Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vVrLTs4xpR6DfSBiO8Drqt84Ir0.roa
File: vVrLTs4xpR6DfSBiO8Drqt84Ir0.roa (raw, json)
Hash identifier: 0VQgv+0O9vM8gO5Xs4UPM+5rtSlwwkMurO47am2qY28=
Subject key identifier: BD:5A:CB:4E:CE:31:A5:1E:83:7D:20:62:3B:C0:EB:AA:DF:38:22:BD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD07E84A22AF321B3E2EA9AF02F8C6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vVrLTs4xpR6DfSBiO8Drqt84Ir0.roa
Signing time: Tue 02 Jan 2024 06:29:37 +0000
ROA not before: Tue 02 Jan 2024 06:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208224
IP address blocks: 31.13.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:07:e8:4a:22:af:32:1b:3e:2e:a9:af:02:f8:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd5acb4ece31a51e837d20623bc0ebaadf3822bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6b:98:a7:86:fc:2d:af:c8:e3:12:62:64:b1:
4b:21:f8:06:b7:01:dd:3d:a0:c3:fa:67:20:33:68:
e5:a7:d7:0d:41:ea:b1:e9:ad:ac:1a:86:d5:1f:9c:
37:b7:40:c4:41:10:1f:0e:e2:24:e1:b3:12:a8:22:
ed:38:5d:65:b7:0a:30:ee:f6:52:f3:82:e6:73:86:
7a:38:aa:d1:58:fc:46:23:99:0c:ef:e4:af:70:87:
5f:91:75:7a:77:0d:66:39:46:cf:d9:81:10:d5:a6:
0a:35:8e:97:85:4a:b0:08:93:a4:fe:4d:5e:ba:79:
3a:d9:74:34:37:9c:f1:8f:cc:89:b7:c5:64:12:ec:
60:bd:e1:94:ea:f5:69:0f:61:7f:e1:73:1c:cb:19:
86:66:75:f9:39:e7:4a:76:a0:13:53:44:fb:65:7e:
3a:e0:e9:4a:8e:26:31:3f:e1:05:ab:f4:12:fb:a7:
c7:98:91:84:9c:74:24:6d:91:2b:e9:f4:04:e0:b0:
1b:39:9d:b2:ec:93:55:f7:5f:73:16:39:cf:21:ca:
ba:4b:10:6e:9e:06:d9:0d:c5:c0:e1:55:0b:72:fc:
f9:34:de:cb:85:ad:79:e2:08:1d:bc:46:ea:e7:c9:
d6:1e:6d:b3:0b:54:2c:e0:b2:88:a9:ea:36:43:82:
9d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:5A:CB:4E:CE:31:A5:1E:83:7D:20:62:3B:C0:EB:AA:DF:38:22:BD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vVrLTs4xpR6DfSBiO8Drqt84Ir0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.246.0/24
Signature Algorithm: sha256WithRSAEncryption
22:3f:f2:b4:23:53:7d:27:88:50:c2:68:7a:be:fb:80:10:46:
3d:2c:65:5a:85:76:93:a2:c9:d4:62:38:f8:c6:f5:6b:0d:be:
13:e5:e6:78:eb:e9:8a:6e:2c:11:dd:48:32:53:9a:06:4c:c3:
1e:fe:17:6f:5f:86:95:0a:20:b0:d6:50:b2:11:90:11:1e:fc:
44:b5:7e:e3:03:9d:f3:0c:a8:c1:ab:07:92:78:67:9b:81:2e:
b7:7b:b2:af:a1:a6:13:c2:bc:19:18:95:c2:76:57:9a:6f:4c:
19:66:f7:20:e5:35:26:4e:dd:fa:cc:4a:62:02:dd:7d:ec:99:
0b:e5:27:97:57:f0:6e:5d:84:59:e5:a1:46:6f:4f:ec:f0:39:
c5:80:19:6e:60:77:d3:1f:c0:e8:51:1d:41:ca:31:67:bc:26:
0c:16:69:2b:3a:e0:07:52:fe:38:bd:74:fa:80:5e:23:3c:e8:
1e:64:8b:f5:b9:4e:15:d1:04:ab:49:48:9b:63:1c:e2:6d:7e:
56:c4:24:43:51:ac:63:d7:3e:1f:e3:b3:04:73:a0:30:06:35:
81:4b:45:99:67:77:67:c6:13:f5:f2:d2:f7:b3:8e:37:fe:fe:
f8:97:e9:07:dc:93:bd:82:02:34:79:a5:85:df:74:bd:26:43:
04:f9:c0:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QfoSiKvMhs+LqmvAvjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDVhY2I0ZWNlMzFhNTFlODM3ZDIwNjIzYmMwZWJhYWRmMzgyMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5muYp4b8La/I4xJiZLFLIfgGtwHd
PaDD+mcgM2jlp9cNQeqx6a2sGobVH5w3t0DEQRAfDuIk4bMSqCLtOF1ltwow7vZS
84Lmc4Z6OKrRWPxGI5kM7+SvcIdfkXV6dw1mOUbP2YEQ1aYKNY6XhUqwCJOk/k1e
unk62XQ0N5zxj8yJt8VkEuxgveGU6vVpD2F/4XMcyxmGZnX5OedKdqATU0T7ZX46
4OlKjiYxP+EFq/QS+6fHmJGEnHQkbZEr6fQE4LAbOZ2y7JNV919zFjnPIcq6SxBu
ngbZDcXA4VULcvz5NN7Lha154ggdvEbq58nWHm2zC1Qs4LKIqeo2Q4KdSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1ay07OMaUeg30gYjvA66rfOCK9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdlZyTFRzNHhwUjZEZlNCaU84RHJxdDg0SXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw32MA0G
CSqGSIb3DQEBCwUAA4IBAQAiP/K0I1N9J4hQwmh6vvuAEEY9LGVahXaTosnUYjj4
xvVrDb4T5eZ46+mKbiwR3UgyU5oGTMMe/hdvX4aVCiCw1lCyEZARHvxEtX7jA53z
DKjBqweSeGebgS63e7KvoaYTwrwZGJXCdleab0wZZvcg5TUmTt36zEpiAt197JkL
5SeXV/BuXYRZ5aFGb0/s8DnFgBluYHfTH8DoUR1ByjFnvCYMFmkrOuAHUv44vXT6
gF4jPOgeZIv1uU4V0QSrSUibYxzibX5WxCRDUaxj1z4f47MEc6AwBjWBS0WZZ3dn
xhP18tL3s443/v74l+kH3JO9ggI0eaWF33S9JkME+cDI
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:28:46 2024 by rpki-client on console-ams.rpki-client.org