Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/Oay6CTj09MhAuCoBkDxhASw-B8s.roa
File: Oay6CTj09MhAuCoBkDxhASw-B8s.roa (raw, json)
Hash identifier: zUJbBsZJdhrhV+1n/L352wUDoXQJrQVKNe0bi+aXz2s=
Subject key identifier: 39:AC:BA:09:38:F4:F4:C8:40:B8:2A:01:90:3C:61:01:2C:3E:07:CB
Certificate issuer: /CN=6264318c1aaa7ca0603155a883d43926ef97e87c
Certificate serial: 018F065280D4ECC4D1E1D376C7D9F2F22939
Authority key identifier: 62:64:31:8C:1A:AA:7C:A0:60:31:55:A8:83:D4:39:26:EF:97:E8:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/Oay6CTj09MhAuCoBkDxhASw-B8s.roa
Signing time: Mon 22 Apr 2024 15:00:21 +0000
ROA not before: Mon 22 Apr 2024 15:00:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56616
IP address blocks: 31.7.88.0/22 maxlen: 24
31.7.88.0/23 maxlen: 23
31.7.90.0/23 maxlen: 23
185.116.20.0/22 maxlen: 24
185.116.20.0/23 maxlen: 23
185.116.22.0/23 maxlen: 23
2a0a:d340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.mft
rsync://rpki.ripe.net/repository/DEFAULT/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 18:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:52:80:d4:ec:c4:d1:e1:d3:76:c7:d9:f2:f2:29:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6264318c1aaa7ca0603155a883d43926ef97e87c
Validity
Not Before: Apr 22 15:00:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39acba0938f4f4c840b82a01903c61012c3e07cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:13:32:d0:0f:6c:cf:df:a2:f7:3b:43:5a:64:
ed:80:78:17:07:4e:84:a7:46:03:e0:b0:e2:5a:58:
63:58:94:56:e3:6e:09:ab:61:fe:9d:30:e3:89:18:
30:68:55:82:4c:06:0b:21:f8:c6:0e:48:fa:69:ac:
c3:ce:73:7b:47:e1:80:92:2f:e3:5e:4a:c1:29:aa:
a7:0a:10:05:67:58:24:4c:8a:a6:1f:c5:2f:e6:b9:
81:8f:f1:60:73:c1:65:eb:37:2c:76:ff:cb:b2:a0:
0e:36:aa:5b:ca:e4:af:0d:6f:30:db:7e:ae:e9:fd:
47:86:a5:4f:26:34:83:c2:ca:99:3b:22:1c:a7:91:
4d:4f:55:e1:e6:ba:92:2e:03:cf:e9:00:a8:f8:7b:
61:79:b6:58:34:76:15:00:27:1a:8b:2f:62:43:b3:
17:6c:c5:39:7c:f3:d9:3c:33:8a:51:f9:7f:52:5d:
f0:ca:e4:b8:68:21:6d:38:a0:9d:18:e1:41:dd:48:
2a:70:cd:00:c1:d5:55:85:60:07:46:54:11:5c:8a:
bf:e6:de:eb:25:36:0f:17:40:57:00:fe:a3:a2:f8:
a1:9f:f8:33:01:15:12:1e:7e:35:5f:bf:46:89:37:
9e:d4:9c:57:6f:98:18:a5:79:fc:b3:27:ea:47:22:
63:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:AC:BA:09:38:F4:F4:C8:40:B8:2A:01:90:3C:61:01:2C:3E:07:CB
X509v3 Authority Key Identifier:
keyid:62:64:31:8C:1A:AA:7C:A0:60:31:55:A8:83:D4:39:26:EF:97:E8:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/Oay6CTj09MhAuCoBkDxhASw-B8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.88.0/22
185.116.20.0/22
IPv6:
2a0a:d340::/29
Signature Algorithm: sha256WithRSAEncryption
68:fb:8f:73:53:77:10:63:81:f4:bb:c0:28:27:80:83:6b:41:
f1:84:02:4a:fd:0b:24:c8:b1:55:8d:e1:89:a6:7d:f1:99:d8:
3a:82:98:30:2d:4f:57:a7:d2:6f:c7:04:b7:f1:7e:98:e3:ce:
1e:e5:ed:6d:3a:b3:68:56:0d:ad:5f:ab:56:52:84:d4:df:82:
d5:3e:7c:70:2e:72:c8:ba:a6:11:4e:1c:ff:1c:07:f3:51:04:
0f:6b:1d:2c:ac:48:7e:d8:9e:e7:ba:ed:45:6d:ba:f0:d7:35:
40:ae:45:5d:6e:c1:8a:86:6b:86:a5:95:21:8c:51:56:ab:5b:
c2:06:41:02:c5:42:32:be:39:29:7e:7e:1a:75:90:ae:94:56:
10:b3:ba:ca:87:fb:4a:27:a5:81:19:a5:7d:d6:bf:e2:44:36:
ae:26:3d:08:8b:12:79:c8:0c:7f:65:1f:50:b8:24:15:fc:e3:
57:66:51:a5:b0:75:5f:c7:ee:29:10:fd:fe:f7:af:28:84:43:
24:c2:95:45:a1:60:07:35:28:1a:d5:57:1d:0b:4e:e0:d8:61:
6e:02:dc:ed:30:57:b7:16:61:d0:20:bb:21:4a:f0:6c:e0:5a:
5f:40:c7:d4:86:cf:2e:20:55:11:13:6a:40:74:4a:64:0a:c2:
bf:07:08:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY8GUoDU7MTR4dN2x9ny8ik5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNjQzMThjMWFhYTdjYTA2MDMxNTVhODgzZDQzOTI2ZWY5
N2U4N2MwHhcNMjQwNDIyMTUwMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWFjYmEwOTM4ZjRmNGM4NDBiODJhMDE5MDNjNjEwMTJjM2UwN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihMy0A9sz9+i9ztDWmTtgHgXB06E
p0YD4LDiWlhjWJRW424Jq2H+nTDjiRgwaFWCTAYLIfjGDkj6aazDznN7R+GAki/j
XkrBKaqnChAFZ1gkTIqmH8Uv5rmBj/Fgc8Fl6zcsdv/LsqAONqpbyuSvDW8w236u
6f1HhqVPJjSDwsqZOyIcp5FNT1Xh5rqSLgPP6QCo+HthebZYNHYVACcaiy9iQ7MX
bMU5fPPZPDOKUfl/Ul3wyuS4aCFtOKCdGOFB3UgqcM0AwdVVhWAHRlQRXIq/5t7r
JTYPF0BXAP6jovihn/gzARUSHn41X79GiTee1JxXb5gYpXn8syfqRyJj0QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDmsugk49PTIQLgqAZA8YQEsPgfLMB8GA1UdIwQY
MBaAFGJkMYwaqnygYDFVqIPUOSbvl+h8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1ReGpCcXFmS0JnTVZXb2c5UTVKdS1YNkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9mNmI2NDItODcyYi00YjdkLWJkNmEt
YjkxYTI3MDU1MjA0LzEvT2F5NkNUajA5TWhBdUNvQmtEeGhBU3ctQjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9mNmI2NDItODcyYi00YjdkLWJkNmEtYjkxYTI3MDU1MjA0
LzEvWW1ReGpCcXFmS0JnTVZXb2c5UTVKdS1YNkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCHwdYAwQC
uXQUMA0EAgACMAcDBQMqCtNAMA0GCSqGSIb3DQEBCwUAA4IBAQBo+49zU3cQY4H0
u8AoJ4CDa0HxhAJK/QskyLFVjeGJpn3xmdg6gpgwLU9Xp9JvxwS38X6Y484e5e1t
OrNoVg2tX6tWUoTU34LVPnxwLnLIuqYRThz/HAfzUQQPax0srEh+2J7nuu1Fbbrw
1zVArkVdbsGKhmuGpZUhjFFWq1vCBkECxUIyvjkpfn4adZCulFYQs7rKh/tKJ6WB
GaV91r/iRDauJj0IixJ5yAx/ZR9QuCQV/ONXZlGlsHVfx+4pEP3+968ohEMkwpVF
oWAHNSga1VcdC07g2GFuAtztMFe3FmHQILshSvBs4FpfQMfUhs8uIFURE2pAdEpk
CsK/Bwhx
-----END CERTIFICATE-----
Generated at Sun Jun 23 02:27:23 2024 by rpki-client on console-ams.rpki-client.org