Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/XD2s1aPZieUG4AOMjoNPvtWE2jo.roa
File: XD2s1aPZieUG4AOMjoNPvtWE2jo.roa (raw, json)
Hash identifier: yyKrQoNUprsNO97Eb9WG+ppUaCfJkSqXKK2kQdEbMNg=
Subject key identifier: 5C:3D:AC:D5:A3:D9:89:E5:06:E0:03:8C:8E:83:4F:BE:D5:84:DA:3A
Certificate issuer: /CN=678cebf7eec3d5e0121e401170ce01ff3888d4ec
Certificate serial: 018CC3B6E63C0759EBD22B6BC9179D54818D
Authority key identifier: 67:8C:EB:F7:EE:C3:D5:E0:12:1E:40:11:70:CE:01:FF:38:88:D4:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z4zr9-7D1eASHkARcM4B_ziI1Ow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/XD2s1aPZieUG4AOMjoNPvtWE2jo.roa
Signing time: Mon 01 Jan 2024 06:29:52 +0000
ROA not before: Mon 01 Jan 2024 06:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43588
IP address blocks: 91.228.111.0/24 maxlen: 24
91.228.108.0/24 maxlen: 24
91.228.108.0/22 maxlen: 22
91.228.110.0/24 maxlen: 24
31.131.0.0/22 maxlen: 22
31.131.1.0/24 maxlen: 24
31.131.2.0/24 maxlen: 24
31.131.3.0/24 maxlen: 24
31.131.4.0/24 maxlen: 24
31.131.4.0/23 maxlen: 23
31.131.6.0/24 maxlen: 24
31.131.7.0/24 maxlen: 24
31.131.5.0/24 maxlen: 24
91.216.47.0/24 maxlen: 24
2a0a:6480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/Z4zr9-7D1eASHkARcM4B_ziI1Ow.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/Z4zr9-7D1eASHkARcM4B_ziI1Ow.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z4zr9-7D1eASHkARcM4B_ziI1Ow.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e6:3c:07:59:eb:d2:2b:6b:c9:17:9d:54:81:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=678cebf7eec3d5e0121e401170ce01ff3888d4ec
Validity
Not Before: Jan 1 06:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c3dacd5a3d989e506e0038c8e834fbed584da3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3c:9a:19:e3:54:b9:c8:6f:6f:d6:01:97:d4:
ff:4f:75:59:b6:94:bc:68:ed:3e:f8:b6:22:49:5a:
ac:5f:30:a6:e7:1a:d2:0d:fc:e3:be:18:28:86:c6:
1a:2a:0b:b2:7f:16:b9:5f:bc:97:dd:44:8a:0e:ad:
29:cf:65:57:04:f2:e6:93:d9:53:e4:73:b7:7b:f3:
2c:f4:19:e0:b6:d5:4c:33:44:0c:21:28:58:3c:90:
00:11:b9:a0:1f:85:3a:f1:10:fe:5a:77:4f:1b:df:
d3:de:ba:41:b7:8a:7d:99:1d:31:e7:5c:bc:c8:73:
c3:27:aa:7a:f0:fa:f0:92:67:bc:e0:2e:d6:13:1f:
1f:a9:41:89:bf:be:31:24:4b:8a:e3:60:4d:74:47:
aa:8c:06:59:cd:7b:9c:a6:59:35:ce:89:90:59:e8:
9f:11:c7:0b:c9:29:1a:d5:02:9e:2d:0a:10:28:87:
a1:04:9a:a0:0c:01:c6:55:8c:70:73:53:98:3e:76:
5b:38:5f:12:d9:08:44:52:4c:a5:3a:03:39:0e:2d:
e8:91:f2:55:b3:9a:61:04:bd:23:13:91:bb:96:2c:
88:de:a2:e7:c2:61:21:16:47:94:0b:24:ef:60:8c:
10:33:8f:fa:81:7c:e5:1b:8d:e7:5c:30:e8:2b:85:
d7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3D:AC:D5:A3:D9:89:E5:06:E0:03:8C:8E:83:4F:BE:D5:84:DA:3A
X509v3 Authority Key Identifier:
keyid:67:8C:EB:F7:EE:C3:D5:E0:12:1E:40:11:70:CE:01:FF:38:88:D4:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z4zr9-7D1eASHkARcM4B_ziI1Ow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/XD2s1aPZieUG4AOMjoNPvtWE2jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f2b87b-95e9-4cf8-abeb-6dfbba4edd59/1/Z4zr9-7D1eASHkARcM4B_ziI1Ow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.0.0/21
91.216.47.0/24
91.228.108.0/22
IPv6:
2a0a:6480::/29
Signature Algorithm: sha256WithRSAEncryption
3c:b3:5a:d6:95:bc:e5:6b:e9:b1:e9:0c:45:a4:35:36:52:fa:
17:44:af:37:f1:6e:71:b1:7f:00:e2:04:51:57:5b:ca:44:79:
4f:38:7f:f5:65:45:de:f8:d8:d2:7e:dd:a6:15:26:c6:53:1b:
47:05:60:2d:b6:07:3c:4c:3f:96:39:1a:26:4c:cc:8a:94:54:
26:ec:42:e7:3d:40:68:3f:29:1d:b5:3d:cb:30:85:39:d4:38:
a1:33:16:cd:87:0c:fa:fc:b9:d5:28:10:2b:0d:d1:8e:36:20:
fa:67:fb:87:92:38:5b:fd:20:da:63:63:3e:6c:10:a0:f0:eb:
15:c9:d2:a5:89:47:c4:b9:68:3f:f1:49:2e:03:82:61:e5:72:
43:3c:84:98:b0:a5:f1:f4:d3:e9:a4:7b:ec:74:f5:2b:25:bd:
eb:04:7a:b8:36:dd:70:77:4c:2d:73:6c:c8:82:94:de:1c:2a:
8e:53:33:e4:84:5e:a4:00:18:50:f7:3d:ff:9d:1e:31:d6:76:
87:6a:bb:b9:f0:e2:22:e8:fb:91:68:87:63:66:cd:f8:71:5f:
e4:9a:53:86:12:a8:3a:64:a9:cc:20:9d:f6:86:20:cf:1f:4b:
bf:c5:c5:34:31:cd:8a:3f:0b:56:52:cf:fd:84:bb:41:32:97:
b3:1d:c1:0a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtuY8B1nr0itryRedVIGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OGNlYmY3ZWVjM2Q1ZTAxMjFlNDAxMTcwY2UwMWZmMzg4
OGQ0ZWMwHhcNMjQwMTAxMDYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNkYWNkNWEzZDk4OWU1MDZlMDAzOGM4ZTgzNGZiZWQ1ODRkYTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjyaGeNUuchvb9YBl9T/T3VZtpS8
aO0++LYiSVqsXzCm5xrSDfzjvhgohsYaKguyfxa5X7yX3USKDq0pz2VXBPLmk9lT
5HO3e/Ms9BngttVMM0QMIShYPJAAEbmgH4U68RD+WndPG9/T3rpBt4p9mR0x51y8
yHPDJ6p68Prwkme84C7WEx8fqUGJv74xJEuK42BNdEeqjAZZzXucplk1zomQWeif
EccLySka1QKeLQoQKIehBJqgDAHGVYxwc1OYPnZbOF8S2QhEUkylOgM5Di3okfJV
s5phBL0jE5G7liyI3qLnwmEhFkeUCyTvYIwQM4/6gXzlG43nXDDoK4XXswIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFw9rNWj2YnlBuADjI6DT77VhNo6MB8GA1UdIwQY
MBaAFGeM6/fuw9XgEh5AEXDOAf84iNTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjR6cjktN0QxZUFTSGtBUmNNNEJfemlJMU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMmI4N2ItOTVlOS00Y2Y4LWFiZWIt
NmRmYmJhNGVkZDU5LzEvWEQyczFhUFppZVVHNEFPTWpvTlB2dFdFMmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMmI4N2ItOTVlOS00Y2Y4LWFiZWItNmRmYmJhNGVkZDU5
LzEvWjR6cjktN0QxZUFTSGtBUmNNNEJfemlJMU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH4MAAwQA
W9gvAwQCW+RsMA0EAgACMAcDBQMqCmSAMA0GCSqGSIb3DQEBCwUAA4IBAQA8s1rW
lbzla+mx6QxFpDU2UvoXRK838W5xsX8A4gRRV1vKRHlPOH/1ZUXe+NjSft2mFSbG
UxtHBWAttgc8TD+WORomTMyKlFQm7ELnPUBoPykdtT3LMIU51DihMxbNhwz6/LnV
KBArDdGONiD6Z/uHkjhb/SDaY2M+bBCg8OsVydKliUfEuWg/8UkuA4Jh5XJDPISY
sKXx9NPppHvsdPUrJb3rBHq4Nt1wd0wtc2zIgpTeHCqOUzPkhF6kABhQ9z3/nR4x
1naHaru58OIi6PuRaIdjZs34cV/kmlOGEqg6ZKnMIJ32hiDPH0u/xcU0Mc2KPwtW
Us/9hLtBMpezHcEK
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:41 2024 by rpki-client on console-fra.rpki-client.org