Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/4HFw9kEOeVX1vhliZqw9ZFg9H9k.roa
File: 4HFw9kEOeVX1vhliZqw9ZFg9H9k.roa (raw, json)
Hash identifier: DF+tcAHmzsGh2Uum52GESrLpJvNdhA3WKD5NuQh+X78=
Subject key identifier: E0:71:70:F6:41:0E:79:55:F5:BE:19:62:66:AC:3D:64:58:3D:1F:D9
Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Certificate serial: 018E8523453E8C6D32BE9406A19BA57AB9D5
Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/4HFw9kEOeVX1vhliZqw9ZFg9H9k.roa
Signing time: Thu 28 Mar 2024 12:57:44 +0000
ROA not before: Thu 28 Mar 2024 12:57:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 31.209.64.0/20 maxlen: 24
80.243.16.0/21 maxlen: 21
80.243.24.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.mft
rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:23:45:3e:8c:6d:32:be:94:06:a1:9b:a5:7a:b9:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Validity
Not Before: Mar 28 12:57:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e07170f6410e7955f5be196266ac3d64583d1fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:49:80:09:61:cc:57:75:db:e9:cf:3b:e2:0f:
a5:1a:0b:75:af:ab:0a:30:67:cc:f6:4f:46:45:d9:
e6:af:97:ac:6a:ef:65:55:34:31:32:06:1d:27:c0:
19:65:5a:19:5c:d0:fa:b3:4c:ef:ad:bc:4d:ce:2a:
3a:0b:56:82:05:fb:c6:33:99:24:5e:df:ae:98:02:
f7:02:fb:b0:4d:d6:9f:0b:89:b5:29:76:c0:f9:e2:
8b:da:06:df:a5:8d:2f:c1:3e:55:ee:e1:1e:12:b2:
02:dd:f4:de:c4:5d:71:d7:12:70:16:e7:e0:71:79:
d8:b8:d5:43:02:58:a1:b9:60:0c:09:36:08:66:1e:
7f:5a:c3:3e:9f:27:17:b6:78:f6:c4:a0:b0:6b:83:
b1:c0:db:cd:8f:82:45:a4:4a:71:b8:81:c2:d5:72:
94:35:ff:b5:67:8e:48:6f:14:55:5b:36:4d:7a:c5:
9d:30:80:28:e8:a7:6d:b0:2d:04:28:09:d9:24:32:
31:91:d9:fa:db:90:e0:1f:a0:c0:c9:b6:2a:49:cd:
ee:3d:bd:b6:c6:16:af:47:6a:d9:86:34:cc:b4:14:
a1:75:cf:a0:28:52:70:c8:d9:94:c4:df:2a:72:cf:
43:6b:3b:95:36:61:71:57:c4:07:cc:a3:cb:23:1c:
9a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:71:70:F6:41:0E:79:55:F5:BE:19:62:66:AC:3D:64:58:3D:1F:D9
X509v3 Authority Key Identifier:
keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/4HFw9kEOeVX1vhliZqw9ZFg9H9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.64.0/20
80.243.16.0/20
Signature Algorithm: sha256WithRSAEncryption
59:1b:b1:63:19:4e:bc:47:15:1c:d5:ef:03:27:f3:9a:a9:ce:
5e:b5:26:bc:29:5f:4e:ac:5d:95:8f:d6:60:d7:b0:23:fc:16:
ae:8b:aa:83:41:ec:93:88:48:d6:0c:62:39:aa:cc:55:fc:66:
e0:00:81:75:89:af:5c:b5:47:26:2a:2c:27:19:73:9d:5c:8f:
7a:f6:93:b9:0d:b2:e9:9b:0f:76:9a:72:1b:f8:40:1c:24:5f:
5b:4a:91:0a:aa:68:29:5b:7f:6a:61:cb:ee:5d:ed:f2:d1:bc:
93:93:e0:bc:76:35:2d:02:4f:8b:84:e3:83:ab:0e:44:18:0b:
46:01:07:b2:37:50:05:b8:2c:fe:c9:86:33:2c:42:f5:e8:6b:
3d:47:6a:65:ab:81:0d:a0:1e:b0:50:d7:88:cd:b7:ba:3c:b9:
45:58:90:01:a2:c3:e0:92:c9:4d:9f:e2:16:e5:fb:f0:50:0c:
8f:07:53:fa:26:c7:d2:9a:85:f3:c1:50:2f:ae:18:77:04:09:
96:5e:aa:3f:b1:24:8d:96:b3:04:4c:be:82:9d:08:60:9b:02:
05:8e:31:40:e7:76:d8:b3:5c:34:17:b8:1f:23:3b:33:62:9f:
3b:a9:22:b0:1b:ed:fd:7f:7d:79:01:b2:e4:d7:ee:64:98:26:
a8:68:6c:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6FI0U+jG0yvpQGoZulernVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz
NDQ5Y2EwHhcNMjQwMzI4MTI1NzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDcxNzBmNjQxMGU3OTU1ZjViZTE5NjI2NmFjM2Q2NDU4M2QxZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30mACWHMV3Xb6c874g+lGgt1r6sK
MGfM9k9GRdnmr5esau9lVTQxMgYdJ8AZZVoZXND6s0zvrbxNzio6C1aCBfvGM5kk
Xt+umAL3AvuwTdafC4m1KXbA+eKL2gbfpY0vwT5V7uEeErIC3fTexF1x1xJwFufg
cXnYuNVDAlihuWAMCTYIZh5/WsM+nycXtnj2xKCwa4OxwNvNj4JFpEpxuIHC1XKU
Nf+1Z45IbxRVWzZNesWdMIAo6KdtsC0EKAnZJDIxkdn625DgH6DAybYqSc3uPb22
xhavR2rZhjTMtBShdc+gKFJwyNmUxN8qcs9DazuVNmFxV8QHzKPLIxyaSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOBxcPZBDnlV9b4ZYmasPWRYPR/ZMB8GA1UdIwQY
MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt
ZGEwM2JmN2EyZWMyLzEvNEhGdzlrRU9lVlgxdmhsaVpxdzlaRmc5SDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEtZGEwM2JmN2EyZWMy
LzEvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH9FAAwQE
UPMQMA0GCSqGSIb3DQEBCwUAA4IBAQBZG7FjGU68RxUc1e8DJ/Oaqc5etSa8KV9O
rF2Vj9Zg17Aj/Baui6qDQeyTiEjWDGI5qsxV/GbgAIF1ia9ctUcmKiwnGXOdXI96
9pO5DbLpmw92mnIb+EAcJF9bSpEKqmgpW39qYcvuXe3y0byTk+C8djUtAk+LhOOD
qw5EGAtGAQeyN1AFuCz+yYYzLEL16Gs9R2plq4ENoB6wUNeIzbe6PLlFWJABosPg
kslNn+IW5fvwUAyPB1P6JsfSmoXzwVAvrhh3BAmWXqo/sSSNlrMETL6CnQhgmwIF
jjFA53bYs1w0F7gfIzszYp87qSKwG+39f315AbLk1+5kmCaoaGwh
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:28:19 2024 by rpki-client on console-fra.rpki-client.org