Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aHxVuqPZZdtp5xhp3m7rrnEIdFY.roa
File: aHxVuqPZZdtp5xhp3m7rrnEIdFY.roa (raw, json)
Hash identifier: r8JCh2ovUIsdu+/HmP/oo/xDOh75G5lAyhVzb4g7KOc=
Subject key identifier: 68:7C:55:BA:A3:D9:65:DB:69:E7:18:69:DE:6E:EB:AE:71:08:74:56
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190A6A5FECE1749C951584A93E212D99BD9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aHxVuqPZZdtp5xhp3m7rrnEIdFY.roa
Signing time: Fri 12 Jul 2024 11:13:34 +0000
ROA not before: Fri 12 Jul 2024 11:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42794
IP address blocks: 31.13.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a6:a5:fe:ce:17:49:c9:51:58:4a:93:e2:12:d9:9b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 12 11:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=687c55baa3d965db69e71869de6eebae71087456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a3:75:d1:47:3e:71:ef:43:1d:29:fc:c4:ac:
6a:f8:9f:f1:fb:31:9f:0d:3a:4a:9e:eb:6e:12:ef:
e0:49:89:ff:14:bf:57:83:7e:4c:10:dd:1d:54:4c:
ae:6d:79:88:cd:f5:a3:5a:ca:4e:19:84:e5:4d:e3:
b1:5f:6f:1d:13:6e:91:85:ce:2e:74:13:bd:9c:13:
e6:b9:46:f5:f4:f0:e9:92:db:cf:38:49:97:d5:06:
5c:8f:a6:59:52:2a:50:3c:ad:46:02:a4:3f:41:d4:
64:a8:de:18:a9:c6:0b:a1:d3:71:4e:e8:51:2b:fc:
15:22:03:ad:be:60:6a:d3:a0:ad:35:39:19:18:0f:
49:16:2a:cf:f1:e9:9d:a1:f4:4f:d1:1a:03:8b:d9:
51:fd:d8:b4:45:0d:b2:01:5f:80:0c:d9:9e:33:ad:
9d:98:e7:e1:84:c7:2e:a4:ae:8f:42:51:ac:c4:74:
b1:46:38:cf:b0:c5:1e:33:a9:d7:29:52:1d:f9:ef:
9d:84:55:bb:a9:23:a1:51:f5:32:e9:42:7d:ae:b2:
3a:92:b7:af:3a:da:bd:0c:37:f7:72:31:ca:29:ea:
41:2c:7e:03:dd:29:d8:4d:fb:c9:7e:18:a9:bf:04:
08:3c:29:57:c0:e6:e3:0b:6c:d9:66:5b:77:6e:fc:
9e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7C:55:BA:A3:D9:65:DB:69:E7:18:69:DE:6E:EB:AE:71:08:74:56
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aHxVuqPZZdtp5xhp3m7rrnEIdFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.198.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:e3:b8:3e:00:13:07:b0:9a:2d:51:6d:a3:85:12:1d:9d:9d:
a6:65:9c:40:74:56:7c:e0:18:fe:43:20:90:f0:a9:03:dc:2d:
58:ff:8a:34:3f:b1:83:24:ac:a6:0c:f9:5b:00:b0:35:3a:3d:
4d:ba:85:13:21:7a:65:6e:9f:95:43:3f:49:16:e3:be:9b:cf:
4b:ce:a4:44:6d:b4:44:93:a1:43:40:fb:9f:80:47:b4:22:31:
e7:97:e4:18:96:eb:31:01:89:05:86:fb:fd:21:ed:75:32:c0:
6f:bf:79:e7:85:ed:17:f6:fa:5e:0c:fc:83:f8:6b:7d:de:c7:
fb:8a:be:a8:1d:2c:fe:70:95:7a:7d:93:27:75:6e:88:0d:92:
ba:de:d8:85:51:ce:e4:ee:84:0a:4f:44:83:e3:34:3b:bb:c7:
12:20:09:19:f1:b9:c2:85:20:67:a3:90:38:d5:17:8a:97:c6:
0e:ee:0b:57:61:68:a2:dd:c5:ae:5f:8c:c9:96:48:40:ea:00:
ab:ad:b1:52:c3:a4:8a:2a:c0:90:c2:35:85:6f:53:96:58:67:
5f:4e:f8:35:34:7a:71:8f:d0:82:38:67:a7:9b:91:8a:fa:4e:
16:bb:cc:e6:43:7d:14:83:60:95:d0:82:d3:e9:ec:21:5b:19:
3e:6a:1b:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZCmpf7OF0nJUVhKk+IS2ZvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzEyMTExMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODdjNTViYWEzZDk2NWRiNjllNzE4NjlkZTZlZWJhZTcxMDg3NDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqN10Uc+ce9DHSn8xKxq+J/x+zGf
DTpKnutuEu/gSYn/FL9Xg35MEN0dVEyubXmIzfWjWspOGYTlTeOxX28dE26Rhc4u
dBO9nBPmuUb19PDpktvPOEmX1QZcj6ZZUipQPK1GAqQ/QdRkqN4YqcYLodNxTuhR
K/wVIgOtvmBq06CtNTkZGA9JFirP8emdofRP0RoDi9lR/di0RQ2yAV+ADNmeM62d
mOfhhMcupK6PQlGsxHSxRjjPsMUeM6nXKVId+e+dhFW7qSOhUfUy6UJ9rrI6krev
Otq9DDf3cjHKKepBLH4D3SnYTfvJfhipvwQIPClXwObjC2zZZlt3bvyelwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGh8Vbqj2WXbaecYad5u665xCHRWMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYUh4VnVxUFpaZHRwNXhocDNtN3JybkVJZEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw3GMA0G
CSqGSIb3DQEBCwUAA4IBAQBd47g+ABMHsJotUW2jhRIdnZ2mZZxAdFZ84Bj+QyCQ
8KkD3C1Y/4o0P7GDJKymDPlbALA1Oj1NuoUTIXplbp+VQz9JFuO+m89LzqREbbRE
k6FDQPufgEe0IjHnl+QYlusxAYkFhvv9Ie11MsBvv3nnhe0X9vpeDPyD+Gt93sf7
ir6oHSz+cJV6fZMndW6IDZK63tiFUc7k7oQKT0SD4zQ7u8cSIAkZ8bnChSBno5A4
1ReKl8YO7gtXYWii3cWuX4zJlkhA6gCrrbFSw6SKKsCQwjWFb1OWWGdfTvg1NHpx
j9CCOGenm5GK+k4Wu8zmQ30Ug2CV0ILT6ewhWxk+ahtz
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:05:57 2024 by rpki-client on console-fra.rpki-client.org