Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/RVsH6CAWrIktktTpTAC32jhEKR0.roa
File: RVsH6CAWrIktktTpTAC32jhEKR0.roa (raw, json)
Hash identifier: q61Z1B9KQVemXxPOQzWxjkSRVw8FECJGsxiAJERWNws=
Subject key identifier: 45:5B:07:E8:20:16:AC:89:2D:92:D4:E9:4C:00:B7:DA:38:44:29:1D
Certificate issuer: /CN=e566e0e51628554cd92634b711ab758f8467c485
Certificate serial: 018CC56DF57B83A50F1A6C1E0A6BECE8FA5A
Authority key identifier: E5:66:E0:E5:16:28:55:4C:D9:26:34:B7:11:AB:75:8F:84:67:C4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/RVsH6CAWrIktktTpTAC32jhEKR0.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56837
IP address blocks: 86.39.64.0/20 maxlen: 20
31.22.16.0/24 maxlen: 24
31.22.20.0/22 maxlen: 22
2a00:6ec0:300::/40 maxlen: 40
2a00:6ec0:400::/40 maxlen: 40
2a00:6ec0:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 02:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f5:7b:83:a5:0f:1a:6c:1e:0a:6b:ec:e8:fa:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e566e0e51628554cd92634b711ab758f8467c485
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=455b07e82016ac892d92d4e94c00b7da3844291d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d0:ea:c3:7a:23:c3:fe:74:15:7c:3a:99:6b:
af:1e:a7:25:45:2a:71:c1:d3:61:c2:24:b4:97:22:
94:e0:52:bf:51:98:b9:f3:e9:da:89:3e:0d:19:f5:
e6:2c:56:a1:f0:c2:26:3e:11:35:79:09:e5:b7:16:
c4:48:f5:63:69:7b:f7:33:51:41:e5:94:5f:4d:6a:
ea:e1:90:ed:fe:61:44:61:f8:91:36:ec:39:18:07:
99:da:fe:d5:a7:1d:34:e2:2c:1d:be:0f:48:eb:5d:
21:2f:31:3a:4f:03:88:de:24:55:ef:ae:97:18:a5:
eb:a5:99:31:92:26:dc:e5:af:71:97:72:cf:19:6b:
3e:02:3a:32:31:18:47:36:94:c3:2a:e1:36:3e:38:
2b:2d:fe:04:e5:7b:b7:27:4d:c9:c9:77:c5:df:e8:
a5:54:93:62:a3:b4:0d:7b:f8:d6:cb:4b:65:95:ed:
21:6b:ee:ec:46:c7:ed:7b:9d:dd:e4:80:a4:fd:22:
8e:56:2a:f3:ae:cf:e6:9e:f5:75:07:f0:fc:fb:03:
8f:41:d2:32:4a:e9:9f:90:43:ee:70:dd:d5:07:d2:
d7:04:b6:5c:97:71:01:d3:68:ec:b6:9a:65:3e:a0:
a9:9e:21:fc:5d:f2:06:c3:d7:20:6b:bd:18:9b:b4:
39:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:5B:07:E8:20:16:AC:89:2D:92:D4:E9:4C:00:B7:DA:38:44:29:1D
X509v3 Authority Key Identifier:
keyid:E5:66:E0:E5:16:28:55:4C:D9:26:34:B7:11:AB:75:8F:84:67:C4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/RVsH6CAWrIktktTpTAC32jhEKR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.16.0/24
31.22.20.0/22
86.39.64.0/20
IPv6:
2a00:6ec0:100::/40
2a00:6ec0:300::-2a00:6ec0:4ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:42:9d:a5:8f:68:c6:5d:4c:01:0c:6f:e7:f2:6d:49:bc:bd:
8d:dc:cf:e4:9f:2f:a7:42:59:4a:b1:ae:09:ca:b1:cc:ca:ee:
e9:0d:e9:cb:e5:5f:68:aa:aa:fa:54:cc:bf:72:c0:7f:78:bb:
14:06:dd:1d:21:20:11:38:12:c8:1f:ad:39:c2:c8:12:e2:bd:
bd:04:61:0f:27:d1:b2:c2:76:f0:c8:26:b7:f1:c5:06:8a:96:
32:6a:81:b5:53:3b:bf:86:0e:88:5a:fe:3a:81:39:b3:37:69:
bf:3a:bc:4a:5d:68:a5:f7:a5:20:e0:62:da:b7:92:f0:5a:2b:
30:38:3b:60:27:9f:57:a2:97:55:62:89:e5:54:eb:e9:ab:66:
cb:9f:54:3b:09:57:e8:22:79:7e:7f:ab:95:ce:b0:6d:4f:a3:
2a:3a:ae:13:c7:b8:dc:83:8a:95:18:35:b0:cb:4c:18:9a:fa:
26:36:3d:a0:ec:62:82:d7:b8:d0:4b:b2:5e:5a:01:da:f8:1f:
4c:4e:a9:94:9e:b3:d6:85:0e:c5:66:82:a4:31:f1:a1:39:4d:
72:c1:53:33:95:f7:e1:82:11:f1:4e:84:fb:0c:01:30:a6:69:
7d:1d:6c:be:31:22:80:81:20:7c:ae:3b:02:7d:6b:1a:bc:00:
5e:47:af:91
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzFbfV7g6UPGmweCmvs6PpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjZlMGU1MTYyODU1NGNkOTI2MzRiNzExYWI3NThmODQ2
N2M0ODUwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTViMDdlODIwMTZhYzg5MmQ5MmQ0ZTk0YzAwYjdkYTM4NDQyOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdDqw3ojw/50FXw6mWuvHqclRSpx
wdNhwiS0lyKU4FK/UZi58+naiT4NGfXmLFah8MImPhE1eQnltxbESPVjaXv3M1FB
5ZRfTWrq4ZDt/mFEYfiRNuw5GAeZ2v7Vpx004iwdvg9I610hLzE6TwOI3iRV766X
GKXrpZkxkibc5a9xl3LPGWs+AjoyMRhHNpTDKuE2PjgrLf4E5Xu3J03JyXfF3+il
VJNio7QNe/jWy0tlle0ha+7sRsfte53d5ICk/SKOVirzrs/mnvV1B/D8+wOPQdIy
SumfkEPucN3VB9LXBLZcl3EB02jstpplPqCpniH8XfIGw9cga70Ym7Q5tQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFEVbB+ggFqyJLZLU6UwAt9o4RCkdMB8GA1UdIwQY
MBaAFOVm4OUWKFVM2SY0txGrdY+EZ8SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdiZzVSWW9WVXpaSmpTM0VhdDFqNFJueElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kOWUxNmQtN2U4Yy00M2VjLTk5Zjct
ZTI5NmNmZDk3MjA5LzEvUlZzSDZDQVdySWt0a3RUcFRBQzMyamhFS1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kOWUxNmQtN2U4Yy00M2VjLTk5ZjctZTI5NmNmZDk3MjA5
LzEvNVdiZzVSWW9WVXpaSmpTM0VhdDFqNFJueElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAYBAIAATASAwQAHxYQAwQC
HxYUAwQEVidAMCAEAgACMBoDBgAqAG7AATAQAwYAKgBuwAMDBgAqAG7ABDANBgkq
hkiG9w0BAQsFAAOCAQEAT0KdpY9oxl1MAQxv5/JtSby9jdzP5J8vp0JZSrGuCcqx
zMru6Q3py+VfaKqq+lTMv3LAf3i7FAbdHSEgETgSyB+tOcLIEuK9vQRhDyfRssJ2
8Mgmt/HFBoqWMmqBtVM7v4YOiFr+OoE5szdpvzq8Sl1opfelIOBi2reS8ForMDg7
YCefV6KXVWKJ5VTr6atmy59UOwlX6CJ5fn+rlc6wbU+jKjquE8e43IOKlRg1sMtM
GJr6JjY9oOxigte40EuyXloB2vgfTE6plJ6z1oUOxWaCpDHxoTlNcsFTM5X34YIR
8U6E+wwBMKZpfR1svjEigIEgfK47An1rGrwAXkevkQ==
-----END CERTIFICATE-----
Generated at Sat Jun 22 08:32:59 2024 by rpki-client on console-ams.rpki-client.org