Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tA4uoY-Lt-LWfqKiTecLmi6W_1U.roa
File: tA4uoY-Lt-LWfqKiTecLmi6W_1U.roa (raw, json)
Hash identifier: AbHPNqdo/ln0MEI4ksPvDMKchs1/k4DC2H1al7sE8CA=
Subject key identifier: B4:0E:2E:A1:8F:8B:B7:E2:D6:7E:A2:A2:4D:E7:0B:9A:2E:96:FF:55
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCE393C31EC22388820894B669B603
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tA4uoY-Lt-LWfqKiTecLmi6W_1U.roa
Signing time: Tue 02 Jan 2024 06:29:28 +0000
ROA not before: Tue 02 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44851
IP address blocks: 31.13.196.0/24 maxlen: 24
93.123.120.0/21 maxlen: 21
93.123.120.0/24 maxlen: 24
93.123.124.0/24 maxlen: 24
93.123.121.0/24 maxlen: 24
93.123.125.0/24 maxlen: 24
93.123.122.0/24 maxlen: 24
93.123.120.0/22 maxlen: 22
93.123.124.0/22 maxlen: 22
93.123.123.0/24 maxlen: 24
93.123.126.0/24 maxlen: 24
93.123.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:e3:93:c3:1e:c2:23:88:82:08:94:b6:69:b6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b40e2ea18f8bb7e2d67ea2a24de70b9a2e96ff55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a7:5c:10:55:99:87:af:af:c2:ca:4d:d9:73:
20:63:80:0c:47:27:c7:2f:dd:ca:df:ad:f1:d9:82:
41:ee:7c:49:fd:0e:77:3f:ab:fe:36:61:d2:21:c9:
10:d2:b7:db:15:fe:6b:c5:c1:13:66:7c:8a:5d:59:
2f:00:56:01:ed:28:63:25:dd:d6:74:82:44:36:14:
d5:eb:bb:d3:f1:f0:83:18:40:b6:dc:98:00:34:72:
96:87:9c:cc:e2:08:f8:32:e6:45:d9:3f:cb:de:e9:
ca:4c:b4:bb:67:de:81:70:d9:49:64:cb:8f:35:8c:
9d:b5:d6:c9:ca:ee:7b:58:12:cb:f7:5d:b3:61:00:
0c:65:0d:06:3f:4a:76:a5:b6:18:d5:7d:ab:3f:98:
f9:11:55:84:4e:bf:99:35:0e:4e:13:69:4f:fc:e0:
7e:e9:85:d6:89:45:a3:78:d2:86:3b:8f:f9:8d:ec:
cd:55:79:ff:f5:51:fe:19:6c:17:d9:30:9b:cb:7a:
8e:9a:8b:d1:bf:27:3d:86:83:1d:36:3d:62:2f:02:
c5:19:45:25:f2:f2:c9:de:b4:9d:90:7f:22:82:4d:
d0:44:40:e9:1b:d0:dd:07:45:12:73:2f:ee:a8:bb:
1b:8a:b3:55:f4:70:54:57:bf:0c:5b:3c:59:16:bf:
37:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0E:2E:A1:8F:8B:B7:E2:D6:7E:A2:A2:4D:E7:0B:9A:2E:96:FF:55
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tA4uoY-Lt-LWfqKiTecLmi6W_1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.196.0/24
93.123.120.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:4a:f2:82:e2:cc:20:16:f2:8a:1c:9e:01:bf:c8:77:85:f1:
ce:da:3f:89:be:25:86:52:fe:3d:e6:92:12:8f:82:04:54:9e:
a3:e5:3e:14:26:9e:02:96:80:16:68:c6:4f:54:d3:ae:f1:ad:
ec:92:19:d1:be:41:bd:b7:34:fd:b9:92:5a:98:fa:5c:5b:09:
f2:14:92:3b:84:0d:e2:bf:a1:14:f2:3a:bb:49:03:29:65:ad:
f8:85:59:e9:18:6f:e5:80:0c:f2:97:b6:9f:12:85:90:98:94:
6f:bf:8e:56:ff:dd:5e:48:36:71:7c:f3:df:d8:14:ef:53:c0:
7a:a8:ab:ae:90:bc:5c:6d:dd:08:7d:0b:7b:cf:c1:44:a8:96:
85:f1:a3:2b:45:57:ac:7c:0f:cc:e1:71:9e:67:77:e9:e6:31:
f2:02:43:00:22:02:7b:ef:1b:2d:78:14:a6:ee:77:c9:ef:08:
e6:86:8a:4b:5c:79:73:3a:9d:39:0c:3d:64:d5:f7:db:06:00:
c6:a8:a7:27:b1:8f:30:9d:76:70:b6:3d:98:0b:d7:8a:0e:26:
83:af:6e:74:d5:e9:2d:ef:2a:54:68:f8:44:5d:5d:ca:70:a0:
3f:43:3d:78:25:6d:74:27:76:4f:f5:20:23:ce:e8:cb:9f:23:
da:44:94:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3OOTwx7CI4iCCJS2abYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDBlMmVhMThmOGJiN2UyZDY3ZWEyYTI0ZGU3MGI5YTJlOTZmZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqdcEFWZh6+vwspN2XMgY4AMRyfH
L93K363x2YJB7nxJ/Q53P6v+NmHSIckQ0rfbFf5rxcETZnyKXVkvAFYB7ShjJd3W
dIJENhTV67vT8fCDGEC23JgANHKWh5zM4gj4MuZF2T/L3unKTLS7Z96BcNlJZMuP
NYydtdbJyu57WBLL912zYQAMZQ0GP0p2pbYY1X2rP5j5EVWETr+ZNQ5OE2lP/OB+
6YXWiUWjeNKGO4/5jezNVXn/9VH+GWwX2TCby3qOmovRvyc9hoMdNj1iLwLFGUUl
8vLJ3rSdkH8igk3QREDpG9DdB0UScy/uqLsbirNV9HBUV78MWzxZFr83OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQOLqGPi7fi1n6iok3nC5oulv9VMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdEE0dW9ZLUx0LUxXZnFLaVRlY0xtaTZXXzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw3EAwQD
XXt4MA0GCSqGSIb3DQEBCwUAA4IBAQBcSvKC4swgFvKKHJ4Bv8h3hfHO2j+JviWG
Uv495pISj4IEVJ6j5T4UJp4CloAWaMZPVNOu8a3skhnRvkG9tzT9uZJamPpcWwny
FJI7hA3iv6EU8jq7SQMpZa34hVnpGG/lgAzyl7afEoWQmJRvv45W/91eSDZxfPPf
2BTvU8B6qKuukLxcbd0IfQt7z8FEqJaF8aMrRVesfA/M4XGeZ3fp5jHyAkMAIgJ7
7xsteBSm7nfJ7wjmhopLXHlzOp05DD1k1ffbBgDGqKcnsY8wnXZwtj2YC9eKDiaD
r2501ekt7ypUaPhEXV3KcKA/Qz14JW10J3ZP9SAjzujLnyPaRJTr
-----END CERTIFICATE-----
Generated at Sun Apr 28 01:06:37 2024 by rpki-client on console-ams.rpki-client.org