Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/iPKK99RLq9njJ9EPRE0UyHEdARI.roa
File: iPKK99RLq9njJ9EPRE0UyHEdARI.roa (raw, json)
Hash identifier: tFELp5HrL3I31LqlZzs8pV5EHfC7XoCv7p9uJycKftY=
Subject key identifier: 88:F2:8A:F7:D4:4B:AB:D9:E3:27:D1:0F:44:4D:14:C8:71:1D:01:12
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 018D7E69703815461CF43BA8095D08B905B4
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/iPKK99RLq9njJ9EPRE0UyHEdARI.roa
Signing time: Tue 06 Feb 2024 12:34:15 +0000
ROA not before: Tue 06 Feb 2024 12:34:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50986
IP address blocks: 31.170.24.0/21 maxlen: 21
31.170.24.0/24 maxlen: 24
178.236.64.0/20 maxlen: 20
178.236.64.0/22 maxlen: 22
178.236.70.0/23 maxlen: 23
178.236.76.0/22 maxlen: 22
2a02:1610::/32 maxlen: 32
2a02:1610::/56 maxlen: 56
2a02:1610:1:1000::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:69:70:38:15:46:1c:f4:3b:a8:09:5d:08:b9:05:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Feb 6 12:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88f28af7d44babd9e327d10f444d14c8711d0112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d6:7f:31:b6:0a:ab:02:4b:b0:ae:f0:82:b4:
51:4f:91:c1:fe:a8:a6:a5:6c:be:19:96:cd:58:0a:
d5:0c:df:1e:52:c8:4f:e6:60:46:c7:28:a7:2d:4d:
0d:b3:78:13:0f:a7:29:10:c3:e1:1c:f6:60:37:e0:
26:e0:dd:85:14:b4:02:6f:59:d3:f8:c2:38:25:d5:
21:0b:a8:09:ff:23:be:4a:50:87:e0:51:c8:e2:a1:
36:4b:ff:32:47:26:df:bf:f5:a0:25:e6:95:5c:70:
c5:cf:ba:14:1b:50:00:83:aa:db:f2:d0:2e:5e:7a:
b1:76:bd:2e:0a:71:b8:e1:fb:0d:d0:33:5f:ec:f0:
25:a7:4b:40:f4:0a:58:44:8d:b8:f9:56:53:98:16:
2f:41:8f:90:83:45:eb:25:c1:0c:52:90:0e:c0:f8:
63:78:64:40:43:b5:72:f2:7c:06:44:62:74:c4:8f:
ec:8c:2a:f9:ec:cc:eb:00:d8:ca:38:fe:f8:0f:09:
1c:32:35:21:4a:01:75:75:77:be:c2:97:30:40:bb:
af:eb:d2:36:05:ae:f2:8d:88:9a:ef:05:a5:cf:15:
c7:19:fe:22:0e:ba:68:1b:f8:8a:99:d6:ad:7c:85:
a1:c5:52:65:49:69:43:f5:03:92:b1:91:dd:ed:f7:
85:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F2:8A:F7:D4:4B:AB:D9:E3:27:D1:0F:44:4D:14:C8:71:1D:01:12
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/iPKK99RLq9njJ9EPRE0UyHEdARI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.24.0/21
178.236.64.0/20
IPv6:
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
a4:da:2f:56:37:cf:26:fb:45:8d:24:0d:07:d6:f4:7c:ff:91:
87:e5:71:2c:4f:d3:0c:18:46:b6:e0:d1:7e:e0:2d:6f:48:6c:
5d:a3:6f:44:1e:54:18:bd:ea:75:9d:f3:1c:6f:f1:7e:6b:b6:
ec:40:81:c3:ad:37:25:02:ae:fe:af:48:e5:55:04:97:82:77:
cb:5c:42:77:8e:0e:ee:f6:a6:27:55:fe:9c:34:16:c0:93:ac:
09:eb:75:56:97:c2:78:f1:c4:0e:91:f5:3a:88:e9:fc:95:7c:
16:b2:09:00:f6:cf:e5:3f:8c:47:d1:91:a5:ec:b1:5d:c4:72:
fa:4f:bb:92:52:70:3b:83:66:0f:cf:33:7e:c7:65:e2:e1:0e:
40:6c:2a:3d:ca:0d:9f:1e:79:49:9e:bf:a1:11:ce:4e:62:75:
c9:90:9b:17:ee:91:30:ca:8d:b3:cd:e5:72:da:3b:c1:e7:80:
b3:dd:9b:e7:9e:f3:36:2c:a6:3b:56:37:99:60:ab:b6:66:2a:
ce:bc:ef:60:b2:fa:3c:53:76:c7:11:2e:b8:8a:dd:77:82:35:
1f:11:ea:11:95:c9:ee:12:bb:8c:9d:55:7c:5e:bf:e8:ed:6e:
a8:bc:7f:7f:e4:e1:70:1e:39:f1:19:d3:5f:41:f3:6f:82:ac:
43:be:09:29
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY1+aXA4FUYc9DuoCV0IuQW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjQwMjA2MTIzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGYyOGFmN2Q0NGJhYmQ5ZTMyN2QxMGY0NDRkMTRjODcxMWQwMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdZ/MbYKqwJLsK7wgrRRT5HB/qim
pWy+GZbNWArVDN8eUshP5mBGxyinLU0Ns3gTD6cpEMPhHPZgN+Am4N2FFLQCb1nT
+MI4JdUhC6gJ/yO+SlCH4FHI4qE2S/8yRybfv/WgJeaVXHDFz7oUG1AAg6rb8tAu
Xnqxdr0uCnG44fsN0DNf7PAlp0tA9ApYRI24+VZTmBYvQY+Qg0XrJcEMUpAOwPhj
eGRAQ7Vy8nwGRGJ0xI/sjCr57MzrANjKOP74DwkcMjUhSgF1dXe+wpcwQLuv69I2
Ba7yjYia7wWlzxXHGf4iDrpoG/iKmdatfIWhxVJlSWlD9QOSsZHd7feFUQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIjyivfUS6vZ4yfRD0RNFMhxHQESMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvaVBLSzk5UkxxOW5qSjlFUFJFMFV5SEVkQVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDH6oYAwQE
suxAMA0EAgACMAcDBQAqAhYQMA0GCSqGSIb3DQEBCwUAA4IBAQCk2i9WN88m+0WN
JA0H1vR8/5GH5XEsT9MMGEa24NF+4C1vSGxdo29EHlQYvep1nfMcb/F+a7bsQIHD
rTclAq7+r0jlVQSXgnfLXEJ3jg7u9qYnVf6cNBbAk6wJ63VWl8J48cQOkfU6iOn8
lXwWsgkA9s/lP4xH0ZGl7LFdxHL6T7uSUnA7g2YPzzN+x2Xi4Q5AbCo9yg2fHnlJ
nr+hEc5OYnXJkJsX7pEwyo2zzeVy2jvB54Cz3ZvnnvM2LKY7VjeZYKu2ZirOvO9g
svo8U3bHES64it13gjUfEeoRlcnuEruMnVV8Xr/o7W6ovH9/5OFwHjnxGdNfQfNv
gqxDvgkp
-----END CERTIFICATE-----
Generated at Fri Jun 14 17:07:06 2024 by rpki-client on console-fra.rpki-client.org