Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/pAmDc8yXrg2sdFciTdGfTELqpjk.roa
File: pAmDc8yXrg2sdFciTdGfTELqpjk.roa (raw, json)
Hash identifier: rAWEO7RWWHu99R40wNyTrHsOT5YGCuULSKXJvObApv8=
Subject key identifier: A4:09:83:73:CC:97:AE:0D:AC:74:57:22:4D:D1:9F:4C:42:EA:A6:39
Certificate issuer: /CN=4081f85602b1168925d83eb3ca61609f357956a6
Certificate serial: 018CC5DBFB33E9FD8B98A5185474B00A4A8F
Authority key identifier: 40:81:F8:56:02:B1:16:89:25:D8:3E:B3:CA:61:60:9F:35:79:56:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIH4VgKxFokl2D6zymFgnzV5VqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/pAmDc8yXrg2sdFciTdGfTELqpjk.roa
Signing time: Mon 01 Jan 2024 16:29:37 +0000
ROA not before: Mon 01 Jan 2024 16:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39650
IP address blocks: 31.130.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/QIH4VgKxFokl2D6zymFgnzV5VqY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/QIH4VgKxFokl2D6zymFgnzV5VqY.mft
rsync://rpki.ripe.net/repository/DEFAULT/QIH4VgKxFokl2D6zymFgnzV5VqY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fb:33:e9:fd:8b:98:a5:18:54:74:b0:0a:4a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4081f85602b1168925d83eb3ca61609f357956a6
Validity
Not Before: Jan 1 16:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4098373cc97ae0dac7457224dd19f4c42eaa639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7b:67:a7:91:2b:8a:61:68:60:37:54:ed:c0:
5c:e4:6b:c6:86:d2:17:90:d9:f9:b2:81:da:2c:33:
1f:45:a0:90:98:88:01:70:02:a1:09:1a:4a:98:61:
b7:9b:75:9d:2c:58:cf:c3:68:4f:11:cc:6b:5f:32:
e8:94:8b:29:61:c5:48:e5:71:41:85:20:97:97:8e:
18:44:92:e8:1b:05:9d:18:e3:dc:2a:f4:83:82:44:
22:02:48:79:e5:0e:64:9b:85:ac:00:97:4b:c0:c5:
79:87:c4:8b:d3:7b:10:c8:e0:75:54:c5:e7:59:00:
de:f3:e7:96:05:64:0e:69:b7:f5:71:eb:35:29:98:
69:3a:17:f8:07:a6:3b:cc:dc:3c:61:3e:84:9a:d5:
8a:38:9b:39:3f:43:0d:ea:78:bd:4d:87:1b:a9:86:
b5:34:7a:66:d7:92:dd:92:b2:21:7b:6b:ce:71:bc:
1d:cc:30:3e:72:81:52:bb:d6:85:73:f1:97:7a:27:
1d:bd:16:b0:c0:14:1b:90:85:01:0d:23:6a:31:cc:
16:0f:2b:61:2d:93:66:13:5e:e6:3c:e7:78:b1:cd:
bb:3d:75:4e:6d:58:a8:12:b6:ab:cc:d6:e0:1e:b9:
4f:4f:a2:5a:92:f4:14:85:1c:61:1d:e7:e0:3e:6f:
f5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:09:83:73:CC:97:AE:0D:AC:74:57:22:4D:D1:9F:4C:42:EA:A6:39
X509v3 Authority Key Identifier:
keyid:40:81:F8:56:02:B1:16:89:25:D8:3E:B3:CA:61:60:9F:35:79:56:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIH4VgKxFokl2D6zymFgnzV5VqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/pAmDc8yXrg2sdFciTdGfTELqpjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/QIH4VgKxFokl2D6zymFgnzV5VqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.181.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:a3:c2:51:90:03:d9:28:25:e0:18:ba:81:9e:9f:79:d2:0c:
e9:b6:c8:14:f6:d1:f8:dd:4a:b6:8e:96:3a:94:de:f1:88:21:
f3:fe:91:b4:72:ad:c2:66:f5:c6:b9:70:4e:a2:84:37:97:af:
6e:ed:86:03:99:9f:b4:3e:78:2d:77:5c:34:aa:be:cb:ae:7c:
a8:c8:69:78:01:2b:08:84:7a:d0:7e:0a:93:f9:de:30:5f:f9:
22:34:60:c7:c3:a0:86:7f:f6:48:27:0b:00:8e:81:28:aa:aa:
c7:c1:b9:87:ec:be:8d:02:ef:4f:73:ba:e2:2f:23:9b:09:c4:
94:b5:81:6d:1e:4a:65:4b:03:92:fb:ee:84:2e:f2:bb:2b:f3:
cd:66:b5:43:45:d6:8c:a0:5e:d8:9d:48:22:50:30:f0:2e:3a:
73:2f:a6:d7:0a:28:e8:f0:c2:49:d2:39:96:e9:6c:e6:93:e0:
de:3a:da:cd:6a:05:31:5e:94:04:5e:34:f0:96:7f:72:d8:71:
57:6d:28:ec:5f:b2:00:a0:04:3b:6b:4b:2c:68:cf:00:3a:26:
b0:77:dd:35:58:1c:63:e9:d2:08:ee:53:d5:e0:03:45:0a:ee:
07:08:e2:6c:8d:b4:63:c2:2b:69:6e:ad:6f:4f:6c:c6:01:83:
32:fc:7c:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2/sz6f2LmKUYVHSwCkqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODFmODU2MDJiMTE2ODkyNWQ4M2ViM2NhNjE2MDlmMzU3
OTU2YTYwHhcNMjQwMTAxMTYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDA5ODM3M2NjOTdhZTBkYWM3NDU3MjI0ZGQxOWY0YzQyZWFhNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXtnp5ErimFoYDdU7cBc5GvGhtIX
kNn5soHaLDMfRaCQmIgBcAKhCRpKmGG3m3WdLFjPw2hPEcxrXzLolIspYcVI5XFB
hSCXl44YRJLoGwWdGOPcKvSDgkQiAkh55Q5km4WsAJdLwMV5h8SL03sQyOB1VMXn
WQDe8+eWBWQOabf1ces1KZhpOhf4B6Y7zNw8YT6EmtWKOJs5P0MN6ni9TYcbqYa1
NHpm15LdkrIhe2vOcbwdzDA+coFSu9aFc/GXeicdvRawwBQbkIUBDSNqMcwWDyth
LZNmE17mPOd4sc27PXVObVioErarzNbgHrlPT6JakvQUhRxhHefgPm/1bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQJg3PMl64NrHRXIk3Rn0xC6qY5MB8GA1UdIwQY
MBaAFECB+FYCsRaJJdg+s8phYJ81eVamMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlINFZnS3hGb2tsMkQ2enltRmduelY1VnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMmM5M2MtOTAwMC00ZTczLWExYzUt
YzAzZjNmZGRkNGFjLzEvcEFtRGM4eVhyZzJzZEZjaVRkR2ZURUxxcGprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMmM5M2MtOTAwMC00ZTczLWExYzUtYzAzZjNmZGRkNGFj
LzEvUUlINFZnS3hGb2tsMkQ2enltRmduelY1VnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH4K1MA0G
CSqGSIb3DQEBCwUAA4IBAQB/o8JRkAPZKCXgGLqBnp950gzptsgU9tH43Uq2jpY6
lN7xiCHz/pG0cq3CZvXGuXBOooQ3l69u7YYDmZ+0Pngtd1w0qr7LrnyoyGl4ASsI
hHrQfgqT+d4wX/kiNGDHw6CGf/ZIJwsAjoEoqqrHwbmH7L6NAu9Pc7riLyObCcSU
tYFtHkplSwOS++6ELvK7K/PNZrVDRdaMoF7YnUgiUDDwLjpzL6bXCijo8MJJ0jmW
6Wzmk+DeOtrNagUxXpQEXjTwln9y2HFXbSjsX7IAoAQ7a0ssaM8AOiawd901WBxj
6dII7lPV4ANFCu4HCOJsjbRjwitpbq1vT2zGAYMy/HzY
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:11:04 2024 by rpki-client on console-ams.rpki-client.org