Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/onRSN487Z3F6FKkX0v711AYiJMk.roa
File: onRSN487Z3F6FKkX0v711AYiJMk.roa (raw, json)
Hash identifier: RsEWfE6I4p5GpwQB8eX07jCz2vkomr/rb35BWNwr+zQ=
Subject key identifier: A2:74:52:37:8F:3B:67:71:7A:14:A9:17:D2:FE:F5:D4:06:22:24:C9
Certificate issuer: /CN=b391ec497b64d611249fde597a5ee87e9337d5ee
Certificate serial: 018D6C4C7D954A9AB163011BF71FC949212B
Authority key identifier: B3:91:EC:49:7B:64:D6:11:24:9F:DE:59:7A:5E:E8:7E:93:37:D5:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s5HsSXtk1hEkn95Zel7ofpM31e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/onRSN487Z3F6FKkX0v711AYiJMk.roa
Signing time: Sat 03 Feb 2024 00:09:28 +0000
ROA not before: Sat 03 Feb 2024 00:09:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210893
IP address blocks: 31.41.250.0/24 maxlen: 24
2a11:2c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/s5HsSXtk1hEkn95Zel7ofpM31e4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/s5HsSXtk1hEkn95Zel7ofpM31e4.mft
rsync://rpki.ripe.net/repository/DEFAULT/s5HsSXtk1hEkn95Zel7ofpM31e4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6c:4c:7d:95:4a:9a:b1:63:01:1b:f7:1f:c9:49:21:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b391ec497b64d611249fde597a5ee87e9337d5ee
Validity
Not Before: Feb 3 00:09:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a27452378f3b67717a14a917d2fef5d4062224c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d8:2c:24:72:41:ec:95:52:12:2c:f3:06:9d:
0e:72:a9:7d:56:c2:1e:e5:31:0f:63:11:cb:c1:58:
7b:c6:aa:93:e4:91:6d:43:8a:a5:07:a0:45:91:1f:
30:5a:57:10:32:72:9f:7a:21:00:5e:9f:05:71:4e:
80:67:4e:85:10:5b:b6:ce:8c:cb:1e:16:b4:57:df:
e6:a8:fa:10:79:1f:f1:27:be:5a:dd:13:0d:1a:5c:
6b:97:62:03:3b:57:cb:f3:b3:12:30:a7:c2:19:fa:
59:57:6c:e0:31:08:bd:03:9a:9a:32:1b:04:76:b4:
0b:c9:5c:94:6e:8e:e8:13:c2:b7:43:9a:78:94:a6:
06:1c:0c:3e:b0:23:e2:d4:5f:93:28:e2:90:28:e5:
54:09:97:78:cb:01:8d:df:bb:35:3a:3c:11:52:31:
66:b3:01:40:71:07:ed:76:7f:07:66:0c:0b:9d:0c:
29:4d:98:1a:c6:c0:00:59:ff:8d:1f:fc:6a:45:25:
ac:f3:9c:c1:e4:f0:11:ee:78:8d:f6:f0:60:87:8a:
a1:ee:98:ec:9a:60:b5:36:28:3d:f5:97:39:2e:d2:
fd:fb:fe:7c:6f:c5:00:06:64:c7:b8:89:bc:89:0b:
72:14:e1:3f:cd:2b:31:fb:88:ac:8e:53:df:5b:67:
4f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:74:52:37:8F:3B:67:71:7A:14:A9:17:D2:FE:F5:D4:06:22:24:C9
X509v3 Authority Key Identifier:
keyid:B3:91:EC:49:7B:64:D6:11:24:9F:DE:59:7A:5E:E8:7E:93:37:D5:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5HsSXtk1hEkn95Zel7ofpM31e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/onRSN487Z3F6FKkX0v711AYiJMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/6dc121-0a6f-45ad-8af9-e1a4293520be/1/s5HsSXtk1hEkn95Zel7ofpM31e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.250.0/24
IPv6:
2a11:2c80::/29
Signature Algorithm: sha256WithRSAEncryption
8e:3a:5f:3c:58:f4:e9:d2:86:8f:4d:b2:42:81:06:20:be:25:
2e:ed:07:a5:e6:d4:cf:86:da:95:84:a7:d7:d1:63:6d:92:a3:
cc:95:70:e1:11:89:9c:29:4e:3d:8f:78:e7:22:72:53:a8:bc:
ad:2c:7f:a2:a1:ae:d5:05:31:52:eb:c1:ba:0d:19:f6:0f:b1:
fa:42:c4:dd:1c:fc:ca:d2:b8:19:c8:82:2e:05:8c:4c:ac:38:
e2:d8:b3:a8:3d:f5:a5:ac:74:0a:43:22:86:f6:00:88:ec:f7:
3c:86:ba:3e:fc:6d:33:4c:f6:6e:47:9d:d7:82:8e:9f:e1:ea:
7c:4d:20:aa:38:58:64:81:42:13:bf:e6:cb:e4:32:53:96:61:
0e:5e:c4:be:30:5e:0e:bd:48:42:89:44:11:84:56:dd:2e:cf:
ce:8f:0c:fd:6e:94:73:c6:5e:14:d2:1d:9c:8d:cf:e7:27:a7:
a1:7b:3a:d4:e4:46:55:51:3c:43:12:19:75:ec:66:33:ed:9f:
9e:f9:5f:a0:fe:f7:38:be:ff:65:76:46:bc:32:86:d2:4d:0a:
10:ad:ff:15:01:98:ce:65:c7:9f:03:b6:a1:52:36:67:75:2c:
9d:e8:6c:81:ac:a7:3f:78:fb:9d:b8:97:76:d3:f0:4e:1e:2b:
e6:dd:3b:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1sTH2VSpqxYwEb9x/JSSErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOTFlYzQ5N2I2NGQ2MTEyNDlmZGU1OTdhNWVlODdlOTMz
N2Q1ZWUwHhcNMjQwMjAzMDAwOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjc0NTIzNzhmM2I2NzcxN2ExNGE5MTdkMmZlZjVkNDA2MjIyNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdgsJHJB7JVSEizzBp0Ocql9VsIe
5TEPYxHLwVh7xqqT5JFtQ4qlB6BFkR8wWlcQMnKfeiEAXp8FcU6AZ06FEFu2zozL
Hha0V9/mqPoQeR/xJ75a3RMNGlxrl2IDO1fL87MSMKfCGfpZV2zgMQi9A5qaMhsE
drQLyVyUbo7oE8K3Q5p4lKYGHAw+sCPi1F+TKOKQKOVUCZd4ywGN37s1OjwRUjFm
swFAcQftdn8HZgwLnQwpTZgaxsAAWf+NH/xqRSWs85zB5PAR7niN9vBgh4qh7pjs
mmC1Nig99Zc5LtL9+/58b8UABmTHuIm8iQtyFOE/zSsx+4isjlPfW2dPaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKJ0UjePO2dxehSpF9L+9dQGIiTJMB8GA1UdIwQY
MBaAFLOR7El7ZNYRJJ/eWXpe6H6TN9XuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczVIc1NYdGsxaEVrbjk1WmVsN29mcE0zMWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi82ZGMxMjEtMGE2Zi00NWFkLThhZjkt
ZTFhNDI5MzUyMGJlLzEvb25SU040ODdaM0Y2RktrWDB2NzExQVlpSk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi82ZGMxMjEtMGE2Zi00NWFkLThhZjktZTFhNDI5MzUyMGJl
LzEvczVIc1NYdGsxaEVrbjk1WmVsN29mcE0zMWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHyn6MA0E
AgACMAcDBQMqESyAMA0GCSqGSIb3DQEBCwUAA4IBAQCOOl88WPTp0oaPTbJCgQYg
viUu7Qel5tTPhtqVhKfX0WNtkqPMlXDhEYmcKU49j3jnInJTqLytLH+ioa7VBTFS
68G6DRn2D7H6QsTdHPzK0rgZyIIuBYxMrDji2LOoPfWlrHQKQyKG9gCI7Pc8hro+
/G0zTPZuR53Xgo6f4ep8TSCqOFhkgUITv+bL5DJTlmEOXsS+MF4OvUhCiUQRhFbd
Ls/Ojwz9bpRzxl4U0h2cjc/nJ6ehezrU5EZVUTxDEhl17GYz7Z+e+V+g/vc4vv9l
dka8MobSTQoQrf8VAZjOZcefA7ahUjZndSyd6GyBrKc/ePuduJd20/BOHivm3TvV
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:15:13 2024 by rpki-client on console-ams.rpki-client.org