Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/JaqgkTEbVQqq9eSSzzSg8W-rC4Q.roa
File: JaqgkTEbVQqq9eSSzzSg8W-rC4Q.roa (raw, json)
Hash identifier: /Yc7gy4ujAHA1pcBVyzHrflwQs37oTWhEK5fqgJFkKI=
Subject key identifier: 25:AA:A0:91:31:1B:55:0A:AA:F5:E4:92:CF:34:A0:F1:6F:AB:0B:84
Certificate issuer: /CN=02d0e88885ef48b20c87b76fd85d42e6eb3d7183
Certificate serial: 018CC500F972B34148A43500BC00D26140A1
Authority key identifier: 02:D0:E8:88:85:EF:48:B2:0C:87:B7:6F:D8:5D:42:E6:EB:3D:71:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AtDoiIXvSLIMh7dv2F1C5us9cYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/JaqgkTEbVQqq9eSSzzSg8W-rC4Q.roa
Signing time: Mon 01 Jan 2024 12:30:24 +0000
ROA not before: Mon 01 Jan 2024 12:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51764
IP address blocks: 46.31.0.0/21 maxlen: 24
46.31.6.0/24 maxlen: 24
91.102.200.0/21 maxlen: 24
91.102.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/AtDoiIXvSLIMh7dv2F1C5us9cYM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/AtDoiIXvSLIMh7dv2F1C5us9cYM.mft
rsync://rpki.ripe.net/repository/DEFAULT/AtDoiIXvSLIMh7dv2F1C5us9cYM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 19:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f9:72:b3:41:48:a4:35:00:bc:00:d2:61:40:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02d0e88885ef48b20c87b76fd85d42e6eb3d7183
Validity
Not Before: Jan 1 12:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25aaa091311b550aaaf5e492cf34a0f16fab0b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7b:d7:c9:9b:f1:65:c4:cc:07:70:19:22:aa:
2c:e1:cc:91:d1:a8:c0:41:2b:2b:20:a4:a7:14:87:
ee:bf:b1:c7:a1:4d:85:a7:1b:09:df:3b:35:0f:9f:
06:e6:48:5e:8a:06:69:15:7a:46:3b:e0:94:97:d4:
c9:46:87:82:8c:79:a9:76:40:bc:a0:a3:87:6d:60:
0a:cd:e1:b0:9b:e1:b8:1a:4c:bf:4d:65:46:53:17:
27:e8:40:e1:9f:11:e7:6d:69:e7:57:ea:82:ab:cd:
58:b9:5f:e1:73:63:e1:ce:d0:4f:31:51:5d:50:b8:
c6:d7:a5:67:19:1c:51:52:24:9a:5c:9c:51:e2:a0:
08:97:ed:39:9b:68:c7:fd:88:3d:95:b6:54:1e:90:
45:26:a3:a9:a1:00:20:ae:1b:17:ad:eb:c6:4d:75:
cf:44:57:8c:59:22:4a:40:26:5c:b4:dd:b8:94:62:
a5:7b:24:ce:49:be:5f:01:b1:b9:29:df:0f:78:41:
30:82:1d:e3:f4:d3:16:76:46:10:85:1d:65:88:41:
e3:6c:74:26:e1:58:29:70:c5:5c:ad:d9:c7:b1:72:
ba:ca:27:15:dc:5e:89:8f:98:dc:75:92:73:27:f2:
7a:1c:30:3f:07:26:0e:ef:27:08:50:13:55:97:9e:
e8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:AA:A0:91:31:1B:55:0A:AA:F5:E4:92:CF:34:A0:F1:6F:AB:0B:84
X509v3 Authority Key Identifier:
keyid:02:D0:E8:88:85:EF:48:B2:0C:87:B7:6F:D8:5D:42:E6:EB:3D:71:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AtDoiIXvSLIMh7dv2F1C5us9cYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/JaqgkTEbVQqq9eSSzzSg8W-rC4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/AtDoiIXvSLIMh7dv2F1C5us9cYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.0.0/21
91.102.200.0/21
Signature Algorithm: sha256WithRSAEncryption
64:1e:d0:6e:42:2d:00:8c:f7:cd:b3:82:e4:9a:03:ec:64:3a:
91:49:d5:d5:37:e4:03:c9:07:07:94:66:60:66:27:e5:1b:ee:
68:19:6f:31:05:85:d8:97:a1:20:12:83:85:76:0f:f5:c9:b9:
2e:f9:a5:75:05:fe:9d:04:4e:84:71:bf:a5:d5:96:cd:4c:d5:
a1:41:89:b7:4a:2d:38:7d:26:a4:b9:5a:64:cd:53:c6:83:f1:
ab:a4:f4:a3:6a:46:9c:a2:f1:57:05:2d:07:c9:56:46:e2:bd:
c0:5f:fe:8f:11:26:47:bf:e3:e2:8a:a0:b4:25:42:e3:b8:65:
ba:66:e9:88:ed:f5:2e:6c:d8:12:36:26:3e:bc:36:41:40:04:
ee:4e:6a:28:2d:84:21:d0:d9:53:2a:c5:28:0f:d7:7b:8c:14:
5f:20:05:2b:40:fe:df:d2:71:09:23:ad:7f:ff:34:ee:18:bb:
5b:b0:e0:f6:d5:56:15:33:c7:e6:b3:0a:74:cf:cd:d1:a8:53:
97:d0:f1:92:b1:43:79:07:52:d6:a0:e7:e7:e9:2d:be:df:b8:
7e:26:af:10:d2:d6:bc:d4:d0:c7:e5:fe:ed:fb:70:e4:ba:c1:
70:4d:9c:13:65:3d:93:f8:48:7a:8e:92:b5:7e:00:d4:74:ea:
e0:c7:a1:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAPlys0FIpDUAvADSYUChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZDBlODg4ODVlZjQ4YjIwYzg3Yjc2ZmQ4NWQ0MmU2ZWIz
ZDcxODMwHhcNMjQwMTAxMTIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWFhYTA5MTMxMWI1NTBhYWFmNWU0OTJjZjM0YTBmMTZmYWIwYjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXvXyZvxZcTMB3AZIqos4cyR0ajA
QSsrIKSnFIfuv7HHoU2FpxsJ3zs1D58G5kheigZpFXpGO+CUl9TJRoeCjHmpdkC8
oKOHbWAKzeGwm+G4Gky/TWVGUxcn6EDhnxHnbWnnV+qCq81YuV/hc2PhztBPMVFd
ULjG16VnGRxRUiSaXJxR4qAIl+05m2jH/Yg9lbZUHpBFJqOpoQAgrhsXrevGTXXP
RFeMWSJKQCZctN24lGKleyTOSb5fAbG5Kd8PeEEwgh3j9NMWdkYQhR1liEHjbHQm
4VgpcMVcrdnHsXK6yicV3F6Jj5jcdZJzJ/J6HDA/ByYO7ycIUBNVl57oeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCWqoJExG1UKqvXkks80oPFvqwuEMB8GA1UdIwQY
MBaAFALQ6IiF70iyDIe3b9hdQubrPXGDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXREb2lJWHZTTElNaDdkdjJGMUM1dXM5Y1lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjRlYjYtNjAyNi00MDk4LTg4ZDct
OTUzYzY4NTA2ZDVjLzEvSmFxZ2tURWJWUXFxOWVTU3p6U2c4Vy1yQzRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjRlYjYtNjAyNi00MDk4LTg4ZDctOTUzYzY4NTA2ZDVj
LzEvQXREb2lJWHZTTElNaDdkdjJGMUM1dXM5Y1lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLh8AAwQD
W2bIMA0GCSqGSIb3DQEBCwUAA4IBAQBkHtBuQi0AjPfNs4LkmgPsZDqRSdXVN+QD
yQcHlGZgZiflG+5oGW8xBYXYl6EgEoOFdg/1ybku+aV1Bf6dBE6Ecb+l1ZbNTNWh
QYm3Si04fSakuVpkzVPGg/GrpPSjakacovFXBS0HyVZG4r3AX/6PESZHv+PiiqC0
JULjuGW6ZumI7fUubNgSNiY+vDZBQATuTmooLYQh0NlTKsUoD9d7jBRfIAUrQP7f
0nEJI61//zTuGLtbsOD21VYVM8fmswp0z83RqFOX0PGSsUN5B1LWoOfn6S2+37h+
Jq8Q0ta81NDH5f7t+3DkusFwTZwTZT2T+Eh6jpK1fgDUdOrgx6FJ
-----END CERTIFICATE-----
Generated at Fri May 17 01:12:57 2024 by rpki-client on console-ams.rpki-client.org