Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/7jgOp-Pa45fk2e0qNyl3w_AJzTc.roa
File: 7jgOp-Pa45fk2e0qNyl3w_AJzTc.roa (raw, json)
Hash identifier: +H65YEWVaPKEF44wHOtfYZNp5JgrYOo4LwxT53fTZsU=
Subject key identifier: EE:38:0E:A7:E3:DA:E3:97:E4:D9:ED:2A:37:29:77:C3:F0:09:CD:37
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 018CC79479D2AA7CB0526673688651C146DF
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/7jgOp-Pa45fk2e0qNyl3w_AJzTc.roa
Signing time: Tue 02 Jan 2024 00:30:45 +0000
ROA not before: Tue 02 Jan 2024 00:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30823
IP address blocks: 31.214.246.0/24 maxlen: 24
31.214.245.0/24 maxlen: 24
31.214.247.0/24 maxlen: 24
31.214.141.0/24 maxlen: 24
95.156.227.0/24 maxlen: 24
134.255.220.0/24 maxlen: 32
134.255.225.0/24 maxlen: 24
134.255.227.0/24 maxlen: 24
134.255.252.0/24 maxlen: 24
109.230.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.mft
rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:79:d2:aa:7c:b0:52:66:73:68:86:51:c1:46:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 2 00:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee380ea7e3dae397e4d9ed2a372977c3f009cd37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:bb:ff:5b:4b:f9:ca:ce:61:f3:c6:76:a0:
a7:59:bb:4f:ad:cc:05:cd:55:27:7e:b8:dd:b3:10:
38:8b:3e:8d:70:ee:87:cc:79:70:e1:d2:47:b6:06:
64:05:7f:68:0b:d5:15:49:a5:c9:e4:1e:bf:16:a7:
92:16:c7:8b:ec:00:de:f0:2a:e1:1b:5f:47:fc:b4:
28:a5:b9:79:41:05:9c:f5:71:3d:f9:8c:83:a6:02:
c8:a9:66:5e:6a:50:4b:09:d4:63:45:ec:81:79:2a:
e9:20:86:9c:e5:3d:94:3d:77:34:8a:a7:cf:b3:55:
84:9d:b4:6d:db:21:96:a7:e9:95:b6:83:2d:7d:b1:
83:02:18:9c:d0:60:5b:c4:c5:3b:53:75:91:72:6a:
a0:59:f9:44:cb:44:7d:d8:83:f1:50:8f:b8:64:b8:
77:28:fc:a9:06:91:71:de:6f:f6:6e:36:45:09:ba:
0e:80:10:c6:10:f4:c2:89:0d:0d:56:55:9f:3c:63:
ee:83:88:ff:be:ba:7b:00:d5:66:9b:1e:bb:5c:fc:
fc:b9:79:85:3b:e5:b6:74:99:a4:89:28:b2:72:0f:
e1:03:a5:af:92:17:cf:3d:a2:e9:47:53:9b:75:ef:
66:72:12:9a:f9:ba:fe:ad:62:df:f1:99:8c:e8:bf:
48:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:38:0E:A7:E3:DA:E3:97:E4:D9:ED:2A:37:29:77:C3:F0:09:CD:37
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/7jgOp-Pa45fk2e0qNyl3w_AJzTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.141.0/24
31.214.245.0-31.214.247.255
95.156.227.0/24
109.230.238.0/24
134.255.220.0/24
134.255.225.0/24
134.255.227.0/24
134.255.252.0/24
Signature Algorithm: sha256WithRSAEncryption
83:e6:b7:8b:78:0d:1f:91:f9:6a:5c:6a:9c:28:9d:6a:a2:98:
ab:54:53:00:f9:da:7a:b2:68:3d:d5:3d:9c:46:7a:74:92:c1:
74:73:64:52:2d:2c:71:19:f1:1f:13:58:2e:b1:34:67:e6:e6:
f5:db:ea:2a:64:18:6b:79:ef:e3:b7:2b:4e:4a:98:45:19:68:
00:92:95:d6:20:06:57:b0:d1:b0:18:b7:19:0f:c7:9f:bc:e2:
96:b0:e4:ed:1e:b1:40:42:30:e5:1f:40:00:14:7b:80:1c:e8:
85:05:8b:58:aa:c6:7d:45:de:f2:d2:7a:26:8c:37:c6:eb:53:
8d:2c:2a:fc:3d:09:f8:72:99:c0:72:08:80:89:a4:41:82:4c:
07:8f:af:b6:94:9c:fc:98:ec:6a:90:c8:53:79:82:ee:bf:60:
fa:a5:a4:ad:e4:d7:12:a5:9e:99:7f:ba:60:48:6e:0c:84:57:
26:34:2f:b9:03:11:c2:04:fc:e8:69:af:1f:49:1a:7d:7f:5a:
5b:42:79:f9:5b:99:8a:13:84:cd:40:7e:a5:47:a4:b9:74:30:
d3:f0:40:00:b4:f2:1d:a9:dd:68:1b:15:5a:0a:fa:f4:50:33:
0a:a5:ad:b3:2d:de:7b:fb:5c:06:3a:e3:dd:81:6d:0e:4b:98:
23:b7:d3:2f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzHlHnSqnywUmZzaIZRwUbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjQwMTAyMDAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTM4MGVhN2UzZGFlMzk3ZTRkOWVkMmEzNzI5NzdjM2YwMDljZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbq7/1tL+crOYfPGdqCnWbtPrcwF
zVUnfrjdsxA4iz6NcO6HzHlw4dJHtgZkBX9oC9UVSaXJ5B6/FqeSFseL7ADe8Crh
G19H/LQopbl5QQWc9XE9+YyDpgLIqWZealBLCdRjReyBeSrpIIac5T2UPXc0iqfP
s1WEnbRt2yGWp+mVtoMtfbGDAhic0GBbxMU7U3WRcmqgWflEy0R92IPxUI+4ZLh3
KPypBpFx3m/2bjZFCboOgBDGEPTCiQ0NVlWfPGPug4j/vrp7ANVmmx67XPz8uXmF
O+W2dJmkiSiycg/hA6WvkhfPPaLpR1Obde9mchKa+br+rWLf8ZmM6L9I5QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFO44Dqfj2uOX5NntKjcpd8PwCc03MB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvN2pnT3AtUGE0NWZrMmUwcU55bDN3X0FKelRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAH9aNMAwD
BAAf1vUDBAMf1vADBABfnOMDBABt5u4DBACG/9wDBACG/+EDBACG/+MDBACG//ww
DQYJKoZIhvcNAQELBQADggEBAIPmt4t4DR+R+WpcapwonWqimKtUUwD52nqyaD3V
PZxGenSSwXRzZFItLHEZ8R8TWC6xNGfm5vXb6ipkGGt57+O3K05KmEUZaACSldYg
Blew0bAYtxkPx5+84paw5O0esUBCMOUfQAAUe4Ac6IUFi1iqxn1F3vLSeiaMN8br
U40sKvw9CfhymcByCICJpEGCTAePr7aUnPyY7GqQyFN5gu6/YPqlpK3k1xKlnpl/
umBIbgyEVyY0L7kDEcIE/Ohprx9JGn1/WltCeflbmYoThM1AfqVHpLl0MNPwQAC0
8h2p3WgbFVoK+vRQMwqlrbMt3nv7XAY6492BbQ5LmCO30y8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:48 2024 by rpki-client on console-ams.rpki-client.org