Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/dFFXumtF2r_HB8QA8xvqjE-_9kk.roa
File: dFFXumtF2r_HB8QA8xvqjE-_9kk.roa (raw, json)
Hash identifier: UfkgkLpGMGeN6EFxXCcKTJc5jVJ3gaEj8rnr7G8hE50=
Subject key identifier: 74:51:57:BA:6B:45:DA:BF:C7:07:C4:00:F3:1B:EA:8C:4F:BF:F6:49
Certificate issuer: /CN=b27912ffef67078bb06bd4a9021fba96adb180be
Certificate serial: 018CC50051D647358FE34176EA0D015E302A
Authority key identifier: B2:79:12:FF:EF:67:07:8B:B0:6B:D4:A9:02:1F:BA:96:AD:B1:80:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/dFFXumtF2r_HB8QA8xvqjE-_9kk.roa
Signing time: Mon 01 Jan 2024 12:29:41 +0000
ROA not before: Mon 01 Jan 2024 12:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197506
IP address blocks: 31.44.16.0/20 maxlen: 20
31.44.26.0/24 maxlen: 24
45.144.100.0/24 maxlen: 24
45.144.101.0/24 maxlen: 24
2a00:d400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/snkS_-9nB4uwa9SpAh-6lq2xgL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/snkS_-9nB4uwa9SpAh-6lq2xgL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 18:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:51:d6:47:35:8f:e3:41:76:ea:0d:01:5e:30:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b27912ffef67078bb06bd4a9021fba96adb180be
Validity
Not Before: Jan 1 12:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=745157ba6b45dabfc707c400f31bea8c4fbff649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:be:b1:30:4b:eb:50:72:f6:53:aa:70:3c:39:
1c:24:64:85:54:be:1b:04:f1:ac:34:f7:91:6e:9d:
d0:12:20:49:fa:68:81:37:6b:06:45:5c:7b:b3:d3:
02:9b:39:82:9d:69:52:ca:6f:84:0c:43:42:39:48:
2e:f4:54:5f:dd:d0:7b:dd:ed:cf:21:20:bc:31:b6:
c5:36:ce:99:8e:55:ac:4b:5e:0d:43:30:5d:f7:e4:
de:89:a2:59:bc:f4:c5:05:ec:2c:54:10:2c:61:d3:
7d:5d:6f:3e:93:97:e0:35:a8:04:55:43:03:92:fa:
a3:46:e1:b5:c1:57:ac:4d:0a:4c:66:3f:66:b9:3c:
b2:d3:ba:0b:ac:be:85:85:72:a4:c9:c4:d1:db:6b:
8f:0e:dc:30:8f:b8:71:68:f5:75:15:2a:b8:fb:9e:
8b:97:02:da:ec:20:5b:ff:a0:6b:fe:74:d3:6b:26:
62:0e:b0:ff:db:5d:e1:63:49:cd:cb:0f:bf:40:2e:
4a:92:91:97:33:45:da:86:64:96:0e:4e:e8:98:a3:
0c:dc:0e:25:06:b9:0a:a8:c0:07:8b:1e:ad:c8:e5:
64:8e:71:5d:69:48:5f:94:93:fe:36:ed:f8:58:9b:
79:97:1d:16:9a:c6:54:32:d8:d1:8d:8f:94:3b:a2:
d5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:51:57:BA:6B:45:DA:BF:C7:07:C4:00:F3:1B:EA:8C:4F:BF:F6:49
X509v3 Authority Key Identifier:
keyid:B2:79:12:FF:EF:67:07:8B:B0:6B:D4:A9:02:1F:BA:96:AD:B1:80:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/dFFXumtF2r_HB8QA8xvqjE-_9kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/snkS_-9nB4uwa9SpAh-6lq2xgL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.16.0/20
45.144.100.0/23
IPv6:
2a00:d400::/32
Signature Algorithm: sha256WithRSAEncryption
7f:43:b6:b4:60:b3:b6:c9:10:c8:ce:cf:f0:d5:9e:33:51:84:
13:f6:f0:f7:88:24:8c:6c:19:80:17:fc:1b:6b:86:b8:49:03:
71:6e:0c:d7:14:ce:73:44:4d:44:3c:23:fb:93:a1:53:a0:d1:
c5:2a:10:62:93:27:b4:75:41:01:b6:f2:f9:27:36:8d:fb:f6:
29:c3:86:a8:04:76:6d:9c:5f:7b:1f:25:1c:56:6b:69:6f:6c:
14:0c:00:84:b0:53:4c:a8:7d:e8:ef:18:a8:7b:0f:5e:04:4f:
80:ac:13:d4:ea:d9:8a:ef:92:1e:76:0a:9c:2a:b4:22:59:9f:
2c:54:23:9a:8d:ce:76:2d:a6:5f:54:4e:83:d3:66:1e:9a:8a:
a7:8c:ca:01:31:fd:3f:29:6a:6d:4a:31:b9:42:9d:fb:d8:be:
38:68:e9:1b:7f:30:08:fb:ce:3f:89:db:b0:cf:5c:c3:9f:00:
a4:f3:36:c2:5d:88:a6:28:06:55:1b:a0:ef:70:8e:17:e9:3e:
06:ca:c2:75:97:0a:ba:3c:a1:0e:b2:0e:0a:16:80:04:9d:a6:
46:5c:ba:6f:17:7c:1d:7c:69:43:0c:e7:21:cb:af:f6:c8:4e:
5d:78:c5:c9:ac:a5:ac:10:5c:ab:e0:ae:c4:45:ac:40:3a:42:
ce:ab:cf:65
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAFHWRzWP40F26g0BXjAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzkxMmZmZWY2NzA3OGJiMDZiZDRhOTAyMWZiYTk2YWRi
MTgwYmUwHhcNMjQwMTAxMTIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDUxNTdiYTZiNDVkYWJmYzcwN2M0MDBmMzFiZWE4YzRmYmZmNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL6xMEvrUHL2U6pwPDkcJGSFVL4b
BPGsNPeRbp3QEiBJ+miBN2sGRVx7s9MCmzmCnWlSym+EDENCOUgu9FRf3dB73e3P
ISC8MbbFNs6ZjlWsS14NQzBd9+TeiaJZvPTFBewsVBAsYdN9XW8+k5fgNagEVUMD
kvqjRuG1wVesTQpMZj9muTyy07oLrL6FhXKkycTR22uPDtwwj7hxaPV1FSq4+56L
lwLa7CBb/6Br/nTTayZiDrD/213hY0nNyw+/QC5KkpGXM0XahmSWDk7omKMM3A4l
BrkKqMAHix6tyOVkjnFdaUhflJP+Nu34WJt5lx0WmsZUMtjRjY+UO6LV/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHRRV7prRdq/xwfEAPMb6oxPv/ZJMB8GA1UdIwQY
MBaAFLJ5Ev/vZweLsGvUqQIfupatsYC+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25rU18tOW5CNHV3YTlTcEFoLTZscTJ4Z0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yYjg3YzUtMzgwZC00NzZmLWE3MTQt
NWMwZDkyZjlhNDlmLzEvZEZGWHVtdEYycl9IQjhRQTh4dnFqRS1fOWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yYjg3YzUtMzgwZC00NzZmLWE3MTQtNWMwZDkyZjlhNDlm
LzEvc25rU18tOW5CNHV3YTlTcEFoLTZscTJ4Z0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEHywQAwQB
LZBkMA0EAgACMAcDBQAqANQAMA0GCSqGSIb3DQEBCwUAA4IBAQB/Q7a0YLO2yRDI
zs/w1Z4zUYQT9vD3iCSMbBmAF/wba4a4SQNxbgzXFM5zRE1EPCP7k6FToNHFKhBi
kye0dUEBtvL5JzaN+/Ypw4aoBHZtnF97HyUcVmtpb2wUDACEsFNMqH3o7xioew9e
BE+ArBPU6tmK75IedgqcKrQiWZ8sVCOajc52LaZfVE6D02YemoqnjMoBMf0/KWpt
SjG5Qp372L44aOkbfzAI+84/iduwz1zDnwCk8zbCXYimKAZVG6DvcI4X6T4GysJ1
lwq6PKEOsg4KFoAEnaZGXLpvF3wdfGlDDOchy6/2yE5deMXJrKWsEFyr4K7ERaxA
OkLOq89l
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:01:14 2024 by rpki-client on console-ams.rpki-client.org