Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/atKE68eodvcZAlGK3V6bjqpw2S4.roa
File: atKE68eodvcZAlGK3V6bjqpw2S4.roa (raw, json)
Hash identifier: 8AvUYoeajDlOwilLNU/fdayTVnMLJa2RcHp+ohE2yYI=
Subject key identifier: 6A:D2:84:EB:C7:A8:76:F7:19:02:51:8A:DD:5E:9B:8E:AA:70:D9:2E
Certificate issuer: /CN=8a566885a1d6d5544546cd285d86c4effeaa3c2c
Certificate serial: 018CC6B799D5D247FABF0E7E243EFE5A6447
Authority key identifier: 8A:56:68:85:A1:D6:D5:54:45:46:CD:28:5D:86:C4:EF:FE:AA:3C:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilZohaHW1VRFRs0oXYbE7_6qPCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/atKE68eodvcZAlGK3V6bjqpw2S4.roa
Signing time: Mon 01 Jan 2024 20:29:30 +0000
ROA not before: Mon 01 Jan 2024 20:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56554
IP address blocks: 31.130.224.0/20 maxlen: 24
31.133.128.0/18 maxlen: 24
2001:67c:1230::/46 maxlen: 48
2001:67c:370::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/ilZohaHW1VRFRs0oXYbE7_6qPCw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/ilZohaHW1VRFRs0oXYbE7_6qPCw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ilZohaHW1VRFRs0oXYbE7_6qPCw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:99:d5:d2:47:fa:bf:0e:7e:24:3e:fe:5a:64:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a566885a1d6d5544546cd285d86c4effeaa3c2c
Validity
Not Before: Jan 1 20:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ad284ebc7a876f71902518add5e9b8eaa70d92e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ad:ef:4b:f5:13:ee:78:01:22:99:af:3b:e5:
2a:3a:04:6f:84:16:ea:e8:6b:7f:0a:8f:79:ab:9a:
76:fe:d9:52:0b:46:1e:d8:e6:2b:23:84:3a:5f:3c:
dc:87:83:b7:31:fa:cb:89:cf:89:09:a4:1f:52:43:
9c:c9:53:32:3d:60:89:09:12:70:c4:83:43:b3:ab:
53:92:c3:91:0d:d6:21:d5:24:d0:fa:5e:64:7f:40:
44:5d:ad:da:ca:73:c2:b1:f3:17:fe:e7:d4:7e:45:
fe:9f:7c:18:19:b8:5a:3c:b2:83:9c:3e:a4:c3:1e:
d5:a2:5b:10:05:74:b7:4c:da:ad:10:ab:80:67:ed:
c1:23:db:78:2e:67:4c:a0:1e:12:7c:7a:39:5a:67:
81:fd:56:f2:2f:3e:1b:4c:cd:01:d6:b2:18:84:8d:
ad:49:7f:0b:40:56:20:20:38:9f:e2:65:20:2a:ef:
3d:22:46:f7:a5:c5:62:80:fa:ae:09:98:7c:38:56:
bd:3b:41:78:0d:94:28:0b:b0:68:63:c6:af:b6:43:
11:b7:80:aa:cb:aa:0e:14:e7:dd:ed:fa:fc:6e:e9:
34:91:7d:34:cf:bb:ec:8d:d2:97:de:8e:97:2f:b1:
b4:d2:ae:fd:02:b8:1d:0a:31:d9:db:dc:0a:72:28:
22:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D2:84:EB:C7:A8:76:F7:19:02:51:8A:DD:5E:9B:8E:AA:70:D9:2E
X509v3 Authority Key Identifier:
keyid:8A:56:68:85:A1:D6:D5:54:45:46:CD:28:5D:86:C4:EF:FE:AA:3C:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilZohaHW1VRFRs0oXYbE7_6qPCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/atKE68eodvcZAlGK3V6bjqpw2S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/ilZohaHW1VRFRs0oXYbE7_6qPCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.224.0/20
31.133.128.0/18
IPv6:
2001:67c:370::/48
2001:67c:1230::/46
Signature Algorithm: sha256WithRSAEncryption
7a:26:6e:b7:c3:20:d4:21:a1:6a:64:56:4a:59:51:b4:e9:5e:
8b:2c:2b:6a:3e:87:29:51:4c:1f:0e:51:a5:a2:75:79:35:9d:
8f:a2:cc:57:dd:de:45:d0:cd:15:b4:f6:01:29:b6:26:6d:67:
ad:96:1f:52:97:0d:fd:67:8f:13:cb:34:0b:e8:65:ef:4f:30:
85:26:a4:12:5a:bd:ba:39:fb:01:95:a4:2d:34:fd:3f:da:42:
49:73:de:e6:70:93:4a:d4:d1:a9:35:a5:1c:52:81:df:ef:4c:
5d:af:90:08:d7:e8:c7:90:c9:1a:1f:cb:45:ab:1f:f2:43:a0:
6f:bf:8b:59:46:2e:60:d2:ca:22:6e:cd:49:3f:59:ba:27:27:
6a:3a:fa:d4:a1:1f:00:4e:6a:d3:b9:08:9e:18:e7:b4:eb:54:
0f:30:e4:a6:54:97:77:77:1d:e7:ca:dd:a7:6d:87:4a:d3:e9:
58:67:34:62:8d:07:9e:84:dc:9c:02:9d:f5:26:77:24:81:76:
92:d3:72:a2:67:43:d5:17:7e:44:ad:40:b4:2e:b9:e0:bc:7d:
d0:b4:2c:a4:56:9a:56:e3:66:1d:be:4e:78:f7:33:6b:12:8d:
62:cc:0d:b6:d5:0f:ca:db:53:b0:0b:d0:99:87:27:34:46:e7:
cd:26:92:68
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzGt5nV0kf6vw5+JD7+WmRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNTY2ODg1YTFkNmQ1NTQ0NTQ2Y2QyODVkODZjNGVmZmVh
YTNjMmMwHhcNMjQwMTAxMjAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQyODRlYmM3YTg3NmY3MTkwMjUxOGFkZDVlOWI4ZWFhNzBkOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi63vS/UT7ngBIpmvO+UqOgRvhBbq
6Gt/Co95q5p2/tlSC0Ye2OYrI4Q6Xzzch4O3MfrLic+JCaQfUkOcyVMyPWCJCRJw
xINDs6tTksORDdYh1STQ+l5kf0BEXa3aynPCsfMX/ufUfkX+n3wYGbhaPLKDnD6k
wx7VolsQBXS3TNqtEKuAZ+3BI9t4LmdMoB4SfHo5WmeB/VbyLz4bTM0B1rIYhI2t
SX8LQFYgIDif4mUgKu89Ikb3pcVigPquCZh8OFa9O0F4DZQoC7BoY8avtkMRt4Cq
y6oOFOfd7fr8buk0kX00z7vsjdKX3o6XL7G00q79ArgdCjHZ29wKcigi/QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGrShOvHqHb3GQJRit1em46qcNkuMB8GA1UdIwQY
MBaAFIpWaIWh1tVURUbNKF2GxO/+qjwsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxab2hhSFcxVlJGUnMwb1hZYkU3XzZxUEN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2ZiYzctNjRiOC00YzkxLTg5YTAt
MWFmMDVhMjIzN2MzLzEvYXRLRTY4ZW9kdmNaQWxHSzNWNmJqcXB3MlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2ZiYzctNjRiOC00YzkxLTg5YTAtMWFmMDVhMjIzN2Mz
LzEvaWxab2hhSFcxVlJGUnMwb1hZYkU3XzZxUEN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQEH4LgAwQG
H4WAMBgEAgACMBIDBwAgAQZ8A3ADBwIgAQZ8EjAwDQYJKoZIhvcNAQELBQADggEB
AHombrfDINQhoWpkVkpZUbTpXossK2o+hylRTB8OUaWidXk1nY+izFfd3kXQzRW0
9gEptiZtZ62WH1KXDf1njxPLNAvoZe9PMIUmpBJavbo5+wGVpC00/T/aQklz3uZw
k0rU0ak1pRxSgd/vTF2vkAjX6MeQyRofy0WrH/JDoG+/i1lGLmDSyiJuzUk/Wbon
J2o6+tShHwBOatO5CJ4Y57TrVA8w5KZUl3d3HefK3adth0rT6VhnNGKNB56E3JwC
nfUmdySBdpLTcqJnQ9UXfkStQLQuueC8fdC0LKRWmlbjZh2+Tnj3M2sSjWLMDbbV
D8rbU7AL0JmHJzRG580mkmg=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:43:32 2024 by rpki-client on console-ams.rpki-client.org