Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/o88G7XO5unr_QVUy0P8TKeDk-Ys.roa
File: o88G7XO5unr_QVUy0P8TKeDk-Ys.roa (raw, json)
Hash identifier: Hx22DXVr9WvQOI77k3Os7et6+pYy26N+AwF4Bt1FjVY=
Subject key identifier: A3:CF:06:ED:73:B9:BA:7A:FF:41:55:32:D0:FF:13:29:E0:E4:F9:8B
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018CC8DF8AA5ACBECCFB65842E4A00EBF095
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/o88G7XO5unr_QVUy0P8TKeDk-Ys.roa
Signing time: Tue 02 Jan 2024 06:32:22 +0000
ROA not before: Tue 02 Jan 2024 06:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207326
IP address blocks: 31.210.42.0/24 maxlen: 24
78.135.67.0/24 maxlen: 24
31.210.55.0/24 maxlen: 24
78.135.83.0/24 maxlen: 24
78.135.82.0/24 maxlen: 24
78.135.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 09:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:8a:a5:ac:be:cc:fb:65:84:2e:4a:00:eb:f0:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 06:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3cf06ed73b9ba7aff415532d0ff1329e0e4f98b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:b0:80:9e:fe:60:a7:72:de:78:cf:33:80:
37:74:70:47:59:e6:4b:d0:a2:b0:9d:2e:80:7b:c6:
0c:81:cf:02:33:91:02:ca:c0:00:53:62:e3:1d:a0:
56:73:8c:8d:c9:ed:bc:90:4e:0a:54:6a:f0:62:77:
14:f6:4a:0d:08:4c:9e:84:6a:2a:8b:e4:f7:14:1d:
5a:a8:58:0d:a8:9d:76:c1:a2:d0:c0:ab:f3:ea:0c:
0f:1b:8f:53:e1:03:0d:90:21:6f:28:d7:77:f9:91:
18:c2:da:42:06:fb:62:ee:a1:43:67:f9:99:84:ea:
a8:bb:70:ca:af:71:51:62:bc:cb:eb:0c:73:a6:f4:
3c:fc:97:ea:e0:bd:d6:e1:41:f4:84:7d:d7:85:43:
4a:45:cc:0f:a4:a9:92:9f:54:6e:d8:69:c4:d6:f2:
0e:34:b1:17:bb:7b:a5:78:06:27:6e:68:1c:1e:8f:
c8:cf:46:2c:9a:ba:7f:7a:ab:f6:34:23:02:61:74:
83:51:ff:ed:e6:94:05:86:4d:1e:a6:05:e8:78:99:
df:3a:43:a8:f4:5b:44:a0:9f:75:d7:31:46:8d:97:
65:68:d7:83:81:8b:33:7e:84:43:92:8c:1e:b5:9c:
1e:1a:6f:64:ef:84:d5:88:33:88:ab:7b:c7:aa:23:
e6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CF:06:ED:73:B9:BA:7A:FF:41:55:32:D0:FF:13:29:E0:E4:F9:8B
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/o88G7XO5unr_QVUy0P8TKeDk-Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.42.0/24
31.210.55.0/24
78.135.67.0/24
78.135.81.0-78.135.83.255
Signature Algorithm: sha256WithRSAEncryption
52:51:7f:14:28:32:b3:2f:cb:ad:87:06:f5:ad:3a:65:c7:2f:
b2:60:41:8f:1e:51:0e:6e:26:59:b1:64:c9:ae:55:d2:bf:cf:
5e:32:72:c8:6a:ee:07:6c:ac:1f:ba:72:f1:05:2d:5d:51:3e:
f0:ec:7e:e8:1f:01:2b:50:ee:8a:f0:07:6f:7b:e2:86:4c:a6:
83:da:dd:84:e9:21:26:ab:28:fa:f3:b5:80:95:a3:60:de:d4:
77:63:17:ad:bf:fa:98:ee:68:60:e2:e2:17:4a:7d:d5:af:5b:
5c:18:5b:0d:36:8d:f8:bc:b2:5a:93:e8:3b:a2:c9:cd:49:bb:
27:0d:fe:a1:a4:dd:56:53:aa:72:3c:04:2b:2f:5b:4b:9f:86:
55:39:99:e6:ec:dd:51:bd:48:89:c5:84:47:92:88:0b:f0:c9:
c7:a9:9c:fc:f7:89:9e:3d:89:db:26:64:29:34:81:a0:96:03:
16:b9:4d:62:a4:bd:af:0b:c0:9c:56:aa:37:5a:36:76:04:9a:
05:2b:eb:e4:60:7f:7d:f7:3e:f8:4d:fc:e4:01:78:14:1b:2b:
5f:1a:8a:55:5a:40:83:57:ec:f4:93:40:48:21:64:bb:9a:ae:
3b:4e:c7:0c:8a:38:29:47:69:c2:8a:f0:da:85:ae:bc:9d:09:
29:65:a6:53
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzI34qlrL7M+2WELkoA6/CVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMTAyMDYzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NmMDZlZDczYjliYTdhZmY0MTU1MzJkMGZmMTMyOWUwZTRmOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubqwgJ7+YKdy3njPM4A3dHBHWeZL
0KKwnS6Ae8YMgc8CM5ECysAAU2LjHaBWc4yNye28kE4KVGrwYncU9koNCEyehGoq
i+T3FB1aqFgNqJ12waLQwKvz6gwPG49T4QMNkCFvKNd3+ZEYwtpCBvti7qFDZ/mZ
hOqou3DKr3FRYrzL6wxzpvQ8/Jfq4L3W4UH0hH3XhUNKRcwPpKmSn1Ru2GnE1vIO
NLEXu3uleAYnbmgcHo/Iz0Ysmrp/eqv2NCMCYXSDUf/t5pQFhk0epgXoeJnfOkOo
9FtEoJ911zFGjZdlaNeDgYszfoRDkowetZweGm9k74TViDOIq3vHqiPmcwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKPPBu1zubp6/0FVMtD/Eyng5PmLMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvbzg4RzdYTzV1bnJfUVZVeTBQOFRLZURrLVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAH9IqAwQA
H9I3AwQATodDMAwDBABOh1EDBAJOh1AwDQYJKoZIhvcNAQELBQADggEBAFJRfxQo
MrMvy62HBvWtOmXHL7JgQY8eUQ5uJlmxZMmuVdK/z14ycshq7gdsrB+6cvEFLV1R
PvDsfugfAStQ7orwB2974oZMpoPa3YTpISarKPrztYCVo2De1HdjF62/+pjuaGDi
4hdKfdWvW1wYWw02jfi8slqT6Duiyc1JuycN/qGk3VZTqnI8BCsvW0ufhlU5mebs
3VG9SInFhEeSiAvwycepnPz3iZ49idsmZCk0gaCWAxa5TWKkva8LwJxWqjdaNnYE
mgUr6+Rgf333PvhN/OQBeBQbK18ailVaQINX7PSTQEghZLuarjtOxwyKOClHacKK
8NqFrrydCSllplM=
-----END CERTIFICATE-----
Generated at Sat Apr 27 18:13:51 2024 by rpki-client on console-ams.rpki-client.org