Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/IQsAQD3-uM5EELmjXIi6RRmFJlM.roa
File: IQsAQD3-uM5EELmjXIi6RRmFJlM.roa (raw, json)
Hash identifier: 1O1BkvQ6feIQSCg+NciCRDBJf/2gSLyY3fvyejdg6wM=
Subject key identifier: 21:0B:00:40:3D:FE:B8:CE:44:10:B9:A3:5C:88:BA:45:19:85:26:53
Certificate issuer: /CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Certificate serial: 018CC72728C0091E619D541C642493779406
Authority key identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/IQsAQD3-uM5EELmjXIi6RRmFJlM.roa
Signing time: Mon 01 Jan 2024 22:31:21 +0000
ROA not before: Mon 01 Jan 2024 22:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12481
IP address blocks: 94.142.144.0/21 maxlen: 21
5.100.232.0/21 maxlen: 21
212.103.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 04:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:28:c0:09:1e:61:9d:54:1c:64:24:93:77:94:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Validity
Not Before: Jan 1 22:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=210b00403dfeb8ce4410b9a35c88ba4519852653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ee:93:0b:d8:ff:f0:00:dc:41:8c:be:9e:50:
e4:0c:a2:77:37:9e:e1:77:e3:5c:1c:7f:4f:8f:eb:
fd:bd:c7:c5:d3:ba:2d:17:f8:4e:6d:3a:7e:54:a6:
c5:0e:07:24:45:d6:ed:9e:4c:83:34:c3:fa:55:fd:
c6:d0:5e:f9:4d:4a:c1:7c:eb:64:67:34:f1:89:b6:
6c:36:b8:d4:11:d4:84:93:92:55:cc:13:1b:b7:05:
45:32:dc:ae:e3:d2:1c:fb:f1:da:d3:2e:fe:ee:ce:
14:39:e0:59:bc:37:44:26:39:04:8a:01:12:f2:73:
a3:dc:f7:8c:f2:a9:0f:0c:67:10:16:bf:25:eb:d4:
e2:e1:7c:86:69:b5:95:ce:2e:f4:98:f4:f0:5d:04:
b0:7b:f8:75:bd:64:ac:ee:82:fb:59:3a:95:1b:7e:
72:6b:8d:63:a7:de:5f:c3:be:f6:10:6c:68:8d:12:
68:35:ae:2c:92:ae:3e:84:c3:f0:90:58:a5:2d:91:
90:e7:3b:1b:a3:95:43:7c:05:53:0e:ea:b0:6a:9a:
ad:09:f2:ad:83:e0:41:e3:b0:4e:49:ba:b9:44:6e:
25:69:98:64:f5:fd:2f:a3:3d:06:9a:4d:d4:bd:af:
4d:6d:c2:34:0a:7b:21:3e:ab:c2:fe:44:50:00:a5:
9d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0B:00:40:3D:FE:B8:CE:44:10:B9:A3:5C:88:BA:45:19:85:26:53
X509v3 Authority Key Identifier:
keyid:31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/IQsAQD3-uM5EELmjXIi6RRmFJlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.232.0/21
94.142.144.0/21
212.103.192.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:d6:dd:ca:ee:2b:65:6a:c3:40:2f:db:80:90:26:d7:6a:39:
de:fc:21:f2:bb:d9:c3:8d:04:be:eb:ee:4a:d0:02:e5:fb:11:
c6:f1:94:f4:89:0e:4a:7f:0b:03:c9:1d:d0:cf:5d:e8:68:ce:
91:c7:36:94:36:6d:12:89:ee:8d:5c:54:e1:f0:8e:78:9e:52:
a8:f3:04:e2:8d:7f:9b:17:fb:42:de:7c:a4:c2:44:f3:e7:53:
5c:fa:82:dd:b1:aa:51:60:91:35:73:14:4d:01:5d:20:7d:72:
89:39:22:44:14:32:b6:bd:f3:91:2c:1a:3a:85:7f:d6:5a:92:
2b:87:65:75:8d:a7:22:7e:eb:88:c6:b8:51:85:5f:d8:26:43:
16:40:d3:8e:cd:32:e1:f2:1c:a6:e2:8d:3b:df:8d:86:b4:69:
e5:2c:ef:2a:3d:cf:52:74:f2:7a:10:da:1b:33:4d:88:48:47:
cf:9d:9c:fd:ca:ef:76:f0:91:6a:60:dc:0f:e7:1a:7a:1e:69:
98:8d:24:35:1b:cb:a3:00:17:a2:1a:d3:47:18:13:05:32:b8:
dd:8c:9d:3f:bc:6d:d3:52:2f:b8:d9:09:f2:0d:77:9c:5d:00:
84:65:2f:fb:41:35:a3:b8:a1:20:1c:43:3f:62:d4:f9:8d:e8:
e1:97:b4:29
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJyjACR5hnVQcZCSTd5QGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjBmNjRjNjlkMzMwYjY2ZWJjZDAzYTliZjBmZGMxOWYz
MTQ3ZDgwHhcNMjQwMTAxMjIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTBiMDA0MDNkZmViOGNlNDQxMGI5YTM1Yzg4YmE0NTE5ODUyNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje6TC9j/8ADcQYy+nlDkDKJ3N57h
d+NcHH9Pj+v9vcfF07otF/hObTp+VKbFDgckRdbtnkyDNMP6Vf3G0F75TUrBfOtk
ZzTxibZsNrjUEdSEk5JVzBMbtwVFMtyu49Ic+/Ha0y7+7s4UOeBZvDdEJjkEigES
8nOj3PeM8qkPDGcQFr8l69Ti4XyGabWVzi70mPTwXQSwe/h1vWSs7oL7WTqVG35y
a41jp95fw772EGxojRJoNa4skq4+hMPwkFilLZGQ5zsbo5VDfAVTDuqwapqtCfKt
g+BB47BOSbq5RG4laZhk9f0voz0Gmk3Uva9NbcI0CnshPqvC/kRQAKWdLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCELAEA9/rjORBC5o1yIukUZhSZTMB8GA1UdIwQY
MBaAFDGw9kxp0zC2brzQOpvw/cGfMUfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAt
ZDQ5MzQ0OTNhNjc5LzEvSVFzQVFEMy11TTVFRUxtalhJaTZSUm1GSmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAtZDQ5MzQ0OTNhNjc5
LzEvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBWToAwQD
Xo6QAwQF1GfAMA0GCSqGSIb3DQEBCwUAA4IBAQCp1t3K7itlasNAL9uAkCbXajne
/CHyu9nDjQS+6+5K0ALl+xHG8ZT0iQ5KfwsDyR3Qz13oaM6RxzaUNm0Sie6NXFTh
8I54nlKo8wTijX+bF/tC3nykwkTz51Nc+oLdsapRYJE1cxRNAV0gfXKJOSJEFDK2
vfORLBo6hX/WWpIrh2V1jacifuuIxrhRhV/YJkMWQNOOzTLh8hym4o07342GtGnl
LO8qPc9SdPJ6ENobM02ISEfPnZz9yu928JFqYNwP5xp6HmmYjSQ1G8ujABeiGtNH
GBMFMrjdjJ0/vG3TUi+42QnyDXecXQCEZS/7QTWjuKEgHEM/YtT5jejhl7Qp
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:59:24 2024 by rpki-client on console-ams.rpki-client.org