Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/_PWiYgXV1g1SWwe7TXKGTM7c_AI.roa
File: _PWiYgXV1g1SWwe7TXKGTM7c_AI.roa (raw, json)
Hash identifier: TYgz1MiCReZg9n+6wAhx9smvgWxez/GWbMDSRyXTlL4=
Subject key identifier: FC:F5:A2:62:05:D5:D6:0D:52:5B:07:BB:4D:72:86:4C:CE:DC:FC:02
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 018EB47116E8CFA687C96EA83B36468343DC
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/_PWiYgXV1g1SWwe7TXKGTM7c_AI.roa
Signing time: Sat 06 Apr 2024 17:24:54 +0000
ROA not before: Sat 06 Apr 2024 17:24:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51803
IP address blocks: 31.129.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 04:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b4:71:16:e8:cf:a6:87:c9:6e:a8:3b:36:46:83:43:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Apr 6 17:24:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcf5a26205d5d60d525b07bb4d72864ccedcfc02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a7:28:b7:61:a2:1c:0b:a6:13:d1:cc:ce:92:
03:00:74:08:a8:4a:8c:18:e6:06:e8:d6:5f:0a:0a:
d8:f4:40:69:8f:59:fe:5c:85:10:2a:79:96:69:62:
af:fb:7d:0e:d2:e9:16:f8:d2:2e:68:28:4f:ef:c2:
da:d8:dd:9c:53:3c:68:30:d6:c8:f9:97:c4:66:7a:
1e:99:a3:da:92:0d:d4:55:d2:e1:be:e5:2e:d4:06:
47:98:05:88:eb:b0:bf:33:b4:b7:24:79:99:fc:06:
04:98:57:b3:5b:33:90:72:fa:bc:f9:ea:8a:e7:b8:
67:ad:63:65:d9:f2:97:d5:bb:ee:e6:cf:6f:b2:15:
b0:17:26:16:5a:b0:aa:bf:31:9a:18:d8:88:a4:7b:
52:f5:98:4b:25:16:a6:bc:7f:95:08:74:4c:07:8f:
f9:5e:5b:c5:51:6a:2c:52:7c:64:e6:c7:c7:66:0d:
e2:a4:68:f8:0e:be:8c:11:d8:4d:12:da:a1:8d:29:
3a:58:c2:ee:33:5b:5e:df:d8:50:4e:f2:05:74:2f:
f8:44:ec:e1:2f:3f:37:08:01:94:79:ae:1c:71:37:
01:b7:0f:38:6a:a9:56:93:d7:44:5d:df:11:55:9a:
b1:9d:dc:04:ff:13:00:04:4d:c1:03:d3:84:57:c2:
92:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F5:A2:62:05:D5:D6:0D:52:5B:07:BB:4D:72:86:4C:CE:DC:FC:02
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/_PWiYgXV1g1SWwe7TXKGTM7c_AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.230.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:18:e4:48:25:24:35:08:59:a9:9e:8b:54:d2:d3:be:78:3f:
0b:6f:22:ab:6b:2a:1b:c4:27:c1:8a:9a:96:76:a5:17:e0:9b:
74:f0:ca:d5:3e:ba:7e:40:bc:ac:b5:d1:62:b9:24:c5:d5:99:
4d:e5:6e:dd:1c:62:2e:25:ee:3e:56:2c:7a:4a:a9:a0:2b:bf:
25:e0:93:27:27:bf:18:51:72:91:98:15:72:86:da:61:a7:e4:
0f:96:0b:9b:00:35:44:4b:1c:28:9d:32:45:d0:30:41:88:d2:
d0:ff:25:e5:7c:9f:f3:ec:7f:05:67:14:51:ce:33:aa:9b:45:
88:6f:9f:ac:6c:a6:fe:92:c7:cb:3c:ae:fb:e0:51:f9:ed:16:
ad:c0:64:98:d8:d0:d5:a8:61:bb:46:72:61:1b:8e:23:96:8b:
b1:89:7c:91:0e:00:66:9d:2a:2f:df:e0:68:89:e8:7a:d9:9a:
00:ad:86:b7:46:3d:48:ad:02:39:11:32:9d:0d:3d:76:c5:54:
b3:ca:60:5b:4d:3f:5e:7b:a7:49:89:11:ab:bd:32:52:09:80:
2f:e1:fa:23:ee:fd:d7:34:e5:72:88:22:8b:0f:c5:59:27:eb:
7c:76:18:6a:1b:e5:87:b2:28:31:dd:db:96:6d:73:2f:db:6a:
8a:d9:d5:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY60cRboz6aHyW6oOzZGg0PcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjQwNDA2MTcyNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y1YTI2MjA1ZDVkNjBkNTI1YjA3YmI0ZDcyODY0Y2NlZGNmYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKcot2GiHAumE9HMzpIDAHQIqEqM
GOYG6NZfCgrY9EBpj1n+XIUQKnmWaWKv+30O0ukW+NIuaChP78La2N2cUzxoMNbI
+ZfEZnoemaPakg3UVdLhvuUu1AZHmAWI67C/M7S3JHmZ/AYEmFezWzOQcvq8+eqK
57hnrWNl2fKX1bvu5s9vshWwFyYWWrCqvzGaGNiIpHtS9ZhLJRamvH+VCHRMB4/5
XlvFUWosUnxk5sfHZg3ipGj4Dr6MEdhNEtqhjSk6WMLuM1te39hQTvIFdC/4ROzh
Lz83CAGUea4ccTcBtw84aqlWk9dEXd8RVZqxndwE/xMABE3BA9OEV8KS3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPz1omIF1dYNUlsHu01yhkzO3PwCMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvX1BXaVlnWFYxZzFTV3dlN1RYS0dUTTdjX0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH4HmMA0G
CSqGSIb3DQEBCwUAA4IBAQA9GORIJSQ1CFmpnotU0tO+eD8LbyKrayobxCfBipqW
dqUX4Jt08MrVPrp+QLystdFiuSTF1ZlN5W7dHGIuJe4+Vix6SqmgK78l4JMnJ78Y
UXKRmBVyhtphp+QPlgubADVESxwonTJF0DBBiNLQ/yXlfJ/z7H8FZxRRzjOqm0WI
b5+sbKb+ksfLPK774FH57RatwGSY2NDVqGG7RnJhG44jlouxiXyRDgBmnSov3+Bo
ieh62ZoArYa3Rj1IrQI5ETKdDT12xVSzymBbTT9ee6dJiRGrvTJSCYAv4foj7v3X
NOVyiCKLD8VZJ+t8dhhqG+WHsigx3duWbXMv22qK2dVU
-----END CERTIFICATE-----
Generated at Fri Jun 7 12:55:05 2024 by rpki-client on console-ams.rpki-client.org