Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/D8jAtFDQWnedEDik-hivW1nBsOU.roa
File: D8jAtFDQWnedEDik-hivW1nBsOU.roa (raw, json)
Hash identifier: i6andS3J3WM5bXlIPD8dZY4a7xwbaQcTxuJAovhR8Mk=
Subject key identifier: 0F:C8:C0:B4:50:D0:5A:77:9D:10:38:A4:FA:18:AF:5B:59:C1:B0:E5
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FC3E87BB8D9C0AB3D8DD9ADB7DA90
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/D8jAtFDQWnedEDik-hivW1nBsOU.roa
Signing time: Tue 02 Jan 2024 04:30:17 +0000
ROA not before: Tue 02 Jan 2024 04:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205655
IP address blocks: 31.135.0.0/24 maxlen: 24
31.135.6.0/24 maxlen: 24
91.245.90.0/24 maxlen: 24
176.103.120.0/24 maxlen: 24
64.43.65.0/24 maxlen: 24
64.43.74.0/23 maxlen: 23
91.246.200.0/24 maxlen: 24
91.224.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c3:e8:7b:b8:d9:c0:ab:3d:8d:d9:ad:b7:da:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fc8c0b450d05a779d1038a4fa18af5b59c1b0e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:da:05:61:a7:4e:f9:cd:32:df:f0:a0:e6:06:
aa:71:c8:45:e1:32:97:d2:d0:a5:c4:84:8b:2b:07:
f2:00:8d:a3:9b:9e:4e:4d:6b:58:9d:aa:3c:e6:27:
eb:16:2f:43:3b:e8:84:cd:c8:7e:4b:cf:5c:32:06:
e1:53:62:18:4a:61:ac:f9:35:d5:3f:06:a4:c1:8b:
c1:7e:da:9a:7e:6b:bb:a0:c4:67:ff:7a:ec:fb:a3:
91:db:ca:9c:80:ae:8d:71:7e:19:ca:b2:54:e6:6c:
e2:90:a6:41:50:78:1e:ff:2d:8a:55:6f:54:ec:74:
73:a4:02:66:63:b5:7b:37:c2:92:ce:42:8d:e6:ac:
c8:19:25:0c:b1:ab:03:69:8c:9f:01:84:eb:9b:a6:
eb:ba:0a:e1:0c:71:6c:bb:50:52:d3:cb:2f:25:72:
c6:61:06:ee:64:7d:76:cf:c2:50:38:5e:f5:de:be:
6b:df:db:9f:15:de:9a:44:ff:5f:7a:14:e6:80:9f:
c8:36:4d:38:57:bd:1d:e1:8e:ff:83:f4:5f:0d:6d:
cb:fc:3a:d9:e2:4f:bc:7b:5a:d2:97:4c:02:f1:39:
4f:36:17:10:47:3d:cf:54:2a:b5:4a:f2:5d:68:d6:
0e:04:9c:72:20:f1:e6:f5:b9:57:ee:c0:a9:d7:10:
fc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C8:C0:B4:50:D0:5A:77:9D:10:38:A4:FA:18:AF:5B:59:C1:B0:E5
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/D8jAtFDQWnedEDik-hivW1nBsOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.0.0/24
31.135.6.0/24
64.43.65.0/24
64.43.74.0/23
91.224.40.0/24
91.245.90.0/24
91.246.200.0/24
176.103.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:98:91:27:aa:02:08:7c:85:d0:c8:a0:78:d0:b9:69:20:69:
eb:fe:b9:a1:9e:7d:00:0c:b3:e8:1a:b8:dd:fe:4d:f5:73:38:
d6:52:8f:d2:87:81:a3:a0:42:fd:ef:20:de:aa:3e:46:62:e9:
b6:d8:fe:b2:be:34:ea:f2:87:67:30:1b:22:67:fc:43:d7:b9:
1a:1d:04:02:97:78:56:7e:ac:9c:6f:84:6d:b7:0e:b5:c2:e8:
05:15:db:ff:c4:a9:e5:ec:de:db:c5:27:23:5b:9f:84:7b:3c:
40:94:1f:a7:da:7e:b3:fe:c6:c2:fb:42:6c:04:a9:79:b8:de:
7d:64:ef:a5:36:e6:34:40:4a:88:11:27:09:8f:c5:73:b6:19:
fc:74:98:94:8f:80:f0:63:54:e0:61:bf:56:39:02:aa:e9:98:
9f:22:55:c4:1e:73:6f:86:cf:26:60:7a:0b:09:00:e9:f1:ae:
cc:10:a3:10:78:e2:99:49:78:25:e9:19:20:be:6f:85:91:83:
ba:bc:e5:bf:26:07:5e:9a:eb:f1:8c:05:0f:c4:8c:14:91:25:
81:4f:25:f3:c0:b6:c6:0f:d0:43:63:b4:81:12:9a:db:fa:03:
90:50:d8:93:26:5a:5b:63:a0:6f:95:92:28:c0:70:58:57:55:
98:25:c9:7a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzIb8Poe7jZwKs9jdmtt9qQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmM4YzBiNDUwZDA1YTc3OWQxMDM4YTRmYTE4YWY1YjU5YzFiMGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdoFYadO+c0y3/Cg5gaqcchF4TKX
0tClxISLKwfyAI2jm55OTWtYnao85ifrFi9DO+iEzch+S89cMgbhU2IYSmGs+TXV
PwakwYvBftqafmu7oMRn/3rs+6OR28qcgK6NcX4ZyrJU5mzikKZBUHge/y2KVW9U
7HRzpAJmY7V7N8KSzkKN5qzIGSUMsasDaYyfAYTrm6brugrhDHFsu1BS08svJXLG
YQbuZH12z8JQOF713r5r39ufFd6aRP9fehTmgJ/INk04V70d4Y7/g/RfDW3L/DrZ
4k+8e1rSl0wC8TlPNhcQRz3PVCq1SvJdaNYOBJxyIPHm9blX7sCp1xD8PwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFA/IwLRQ0Fp3nRA4pPoYr1tZwbDlMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvRDhqQXRGRFFXbmVkRURpay1oaXZXMW5Cc09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAH4cAAwQA
H4cGAwQAQCtBAwQBQCtKAwQAW+AoAwQAW/VaAwQAW/bIAwQAsGd4MA0GCSqGSIb3
DQEBCwUAA4IBAQAamJEnqgIIfIXQyKB40LlpIGnr/rmhnn0ADLPoGrjd/k31czjW
Uo/Sh4GjoEL97yDeqj5GYum22P6yvjTq8odnMBsiZ/xD17kaHQQCl3hWfqycb4Rt
tw61wugFFdv/xKnl7N7bxScjW5+EezxAlB+n2n6z/sbC+0JsBKl5uN59ZO+lNuY0
QEqIEScJj8Vzthn8dJiUj4DwY1TgYb9WOQKq6ZifIlXEHnNvhs8mYHoLCQDp8a7M
EKMQeOKZSXgl6Rkgvm+FkYO6vOW/JgdemuvxjAUPxIwUkSWBTyXzwLbGD9BDY7SB
Eprb+gOQUNiTJlpbY6BvlZIowHBYV1WYJcl6
-----END CERTIFICATE-----
Generated at Sat May 18 07:43:32 2024 by rpki-client on console-ams.rpki-client.org