Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/C8nY2Wgijubo5tztgxJNmohibAY.roa
File: C8nY2Wgijubo5tztgxJNmohibAY.roa (raw, json)
Hash identifier: hzzU+R4ZGoCYHaWRReh/kum5ptcqzMseGoyP4kx6QVU=
Subject key identifier: 0B:C9:D8:D9:68:22:8E:E6:E8:E6:DC:ED:83:12:4D:9A:88:62:6C:06
Certificate issuer: /CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83
Certificate serial: 018CC56ED4FF57200ECE60BC3A7B5EBFBD29
Authority key identifier: 22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/C8nY2Wgijubo5tztgxJNmohibAY.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 31.14.162.0/24 maxlen: 24
31.14.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.mft
rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d4:ff:57:20:0e:ce:60:bc:3a:7b:5e:bf:bd:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bc9d8d968228ee6e8e6dced83124d9a88626c06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:64:60:cd:0a:bf:bd:f8:f5:fe:7c:23:36:d8:
e8:b4:c5:c3:89:a8:4b:b0:a9:86:74:c0:cf:2d:a9:
72:be:d7:0b:99:29:2e:48:90:dd:ec:23:e6:0c:d2:
e8:4f:77:25:1f:d9:a7:66:ee:56:41:0d:15:5c:4f:
5a:b7:51:16:e6:6f:05:1c:e2:4e:3a:2f:81:b8:25:
62:66:e0:48:9e:30:6e:b3:04:fd:1c:17:d1:37:aa:
73:48:be:66:a2:60:91:02:6e:ee:b5:85:ea:12:45:
f4:97:a8:17:a8:f8:a9:7e:5c:a8:a8:ba:8c:74:d6:
df:79:ef:6c:95:3b:3f:0b:0a:17:51:3a:f9:7b:5a:
15:0c:65:fb:fd:4f:6a:d6:fc:6b:f5:59:f3:cd:38:
ac:f0:ef:2d:cf:ed:06:fb:22:d1:6a:34:1c:69:60:
4b:ff:94:84:75:6e:8c:9f:ca:fa:6f:93:23:33:03:
dd:e1:e4:4d:ab:33:a4:1d:2a:f2:b9:a1:af:c8:48:
4e:18:5c:2a:91:82:b6:26:e9:1e:63:fe:9d:d3:27:
9e:d3:ad:32:d3:54:48:2d:73:a3:cb:4e:68:05:fb:
95:4b:99:cc:28:80:d2:55:93:d5:65:63:ac:26:91:
ff:6f:71:e6:9b:62:e4:05:55:74:8e:da:8f:69:fc:
26:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C9:D8:D9:68:22:8E:E6:E8:E6:DC:ED:83:12:4D:9A:88:62:6C:06
X509v3 Authority Key Identifier:
keyid:22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/C8nY2Wgijubo5tztgxJNmohibAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.9.0/24
31.14.162.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:f7:d5:b3:af:d4:f8:c0:a6:a5:1d:f0:5a:b8:2e:03:4a:72:
97:eb:9c:2b:01:38:50:0a:d5:14:3b:3e:31:29:74:54:11:90:
6c:f4:09:1c:69:a6:79:b0:74:92:30:90:8f:2d:6c:5c:ef:6e:
4f:3a:cf:21:9a:dc:88:d6:b3:c9:d9:2c:4c:1e:30:46:14:37:
e2:59:a4:86:e1:65:93:61:a9:9b:38:e3:15:4c:18:a2:6a:cc:
e5:b1:e2:e8:4f:d2:9f:66:83:ab:2a:e3:98:47:65:c2:55:93:
40:4f:8b:13:2d:94:ca:72:ff:a6:ae:f4:95:12:86:65:c3:da:
06:c4:7f:85:75:7c:d2:0c:af:93:8e:bf:38:07:79:74:ad:52:
dc:7c:95:80:96:b7:84:df:bf:d3:83:5a:a1:16:7e:91:cd:d5:
0c:66:95:a7:00:91:aa:2f:6e:0d:35:3d:20:72:00:a2:68:71:
c0:8b:16:33:00:30:7e:3e:92:93:bc:c2:47:e4:fd:15:d7:17:
c0:c6:99:87:3e:a7:0c:9c:84:66:66:df:78:ad:1f:7e:ce:5d:
d2:af:77:c1:a4:8c:4e:6a:65:64:5e:34:67:44:53:c0:3b:73:
b5:f7:56:6c:ff:6b:ef:07:85:37:cf:73:f8:01:7a:2c:70:6e:
53:83:d2:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbtT/VyAOzmC8Ontev70pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMmM0NTg1YmQ4OGZiMjdjYWRmMjllZTViYjk1ZDY1NzVm
Y2VmODMwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmM5ZDhkOTY4MjI4ZWU2ZThlNmRjZWQ4MzEyNGQ5YTg4NjI2YzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2RgzQq/vfj1/nwjNtjotMXDiahL
sKmGdMDPLalyvtcLmSkuSJDd7CPmDNLoT3clH9mnZu5WQQ0VXE9at1EW5m8FHOJO
Oi+BuCViZuBInjBuswT9HBfRN6pzSL5momCRAm7utYXqEkX0l6gXqPipflyoqLqM
dNbfee9slTs/CwoXUTr5e1oVDGX7/U9q1vxr9VnzzTis8O8tz+0G+yLRajQcaWBL
/5SEdW6Mn8r6b5MjMwPd4eRNqzOkHSryuaGvyEhOGFwqkYK2JukeY/6d0yee060y
01RILXOjy05oBfuVS5nMKIDSVZPVZWOsJpH/b3Hmm2LkBVV0jtqPafwmjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAvJ2NloIo7m6Obc7YMSTZqIYmwGMB8GA1UdIwQY
MBaAFCIsRYW9iPsnyt8p7lu5XWV1/O+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUt
YzY0N2E4YzFkZGZhLzEvQzhuWTJXZ2lqdWJvNXR6dGd4Sk5tb2hpYkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUtYzY0N2E4YzFkZGZh
LzEvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw4JAwQA
Hw6iMA0GCSqGSIb3DQEBCwUAA4IBAQAv99Wzr9T4wKalHfBauC4DSnKX65wrAThQ
CtUUOz4xKXRUEZBs9AkcaaZ5sHSSMJCPLWxc725POs8hmtyI1rPJ2SxMHjBGFDfi
WaSG4WWTYambOOMVTBiiaszlseLoT9KfZoOrKuOYR2XCVZNAT4sTLZTKcv+mrvSV
EoZlw9oGxH+FdXzSDK+Tjr84B3l0rVLcfJWAlreE37/Tg1qhFn6RzdUMZpWnAJGq
L24NNT0gcgCiaHHAixYzADB+PpKTvMJH5P0V1xfAxpmHPqcMnIRmZt94rR9+zl3S
r3fBpIxOamVkXjRnRFPAO3O191Zs/2vvB4U3z3P4AXoscG5Tg9Jr
-----END CERTIFICATE-----
Generated at Thu May 2 08:27:07 2024 by rpki-client on console-ams.rpki-client.org