b0:ed:62:
de:e2:e7:de:34:c3:ce:e2:b3:c5:e5:dc:00:e7:e6:6a:8e:6c:
78:fe:98:a8:48:5d:87:3b:3a:a0:34:2c:72:d6:66:d9:b7:dc:
36:a0:7d:c8:01:2d:9c:83:ee:93:ad:57:ca:71:e3:3c:f4:d1:
2f:95:0d:d8:ed:ff:7c:7c:5d:2b:4d:bd:2b:af:23:25:ce:c3:
6e:14:1f:2f:c9:b8:8d:81:03:c3:55:d6:19:a3:0d:6f:86:90:
c1:2e:23:61:1d:8f:13:53:dd:22:5f:b4:78:26:ce:a8:ee:53:
25:ec:1f:33:6b:32:41:4a:bc:d9:10:42:55:0f:8d:68:5a:a0:
81:f1:7f:80:31:d7:50:9b:f8:82:85:38:dd:ac:18:57:89:f8:
38:c3:dd:bc:1d:b6:a6:46:9b:59:33:65:2c:72:db:c5:dd:26:
b3:96:6c:be:75:5e:31:5d:00:1e:29:37:03:27:e1:45:1f:b4:
0d:8f:14:42:f1:33:14:39:c2:e1:25:6f:e2:19:55:6b:b4:b0:
fa:9a:c5:2e:d1:1b:61:73:26:d0:6a:79:9c:5a:bc:27:18:ce:
8a:1f:ca:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNsjXRDT0FFyxFYoNwvJCiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhM2UwOGVmM2Q3NTRiYzZhZmE5MWZhNmMxMDAyMGY1ODUw
NWMxNjEwHhcNMjQxMTI3MDczNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTA3ZGI3NTE3NmQxODEyZWI0ZGYyNDA2NDk5OWI3YTRjMDExNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowSuHdqw49nxBgxzEQvYP9NHbYRc
s7Ec3mTNLM0P+nGsPiJ6p1srz/UBzts4IuioX9LpH0Ldt409NsS4cfeh2RGh2n1Y
oHFeMXaEWCVtK8DbUSSOCNSQr9R/W14kGgWnaxprBox7/AWG5V1hwh3QXutV3L46
04nBWj7aoKlX+gl3LtP7PMQX8br3893Id4j3v8tY4muDa0JCAr9lMBrkXj0kxvFQ
LN2wqiKUNwcKDhKvaIE0woiLiMTf68Z5u1+zfg4LBS2NVsbvSXhDE3esFi4Dn4fx
NU0jtIP32XjDZItcYN3LZJjQmjHSl9CKLr4PbSktKxozcCRTkKuVcPGfFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFoH23UXbRgS603yQGSZm3pMARWaMB8GA1UdIwQY
MBaAFAo+CO89dUvGr6kfpsEAIPWFBcFhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2o0STd6MTFTOGF2cVItbXdRQWc5WVVGd1dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8zOTdkZmUtZGM5OC00NTg0LTg1ODUt
NGQxZDM3ZGM4MWI0LzEvV2dmYmRSZHRHQkxyVGZKQVpKbWJla3dCRlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8zOTdkZmUtZGM5OC00NTg0LTg1ODUtNGQxZDM3ZGM4MWI0
LzEvQ2o0STd6MTFTOGF2cVItbXdRQWc5WVVGd1dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFUpBgAwQC
wSnwMA0GCSqGSIb3DQEBCwUAA4IBAQAmFKdGxul6Bdb7DFQ+7b7pgb8IHpHktGuk
N+m/faQDchCw7WLe4ufeNMPO4rPF5dwA5+Zqjmx4/pioSF2HOzqgNCxy1mbZt9w2
oH3IAS2cg+6TrVfKceM89NEvlQ3Y7f98fF0rTb0rryMlzsNuFB8vybiNgQPDVdYZ
ow1vhpDBLiNhHY8TU90iX7R4Js6o7lMl7B8zazJBSrzZEEJVD41oWqCB8X+AMddQ
m/iChTjdrBhXifg4w928HbamRptZM2UsctvF3Sazlmy+dV4xXQAeKTcDJ+FFH7QN
jxRC8TMUOcLhJW/iGVVrtLD6msUu0RthcybQanmcWrwnGM6KH8rw
-----END CERTIFICATE-----
Generated at Fri Dec 27 20:58:56 2024 by rpki-client on console-fra.rpki-client.org