Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/da9axAhS8tKEV_XXN6Lfx3VPB8c.roa
File: da9axAhS8tKEV_XXN6Lfx3VPB8c.roa (raw, json)
Hash identifier: n0KT4kkQsa9XTAH7Jk2Gxku5DHGxzQCPgwkUuXFVIv0=
Subject key identifier: 75:AF:5A:C4:08:52:F2:D2:84:57:F5:D7:37:A2:DF:C7:75:4F:07:C7
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A0022C27A4B6426B7E1CE0EAF38F0
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/da9axAhS8tKEV_XXN6Lfx3VPB8c.roa
Signing time: Tue 02 Jan 2024 12:33:19 +0000
ROA not before: Tue 02 Jan 2024 12:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48709
IP address blocks: 31.148.24.0/24 maxlen: 24
2a02:128:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:00:22:c2:7a:4b:64:26:b7:e1:ce:0e:af:38:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75af5ac40852f2d28457f5d737a2dfc7754f07c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:01:81:a7:d2:59:25:1a:38:d0:19:e3:b8:ea:
ec:ef:4a:89:a4:f1:5c:43:2f:78:cb:fa:f8:f0:93:
87:01:38:38:0d:2a:90:11:ac:98:1c:b5:d4:db:74:
6b:e1:4b:d4:78:5d:23:e1:ae:cc:b6:66:fd:af:06:
e3:f1:ed:13:a6:00:17:b7:bc:22:bf:a0:25:cd:90:
03:bc:bb:d5:ee:09:46:80:14:20:40:1d:4d:0f:9a:
62:43:1e:79:0e:64:85:8c:a0:0f:c7:46:91:25:58:
85:67:a3:c5:db:ff:af:a9:4d:98:f4:c8:7e:dc:d8:
19:08:df:ab:a2:e9:ab:73:a2:39:bb:bd:db:cc:7b:
cf:dc:a5:a5:26:55:52:2d:e4:70:3f:8c:85:79:f1:
b8:3a:1b:39:5a:d3:d3:d2:e6:45:36:d5:2c:ac:13:
79:e5:08:29:52:cd:f2:3a:35:90:37:14:f2:36:f1:
77:a2:60:d0:07:97:f2:3d:ea:bd:9a:3b:18:c2:6a:
6b:bb:b1:77:c5:9d:77:07:3b:5c:d8:65:73:8a:5f:
e0:ab:3a:fb:f6:38:36:44:97:64:b7:ff:e3:60:72:
79:dd:26:d7:b5:b5:ba:cb:ec:4d:66:1a:17:95:73:
1f:f2:23:25:c3:b8:35:4b:b9:f9:15:eb:18:49:2a:
6e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AF:5A:C4:08:52:F2:D2:84:57:F5:D7:37:A2:DF:C7:75:4F:07:C7
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/da9axAhS8tKEV_XXN6Lfx3VPB8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.24.0/24
IPv6:
2a02:128:10::/48
Signature Algorithm: sha256WithRSAEncryption
00:69:6b:21:02:1a:c1:87:ce:d3:fa:4f:ba:34:40:3b:c4:4c:
98:38:90:60:47:f6:09:6e:2f:b2:d6:b7:c9:86:c2:c0:be:4b:
98:0e:ea:fb:41:e6:ad:4f:2e:c2:b5:51:16:82:69:7c:45:e3:
69:c2:0b:7a:77:40:4e:c9:09:b8:21:25:eb:aa:ab:08:cd:6a:
0a:08:9f:a0:7b:73:46:db:58:85:92:d0:2b:d9:da:10:c2:86:
97:33:49:58:c0:07:40:c9:e5:b0:33:8c:85:04:2b:2e:46:64:
83:df:ca:69:f1:a9:30:5e:a4:42:e9:8f:d5:84:3d:a9:75:a3:
ce:77:f3:76:ce:51:d9:66:e0:2e:9b:2e:ae:d0:25:0c:12:49:
7d:fa:fd:a1:3d:78:c4:c3:32:8c:a8:21:e0:b8:97:7d:0e:a8:
77:6a:34:29:d7:6a:be:4b:35:9c:fb:ed:87:48:ce:57:cf:45:
4b:36:d7:56:dd:2c:9b:e3:d7:9b:67:cb:c0:e1:02:73:41:8a:
af:b3:e6:52:25:64:3e:dd:ee:0e:39:a2:85:ab:40:5d:5d:1b:
30:18:51:08:fa:51:d6:81:9c:c1:a5:b6:9a:e4:7c:7b:64:ed:
bf:18:36:ee:83:ca:43:9c:37:37:1e:a2:15:da:b1:6e:3b:3e:
2c:03:00:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKKgAiwnpLZCa34c4OrzjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFmNWFjNDA4NTJmMmQyODQ1N2Y1ZDczN2EyZGZjNzc1NGYwN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQGBp9JZJRo40BnjuOrs70qJpPFc
Qy94y/r48JOHATg4DSqQEayYHLXU23Rr4UvUeF0j4a7Mtmb9rwbj8e0TpgAXt7wi
v6AlzZADvLvV7glGgBQgQB1ND5piQx55DmSFjKAPx0aRJViFZ6PF2/+vqU2Y9Mh+
3NgZCN+roumrc6I5u73bzHvP3KWlJlVSLeRwP4yFefG4Ohs5WtPT0uZFNtUsrBN5
5QgpUs3yOjWQNxTyNvF3omDQB5fyPeq9mjsYwmpru7F3xZ13Bztc2GVzil/gqzr7
9jg2RJdkt//jYHJ53SbXtbW6y+xNZhoXlXMf8iMlw7g1S7n5FesYSSpuUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHWvWsQIUvLShFf11zei38d1TwfHMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvZGE5YXhBaFM4dEtFVl9YWE42TGZ4M1ZQQjhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAH5QYMA8E
AgACMAkDBwAqAgEoABAwDQYJKoZIhvcNAQELBQADggEBAABpayECGsGHztP6T7o0
QDvETJg4kGBH9gluL7LWt8mGwsC+S5gO6vtB5q1PLsK1URaCaXxF42nCC3p3QE7J
CbghJeuqqwjNagoIn6B7c0bbWIWS0CvZ2hDChpczSVjAB0DJ5bAzjIUEKy5GZIPf
ymnxqTBepELpj9WEPal1o85383bOUdlm4C6bLq7QJQwSSX36/aE9eMTDMoyoIeC4
l30OqHdqNCnXar5LNZz77YdIzlfPRUs211bdLJvj15tny8DhAnNBiq+z5lIlZD7d
7g45ooWrQF1dGzAYUQj6UdaBnMGltprkfHtk7b8YNu6DykOcNzceohXasW47PiwD
AKo=
-----END CERTIFICATE-----
Generated at Tue Jun 11 07:55:31 2024 by rpki-client on console-ams.rpki-client.org