Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/vGrgBkxABXjSPZU_83SKP0hcRfo.roa
File: vGrgBkxABXjSPZU_83SKP0hcRfo.roa (raw, json)
Hash identifier: YTGp3CF9GQ9WKugE3ouGM1u2nuidxM5FKOAfHhsldDg=
Subject key identifier: BC:6A:E0:06:4C:40:05:78:D2:3D:95:3F:F3:74:8A:3F:48:5C:45:FA
Certificate issuer: /CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Certificate serial: 018CC9BBFE5FC40704C3D2B66F681E10C26B
Authority key identifier: FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/vGrgBkxABXjSPZU_83SKP0hcRfo.roa
Signing time: Tue 02 Jan 2024 10:33:09 +0000
ROA not before: Tue 02 Jan 2024 10:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 31.134.0.0/22 maxlen: 22
31.134.4.0/22 maxlen: 22
31.134.8.0/22 maxlen: 22
31.134.12.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/_l1pjs9mrkbt4fyCML--IJbVJFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/_l1pjs9mrkbt4fyCML--IJbVJFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:fe:5f:c4:07:04:c3:d2:b6:6f:68:1e:10:c2:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe5d698ecf66ae46ede1fc8230bfbe2096d5245b
Validity
Not Before: Jan 2 10:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc6ae0064c400578d23d953ff3748a3f485c45fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7a:19:ca:b3:82:e6:93:32:12:69:cd:a9:c1:
fa:d5:96:b3:f7:d3:ea:be:ac:67:1b:52:09:7f:09:
85:df:0d:c4:00:7f:3b:b4:46:6d:d3:98:b1:0c:e5:
46:86:4f:11:68:fc:c4:a3:05:6b:de:f4:68:d7:f8:
7e:c5:04:5e:97:5c:36:5d:22:5b:33:9c:36:81:a8:
16:a6:bd:3a:b4:5d:82:0d:8a:65:94:00:24:58:6a:
af:79:75:6d:e2:8e:27:97:5f:44:53:73:22:dd:46:
b0:7f:55:09:40:99:ff:9c:40:aa:19:2d:ad:41:d0:
25:59:f6:88:d7:9f:73:6b:fe:a1:94:ec:ba:46:b5:
7c:f7:cc:0b:3c:4a:f6:12:a9:6f:90:9e:5b:11:6a:
2b:c0:c7:c5:95:dc:26:2c:7c:af:39:6b:5a:34:c7:
ae:55:2c:26:f1:8b:12:61:af:75:c6:2a:5f:27:f0:
1c:7b:4f:6d:0a:2e:10:40:ea:89:77:13:16:d2:5a:
67:79:b2:a3:91:9a:78:b9:5a:a1:45:fd:05:47:63:
32:11:ee:ff:a2:6a:27:ac:31:28:d4:08:14:bc:eb:
b7:61:6c:a5:b2:b6:3a:78:c3:3a:2b:b2:f0:84:c3:
b5:2c:89:1d:e1:1c:a2:49:c9:93:15:76:6a:9d:bf:
ac:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:6A:E0:06:4C:40:05:78:D2:3D:95:3F:F3:74:8A:3F:48:5C:45:FA
X509v3 Authority Key Identifier:
keyid:FE:5D:69:8E:CF:66:AE:46:ED:E1:FC:82:30:BF:BE:20:96:D5:24:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_l1pjs9mrkbt4fyCML--IJbVJFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/vGrgBkxABXjSPZU_83SKP0hcRfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/381b58-7c96-4360-9965-ecf233f8ce82/1/_l1pjs9mrkbt4fyCML--IJbVJFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.0.0/20
Signature Algorithm: sha256WithRSAEncryption
b9:28:67:2c:9a:8a:20:22:41:9c:3a:13:f8:45:b9:b1:c1:fc:
f8:5f:3f:3b:30:93:e0:64:ee:4e:d1:24:ed:25:b0:c4:4d:15:
eb:23:a8:49:db:1e:06:75:90:1b:4f:23:3b:7d:25:da:e6:aa:
62:26:a4:72:15:7a:ad:da:bd:19:89:b8:ca:99:4b:4e:cd:df:
f5:b2:0d:8b:67:85:28:8f:01:45:1a:5c:df:7e:1b:b1:ac:49:
0d:c5:7d:ad:0f:35:2a:ce:09:c6:a0:63:1c:98:76:10:4a:5f:
28:f8:e7:b4:1e:6b:34:2e:38:9b:3c:01:ae:37:fe:d4:dd:54:
b4:e8:32:4c:fa:66:dc:0e:a4:d2:37:e8:38:a5:33:20:2b:e2:
63:a3:f2:44:e6:55:c3:17:d2:d5:c6:93:4c:e1:0b:50:e6:76:
7a:41:00:f1:08:6e:a6:65:3e:96:bf:ab:f0:9e:85:b1:8e:04:
82:c8:ce:ed:77:52:14:19:bb:aa:17:f6:5e:b2:83:4c:5a:ac:
dd:ed:ac:62:81:c7:ed:73:86:d1:b6:51:94:c5:06:4a:4a:44:
6b:b9:11:4f:e0:08:01:fd:43:4d:a7:68:be:9a:08:36:53:7c:
20:eb:6d:9a:0a:cd:ca:bb:ae:7e:a1:cf:d6:de:08:b0:75:05:
a1:e9:2e:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu/5fxAcEw9K2b2geEMJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNWQ2OThlY2Y2NmFlNDZlZGUxZmM4MjMwYmZiZTIwOTZk
NTI0NWIwHhcNMjQwMTAyMTAzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzZhZTAwNjRjNDAwNTc4ZDIzZDk1M2ZmMzc0OGEzZjQ4NWM0NWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HoZyrOC5pMyEmnNqcH61Zaz99Pq
vqxnG1IJfwmF3w3EAH87tEZt05ixDOVGhk8RaPzEowVr3vRo1/h+xQRel1w2XSJb
M5w2gagWpr06tF2CDYpllAAkWGqveXVt4o4nl19EU3Mi3Uawf1UJQJn/nECqGS2t
QdAlWfaI159za/6hlOy6RrV898wLPEr2EqlvkJ5bEWorwMfFldwmLHyvOWtaNMeu
VSwm8YsSYa91xipfJ/Ace09tCi4QQOqJdxMW0lpnebKjkZp4uVqhRf0FR2MyEe7/
omonrDEo1AgUvOu3YWylsrY6eMM6K7LwhMO1LIkd4RyiScmTFXZqnb+sIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxq4AZMQAV40j2VP/N0ij9IXEX6MB8GA1UdIwQY
MBaAFP5daY7PZq5G7eH8gjC/viCW1SRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUt
ZWNmMjMzZjhjZTgyLzEvdkdyZ0JreEFCWGpTUFpVXzgzU0tQMGhjUmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8zODFiNTgtN2M5Ni00MzYwLTk5NjUtZWNmMjMzZjhjZTgy
LzEvX2wxcGpzOW1ya2J0NGZ5Q01MLS1JSmJWSkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH4YAMA0G
CSqGSIb3DQEBCwUAA4IBAQC5KGcsmoogIkGcOhP4Rbmxwfz4Xz87MJPgZO5O0STt
JbDETRXrI6hJ2x4GdZAbTyM7fSXa5qpiJqRyFXqt2r0ZibjKmUtOzd/1sg2LZ4Uo
jwFFGlzffhuxrEkNxX2tDzUqzgnGoGMcmHYQSl8o+Oe0Hms0LjibPAGuN/7U3VS0
6DJM+mbcDqTSN+g4pTMgK+Jjo/JE5lXDF9LVxpNM4QtQ5nZ6QQDxCG6mZT6Wv6vw
noWxjgSCyM7td1IUGbuqF/ZesoNMWqzd7axigcftc4bRtlGUxQZKSkRruRFP4AgB
/UNNp2i+mgg2U3wg622aCs3Ku65+oc/W3giwdQWh6S79
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:51 2024 by rpki-client on console-fra.rpki-client.org