Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/00951f-2d5c-4f7a-9b72-4af1fb7438e7/1/Sm3lswcII0bf-ALKj_DDpzZvLMc.roa
File: Sm3lswcII0bf-ALKj_DDpzZvLMc.roa (raw, json)
Hash identifier: /Kb0jwUQMRGuhoCXPSsBRGNhGMzqhfM4ypAYr8K7OsM=
Subject key identifier: 4A:6D:E5:B3:07:08:23:46:DF:F8:02:CA:8F:F0:C3:A7:36:6F:2C:C7
Certificate issuer: /CN=cfc6cc4a7418a09421ba9805e764eef342ef8f38
Certificate serial: 019421B1B90D99031E50736034791CC481A0
Authority key identifier: CF:C6:CC:4A:74:18:A0:94:21:BA:98:05:E7:64:EE:F3:42:EF:8F:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8bMSnQYoJQhupgF52Tu80Lvjzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/00951f-2d5c-4f7a-9b72-4af1fb7438e7/1/Sm3lswcII0bf-ALKj_DDpzZvLMc.roa
Signing time: Wed 01 Jan 2025 11:48:02 +0000
ROA not before: Wed 01 Jan 2025 11:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61152
IP address blocks: 31.133.120.0/21 maxlen: 21
31.133.120.0/22 maxlen: 22
31.133.124.0/24 maxlen: 24
31.133.126.0/24 maxlen: 24
31.133.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/00951f-2d5c-4f7a-9b72-4af1fb7438e7/1/z8bMSnQYoJQhupgF52Tu80Lvjzg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/00951f-2d5c-4f7a-9b72-4af1fb7438e7/1/z8bMSnQYoJQhupgF52Tu80Lvjzg.mft
rsync://rpki.ripe.net/repository/DEFAULT/z8bMSnQYoJQhupgF52Tu80Lvjzg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b9:0d:99:03:1e:50:73:60:34:79:1c:c4:81:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfc6cc4a7418a09421ba9805e764eef342ef8f38
Validity
Not Before: Jan 1 11:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a6de5b307082346dff802ca8ff0c3a7366f2cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c5:36:dd:96:b1:78:1e:a0:91:31:81:64:57:
8f:82:00:e0:5a:98:0f:be:bd:39:6d:7d:8a:8b:7a:
54:e8:ed:91:ef:dd:be:3f:3c:28:85:57:4c:e6:93:
8c:fe:87:72:0f:cd:0d:dd:2a:65:d2:6c:03:e1:a8:
bd:5d:50:d1:3b:00:42:2a:93:2e:fc:e9:0e:8b:5c:
7b:1c:e2:9f:da:43:a1:93:12:14:40:9f:35:8a:6d:
31:52:3a:95:48:f2:a4:93:5c:f1:98:53:92:45:ae:
33:7d:e9:61:fc:84:dd:cd:4c:af:81:e3:db:73:c4:
fd:1c:0e:82:91:20:67:f3:31:73:d1:4c:b4:9e:5d:
b0:9b:2e:fb:d3:23:6c:ac:7b:de:7a:35:c4:ed:96:
cb:e8:ee:44:10:20:5a:71:1c:dc:cc:56:3e:45:36:
c1:2f:8f:7e:bf:24:36:fb:5d:a0:f9:83:ae:73:49:
f4:ac:16:ae:8b:22:64:16:4f:7a:ed:c5:43:f8:28:
a8:15:89:b0:be:34:0b:c1:ae:85:ba:92:7a:6d:26:
a1:9a:08:5c:b6:9a:ef:5e:69:79:e4:0c:4c:51:f2:
5d:d0:d5:a1:37:7b:8a:0f:09:0b:95:27:b4:cf:43:
a7:77:5d:c2:f1:f2:fc:a6:3d:29:93:3e:25:b6:f3:
ab:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6D:E5:B3:07:08:23:46:DF:F8:02:CA:8F:F0:C3:A7:36:6F:2C:C7
X509v3 Authority Key Identifier:
keyid:CF:C6:CC:4A:74:18:A0:94:21:BA:98:05:E7:64:EE:F3:42:EF:8F:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8bMSnQYoJQhupgF52Tu80Lvjzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/00951f-2d5c-4f7a-9b72-4af1fb7438e7/1/Sm3lswcII0bf-ALKj_DDpzZvLMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/00951f-2d5c-4f7a-9b72-4af1fb7438e7/1/z8bMSnQYoJQhupgF52Tu80Lvjzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.120.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:3a:1f:4e:25:cd:30:42:00:d1:8a:30:d3:f0:2b:a6:3c:d7:
17:26:cc:ef:9a:5b:8f:6d:e1:b1:01:a8:17:8a:f4:e9:dc:4c:
d0:3f:82:3a:b6:ee:38:59:b6:e3:5c:b5:e2:f3:e6:10:ef:c0:
97:29:16:96:7a:03:7e:84:f9:70:61:f4:75:04:ff:67:86:40:
38:a1:c8:da:55:fd:12:98:78:fa:55:0f:69:61:7a:d0:c5:67:
a4:28:26:c1:d8:86:d1:ee:eb:83:3b:54:18:ce:0e:ae:35:21:
37:f8:f8:30:b9:f2:6b:96:39:f1:9b:c1:b3:19:f4:9d:24:04:
63:1c:6a:57:15:78:4b:59:fe:22:06:91:e0:03:97:24:27:67:
bf:ca:fa:d0:ac:41:cf:b8:2d:f6:4d:53:cd:b3:20:73:75:af:
a1:28:7b:ec:b9:18:df:86:7a:84:5d:d6:01:87:6f:09:f3:e2:
6f:02:12:81:d2:7a:68:ea:d0:92:d6:87:8e:77:0e:52:cc:e9:
08:0a:40:61:0d:47:dd:b3:32:f1:5c:4c:c1:9b:8e:f2:b6:b5:
3d:e8:12:aa:ed:d0:ec:3f:63:ac:58:09:63:4f:e7:15:e9:8f:
b1:9b:4a:1c:9e:56:60:4f:bb:db:45:8e:23:b8:ee:d1:ad:e2:
2a:db:a5:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsbkNmQMeUHNgNHkcxIGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzZjYzRhNzQxOGEwOTQyMWJhOTgwNWU3NjRlZWYzNDJl
ZjhmMzgwHhcNMjUwMTAxMTE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZkZTViMzA3MDgyMzQ2ZGZmODAyY2E4ZmYwYzNhNzM2NmYyY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcU23ZaxeB6gkTGBZFePggDgWpgP
vr05bX2Ki3pU6O2R792+PzwohVdM5pOM/odyD80N3Spl0mwD4ai9XVDROwBCKpMu
/OkOi1x7HOKf2kOhkxIUQJ81im0xUjqVSPKkk1zxmFOSRa4zfelh/ITdzUyvgePb
c8T9HA6CkSBn8zFz0Uy0nl2wmy770yNsrHveejXE7ZbL6O5EECBacRzczFY+RTbB
L49+vyQ2+12g+YOuc0n0rBauiyJkFk967cVD+CioFYmwvjQLwa6FupJ6bSahmghc
tprvXml55AxMUfJd0NWhN3uKDwkLlSe0z0Ond13C8fL8pj0pkz4ltvOrrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEpt5bMHCCNG3/gCyo/ww6c2byzHMB8GA1UdIwQY
MBaAFM/GzEp0GKCUIbqYBedk7vNC7484MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhiTVNuUVlvSlFodXBnRjUyVHU4MEx2anpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8wMDk1MWYtMmQ1Yy00ZjdhLTliNzIt
NGFmMWZiNzQzOGU3LzEvU20zbHN3Y0lJMGJmLUFMS2pfRERwelp2TE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8wMDk1MWYtMmQ1Yy00ZjdhLTliNzItNGFmMWZiNzQzOGU3
LzEvejhiTVNuUVlvSlFodXBnRjUyVHU4MEx2anpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH4V4MA0G
CSqGSIb3DQEBCwUAA4IBAQBOOh9OJc0wQgDRijDT8CumPNcXJszvmluPbeGxAagX
ivTp3EzQP4I6tu44WbbjXLXi8+YQ78CXKRaWegN+hPlwYfR1BP9nhkA4ocjaVf0S
mHj6VQ9pYXrQxWekKCbB2IbR7uuDO1QYzg6uNSE3+PgwufJrljnxm8GzGfSdJARj
HGpXFXhLWf4iBpHgA5ckJ2e/yvrQrEHPuC32TVPNsyBzda+hKHvsuRjfhnqEXdYB
h28J8+JvAhKB0npo6tCS1oeOdw5SzOkICkBhDUfdszLxXEzBm47ytrU96BKq7dDs
P2OsWAljT+cV6Y+xm0ocnlZgT7vbRY4juO7RreIq26Wa
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:01 2025 by rpki-client