Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/QjD8jBHCQ0Y0URI5q8nh4W2SwwI.roa
File: QjD8jBHCQ0Y0URI5q8nh4W2SwwI.roa (raw, json)
Hash identifier: zNP4n6n3i3e/Y3RERRfmfq7Q5tf7IGWW4XnRXiWnT7c=
Subject key identifier: 42:30:FC:8C:11:C2:43:46:34:51:12:39:AB:C9:E1:E1:6D:92:C3:02
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 018CC7949E5AB9043933B50C9176B3583C03
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/QjD8jBHCQ0Y0URI5q8nh4W2SwwI.roa
Signing time: Tue 02 Jan 2024 00:30:55 +0000
ROA not before: Tue 02 Jan 2024 00:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15899
IP address blocks: 31.42.91.0/24 maxlen: 24
31.42.94.0/24 maxlen: 24
31.42.95.0/24 maxlen: 24
31.42.92.0/24 maxlen: 24
31.42.93.0/24 maxlen: 24
176.106.96.0/21 maxlen: 24
91.90.241.0/24 maxlen: 24
91.90.242.0/24 maxlen: 24
91.90.245.0/24 maxlen: 24
176.103.187.0/24 maxlen: 24
185.47.9.0/24 maxlen: 24
91.90.228.0/23 maxlen: 23
91.90.228.0/24 maxlen: 24
91.90.229.0/24 maxlen: 24
91.90.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:9e:5a:b9:04:39:33:b5:0c:91:76:b3:58:3c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 00:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4230fc8c11c2434634511239abc9e1e16d92c302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bf:db:14:95:54:37:52:61:18:b2:52:6f:7f:
3f:8d:8b:62:9d:c4:6f:c8:4a:fe:87:83:af:89:d6:
28:d1:ed:4b:53:e7:bc:b8:ed:0a:25:a9:22:81:d9:
61:96:b4:06:5e:50:b2:d1:f7:1a:ee:43:b3:23:06:
b3:ff:ed:60:0f:58:80:9f:a0:81:e2:ee:c8:e0:ee:
a2:43:c1:1f:e7:5f:5c:49:a5:74:40:27:22:0b:02:
47:b9:d5:5c:e3:63:d9:96:c4:b8:ec:0a:61:48:44:
1d:31:a7:11:1d:66:cf:b5:04:63:39:53:02:fb:33:
52:7b:d7:cd:63:9d:17:5b:2d:c7:d6:b8:96:39:08:
8c:b2:34:36:91:35:8b:9b:99:e0:82:df:19:4c:9d:
b4:b9:73:af:6a:29:10:32:f0:fe:c6:be:3e:3f:8f:
75:71:88:de:a3:ed:8a:c8:97:c4:b2:cf:0a:e0:f5:
bc:29:d4:4c:31:79:db:e4:43:39:bf:4b:58:53:e2:
bd:27:eb:c1:e5:b5:fc:2b:69:2e:91:b5:ec:77:25:
60:b7:37:ec:34:8f:5c:59:b6:b0:00:a6:10:c8:9d:
3f:e5:2a:87:74:22:d6:89:09:08:df:8d:d8:1c:26:
b5:0d:77:54:a6:3e:70:be:a3:56:4e:6c:13:66:3f:
25:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:30:FC:8C:11:C2:43:46:34:51:12:39:AB:C9:E1:E1:6D:92:C3:02
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/QjD8jBHCQ0Y0URI5q8nh4W2SwwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.91.0-31.42.95.255
91.90.228.0/23
91.90.240.0-91.90.242.255
91.90.245.0/24
176.103.187.0/24
176.106.96.0/21
185.47.9.0/24
Signature Algorithm: sha256WithRSAEncryption
24:82:50:3d:fc:c0:94:46:be:5e:39:58:ba:e5:41:d9:c6:f5:
94:fd:b6:20:70:ba:2f:2c:4b:e0:e2:d5:9c:bc:7b:c1:b3:b6:
9d:20:04:f2:b4:d1:8a:1b:59:0a:e2:bf:0a:51:4d:8f:86:06:
65:77:ed:24:49:70:48:20:03:b9:ad:fc:e1:80:c1:23:5f:5a:
fe:57:c2:20:90:c1:77:fc:c8:8d:a1:69:ca:a8:8b:4d:f8:03:
20:d4:4a:56:02:3e:2e:8f:3d:c3:f0:f1:52:4b:1c:c5:38:c2:
74:c5:c7:8f:01:9c:60:e5:07:77:09:3b:5f:2a:23:c6:e6:70:
8d:bc:02:13:1f:c6:d7:6c:ee:f4:8e:92:51:71:24:23:2b:5f:
65:d8:f1:08:d8:58:cf:50:6e:8f:d5:45:e9:e4:bb:29:d7:08:
82:34:f1:3d:c8:dc:7d:15:6e:e2:b2:df:74:a3:15:3a:b7:77:
64:b8:3c:e5:1c:a5:e7:5b:aa:e2:ed:e3:4b:bb:f6:66:72:ad:
3a:a7:cf:66:33:ef:af:f5:f3:78:46:ab:98:3f:50:7f:12:14:
6b:1e:5b:f5:38:f9:68:02:b3:7c:60:d7:c5:48:29:aa:05:a8:
ab:c9:b7:ed:0e:a3:91:92:59:fd:86:53:38:31:a9:c2:46:7b:
dd:e6:d7:73
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzHlJ5auQQ5M7UMkXazWDwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjQwMTAyMDAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjMwZmM4YzExYzI0MzQ2MzQ1MTEyMzlhYmM5ZTFlMTZkOTJjMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7/bFJVUN1JhGLJSb38/jYtincRv
yEr+h4OvidYo0e1LU+e8uO0KJakigdlhlrQGXlCy0fca7kOzIwaz/+1gD1iAn6CB
4u7I4O6iQ8Ef519cSaV0QCciCwJHudVc42PZlsS47AphSEQdMacRHWbPtQRjOVMC
+zNSe9fNY50XWy3H1riWOQiMsjQ2kTWLm5nggt8ZTJ20uXOvaikQMvD+xr4+P491
cYjeo+2KyJfEss8K4PW8KdRMMXnb5EM5v0tYU+K9J+vB5bX8K2kukbXsdyVgtzfs
NI9cWbawAKYQyJ0/5SqHdCLWiQkI343YHCa1DXdUpj5wvqNWTmwTZj8lrwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFEIw/IwRwkNGNFESOavJ4eFtksMCMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvUWpEOGpCSENRMFkwVVJJNXE4bmg0VzJTd3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAAfKlsD
BAUfKkADBAFbWuQwDAMEBFta8AMEAFta8gMEAFta9QMEALBnuwMEA7BqYAMEALkv
CTANBgkqhkiG9w0BAQsFAAOCAQEAJIJQPfzAlEa+XjlYuuVB2cb1lP22IHC6LyxL
4OLVnLx7wbO2nSAE8rTRihtZCuK/ClFNj4YGZXftJElwSCADua384YDBI19a/lfC
IJDBd/zIjaFpyqiLTfgDINRKVgI+Lo89w/DxUkscxTjCdMXHjwGcYOUHdwk7Xyoj
xuZwjbwCEx/G12zu9I6SUXEkIytfZdjxCNhYz1Buj9VF6eS7KdcIgjTxPcjcfRVu
4rLfdKMVOrd3ZLg85Ryl51uq4u3jS7v2ZnKtOqfPZjPvr/XzeEarmD9QfxIUax5b
9Tj5aAKzfGDXxUgpqgWoq8m37Q6jkZJZ/YZTODGpwkZ73ebXcw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:36:33 2024 by rpki-client on console-ams.rpki-client.org