Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/ClDcFvfFZsJpfWLbi8FA2h8L3cA.roa
File: ClDcFvfFZsJpfWLbi8FA2h8L3cA.roa (raw, json)
Hash identifier: batag3u+T/0kmHLLgyXcLSn64IVlooSb6lcdJ/n6UcQ=
Subject key identifier: 0A:50:DC:16:F7:C5:66:C2:69:7D:62:DB:8B:C1:40:DA:1F:0B:DD:C0
Certificate issuer: /CN=453f8ca684037c5433a4b4406211b31d76e13eab
Certificate serial: 018CC9BC95E3A6539B6CEF8943412C704D67
Authority key identifier: 45:3F:8C:A6:84:03:7C:54:33:A4:B4:40:62:11:B3:1D:76:E1:3E:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT-MpoQDfFQzpLRAYhGzHXbhPqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/ClDcFvfFZsJpfWLbi8FA2h8L3cA.roa
Signing time: Tue 02 Jan 2024 10:33:48 +0000
ROA not before: Tue 02 Jan 2024 10:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56704
IP address blocks: 31.15.112.0/21 maxlen: 21
185.154.117.0/24 maxlen: 24
185.154.116.0/22 maxlen: 24
2a03:eb80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/RT-MpoQDfFQzpLRAYhGzHXbhPqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/RT-MpoQDfFQzpLRAYhGzHXbhPqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT-MpoQDfFQzpLRAYhGzHXbhPqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:95:e3:a6:53:9b:6c:ef:89:43:41:2c:70:4d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f8ca684037c5433a4b4406211b31d76e13eab
Validity
Not Before: Jan 2 10:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a50dc16f7c566c2697d62db8bc140da1f0bddc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8f:22:a3:5f:56:1e:de:4b:b0:ea:8a:51:af:
4a:6f:1b:c4:fe:27:98:b0:f0:5d:b1:e9:d3:cb:16:
b5:6f:fc:17:5f:8a:1e:c5:af:d5:96:74:7c:ef:8a:
39:19:2b:48:3d:bf:28:93:49:43:ac:35:fa:fa:98:
7a:64:63:ce:eb:a9:08:da:67:36:40:31:8d:32:40:
b2:20:47:80:3c:0d:e3:93:69:72:87:53:90:10:18:
31:0d:2c:bf:4e:13:92:60:28:c4:a0:b5:46:d9:2a:
af:e0:06:62:2c:2f:a4:73:9b:f5:ba:e0:99:e7:7c:
58:26:14:16:b7:61:38:cf:b5:d1:9f:c1:df:4d:7a:
5d:5c:45:1e:c4:43:f2:41:ba:f1:d4:4b:97:68:e9:
75:5e:3d:2e:ad:0c:8f:7d:6a:c9:a8:36:ac:de:ca:
15:7c:01:d4:67:65:3e:64:7d:a9:43:8f:d1:41:20:
7e:ac:c0:bd:bc:c8:69:c4:60:5f:bc:3e:70:30:72:
50:1c:fd:f2:68:21:fb:4e:90:73:4e:63:c1:68:41:
64:da:07:cc:07:ce:58:ca:9a:88:ae:62:3c:56:6f:
95:e8:c8:c9:58:84:10:ee:7a:21:db:28:c2:16:f2:
7a:11:6e:9d:06:02:9e:65:f3:3c:be:b7:e7:7a:f5:
ef:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:50:DC:16:F7:C5:66:C2:69:7D:62:DB:8B:C1:40:DA:1F:0B:DD:C0
X509v3 Authority Key Identifier:
keyid:45:3F:8C:A6:84:03:7C:54:33:A4:B4:40:62:11:B3:1D:76:E1:3E:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT-MpoQDfFQzpLRAYhGzHXbhPqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/ClDcFvfFZsJpfWLbi8FA2h8L3cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2dc208-6912-4a12-8dbb-dbb69f284f23/1/RT-MpoQDfFQzpLRAYhGzHXbhPqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.112.0/21
185.154.116.0/22
IPv6:
2a03:eb80::/32
Signature Algorithm: sha256WithRSAEncryption
6d:11:a2:31:1e:04:c8:23:5e:74:4a:b1:c3:e3:2b:86:ca:c0:
70:72:d4:d3:4f:16:8f:66:79:61:14:20:b0:b7:7a:05:4b:4c:
47:a0:bc:46:18:ea:99:c2:22:8f:65:dc:5a:f5:ae:be:78:69:
2e:df:a2:88:f6:69:c6:59:b3:e4:48:13:f5:6f:f6:2f:91:9b:
0f:85:c1:55:e6:17:da:f6:6e:ca:96:86:e8:d7:f9:46:cd:a6:
99:53:30:17:ee:21:b6:1e:61:74:1b:ed:e6:52:f4:75:74:d7:
3e:1d:d3:16:9e:da:c0:65:c8:f6:67:8f:39:9b:da:29:05:6f:
80:7b:c3:a1:1a:e2:ef:57:af:5b:c8:8d:82:e5:b5:ba:54:0e:
94:f3:65:de:eb:e0:da:ba:bc:cd:56:26:70:8e:1f:a2:2c:76:
5c:df:4e:cc:06:5a:49:e6:d6:31:5b:1a:4c:a3:14:6e:83:f3:
11:83:11:c7:f4:fb:23:0c:0a:34:d6:90:41:a9:aa:38:2e:a7:
0d:71:aa:e2:e3:9c:46:c9:68:20:21:c9:88:65:80:67:11:ea:
2b:33:e3:c7:d1:3c:84:cc:94:aa:52:e0:d5:29:c2:2c:33:8c:
79:93:45:04:c3:cf:25:7b:3f:bb:76:f0:36:b7:14:67:c3:09:
56:c8:ac:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvJXjplObbO+JQ0EscE1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1M2Y4Y2E2ODQwMzdjNTQzM2E0YjQ0MDYyMTFiMzFkNzZl
MTNlYWIwHhcNMjQwMTAyMTAzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTUwZGMxNmY3YzU2NmMyNjk3ZDYyZGI4YmMxNDBkYTFmMGJkZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA248io19WHt5LsOqKUa9KbxvE/ieY
sPBdsenTyxa1b/wXX4oexa/VlnR874o5GStIPb8ok0lDrDX6+ph6ZGPO66kI2mc2
QDGNMkCyIEeAPA3jk2lyh1OQEBgxDSy/ThOSYCjEoLVG2Sqv4AZiLC+kc5v1uuCZ
53xYJhQWt2E4z7XRn8HfTXpdXEUexEPyQbrx1EuXaOl1Xj0urQyPfWrJqDas3soV
fAHUZ2U+ZH2pQ4/RQSB+rMC9vMhpxGBfvD5wMHJQHP3yaCH7TpBzTmPBaEFk2gfM
B85YypqIrmI8Vm+V6MjJWIQQ7noh2yjCFvJ6EW6dBgKeZfM8vrfnevXv4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFApQ3Bb3xWbCaX1i24vBQNofC93AMB8GA1UdIwQY
MBaAFEU/jKaEA3xUM6S0QGIRsx124T6rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlQtTXBvUURmRlF6cExSQVloR3pIWGJoUHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8yZGMyMDgtNjkxMi00YTEyLThkYmIt
ZGJiNjlmMjg0ZjIzLzEvQ2xEY0Z2ZkZac0pwZldMYmk4RkEyaDhMM2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8yZGMyMDgtNjkxMi00YTEyLThkYmItZGJiNjlmMjg0ZjIz
LzEvUlQtTXBvUURmRlF6cExSQVloR3pIWGJoUHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHw9wAwQC
uZp0MA0EAgACMAcDBQAqA+uAMA0GCSqGSIb3DQEBCwUAA4IBAQBtEaIxHgTII150
SrHD4yuGysBwctTTTxaPZnlhFCCwt3oFS0xHoLxGGOqZwiKPZdxa9a6+eGku36KI
9mnGWbPkSBP1b/YvkZsPhcFV5hfa9m7Klobo1/lGzaaZUzAX7iG2HmF0G+3mUvR1
dNc+HdMWntrAZcj2Z485m9opBW+Ae8OhGuLvV69byI2C5bW6VA6U82Xe6+DaurzN
ViZwjh+iLHZc307MBlpJ5tYxWxpMoxRug/MRgxHH9PsjDAo01pBBqao4LqcNcari
45xGyWggIcmIZYBnEeorM+PH0TyEzJSqUuDVKcIsM4x5k0UEw88lez+7dvA2txRn
wwlWyKwi
-----END CERTIFICATE-----
Generated at Sat Sep 28 12:42:47 2024 by rpki-client on console-ams.rpki-client.org