Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rluAggKHSWKqV8Qig976M341KSM.roa
File: rluAggKHSWKqV8Qig976M341KSM.roa (raw, json)
Hash identifier: M84IQO1GE7do0qNVt3HQwxQkKlDWeMtPDFLHd43JfJw=
Subject key identifier: AE:5B:80:82:02:87:49:62:AA:57:C4:22:83:DE:FA:33:7E:35:29:23
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0192BF5E3CE7058951B3FAF6FA6867E91709
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rluAggKHSWKqV8Qig976M341KSM.roa
Signing time: Thu 24 Oct 2024 16:31:17 +0000
ROA not before: Thu 24 Oct 2024 16:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34744
IP address blocks: 31.133.28.0/22 maxlen: 22
77.36.0.0/18 maxlen: 18
77.36.16.0/21 maxlen: 21
77.36.64.0/19 maxlen: 19
77.232.216.0/22 maxlen: 22
91.246.172.0/22 maxlen: 22
93.120.47.0/24 maxlen: 24
109.197.232.0/22 maxlen: 22
176.115.232.0/22 maxlen: 22
2a01:7d8::/48 maxlen: 48
2a01:7d8:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:5e:3c:e7:05:89:51:b3:fa:f6:fa:68:67:e9:17:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 24 16:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae5b808202874962aa57c42283defa337e352923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:66:ad:b2:2f:f6:0d:6c:6f:9c:c1:96:36:b3:
39:09:b6:5b:4d:c6:7a:4a:9c:96:55:e4:b5:ba:f0:
a9:e0:46:35:6b:56:b2:0f:58:fe:c4:91:11:c0:b7:
20:54:1b:14:8a:60:61:ec:9a:40:01:78:61:5e:dd:
51:ac:23:e5:27:4c:f4:5f:63:b5:7c:c9:0a:99:1b:
c9:f1:bb:ed:5e:7c:87:02:6d:77:56:6c:7b:34:ac:
5e:cf:f0:4e:46:03:20:9c:61:26:e2:a2:38:6b:82:
f4:7a:60:e1:66:b0:3c:27:1d:c3:cb:93:50:78:9a:
6e:a4:5b:b1:7a:f1:d3:dd:36:12:7a:77:f2:92:93:
51:9f:20:81:f2:83:be:8a:84:7a:d8:9d:fc:a6:08:
cf:f6:f4:02:59:14:c4:f0:fc:4f:e1:b4:38:14:0f:
3b:8c:c4:8d:c9:01:39:c8:27:0a:2a:6b:69:bf:bf:
88:9a:ce:37:39:36:2f:04:5b:0b:ce:58:5d:b8:77:
80:4f:46:65:39:c8:7e:ad:85:85:66:3d:c5:3f:72:
47:17:7d:7a:43:d0:de:04:5d:a7:66:fa:e4:d5:90:
01:4d:0f:bc:73:f4:6d:96:7e:b8:b2:1b:a2:8c:57:
b6:4e:13:90:06:5f:a2:f3:a1:3c:b9:2e:56:84:eb:
70:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:5B:80:82:02:87:49:62:AA:57:C4:22:83:DE:FA:33:7E:35:29:23
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rluAggKHSWKqV8Qig976M341KSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.28.0/22
77.36.0.0-77.36.95.255
77.232.216.0/22
91.246.172.0/22
93.120.47.0/24
109.197.232.0/22
176.115.232.0/22
IPv6:
2a01:7d8::/47
Signature Algorithm: sha256WithRSAEncryption
40:cb:ba:aa:f0:19:81:9a:fc:48:41:df:92:d3:66:4b:fc:11:
42:d5:88:ef:00:63:0c:4b:7a:22:fc:fd:37:4b:ed:56:6c:78:
fd:43:55:c5:26:d9:15:4b:19:82:a3:26:80:d8:13:f6:1d:b6:
05:cc:75:24:c0:c7:c1:a8:05:f8:89:0c:e3:a3:67:ba:bf:64:
c0:e2:4f:7f:2c:de:f6:64:34:f8:16:48:4d:cc:fa:b0:30:11:
66:d3:73:10:e6:5e:7a:c7:16:a0:1f:39:02:62:25:df:da:cc:
cc:58:93:19:06:fc:84:be:08:bf:30:98:1e:4e:9f:57:6a:3b:
16:b9:d8:14:b6:2f:6f:5b:45:c9:1b:93:81:03:db:ed:41:96:
8a:64:c8:48:44:1b:f3:cc:e7:37:0d:fc:7e:ff:85:9d:3b:62:
aa:e2:b5:08:27:db:a0:f1:12:6c:e5:a3:12:58:d7:8c:af:49:
e9:10:08:d5:e9:78:de:45:6d:62:81:04:79:63:dc:6a:0a:70:
2c:7c:ab:41:e1:d6:d5:bf:f4:92:fa:51:6b:55:5f:8d:3d:92:
58:3d:87:59:bd:87:06:d3:75:38:57:e5:3f:b5:5f:e3:65:1a:
7e:73:c5:93:7b:b2:e1:ac:66:fc:2e:42:bf:c0:67:21:61:da:
d3:93:1d:a0
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZK/XjznBYlRs/r2+mhn6RcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQxMDI0MTYzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTViODA4MjAyODc0OTYyYWE1N2M0MjI4M2RlZmEzMzdlMzUyOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmatsi/2DWxvnMGWNrM5CbZbTcZ6
SpyWVeS1uvCp4EY1a1ayD1j+xJERwLcgVBsUimBh7JpAAXhhXt1RrCPlJ0z0X2O1
fMkKmRvJ8bvtXnyHAm13Vmx7NKxez/BORgMgnGEm4qI4a4L0emDhZrA8Jx3Dy5NQ
eJpupFuxevHT3TYSenfykpNRnyCB8oO+ioR62J38pgjP9vQCWRTE8PxP4bQ4FA87
jMSNyQE5yCcKKmtpv7+Ims43OTYvBFsLzlhduHeAT0ZlOch+rYWFZj3FP3JHF316
Q9DeBF2nZvrk1ZABTQ+8c/Rtln64shuijFe2ThOQBl+i86E8uS5WhOtwrwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFK5bgIICh0liqlfEIoPe+jN+NSkjMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcmx1QWdnS0hTV0txVjhRaWc5NzZNMzQxS1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA3BAIAATAxAwQCH4UcMAsD
AwJNJAMEBU0kQAMEAk3o2AMEAlv2rAMEAF14LwMEAm3F6AMEArBz6DAPBAIAAjAJ
AwcBKgEH2AAAMA0GCSqGSIb3DQEBCwUAA4IBAQBAy7qq8BmBmvxIQd+S02ZL/BFC
1YjvAGMMS3oi/P03S+1WbHj9Q1XFJtkVSxmCoyaA2BP2HbYFzHUkwMfBqAX4iQzj
o2e6v2TA4k9/LN72ZDT4FkhNzPqwMBFm03MQ5l56xxagHzkCYiXf2szMWJMZBvyE
vgi/MJgeTp9XajsWudgUti9vW0XJG5OBA9vtQZaKZMhIRBvzzOc3Dfx+/4WdO2Kq
4rUIJ9ug8RJs5aMSWNeMr0npEAjV6XjeRW1igQR5Y9xqCnAsfKtB4dbVv/SS+lFr
VV+NPZJYPYdZvYcG03U4V+U/tV/jZRp+c8WTe7LhrGb8LkK/wGchYdrTkx2g
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:25 2024 by rpki-client on console-ams.rpki-client.org