Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/o2xUULFVR-9Isxw6INsgzGy7qDo.roa
File: o2xUULFVR-9Isxw6INsgzGy7qDo.roa (raw, json)
Hash identifier: ZDLJs1a4SE+kfPetS/EW2UhauBK2pHMsuTZIRLs9elw=
Subject key identifier: A3:6C:54:50:B1:55:47:EF:48:B3:1C:3A:20:DB:20:CC:6C:BB:A8:3A
Certificate issuer: /CN=bc8c1a8032f57f22b01454a65ef32dea77496d0b
Certificate serial: 0190FE50C694D80E15778DC649073E39F087
Authority key identifier: BC:8C:1A:80:32:F5:7F:22:B0:14:54:A6:5E:F3:2D:EA:77:49:6D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIwagDL1fyKwFFSmXvMt6ndJbQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/o2xUULFVR-9Isxw6INsgzGy7qDo.roa
Signing time: Mon 29 Jul 2024 11:47:04 +0000
ROA not before: Mon 29 Jul 2024 11:47:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215186
IP address blocks: 31.12.73.0/24 maxlen: 24
2a12:99c0::/29 maxlen: 29
2a12:99c0::/32 maxlen: 32
2a12:99c1::/32 maxlen: 32
2a12:99c2::/32 maxlen: 32
2a12:99c3::/32 maxlen: 32
2a12:99c4::/32 maxlen: 32
2a12:99c5::/32 maxlen: 32
2a12:99c6::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/vIwagDL1fyKwFFSmXvMt6ndJbQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/vIwagDL1fyKwFFSmXvMt6ndJbQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/vIwagDL1fyKwFFSmXvMt6ndJbQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:50:c6:94:d8:0e:15:77:8d:c6:49:07:3e:39:f0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8c1a8032f57f22b01454a65ef32dea77496d0b
Validity
Not Before: Jul 29 11:47:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a36c5450b15547ef48b31c3a20db20cc6cbba83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:19:92:3a:95:50:32:11:d9:ae:03:31:64:a6:
5e:aa:c1:42:10:9e:e2:e1:b3:e8:ed:0c:70:f8:19:
1f:49:22:1f:54:db:b9:05:54:2a:c7:2d:b6:7c:69:
8f:73:b6:d8:15:ef:a7:2a:e8:57:04:25:ef:06:8b:
74:7b:4e:a3:4f:82:ff:96:bc:dd:9d:bf:1d:f0:b9:
57:0d:81:1a:eb:81:4f:84:80:2d:6d:dd:40:d5:8d:
d2:f4:53:4a:2b:16:c6:91:ca:b3:cc:b2:89:b7:8e:
49:b9:c1:fe:6b:99:f9:08:3f:e8:b3:27:50:01:1d:
08:1f:29:46:fa:31:75:95:5b:70:e0:d9:01:b5:14:
cc:91:bd:5c:12:4a:c0:5e:18:34:da:39:97:2c:0a:
c3:e4:35:9b:64:cc:35:9f:b7:2f:15:30:23:d6:c5:
cd:b6:1a:ab:60:22:ca:02:cf:a4:57:44:0d:12:33:
5c:7d:b7:2e:07:9a:82:ee:ed:98:99:2f:28:3b:dc:
25:60:61:70:d9:a5:bf:0b:9d:bd:84:ec:17:34:dd:
94:2e:8a:35:e5:84:71:74:62:a4:f4:21:af:e8:cd:
5f:e8:d6:2f:32:4d:4b:1d:0c:74:9e:fe:3b:3c:bf:
ce:7f:3e:e5:8b:fc:52:22:a7:28:55:a1:76:ad:5f:
b5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:6C:54:50:B1:55:47:EF:48:B3:1C:3A:20:DB:20:CC:6C:BB:A8:3A
X509v3 Authority Key Identifier:
keyid:BC:8C:1A:80:32:F5:7F:22:B0:14:54:A6:5E:F3:2D:EA:77:49:6D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIwagDL1fyKwFFSmXvMt6ndJbQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/o2xUULFVR-9Isxw6INsgzGy7qDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/vIwagDL1fyKwFFSmXvMt6ndJbQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.73.0/24
IPv6:
2a12:99c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:22:e6:63:00:d8:a5:ed:e4:9e:2b:c8:8c:80:5b:53:d0:45:
6f:cb:f2:e0:1e:09:d0:8b:a3:63:f3:31:a1:56:05:35:82:a0:
bf:c1:eb:e8:b9:b1:f7:a4:a6:45:9a:4f:50:69:27:31:3f:c5:
2c:e6:13:9f:b4:13:d6:5c:bb:74:00:43:3a:87:5d:45:3b:7c:
a4:aa:96:35:59:22:62:6f:8c:2f:59:a0:23:2e:b6:8b:aa:f3:
a6:0b:b9:02:24:d2:02:04:f1:32:e7:63:3c:dd:f6:e9:17:25:
1e:dc:e9:b6:a3:e2:53:cb:34:d0:ca:5f:7e:67:1a:89:e9:4c:
7c:e9:4c:59:2a:36:d1:e5:2d:4d:dd:25:c7:02:e4:49:ab:d3:
c9:d8:06:09:ec:b2:c8:a4:d9:3a:f4:df:af:a5:e1:62:1d:d8:
10:08:db:1b:77:ab:ed:48:90:2c:b3:81:ba:ea:00:58:4d:2a:
60:a4:9d:c1:65:1b:79:2f:57:ad:59:5a:c5:96:48:80:f4:c3:
04:63:57:76:f6:21:2d:17:11:fc:55:d3:08:59:c6:e9:2d:78:
75:02:1f:04:3f:93:8f:5c:c7:b0:b1:59:bf:bb:e0:cf:a8:ac:
18:7f:63:72:be:eb:74:fe:0f:8c:62:ce:6a:66:9c:41:11:45:
83:0e:36:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZD+UMaU2A4Vd43GSQc+OfCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGMxYTgwMzJmNTdmMjJiMDE0NTRhNjVlZjMyZGVhNzc0
OTZkMGIwHhcNMjQwNzI5MTE0NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzZjNTQ1MGIxNTU0N2VmNDhiMzFjM2EyMGRiMjBjYzZjYmJhODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhmSOpVQMhHZrgMxZKZeqsFCEJ7i
4bPo7Qxw+BkfSSIfVNu5BVQqxy22fGmPc7bYFe+nKuhXBCXvBot0e06jT4L/lrzd
nb8d8LlXDYEa64FPhIAtbd1A1Y3S9FNKKxbGkcqzzLKJt45JucH+a5n5CD/osydQ
AR0IHylG+jF1lVtw4NkBtRTMkb1cEkrAXhg02jmXLArD5DWbZMw1n7cvFTAj1sXN
thqrYCLKAs+kV0QNEjNcfbcuB5qC7u2YmS8oO9wlYGFw2aW/C529hOwXNN2ULoo1
5YRxdGKk9CGv6M1f6NYvMk1LHQx0nv47PL/Ofz7li/xSIqcoVaF2rV+1KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKNsVFCxVUfvSLMcOiDbIMxsu6g6MB8GA1UdIwQY
MBaAFLyMGoAy9X8isBRUpl7zLep3SW0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkl3YWdETDFmeUt3RkZTbVh2TXQ2bmRKYlFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC85ZjQyODItZGZlYi00MGMxLWFmODQt
YTU2NGVjMDExYzVkLzEvbzJ4VVVMRlZSLTlJc3h3NklOc2d6R3k3cURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC85ZjQyODItZGZlYi00MGMxLWFmODQtYTU2NGVjMDExYzVk
LzEvdkl3YWdETDFmeUt3RkZTbVh2TXQ2bmRKYlFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHwxJMA0E
AgACMAcDBQMqEpnAMA0GCSqGSIb3DQEBCwUAA4IBAQAOIuZjANil7eSeK8iMgFtT
0EVvy/LgHgnQi6Nj8zGhVgU1gqC/wevoubH3pKZFmk9QaScxP8Us5hOftBPWXLt0
AEM6h11FO3ykqpY1WSJib4wvWaAjLraLqvOmC7kCJNICBPEy52M83fbpFyUe3Om2
o+JTyzTQyl9+ZxqJ6Ux86UxZKjbR5S1N3SXHAuRJq9PJ2AYJ7LLIpNk69N+vpeFi
HdgQCNsbd6vtSJAss4G66gBYTSpgpJ3BZRt5L1etWVrFlkiA9MMEY1d29iEtFxH8
VdMIWcbpLXh1Ah8EP5OPXMewsVm/u+DPqKwYf2Nyvut0/g+MYs5qZpxBEUWDDjYf
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:49 2024 by rpki-client on console-fra.rpki-client.org