Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/WnA9qZ3sqVKkm4P8xN_mQWrOzPQ.roa
File: WnA9qZ3sqVKkm4P8xN_mQWrOzPQ.roa (raw, json)
Hash identifier: iYmMq4WmBEE7fPJ5LoE+N2YuUWddJPVnrnvunh8IKVA=
Subject key identifier: 5A:70:3D:A9:9D:EC:A9:52:A4:9B:83:FC:C4:DF:E6:41:6A:CE:CC:F4
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EE35784F00D632C8518B0C2622BAF93BA
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/WnA9qZ3sqVKkm4P8xN_mQWrOzPQ.roa
Signing time: Mon 15 Apr 2024 19:59:07 +0000
ROA not before: Mon 15 Apr 2024 19:59:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35048
IP address blocks: 31.40.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e3:57:84:f0:0d:63:2c:85:18:b0:c2:62:2b:af:93:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 15 19:59:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a703da99deca952a49b83fcc4dfe6416aceccf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:96:39:57:e4:a5:47:e7:54:2f:51:dc:fc:17:
2c:48:eb:1f:fe:03:81:f2:63:98:5f:bd:63:98:37:
72:dc:4e:5c:da:24:f7:e3:03:4d:08:47:27:33:63:
25:c4:89:b3:39:fd:6a:78:e4:90:3c:f7:f7:cc:11:
88:1d:43:51:1f:a3:3b:40:24:78:04:aa:05:b7:05:
af:99:ce:a5:dd:1a:73:93:fc:3c:77:76:b2:83:8b:
f6:14:ee:11:72:e7:92:fa:31:e6:d0:d1:91:45:95:
1a:50:c0:45:9b:2f:bb:28:bd:41:da:c8:14:7d:fb:
0b:5d:ad:83:4d:5d:8a:77:48:51:93:e0:cf:90:e9:
8a:f9:7b:d5:1f:93:b1:70:22:69:ab:b0:d7:f5:57:
30:d4:9c:87:66:ca:16:ed:99:66:91:6e:fa:fd:d1:
36:df:70:70:5a:67:b4:06:48:64:00:5d:ac:13:76:
12:0c:a0:f6:33:bf:d2:82:93:ce:36:db:ba:2b:82:
b6:42:eb:49:89:91:7d:16:2f:ba:c7:07:35:44:1e:
67:2a:ea:fc:67:47:a7:d5:84:ba:21:f1:46:c2:84:
e7:05:a3:ae:72:44:e0:9d:81:b8:f0:59:98:7f:2b:
05:a9:e7:4a:69:fb:29:33:17:50:90:25:2d:b8:c5:
85:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:70:3D:A9:9D:EC:A9:52:A4:9B:83:FC:C4:DF:E6:41:6A:CE:CC:F4
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/WnA9qZ3sqVKkm4P8xN_mQWrOzPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.203.0/24
Signature Algorithm: sha256WithRSAEncryption
66:a1:c1:92:4e:3c:73:d6:70:bb:6a:27:fa:8e:a5:60:5f:ec:
da:58:2a:d4:11:7c:69:a4:a5:3c:94:cb:0d:c8:c3:86:54:fa:
a2:87:2d:a6:c8:84:b8:e0:0d:b0:e1:9c:1b:e5:67:b4:e5:f7:
4a:c3:e3:e3:e8:91:7b:fa:be:54:46:60:3f:bf:6b:b4:25:84:
07:eb:a2:2e:f4:5e:ad:9c:3c:fa:47:39:f0:25:42:f1:3d:47:
c1:0b:be:be:3c:aa:60:e5:f4:2a:95:80:24:6b:a2:78:48:c5:
54:d1:cf:7e:ec:11:90:66:ad:2c:d4:21:fa:1c:31:91:3e:b4:
0f:3d:8d:61:16:44:55:0b:bb:d8:dc:27:b3:0e:2c:69:5c:d7:
2f:b3:52:94:69:d1:12:62:6e:f8:ff:25:e4:e0:97:6e:9d:01:
d0:70:4e:57:db:4e:0c:28:7b:85:3b:07:51:6c:9f:a8:82:f3:
c2:32:b5:39:dd:28:d7:f3:ed:b6:c8:db:bf:30:64:e7:23:a1:
2d:a8:53:ed:2c:0f:53:a3:6a:b8:9e:9e:cd:49:f5:9b:a1:ce:
8f:91:6a:d8:c9:8b:85:15:96:c1:d4:cf:38:99:7b:0f:c6:60:
22:0d:c3:f5:f2:a2:c3:02:b3:bc:b7:29:ac:3f:89:73:1f:9b:
eb:fd:6a:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7jV4TwDWMshRiwwmIrr5O6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDE1MTk1OTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTcwM2RhOTlkZWNhOTUyYTQ5YjgzZmNjNGRmZTY0MTZhY2VjY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZY5V+SlR+dUL1Hc/BcsSOsf/gOB
8mOYX71jmDdy3E5c2iT34wNNCEcnM2MlxImzOf1qeOSQPPf3zBGIHUNRH6M7QCR4
BKoFtwWvmc6l3Rpzk/w8d3ayg4v2FO4RcueS+jHm0NGRRZUaUMBFmy+7KL1B2sgU
ffsLXa2DTV2Kd0hRk+DPkOmK+XvVH5OxcCJpq7DX9Vcw1JyHZsoW7ZlmkW76/dE2
33BwWme0BkhkAF2sE3YSDKD2M7/SgpPONtu6K4K2QutJiZF9Fi+6xwc1RB5nKur8
Z0en1YS6IfFGwoTnBaOuckTgnYG48FmYfysFqedKafspMxdQkCUtuMWFjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFpwPamd7KlSpJuD/MTf5kFqzsz0MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvV25BOXFaM3NxVktrbTRQOHhOX21RV3JPelBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyjLMA0G
CSqGSIb3DQEBCwUAA4IBAQBmocGSTjxz1nC7aif6jqVgX+zaWCrUEXxppKU8lMsN
yMOGVPqihy2myIS44A2w4Zwb5We05fdKw+Pj6JF7+r5URmA/v2u0JYQH66Iu9F6t
nDz6RznwJULxPUfBC76+PKpg5fQqlYAka6J4SMVU0c9+7BGQZq0s1CH6HDGRPrQP
PY1hFkRVC7vY3CezDixpXNcvs1KUadESYm74/yXk4JdunQHQcE5X204MKHuFOwdR
bJ+ogvPCMrU53SjX8+22yNu/MGTnI6EtqFPtLA9To2q4np7NSfWboc6PkWrYyYuF
FZbB1M84mXsPxmAiDcP18qLDArO8tymsP4lzH5vr/WoF
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:25:57 2024 by rpki-client on console-fra.rpki-client.org