Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/UTfh3_UjTF5ctqAyjqs4yhkbbVQ.roa
File: UTfh3_UjTF5ctqAyjqs4yhkbbVQ.roa (raw, json)
Hash identifier: kuhxEaOpC3nBc8FZRnqwbfZbV6GKfFQbDZwzIi4thek=
Subject key identifier: 51:37:E1:DF:F5:23:4C:5E:5C:B6:A0:32:8E:AB:38:CA:19:1B:6D:54
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 018CC26D2F9ECF406E43309678F4FE6C712C
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/UTfh3_UjTF5ctqAyjqs4yhkbbVQ.roa
Signing time: Mon 01 Jan 2024 00:29:44 +0000
ROA not before: Mon 01 Jan 2024 00:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 31.186.168.0/23 maxlen: 23
2a02:40c0::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2f:9e:cf:40:6e:43:30:96:78:f4:fe:6c:71:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 00:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5137e1dff5234c5e5cb6a0328eab38ca191b6d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ee:00:21:1f:48:9d:d8:45:a0:81:dd:51:f0:
93:5e:02:46:e9:0e:44:48:41:a9:a5:6f:6a:65:0a:
3d:85:e1:03:83:f7:05:3e:88:2a:f5:70:0d:e6:c7:
ef:26:c9:4b:b4:c6:05:8e:e6:bb:62:03:03:c1:43:
a8:9e:d9:6c:a8:41:f5:4c:0a:22:78:33:d0:c7:60:
a3:ab:fc:14:64:c0:fa:38:e8:af:6c:23:52:e5:9c:
e3:f6:40:be:ac:63:b2:5c:1d:49:d1:66:5d:6b:e8:
e2:fd:a4:3f:66:2c:a7:37:8f:12:b9:1f:09:f4:09:
4e:22:da:b0:fd:2d:26:bc:4a:53:c7:7e:f2:81:a7:
19:8d:fe:a8:52:eb:f5:ea:e8:8a:ab:6a:d3:b1:e4:
36:4c:56:e9:d7:07:66:90:28:ba:61:ac:a1:e8:f1:
ee:90:3c:9d:e0:f9:26:8e:c6:10:f9:20:bd:7e:77:
73:eb:96:1a:ba:b1:6b:51:a0:ff:92:e7:7e:1f:74:
9f:62:c9:cf:b8:98:58:88:29:4b:2a:b8:da:16:9e:
a6:d9:50:b6:6b:a5:54:52:9d:65:ff:1c:aa:91:3a:
f9:54:48:28:73:36:b5:a9:fe:34:8d:82:38:5e:be:
b4:b1:4b:b8:dd:bc:40:af:85:93:4a:77:6b:7e:21:
8d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:37:E1:DF:F5:23:4C:5E:5C:B6:A0:32:8E:AB:38:CA:19:1B:6D:54
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/UTfh3_UjTF5ctqAyjqs4yhkbbVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.168.0/23
IPv6:
2a02:40c0::/36
Signature Algorithm: sha256WithRSAEncryption
2b:49:72:d8:82:0a:a4:66:96:68:54:a7:6a:3a:81:e4:fe:eb:
81:ba:62:0e:36:b0:f5:5a:0e:1c:bc:d9:de:97:77:56:be:65:
10:34:59:3f:a7:48:de:94:2e:3d:41:b4:72:ec:95:30:1e:f3:
45:aa:20:ab:2b:8a:a2:6c:32:63:f9:0f:2e:89:d1:2e:f3:19:
f2:f6:77:2b:e0:a3:5c:b6:ec:27:39:40:49:3c:2d:4c:67:dc:
48:03:bb:db:0b:32:c0:b4:30:97:68:57:6a:ab:37:7f:e3:e4:
2f:5f:ae:b0:b7:a9:2c:ab:71:8a:01:7d:01:e7:f8:10:13:36:
83:d6:21:ca:f3:27:9b:92:58:f8:29:b7:3b:59:cc:65:8b:b5:
d4:71:d6:53:d1:80:80:c3:76:9e:83:a7:b4:d5:8e:e8:7e:2c:
f7:3d:99:3a:50:08:8d:51:ee:a1:54:8d:56:fb:b2:70:2f:a4:
e7:d9:a0:5c:f0:0a:e9:e3:5b:f0:00:93:11:32:fd:b2:c9:9a:
dd:d8:f3:cc:43:3c:4a:1f:01:10:1f:43:d5:e9:69:a4:7f:82:
de:73:f5:99:8d:e8:2b:47:c1:b2:59:e7:30:77:5f:64:e8:61:
55:93:7f:bb:28:fa:ba:1a:2f:e9:74:59:1b:68:08:65:d2:c6:
d8:ab:39:64
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzCbS+ez0BuQzCWePT+bHEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjQwMTAxMDAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTM3ZTFkZmY1MjM0YzVlNWNiNmEwMzI4ZWFiMzhjYTE5MWI2ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru4AIR9IndhFoIHdUfCTXgJG6Q5E
SEGppW9qZQo9heEDg/cFPogq9XAN5sfvJslLtMYFjua7YgMDwUOontlsqEH1TAoi
eDPQx2Cjq/wUZMD6OOivbCNS5Zzj9kC+rGOyXB1J0WZda+ji/aQ/ZiynN48SuR8J
9AlOItqw/S0mvEpTx37ygacZjf6oUuv16uiKq2rTseQ2TFbp1wdmkCi6Yayh6PHu
kDyd4PkmjsYQ+SC9fndz65YaurFrUaD/kud+H3SfYsnPuJhYiClLKrjaFp6m2VC2
a6VUUp1l/xyqkTr5VEgocza1qf40jYI4Xr60sUu43bxAr4WTSndrfiGNNQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFE34d/1I0xeXLagMo6rOMoZG21UMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvVVRmaDNfVWpURjVjdHFBeWpxczR5aGtiYlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBH7qoMA4E
AgACMAgDBgQqAkDAADANBgkqhkiG9w0BAQsFAAOCAQEAK0ly2IIKpGaWaFSnajqB
5P7rgbpiDjaw9VoOHLzZ3pd3Vr5lEDRZP6dI3pQuPUG0cuyVMB7zRaogqyuKomwy
Y/kPLonRLvMZ8vZ3K+CjXLbsJzlASTwtTGfcSAO72wsywLQwl2hXaqs3f+PkL1+u
sLepLKtxigF9Aef4EBM2g9YhyvMnm5JY+Cm3O1nMZYu11HHWU9GAgMN2noOntNWO
6H4s9z2ZOlAIjVHuoVSNVvuycC+k59mgXPAK6eNb8ACTETL9ssma3djzzEM8Sh8B
EB9D1elppH+C3nP1mY3oK0fBslnnMHdfZOhhVZN/uyj6uhov6XRZG2gIZdLG2Ks5
ZA==
-----END CERTIFICATE-----
Generated at Wed May 8 20:51:30 2024 by rpki-client on console-ams.rpki-client.org