Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/qEXGY-jaqd3dTzf4pyyiJ2LXY-o.roa
File: qEXGY-jaqd3dTzf4pyyiJ2LXY-o.roa (raw, json)
Hash identifier: BUhu3JLgUPjG7TVVQe6yZDe/h6+134hEuARe1OWQ6q0=
Subject key identifier: A8:45:C6:63:E8:DA:A9:DD:DD:4F:37:F8:A7:2C:A2:27:62:D7:63:EA
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 018D8CFE0AAFE1A9F22C23EB9EB1D26E0F0B
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/qEXGY-jaqd3dTzf4pyyiJ2LXY-o.roa
Signing time: Fri 09 Feb 2024 08:31:15 +0000
ROA not before: Fri 09 Feb 2024 08:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57235
IP address blocks: 81.31.224.0/22 maxlen: 24
81.31.228.0/23 maxlen: 24
81.31.230.0/24 maxlen: 24
81.31.233.0/24 maxlen: 24
81.31.236.0/22 maxlen: 24
81.31.236.0/24 maxlen: 24
81.31.238.0/24 maxlen: 24
81.31.240.0/23 maxlen: 24
81.31.248.0/22 maxlen: 24
81.31.250.0/24 maxlen: 24
81.31.251.0/24 maxlen: 24
2a05:a6c0::/56 maxlen: 64
2a05:a6c7:ffff:ff00::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:fe:0a:af:e1:a9:f2:2c:23:eb:9e:b1:d2:6e:0f:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Feb 9 08:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a845c663e8daa9dddd4f37f8a72ca22762d763ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a2:0c:f1:3a:40:9a:80:4f:88:e2:f7:f0:94:
cb:44:cf:c8:83:3d:31:94:e2:f1:b8:ea:3a:3b:a1:
a8:ab:4b:79:d2:79:d5:50:41:62:90:8b:81:56:45:
3d:a1:99:f4:74:40:ee:36:07:e6:5a:c6:3f:52:67:
1d:a9:48:86:d6:f8:a1:6d:e4:f4:f0:98:de:ce:6e:
46:53:71:90:bd:cd:88:6d:0b:75:3e:0d:79:78:17:
5d:8c:f7:dc:5b:3d:b5:99:50:14:42:6c:d0:b6:35:
9f:31:24:df:c8:7d:e2:3c:bc:61:7e:15:d6:17:e6:
98:c4:c4:02:be:23:e3:47:31:3c:a6:d0:2d:1a:ae:
6b:f3:56:f5:3d:65:fb:a9:eb:37:a1:fd:6d:97:d8:
cc:9f:31:e0:fe:b4:62:79:2c:3e:2f:0b:e4:a4:54:
c9:37:9e:4a:33:fa:0e:1c:03:1c:26:87:46:7a:f2:
42:b5:e7:26:9c:88:5e:82:ac:fc:a6:26:6b:e5:06:
9b:c5:ee:60:b4:f8:0c:48:d7:4b:74:66:59:f7:78:
76:0b:fe:29:9b:1e:c4:91:34:fd:6b:48:4e:86:4e:
65:ae:05:48:62:fb:0b:4d:cc:d1:ed:1b:d7:48:47:
82:b5:26:3f:25:65:63:51:d9:89:66:96:a6:5f:8b:
14:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:45:C6:63:E8:DA:A9:DD:DD:4F:37:F8:A7:2C:A2:27:62:D7:63:EA
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/qEXGY-jaqd3dTzf4pyyiJ2LXY-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.224.0-81.31.230.255
81.31.233.0/24
81.31.236.0-81.31.241.255
81.31.248.0/22
IPv6:
2a05:a6c0::/56
2a05:a6c7:ffff:ff00::/56
Signature Algorithm: sha256WithRSAEncryption
7d:3c:2c:97:ca:30:c2:f9:40:c1:67:c6:66:9d:bd:44:32:c6:
59:04:3c:ae:22:aa:db:c8:b2:98:5c:7b:72:af:08:c5:68:88:
db:19:68:fb:89:c6:9c:bb:1a:32:e1:cb:9e:29:c6:87:d1:3b:
2c:bb:ce:34:00:93:4f:84:c3:44:49:db:9b:7d:0a:d1:76:b2:
e7:1f:eb:47:e6:49:ca:77:ec:bc:fb:b3:3c:a3:44:81:bd:f3:
f3:bb:e2:65:c1:0a:09:68:10:a6:82:23:09:7c:be:bd:2d:3e:
4d:44:5b:0b:bc:5f:cd:da:6d:e0:55:89:57:ae:aa:e3:37:ca:
f5:1a:32:f7:21:5f:a5:42:31:d7:ed:c0:da:22:65:d1:6d:79:
ff:1a:59:68:cf:e4:cc:de:cb:00:10:93:a3:77:04:c9:34:98:
ec:65:53:89:9a:ee:19:69:5e:09:8e:87:dd:27:9b:3a:60:bf:
c3:79:d3:ba:ae:e9:42:ac:86:cb:4f:72:dc:62:66:6c:26:0f:
89:33:44:6a:c9:0b:a8:3d:6f:27:bb:a6:fb:90:87:e2:c8:11:
c5:cf:5a:91:4f:aa:63:0d:10:6f:9a:6d:95:b3:c6:b7:99:8c:
43:a5:32:7d:26:41:c2:78:aa:57:67:18:13:a2:1f:da:4a:95:
37:8f:91:b5
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY2M/gqv4anyLCPrnrHSbg8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjQwMjA5MDgzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQ1YzY2M2U4ZGFhOWRkZGQ0ZjM3ZjhhNzJjYTIyNzYyZDc2M2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqIM8TpAmoBPiOL38JTLRM/Igz0x
lOLxuOo6O6Goq0t50nnVUEFikIuBVkU9oZn0dEDuNgfmWsY/UmcdqUiG1vihbeT0
8Jjezm5GU3GQvc2IbQt1Pg15eBddjPfcWz21mVAUQmzQtjWfMSTfyH3iPLxhfhXW
F+aYxMQCviPjRzE8ptAtGq5r81b1PWX7qes3of1tl9jMnzHg/rRieSw+LwvkpFTJ
N55KM/oOHAMcJodGevJCtecmnIhegqz8piZr5Qabxe5gtPgMSNdLdGZZ93h2C/4p
mx7EkTT9a0hOhk5lrgVIYvsLTczR7RvXSEeCtSY/JWVjUdmJZpamX4sU5wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKhFxmPo2qnd3U83+Kcsoidi12PqMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvcUVYR1ktamFxZDNkVHpmNHB5eWlKMkxYWS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAuBAIAATAoMAwDBAVRH+AD
BABRH+YDBABRH+kwDAMEAlEf7AMEAVEf8AMEAlEf+DAaBAIAAjAUAwgAKgWmwAAA
AAMIACoFpsf///8wDQYJKoZIhvcNAQELBQADggEBAH08LJfKMML5QMFnxmadvUQy
xlkEPK4iqtvIsphce3KvCMVoiNsZaPuJxpy7GjLhy54pxofROyy7zjQAk0+Ew0RJ
25t9CtF2sucf60fmScp37Lz7szyjRIG98/O74mXBCgloEKaCIwl8vr0tPk1EWwu8
X83abeBViVeuquM3yvUaMvchX6VCMdftwNoiZdFtef8aWWjP5MzeywAQk6N3BMk0
mOxlU4ma7hlpXgmOh90nmzpgv8N507qu6UKshstPctxiZmwmD4kzRGrJC6g9bye7
pvuQh+LIEcXPWpFPqmMNEG+abZWzxreZjEOlMn0mQcJ4qldnGBOiH9pKlTePkbU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:40 2024 by rpki-client on console-ams.rpki-client.org