Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/XROUUcz98-m_oqCcPBVLVbKHC4I.roa
File: XROUUcz98-m_oqCcPBVLVbKHC4I.roa (raw, json)
Hash identifier: BOsDPJwhbD3pPEyoqhEt5qMepLI5AqG1L8iQMAnKtEI=
Subject key identifier: 5D:13:94:51:CC:FD:F3:E9:BF:A2:A0:9C:3C:15:4B:55:B2:87:0B:82
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 018EB47116A50044E5599904C79A152D773B
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/XROUUcz98-m_oqCcPBVLVbKHC4I.roa
Signing time: Sat 06 Apr 2024 17:24:54 +0000
ROA not before: Sat 06 Apr 2024 17:24:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50130
IP address blocks: 31.129.224.0/22 maxlen: 22
31.129.224.0/23 maxlen: 23
31.129.224.0/24 maxlen: 24
31.129.225.0/24 maxlen: 24
31.129.226.0/23 maxlen: 23
31.129.226.0/24 maxlen: 24
31.129.227.0/24 maxlen: 24
31.129.228.0/23 maxlen: 23
31.129.228.0/24 maxlen: 24
31.129.229.0/24 maxlen: 24
31.129.234.0/24 maxlen: 24
31.129.240.0/23 maxlen: 23
31.129.242.0/23 maxlen: 23
31.129.252.0/22 maxlen: 22
31.129.252.0/23 maxlen: 23
31.129.252.0/24 maxlen: 24
31.129.253.0/24 maxlen: 24
31.129.254.0/23 maxlen: 23
31.129.254.0/24 maxlen: 24
31.129.255.0/24 maxlen: 24
213.5.192.0/24 maxlen: 24
213.5.193.0/24 maxlen: 24
213.5.194.0/24 maxlen: 24
213.5.195.0/24 maxlen: 24
213.5.196.0/22 maxlen: 22
213.5.196.0/23 maxlen: 23
213.5.196.0/24 maxlen: 24
213.5.197.0/24 maxlen: 24
213.5.198.0/23 maxlen: 23
213.5.198.0/24 maxlen: 24
213.5.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b4:71:16:a5:00:44:e5:59:99:04:c7:9a:15:2d:77:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Apr 6 17:24:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d139451ccfdf3e9bfa2a09c3c154b55b2870b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:76:97:c7:91:92:1a:c8:f6:18:69:35:f9:4d:
4a:21:f0:b1:1e:85:a5:6d:fa:ef:7f:b5:d3:98:28:
c7:19:58:33:f1:bc:be:24:b0:d7:cc:12:a4:bb:2a:
b5:fb:6c:25:e2:14:c1:9f:b9:31:5c:49:d8:94:e3:
b7:1b:08:fd:da:45:63:62:59:fb:39:04:b7:3f:ba:
0f:d2:c9:ec:41:ed:7d:ff:b0:91:1f:cd:e1:ae:fc:
c1:b2:a0:92:0b:2c:e6:c7:7a:3d:54:cc:55:8e:c0:
49:a6:bc:01:35:ad:a5:e3:09:83:92:a0:12:58:d1:
2f:77:4a:51:cb:4f:11:1b:38:11:f7:29:3b:c3:18:
ee:0e:1e:f1:8a:ba:e6:45:6b:95:6b:8a:5a:34:3d:
b3:10:c5:84:9f:db:70:e4:24:e8:df:db:a9:9f:cb:
27:d8:61:3d:c8:08:91:d2:47:61:59:55:8b:50:20:
28:6d:c4:f3:aa:ec:2f:fb:c0:d4:ed:ad:e4:86:b1:
02:5a:a4:5d:de:60:64:52:80:27:5d:0a:7c:a6:4b:
85:d8:a9:3d:81:a1:f5:e0:65:53:4d:e1:f0:a0:8b:
43:55:b0:18:28:d9:4e:82:a3:a0:cc:89:bc:0a:34:
f2:08:48:99:b3:29:a0:d2:42:8a:e6:94:41:db:26:
8c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:13:94:51:CC:FD:F3:E9:BF:A2:A0:9C:3C:15:4B:55:B2:87:0B:82
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/XROUUcz98-m_oqCcPBVLVbKHC4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.224.0-31.129.229.255
31.129.234.0/24
31.129.240.0/22
31.129.252.0/22
213.5.192.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:05:ec:59:12:fd:54:bb:5d:29:72:28:de:fe:d9:a6:c7:84:
e1:50:db:c0:03:90:0f:b1:52:83:08:0a:06:76:10:09:1a:47:
74:c7:ac:10:df:64:3d:27:42:ac:29:0d:7e:8e:0a:f7:1c:23:
15:36:14:33:a1:8b:8a:79:48:82:dc:d5:99:d9:c8:01:2c:61:
61:61:ca:8a:89:33:52:5e:0f:05:a2:dd:bc:0f:98:e8:70:17:
ef:01:47:0b:60:dd:2d:e7:91:5b:4b:41:d7:bc:6f:a7:b6:27:
3a:e1:7d:27:f3:14:3c:a2:29:e4:cd:c6:ad:ed:aa:58:60:79:
77:4b:b5:36:39:3f:74:79:ad:2a:76:e7:cb:aa:90:a2:bd:ab:
08:6f:2b:9b:be:88:0e:49:17:97:28:e6:0b:4a:3c:e8:79:5c:
c6:06:9e:68:9f:51:4a:5c:99:3a:7f:9b:c8:27:40:63:42:44:
fc:1b:f2:f0:f1:a0:04:f9:be:8f:ab:40:12:41:99:3c:c1:5e:
9d:1a:fd:2a:d3:de:bf:ef:d3:63:c7:3c:0d:40:3e:45:31:3b:
c0:83:9e:16:7d:59:3c:8f:75:68:f2:e6:bb:b8:8a:87:f4:19:
65:f3:5e:f6:6c:91:74:2d:c1:4b:9b:68:87:b2:32:de:a0:ab:
c6:f2:9d:bc
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY60cRalAETlWZkEx5oVLXc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjQwNDA2MTcyNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDEzOTQ1MWNjZmRmM2U5YmZhMmEwOWMzYzE1NGI1NWIyODcwYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3aXx5GSGsj2GGk1+U1KIfCxHoWl
bfrvf7XTmCjHGVgz8by+JLDXzBKkuyq1+2wl4hTBn7kxXEnYlOO3Gwj92kVjYln7
OQS3P7oP0snsQe19/7CRH83hrvzBsqCSCyzmx3o9VMxVjsBJprwBNa2l4wmDkqAS
WNEvd0pRy08RGzgR9yk7wxjuDh7xirrmRWuVa4paND2zEMWEn9tw5CTo39upn8sn
2GE9yAiR0kdhWVWLUCAobcTzquwv+8DU7a3khrECWqRd3mBkUoAnXQp8pkuF2Kk9
gaH14GVTTeHwoItDVbAYKNlOgqOgzIm8CjTyCEiZsymg0kKK5pRB2yaM7wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF0TlFHM/fPpv6KgnDwVS1WyhwuCMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvWFJPVVVjejk4LW1fb3FDY1BCVkxWYktIQzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAUfgeAD
BAEfgeQDBAAfgeoDBAIfgfADBAIfgfwDBAPVBcAwDQYJKoZIhvcNAQELBQADggEB
AHsF7FkS/VS7XSlyKN7+2abHhOFQ28ADkA+xUoMICgZ2EAkaR3THrBDfZD0nQqwp
DX6OCvccIxU2FDOhi4p5SILc1ZnZyAEsYWFhyoqJM1JeDwWi3bwPmOhwF+8BRwtg
3S3nkVtLQde8b6e2JzrhfSfzFDyiKeTNxq3tqlhgeXdLtTY5P3R5rSp258uqkKK9
qwhvK5u+iA5JF5co5gtKPOh5XMYGnmifUUpcmTp/m8gnQGNCRPwb8vDxoAT5vo+r
QBJBmTzBXp0a/SrT3r/v02PHPA1APkUxO8CDnhZ9WTyPdWjy5ru4iof0GWXzXvZs
kXQtwUubaIeyMt6gq8bynbw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:43:59 2024 by rpki-client on console-ams.rpki-client.org