Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/y8toNS91OcCQjVMTOgbe7QCJVh8.roa
File: y8toNS91OcCQjVMTOgbe7QCJVh8.roa (raw, json)
Hash identifier: Sl0i1KqaPTIiQ5lBS23riuRT+yqDAJco05n+c4wNpyc=
Subject key identifier: CB:CB:68:35:2F:75:39:C0:90:8D:53:13:3A:06:DE:ED:00:89:56:1F
Certificate issuer: /CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5
Certificate serial: 019152B9E32B94CADC92CA341787B9FDA8EC
Authority key identifier: BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/y8toNS91OcCQjVMTOgbe7QCJVh8.roa
Signing time: Wed 14 Aug 2024 21:09:59 +0000
ROA not before: Wed 14 Aug 2024 21:09:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34119
IP address blocks: 31.22.0.0/21 maxlen: 21
31.22.4.0/24 maxlen: 24
31.22.7.0/24 maxlen: 24
77.95.32.0/21 maxlen: 21
185.2.168.0/22 maxlen: 22
185.103.228.0/22 maxlen: 22
185.211.176.0/22 maxlen: 22
2a02:5300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/vJ18QukXhEy8LeSpHGwXAd5ZcbU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/vJ18QukXhEy8LeSpHGwXAd5ZcbU.mft
rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:52:b9:e3:2b:94:ca:dc:92:ca:34:17:87:b9:fd:a8:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5
Validity
Not Before: Aug 14 21:09:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbcb68352f7539c0908d53133a06deed0089561f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a9:59:97:95:fb:1e:43:2a:28:c5:73:e6:45:
72:97:a3:61:22:02:06:d4:70:c3:02:66:96:07:04:
cc:86:cb:ee:b2:72:58:d3:0b:f5:8a:1c:4f:27:d9:
0e:4c:fd:fe:f7:c9:f5:25:3e:31:7c:51:91:89:41:
27:24:0b:6a:31:1a:2f:6d:79:2d:9e:a5:4e:0d:cc:
6d:de:9e:37:53:d4:84:d4:87:c0:94:d8:ce:cc:6a:
55:65:16:f6:12:db:9c:51:aa:54:fd:90:c1:9b:a2:
d6:dc:bb:04:35:9b:ce:9b:46:6d:68:97:b4:29:3c:
83:75:b7:02:a1:22:66:5d:5c:6e:28:32:66:49:b9:
61:5a:a2:4e:6a:4e:ef:88:69:af:2c:c0:ce:02:a9:
79:9e:1e:93:b5:a0:2d:5a:8d:a6:f2:6d:6b:47:b8:
a0:f6:ba:19:2b:a8:97:4f:7f:4f:f5:91:a3:46:c2:
e2:79:1c:f5:bc:21:e2:0b:f6:7b:81:39:78:4c:45:
29:a9:3d:81:f4:5d:e2:ed:03:9d:e6:d6:d6:5f:21:
a3:fa:ed:04:c5:85:51:20:2e:0b:42:23:d7:c4:e7:
c3:94:af:5d:78:5a:a8:ab:cc:31:2d:90:21:aa:8c:
f5:e2:d1:53:fc:66:03:2d:e4:61:8d:a9:7a:15:e5:
9b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CB:68:35:2F:75:39:C0:90:8D:53:13:3A:06:DE:ED:00:89:56:1F
X509v3 Authority Key Identifier:
keyid:BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/y8toNS91OcCQjVMTOgbe7QCJVh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/vJ18QukXhEy8LeSpHGwXAd5ZcbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.0.0/21
77.95.32.0/21
185.2.168.0/22
185.103.228.0/22
185.211.176.0/22
IPv6:
2a02:5300::/32
Signature Algorithm: sha256WithRSAEncryption
ab:04:29:04:23:dd:08:9b:87:7a:df:1e:0a:36:c1:01:b4:53:
fc:1f:3c:e5:83:48:0a:af:d5:5a:a7:ce:14:1b:46:ac:7a:ef:
35:ae:c3:82:03:d8:ee:5b:37:e6:21:27:dc:67:12:4c:e5:2c:
b3:4c:9a:01:65:c4:cf:fb:fa:93:66:1b:93:41:e7:33:07:e0:
2a:aa:f7:8b:ad:e8:8e:7c:3c:b0:39:ff:c0:0d:6b:ff:24:a8:
db:42:ac:3e:e9:3f:16:71:f3:64:d6:32:25:48:7a:fb:d6:41:
69:95:a7:07:7f:f5:e2:74:a8:45:08:3f:2d:84:b9:9b:f5:c7:
1c:7a:9b:d9:60:42:db:1b:cd:33:2d:c3:ac:10:83:84:6c:32:
46:d8:7c:d3:30:c9:e9:81:42:58:ba:99:5c:00:45:e1:be:ef:
76:71:3c:e5:04:f1:71:78:86:42:8d:c3:6a:2d:e7:c3:66:f5:
ab:ec:75:4c:a0:dd:81:4c:9d:99:24:33:a3:bd:f2:1e:88:b2:
c3:c5:ac:2e:32:b7:11:65:54:36:13:99:36:2c:d6:c2:6d:f3:
ef:ab:cd:65:aa:cf:16:58:25:0e:f0:84:51:f2:88:e8:ee:b9:
3b:f5:aa:59:59:ea:fb:04:bd:28:e4:c9:7a:7e:48:dc:2f:8c:
8f:ac:e7:be
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZFSueMrlMrckso0F4e5/ajsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWQ3YzQyZTkxNzg0NGNiYzJkZTRhOTFjNmMxNzAxZGU1
OTcxYjUwHhcNMjQwODE0MjEwOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmNiNjgzNTJmNzUzOWMwOTA4ZDUzMTMzYTA2ZGVlZDAwODk1NjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKlZl5X7HkMqKMVz5kVyl6NhIgIG
1HDDAmaWBwTMhsvusnJY0wv1ihxPJ9kOTP3+98n1JT4xfFGRiUEnJAtqMRovbXkt
nqVODcxt3p43U9SE1IfAlNjOzGpVZRb2EtucUapU/ZDBm6LW3LsENZvOm0ZtaJe0
KTyDdbcCoSJmXVxuKDJmSblhWqJOak7viGmvLMDOAql5nh6TtaAtWo2m8m1rR7ig
9roZK6iXT39P9ZGjRsLieRz1vCHiC/Z7gTl4TEUpqT2B9F3i7QOd5tbWXyGj+u0E
xYVRIC4LQiPXxOfDlK9deFqoq8wxLZAhqoz14tFT/GYDLeRhjal6FeWb3wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMvLaDUvdTnAkI1TEzoG3u0AiVYfMB8GA1UdIwQY
MBaAFLydfELpF4RMvC3kqRxsFwHeWXG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkoxOFF1a1hoRXk4TGVTcEhHd1hBZDVaY2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOWFlYTItYjZjOC00YWY5LWFkODQt
MDNmYjU0MTg3ZWUyLzEveTh0b05TOTFPY0NRalZNVE9nYmU3UUNKVmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOWFlYTItYjZjOC00YWY5LWFkODQtMDNmYjU0MTg3ZWUy
LzEvdkoxOFF1a1hoRXk4TGVTcEhHd1hBZDVaY2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHxYAAwQD
TV8gAwQCuQKoAwQCuWfkAwQCudOwMA0EAgACMAcDBQAqAlMAMA0GCSqGSIb3DQEB
CwUAA4IBAQCrBCkEI90Im4d63x4KNsEBtFP8Hzzlg0gKr9Vap84UG0aseu81rsOC
A9juWzfmISfcZxJM5SyzTJoBZcTP+/qTZhuTQeczB+AqqveLreiOfDywOf/ADWv/
JKjbQqw+6T8WcfNk1jIlSHr71kFplacHf/XidKhFCD8thLmb9cccepvZYELbG80z
LcOsEIOEbDJG2HzTMMnpgUJYuplcAEXhvu92cTzlBPFxeIZCjcNqLefDZvWr7HVM
oN2BTJ2ZJDOjvfIeiLLDxawuMrcRZVQ2E5k2LNbCbfPvq81lqs8WWCUO8IRR8ojo
7rk79apZWer7BL0o5Ml6fkjcL4yPrOe+
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:16:49 2024 by rpki-client on console-fra.rpki-client.org