Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/oNKSjQWW3EC0af6lm9gPmzDQ-3Q.roa
File: oNKSjQWW3EC0af6lm9gPmzDQ-3Q.roa (raw, json)
Hash identifier: luxzxjbJBii2yhoueKZuwgwhWMMGVgP7z9Mj7uvcOL4=
Subject key identifier: A0:D2:92:8D:05:96:DC:40:B4:69:FE:A5:9B:D8:0F:9B:30:D0:FB:74
Certificate issuer: /CN=cb30eb4353ed750faf23f2f1e14018c6cfc62715
Certificate serial: 01900BD5B9DA81EED540F3168BB25EF73A12
Authority key identifier: CB:30:EB:43:53:ED:75:0F:AF:23:F2:F1:E1:40:18:C6:CF:C6:27:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/oNKSjQWW3EC0af6lm9gPmzDQ-3Q.roa
Signing time: Wed 12 Jun 2024 09:44:34 +0000
ROA not before: Wed 12 Jun 2024 09:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56547
IP address blocks: 31.24.232.0/21 maxlen: 21
31.24.232.0/24 maxlen: 24
31.24.233.0/24 maxlen: 24
31.24.234.0/24 maxlen: 24
31.24.235.0/24 maxlen: 24
31.24.236.0/24 maxlen: 24
31.24.237.0/24 maxlen: 24
31.24.238.0/24 maxlen: 24
31.24.239.0/24 maxlen: 24
185.69.108.0/22 maxlen: 22
185.69.108.0/24 maxlen: 24
185.69.109.0/24 maxlen: 24
185.69.110.0/24 maxlen: 24
185.69.111.0/24 maxlen: 24
185.76.248.0/22 maxlen: 22
185.76.248.0/24 maxlen: 24
185.76.249.0/24 maxlen: 24
185.76.250.0/24 maxlen: 24
185.76.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 15:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:d5:b9:da:81:ee:d5:40:f3:16:8b:b2:5e:f7:3a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb30eb4353ed750faf23f2f1e14018c6cfc62715
Validity
Not Before: Jun 12 09:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0d2928d0596dc40b469fea59bd80f9b30d0fb74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:cd:f6:9c:57:af:c6:0e:be:ce:29:fb:19:34:
43:54:8f:b5:58:b5:54:12:5a:0f:df:38:2b:4a:17:
dd:97:95:9f:f1:57:b8:4b:21:23:c0:26:03:48:ae:
29:20:6d:30:de:0b:62:b1:3a:b1:af:46:bd:7d:7a:
2e:6b:6e:51:b2:58:34:f9:6b:aa:f4:3b:65:9f:35:
db:b2:a8:ac:5d:d5:f6:ab:0a:c1:3d:25:8b:3c:d1:
0d:4f:2a:b9:3d:d4:be:72:07:cb:81:ad:b8:46:78:
3f:ee:e2:15:76:3b:18:ec:6b:36:95:b1:02:9b:98:
91:15:8e:a1:a5:78:fd:53:e1:a8:45:d2:7a:7c:c0:
e0:f8:a8:b8:e4:aa:c1:b4:24:ec:a3:96:92:d7:6a:
0f:6c:34:b6:da:61:7b:22:a3:69:fa:6d:e0:34:3e:
45:62:b6:cf:57:fa:87:ad:45:d3:07:93:aa:05:4d:
20:10:c6:93:51:88:a0:dd:01:dd:e4:cc:34:71:2a:
23:b5:82:0b:3a:5c:d5:da:ff:0f:1a:23:47:07:27:
2d:4b:a4:70:a1:b1:01:93:cb:0d:0d:e8:ac:7d:86:
3f:20:eb:d5:6d:f8:de:15:79:3e:ce:5a:1a:40:fc:
0d:35:ee:1e:0d:5c:b7:1e:b0:b4:42:a6:14:da:f9:
9b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D2:92:8D:05:96:DC:40:B4:69:FE:A5:9B:D8:0F:9B:30:D0:FB:74
X509v3 Authority Key Identifier:
keyid:CB:30:EB:43:53:ED:75:0F:AF:23:F2:F1:E1:40:18:C6:CF:C6:27:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/oNKSjQWW3EC0af6lm9gPmzDQ-3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.232.0/21
185.69.108.0/22
185.76.248.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:3f:1e:47:bc:8a:58:5c:7a:bb:96:21:54:3e:cb:aa:2f:4d:
78:a9:ef:1c:94:5f:14:fd:cc:0e:d5:88:6b:46:16:fa:5e:d7:
97:11:d9:bc:d5:fd:02:b8:3c:0b:fd:57:93:4a:fb:88:19:41:
70:0c:41:99:ef:4c:e4:b7:94:82:37:21:23:85:c5:64:2f:4c:
ed:4a:bb:db:3d:1d:58:88:92:bd:df:6b:c4:b8:d3:78:27:c1:
73:b4:e0:fb:2f:a5:60:4d:69:cd:e8:18:ca:2d:36:41:b9:d3:
64:75:be:88:cc:83:a9:75:d3:27:7f:65:a7:9c:73:bb:53:1d:
85:24:92:6b:91:b1:ba:ab:70:a1:87:09:de:ec:4c:a0:9b:4a:
14:c8:29:0c:9f:5b:a0:ec:13:95:73:df:1c:4a:3b:81:c3:2e:
2c:1e:3b:4e:ed:5f:97:00:f6:30:03:ea:a5:15:11:65:d0:d5:
03:24:ed:dc:a4:a9:a7:3f:7d:75:bb:1b:ab:74:fa:f4:bd:ce:
0b:f0:79:6e:fc:8c:ca:bf:99:0f:e2:e7:15:b3:58:75:35:fc:
19:6b:d1:49:e5:ee:48:9a:d9:e7:40:47:69:90:11:a9:30:92:
e0:e4:7b:14:16:53:f9:eb:af:15:ed:ee:06:38:9b:11:94:f9:
2c:b5:3c:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAL1bnage7VQPMWi7Je9zoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzBlYjQzNTNlZDc1MGZhZjIzZjJmMWUxNDAxOGM2Y2Zj
NjI3MTUwHhcNMjQwNjEyMDk0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGQyOTI4ZDA1OTZkYzQwYjQ2OWZlYTU5YmQ4MGY5YjMwZDBmYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5c32nFevxg6+zin7GTRDVI+1WLVU
EloP3zgrShfdl5Wf8Ve4SyEjwCYDSK4pIG0w3gtisTqxr0a9fXoua25Rslg0+Wuq
9DtlnzXbsqisXdX2qwrBPSWLPNENTyq5PdS+cgfLga24Rng/7uIVdjsY7Gs2lbEC
m5iRFY6hpXj9U+GoRdJ6fMDg+Ki45KrBtCTso5aS12oPbDS22mF7IqNp+m3gND5F
YrbPV/qHrUXTB5OqBU0gEMaTUYig3QHd5Mw0cSojtYILOlzV2v8PGiNHByctS6Rw
obEBk8sNDeisfYY/IOvVbfjeFXk+zloaQPwNNe4eDVy3HrC0QqYU2vmbgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKDSko0FltxAtGn+pZvYD5sw0Pt0MB8GA1UdIwQY
MBaAFMsw60NT7XUPryPy8eFAGMbPxicVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpEclExUHRkUS12SV9MeDRVQVl4c19HSnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDk3NDQtOGY1Yi00NWFkLTk1YTgt
MWI5YTMyM2M1NzBiLzEvb05LU2pRV1czRUMwYWY2bG05Z1BtekRRLTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDk3NDQtOGY1Yi00NWFkLTk1YTgtMWI5YTMyM2M1NzBi
LzEveXpEclExUHRkUS12SV9MeDRVQVl4c19HSnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHxjoAwQC
uUVsAwQCuUz4MA0GCSqGSIb3DQEBCwUAA4IBAQCnPx5HvIpYXHq7liFUPsuqL014
qe8clF8U/cwO1YhrRhb6XteXEdm81f0CuDwL/VeTSvuIGUFwDEGZ70zkt5SCNyEj
hcVkL0ztSrvbPR1YiJK932vEuNN4J8FztOD7L6VgTWnN6BjKLTZBudNkdb6IzIOp
ddMnf2WnnHO7Ux2FJJJrkbG6q3Chhwne7Eygm0oUyCkMn1ug7BOVc98cSjuBwy4s
HjtO7V+XAPYwA+qlFRFl0NUDJO3cpKmnP311uxurdPr0vc4L8Hlu/IzKv5kP4ucV
s1h1NfwZa9FJ5e5ImtnnQEdpkBGpMJLg5HsUFlP5668V7e4GOJsRlPkstTz4
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:38:05 2024 by rpki-client on console-fra.rpki-client.org