Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pPEFXWsSafh2xSt6G5fZAXLl0vg.roa
File: pPEFXWsSafh2xSt6G5fZAXLl0vg.roa (raw, json)
Hash identifier: OBAKj7YKEmiwWOn6pG11gG4GqmGJDOnPPgPjPYWIX+k=
Subject key identifier: A4:F1:05:5D:6B:12:69:F8:76:C5:2B:7A:1B:97:D9:01:72:E5:D2:F8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD0BFD81BA14109ADE9081D2108CAC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pPEFXWsSafh2xSt6G5fZAXLl0vg.roa
Signing time: Tue 02 Jan 2024 06:29:38 +0000
ROA not before: Tue 02 Jan 2024 06:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210211
IP address blocks: 87.121.41.0/24 maxlen: 24
87.121.40.0/24 maxlen: 24
31.13.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:0b:fd:81:ba:14:10:9a:de:90:81:d2:10:8c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4f1055d6b1269f876c52b7a1b97d90172e5d2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:8b:b5:75:84:f9:cd:8d:f8:f8:6b:86:2a:27:
88:3d:91:03:46:11:14:b5:da:75:2e:3d:ca:b3:cc:
7a:8c:79:e2:6f:fa:5c:a8:95:bd:14:4f:1e:6b:60:
2a:ba:91:88:8c:21:f3:3a:b0:52:58:c8:b0:b5:8b:
bb:c5:7b:24:89:4b:ce:72:0d:80:73:91:5d:8c:39:
50:8a:a0:f1:04:75:df:37:b5:4b:1c:9e:49:26:d4:
23:d5:fa:94:c4:39:3b:33:e2:ca:b1:65:29:d7:b9:
fb:31:c5:92:d2:03:8d:99:3f:48:c9:33:0d:43:d6:
2b:f7:62:a5:c9:70:ef:23:b0:93:6c:49:d2:af:02:
a0:4b:97:52:68:a8:5a:7b:ea:49:7f:be:53:fd:da:
0a:e6:ec:20:b6:bd:fd:72:b3:9b:0b:31:b2:9c:cf:
a9:a7:bf:06:1f:a4:4c:38:ab:c3:ea:c0:c2:97:58:
5d:ec:67:4d:63:c9:4d:30:35:fa:67:5a:0b:8b:0a:
ea:e8:57:03:c9:59:65:31:d6:dc:c1:78:f7:8b:dd:
1b:db:c8:0c:c8:ee:eb:ef:93:28:d9:5d:18:da:93:
67:27:40:60:d7:65:d7:e5:05:69:6e:44:ee:5c:3c:
8f:82:4a:b3:bf:4d:91:42:06:e9:2b:ed:70:22:0b:
b5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F1:05:5D:6B:12:69:F8:76:C5:2B:7A:1B:97:D9:01:72:E5:D2:F8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pPEFXWsSafh2xSt6G5fZAXLl0vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.226.0/24
87.121.40.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:0a:5a:6b:2b:68:9f:9b:50:ec:e7:f9:bb:ac:8f:b8:d0:f6:
67:a7:42:ad:63:68:5e:70:f1:87:9b:23:13:a8:08:41:08:d2:
af:46:28:95:c9:5f:55:d5:07:f8:20:1a:b7:22:c5:3b:bd:76:
a0:bb:16:b5:4f:36:70:42:8b:da:8d:12:e0:37:07:7a:09:e8:
ee:2d:ec:8b:7f:55:7c:1f:f8:8e:44:48:6e:f0:e6:f7:a9:c5:
7d:d6:ad:0b:1d:6b:2c:ed:92:a1:a6:ef:9d:fa:e4:f2:ce:60:
f4:f6:6e:5b:52:52:cd:ab:32:9c:14:60:c3:2a:46:78:a5:49:
63:fa:39:4f:a7:82:43:c2:24:c3:4f:08:15:01:9d:21:57:d2:
ed:97:ae:e1:4b:44:4f:d8:fd:37:3c:9e:26:95:2c:90:18:30:
ea:18:7a:ae:aa:f5:fc:c6:1d:ec:5b:d9:ea:7d:3f:ee:c7:9c:
a4:38:f5:5a:f7:df:4b:51:23:02:c6:eb:8f:f0:32:47:ed:2a:
0b:27:84:54:2b:9e:c0:2c:9b:e2:ce:92:33:c5:db:ea:24:68:
3b:4f:60:e2:9d:c9:61:80:b7:7a:2c:29:21:6d:d4:39:da:16:
bc:41:0d:39:52:60:21:c7:af:73:fe:7e:0f:4f:f6:60:ca:7d:
95:30:e5:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3Qv9gboUEJrekIHSEIysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGYxMDU1ZDZiMTI2OWY4NzZjNTJiN2ExYjk3ZDkwMTcyZTVkMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiou1dYT5zY34+GuGKieIPZEDRhEU
tdp1Lj3Ks8x6jHnib/pcqJW9FE8ea2AqupGIjCHzOrBSWMiwtYu7xXskiUvOcg2A
c5FdjDlQiqDxBHXfN7VLHJ5JJtQj1fqUxDk7M+LKsWUp17n7McWS0gONmT9IyTMN
Q9Yr92KlyXDvI7CTbEnSrwKgS5dSaKhae+pJf75T/doK5uwgtr39crObCzGynM+p
p78GH6RMOKvD6sDCl1hd7GdNY8lNMDX6Z1oLiwrq6FcDyVllMdbcwXj3i90b28gM
yO7r75Mo2V0Y2pNnJ0Bg12XX5QVpbkTuXDyPgkqzv02RQgbpK+1wIgu10QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKTxBV1rEmn4dsUrehuX2QFy5dL4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcFBFRlhXc1NhZmgyeFN0Nkc1ZlpBWExsMHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw3iAwQB
V3koMA0GCSqGSIb3DQEBCwUAA4IBAQCNClprK2ifm1Ds5/m7rI+40PZnp0KtY2he
cPGHmyMTqAhBCNKvRiiVyV9V1Qf4IBq3IsU7vXaguxa1TzZwQovajRLgNwd6Ceju
LeyLf1V8H/iOREhu8Ob3qcV91q0LHWss7ZKhpu+d+uTyzmD09m5bUlLNqzKcFGDD
KkZ4pUlj+jlPp4JDwiTDTwgVAZ0hV9Ltl67hS0RP2P03PJ4mlSyQGDDqGHquqvX8
xh3sW9nqfT/ux5ykOPVa999LUSMCxuuP8DJH7SoLJ4RUK57ALJvizpIzxdvqJGg7
T2DinclhgLd6LCkhbdQ52ha8QQ05UmAhx69z/n4PT/Zgyn2VMOVu
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:35:58 2024 by rpki-client on console-ams.rpki-client.org