Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/h_YrV4QYJDycTbMNinIqkJM98jU.roa
File: h_YrV4QYJDycTbMNinIqkJM98jU.roa (raw, json)
Hash identifier: K/5eavavoEeO1AMKLJlqfNwHelf/dktijMmlFiGnwd4=
Subject key identifier: 87:F6:2B:57:84:18:24:3C:9C:4D:B3:0D:8A:72:2A:90:93:3D:F2:35
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 0190D9B8B3B2C20E8C5EFDA5779182D7DAA7
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/h_YrV4QYJDycTbMNinIqkJM98jU.roa
Signing time: Mon 22 Jul 2024 09:14:38 +0000
ROA not before: Mon 22 Jul 2024 09:14:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207728
IP address blocks: 31.10.5.0/24 maxlen: 24
31.210.170.0/23 maxlen: 24
31.210.172.0/24 maxlen: 24
31.210.173.0/24 maxlen: 24
46.28.234.0/24 maxlen: 24
62.204.42.0/24 maxlen: 24
87.236.177.0/24 maxlen: 24
93.88.74.0/24 maxlen: 24
93.88.75.0/24 maxlen: 24
104.192.42.0/24 maxlen: 24
185.162.8.0/24 maxlen: 24
185.162.9.0/24 maxlen: 24
185.162.11.0/24 maxlen: 24
185.204.52.0/24 maxlen: 24
194.146.127.0/24 maxlen: 24
2a12:9cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d9:b8:b3:b2:c2:0e:8c:5e:fd:a5:77:91:82:d7:da:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Jul 22 09:14:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87f62b578418243c9c4db30d8a722a90933df235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:42:93:2f:37:e6:3c:90:45:2b:35:f5:dd:4b:
85:00:31:03:75:cb:6b:e6:20:ae:74:56:19:55:8b:
e3:c2:c7:39:5b:0e:79:79:4a:68:0a:a3:1c:0a:68:
6b:a9:cd:b7:7c:ed:82:b7:6c:52:5b:48:68:e6:a4:
f2:4f:cc:76:29:d0:29:fa:1a:55:a6:90:ab:c3:37:
66:03:27:aa:84:dd:82:26:ce:c4:a8:5c:0c:e2:a1:
b0:44:6a:48:3b:90:86:ef:73:3e:14:92:d9:a9:94:
83:2f:e7:85:83:47:64:a4:bc:b2:ca:e6:6a:04:53:
bd:b4:1a:bd:5c:19:46:4a:92:01:18:9d:ba:ca:d9:
d1:be:13:06:66:8c:1e:d4:b4:71:eb:d3:ba:de:37:
0c:49:b8:b1:a0:be:f2:23:32:78:a0:20:1c:18:24:
e0:d2:fb:d2:ff:71:a8:5b:47:ad:e5:77:11:f0:2a:
61:ed:be:d1:44:93:26:ea:99:67:4b:d6:24:e5:13:
b8:3d:62:e2:ff:c8:54:f5:68:3c:10:f6:ab:de:f8:
46:05:80:a6:ff:2f:cb:c3:1c:1b:61:dc:7b:78:a0:
93:db:b4:57:cf:04:06:75:46:0f:94:ee:29:db:bd:
68:3a:d3:47:66:3f:5b:d9:81:61:13:67:cc:47:51:
6b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F6:2B:57:84:18:24:3C:9C:4D:B3:0D:8A:72:2A:90:93:3D:F2:35
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/h_YrV4QYJDycTbMNinIqkJM98jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.5.0/24
31.210.170.0-31.210.173.255
46.28.234.0/24
62.204.42.0/24
87.236.177.0/24
93.88.74.0/23
104.192.42.0/24
185.162.8.0/23
185.162.11.0/24
185.204.52.0/24
194.146.127.0/24
IPv6:
2a12:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
31:29:16:bc:31:83:33:6b:83:ef:97:12:a8:9d:ef:4d:28:c9:
95:3e:a4:88:f1:23:2c:76:7c:d9:ef:95:d2:f9:21:c5:e6:c3:
00:c1:17:a8:da:2e:db:1d:e8:7b:8b:94:1b:f5:cd:da:46:06:
f3:b3:b2:46:ee:cf:56:03:fb:58:fb:2b:29:e3:29:80:56:4b:
ca:a2:02:a5:19:81:d2:bc:30:4c:dd:4f:32:9b:e9:0e:b5:eb:
02:79:f7:75:17:11:60:a1:81:7f:84:8f:8b:f0:ff:5e:b1:28:
9c:2a:e9:18:7f:8f:a3:51:eb:6e:cb:f1:42:59:ac:d3:c3:1c:
6f:79:ab:09:e9:db:bc:25:3e:36:e6:7b:cc:0b:75:ea:00:0b:
c9:eb:d6:cf:10:9b:7b:91:21:32:1a:70:d7:39:a6:40:a0:1e:
a9:78:d6:a1:80:8c:44:87:d5:ba:1d:92:df:2a:f1:9d:9e:9c:
a3:d0:40:3f:1c:7d:b4:0d:65:be:27:9a:a1:67:bf:65:20:66:
35:e2:11:33:8a:8f:a9:74:51:a5:bc:f0:a2:ab:9c:2d:e1:93:
6c:25:8d:0c:f8:b3:cd:28:33:b2:0b:96:06:c4:aa:33:c4:83:
01:ca:1b:1d:53:a9:4e:a4:67:e3:3f:30:96:30:5f:ae:0d:02:
2b:ff:14:9a
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZDZuLOywg6MXv2ld5GC19qnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjQwNzIyMDkxNDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y2MmI1Nzg0MTgyNDNjOWM0ZGIzMGQ4YTcyMmE5MDkzM2RmMjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7kKTLzfmPJBFKzX13UuFADEDdctr
5iCudFYZVYvjwsc5Ww55eUpoCqMcCmhrqc23fO2Ct2xSW0ho5qTyT8x2KdAp+hpV
ppCrwzdmAyeqhN2CJs7EqFwM4qGwRGpIO5CG73M+FJLZqZSDL+eFg0dkpLyyyuZq
BFO9tBq9XBlGSpIBGJ26ytnRvhMGZowe1LRx69O63jcMSbixoL7yIzJ4oCAcGCTg
0vvS/3GoW0et5XcR8Cph7b7RRJMm6plnS9Yk5RO4PWLi/8hU9Wg8EPar3vhGBYCm
/y/LwxwbYdx7eKCT27RXzwQGdUYPlO4p271oOtNHZj9b2YFhE2fMR1FrQwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFIf2K1eEGCQ8nE2zDYpyKpCTPfI1MB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvaF9ZclY0UVlKRHljVGJNTmluSXFrSk05OGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQAHwoFMAwD
BAEf0qoDBAEf0qwDBAAuHOoDBAA+zCoDBABX7LEDBAFdWEoDBABowCoDBAG5oggD
BAC5ogsDBAC5zDQDBADCkn8wDQQCAAIwBwMFAyoSnMAwDQYJKoZIhvcNAQELBQAD
ggEBADEpFrwxgzNrg++XEqid700oyZU+pIjxIyx2fNnvldL5IcXmwwDBF6jaLtsd
6HuLlBv1zdpGBvOzskbuz1YD+1j7KynjKYBWS8qiAqUZgdK8MEzdTzKb6Q616wJ5
93UXEWChgX+Ej4vw/16xKJwq6Rh/j6NR627L8UJZrNPDHG95qwnp27wlPjbme8wL
deoAC8nr1s8Qm3uRITIacNc5pkCgHql41qGAjESH1bodkt8q8Z2enKPQQD8cfbQN
Zb4nmqFnv2UgZjXiETOKj6l0UaW88KKrnC3hk2wljQz4s80oM7ILlgbEqjPEgwHK
Gx1TqU6kZ+M/MJYwX64NAiv/FJo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:39 2024 by rpki-client on console-ams.rpki-client.org