Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/PX7dIMIXyQGitx2R7U9YmY0mEWU.roa
File: PX7dIMIXyQGitx2R7U9YmY0mEWU.roa (raw, json)
Hash identifier: LmKfzan2h9bweKYG4Z8EhbZzR1FI3rLmwIAoTZbA2uE=
Subject key identifier: 3D:7E:DD:20:C2:17:C9:01:A2:B7:1D:91:ED:4F:58:99:8D:26:11:65
Certificate issuer: /CN=0195727f07b758f9868476c13cf977654bf380ee
Certificate serial: 018CC6B8B16D3D9A0F84DD61C3F295AFBC94
Authority key identifier: 01:95:72:7F:07:B7:58:F9:86:84:76:C1:3C:F9:77:65:4B:F3:80:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/PX7dIMIXyQGitx2R7U9YmY0mEWU.roa
Signing time: Mon 01 Jan 2024 20:30:41 +0000
ROA not before: Mon 01 Jan 2024 20:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56535
IP address blocks: 31.44.240.0/24 maxlen: 24
31.44.241.0/24 maxlen: 24
31.44.243.0/24 maxlen: 24
31.44.242.0/24 maxlen: 24
31.44.252.0/23 maxlen: 23
31.44.255.0/24 maxlen: 24
31.44.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:b1:6d:3d:9a:0f:84:dd:61:c3:f2:95:af:bc:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0195727f07b758f9868476c13cf977654bf380ee
Validity
Not Before: Jan 1 20:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d7edd20c217c901a2b71d91ed4f58998d261165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e1:32:d2:96:0f:6f:f6:15:cb:50:54:91:2b:
e8:ba:87:dd:58:28:ab:4f:cb:8f:39:4c:3d:fa:7d:
35:8e:2c:fd:d8:09:72:05:a3:d3:ce:28:ca:9b:ad:
fa:ad:ed:c7:b5:08:8d:98:a1:eb:cb:eb:6e:ea:7d:
ed:d7:8c:dc:dc:5b:1b:f3:62:ac:82:f6:66:88:36:
3d:38:e5:b3:cd:0b:bb:59:d3:c2:f9:dd:66:aa:6a:
63:10:a2:47:01:48:67:ed:1a:77:fe:d7:d8:12:9a:
de:9a:83:3d:27:65:4b:2e:e2:53:9e:26:32:b1:cb:
91:8e:90:c5:4a:89:a6:6c:09:50:7b:0c:a1:de:b4:
e0:2a:b7:bd:64:a9:65:50:a3:de:e3:00:84:7d:39:
12:f8:4c:66:1e:a2:ef:3f:b3:86:73:f5:cd:29:73:
94:f4:6d:bd:ec:da:04:b6:d3:67:8f:c2:66:9e:fc:
2d:08:91:40:10:0f:e4:c6:60:2c:e1:70:b3:2c:31:
b9:7d:24:81:75:f1:eb:04:61:77:24:0f:30:99:da:
2d:06:7c:31:26:1f:27:bb:f9:4c:41:ae:cc:47:ab:
38:03:70:2c:be:32:b3:8c:ea:f9:67:53:78:11:f1:
5f:cf:72:cb:32:a6:82:5e:44:0f:3c:fb:2c:ea:79:
c1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7E:DD:20:C2:17:C9:01:A2:B7:1D:91:ED:4F:58:99:8D:26:11:65
X509v3 Authority Key Identifier:
keyid:01:95:72:7F:07:B7:58:F9:86:84:76:C1:3C:F9:77:65:4B:F3:80:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/PX7dIMIXyQGitx2R7U9YmY0mEWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dded95-cb8c-4335-aed0-64838df3977a/1/AZVyfwe3WPmGhHbBPPl3ZUvzgO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.240.0/22
31.44.252.0/22
Signature Algorithm: sha256WithRSAEncryption
01:c7:d8:d6:60:29:8d:c1:94:82:a7:cb:62:1a:c2:d2:84:de:
ef:76:9c:0f:44:47:f2:fb:4a:7a:c6:1e:66:50:bd:4b:67:59:
3a:5c:69:1e:49:f3:de:0a:f4:7b:18:83:8f:81:c3:5e:7f:07:
07:aa:7d:21:0b:e2:35:27:3a:6d:27:a2:e6:66:e5:dd:9f:1e:
8f:94:53:19:ed:da:72:28:c5:b1:42:cd:2b:bc:e5:76:45:0a:
d9:3d:f7:69:c2:f5:2e:fa:a6:9b:bf:39:e1:f8:92:8e:69:d0:
37:50:37:e9:3e:03:f9:2b:61:53:01:a1:f6:2d:39:49:bb:72:
65:d0:c6:71:08:ce:3d:52:c8:9e:8e:ec:2e:3a:1d:19:16:16:
76:96:70:5a:3a:61:1f:4c:5d:f1:cd:65:a4:4d:55:1f:53:5a:
75:81:20:53:40:7c:0b:f6:01:c8:6f:f3:b8:81:6f:dc:6d:5d:
df:3e:ae:d1:b0:5d:de:bf:e1:e3:1a:be:df:5d:17:d0:c5:5d:
7a:08:30:ca:3d:d6:46:b7:86:85:fc:ce:61:22:71:14:48:09:
cb:a1:05:3d:45:7d:2c:42:60:5e:ff:b6:7e:b9:d6:08:b8:a3:
89:b4:ab:6d:0a:c7:ef:90:2a:cf:ee:07:a6:5f:78:e0:e4:f5:
01:a7:e6:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuLFtPZoPhN1hw/KVr7yUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTU3MjdmMDdiNzU4Zjk4Njg0NzZjMTNjZjk3NzY1NGJm
MzgwZWUwHhcNMjQwMTAxMjAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDdlZGQyMGMyMTdjOTAxYTJiNzFkOTFlZDRmNTg5OThkMjYxMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuEy0pYPb/YVy1BUkSvouofdWCir
T8uPOUw9+n01jiz92AlyBaPTzijKm636re3HtQiNmKHry+tu6n3t14zc3Fsb82Ks
gvZmiDY9OOWzzQu7WdPC+d1mqmpjEKJHAUhn7Rp3/tfYEpremoM9J2VLLuJTniYy
scuRjpDFSommbAlQewyh3rTgKre9ZKllUKPe4wCEfTkS+ExmHqLvP7OGc/XNKXOU
9G297NoEttNnj8JmnvwtCJFAEA/kxmAs4XCzLDG5fSSBdfHrBGF3JA8wmdotBnwx
Jh8nu/lMQa7MR6s4A3AsvjKzjOr5Z1N4EfFfz3LLMqaCXkQPPPss6nnBiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD1+3SDCF8kBorcdke1PWJmNJhFlMB8GA1UdIwQY
MBaAFAGVcn8Ht1j5hoR2wTz5d2VL84DuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpWeWZ3ZTNXUG1HaEhiQlBQbDNaVXZ6Z080LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kZGVkOTUtY2I4Yy00MzM1LWFlZDAt
NjQ4MzhkZjM5NzdhLzEvUFg3ZElNSVh5UUdpdHgyUjdVOVltWTBtRVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kZGVkOTUtY2I4Yy00MzM1LWFlZDAtNjQ4MzhkZjM5Nzdh
LzEvQVpWeWZ3ZTNXUG1HaEhiQlBQbDNaVXZ6Z080LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHyzwAwQC
Hyz8MA0GCSqGSIb3DQEBCwUAA4IBAQABx9jWYCmNwZSCp8tiGsLShN7vdpwPREfy
+0p6xh5mUL1LZ1k6XGkeSfPeCvR7GIOPgcNefwcHqn0hC+I1JzptJ6LmZuXdnx6P
lFMZ7dpyKMWxQs0rvOV2RQrZPfdpwvUu+qabvznh+JKOadA3UDfpPgP5K2FTAaH2
LTlJu3Jl0MZxCM49UsiejuwuOh0ZFhZ2lnBaOmEfTF3xzWWkTVUfU1p1gSBTQHwL
9gHIb/O4gW/cbV3fPq7RsF3ev+HjGr7fXRfQxV16CDDKPdZGt4aF/M5hInEUSAnL
oQU9RX0sQmBe/7Z+udYIuKOJtKttCsfvkCrP7gemX3jg5PUBp+YT
-----END CERTIFICATE-----
Generated at Sat Sep 28 14:10:44 2024 by rpki-client on console-fra.rpki-client.org