Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/7V3pjwwfxri4MUk8yrLc0GXJRN8.roa
File: 7V3pjwwfxri4MUk8yrLc0GXJRN8.roa (raw, json)
Hash identifier: vOIrEz79Q90iIWL26Y3mzooo2OgyL1FaNv46STXMkcg=
Subject key identifier: ED:5D:E9:8F:0C:1F:C6:B8:B8:31:49:3C:CA:B2:DC:D0:65:C9:44:DF
Certificate issuer: /CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7
Certificate serial: 018CC64B22DD574913F85781C70A6D2BFFDD
Authority key identifier: 95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/7V3pjwwfxri4MUk8yrLc0GXJRN8.roa
Signing time: Mon 01 Jan 2024 18:31:01 +0000
ROA not before: Mon 01 Jan 2024 18:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49461
IP address blocks: 31.42.160.0/24 maxlen: 24
31.42.166.0/24 maxlen: 24
31.42.160.0/20 maxlen: 20
31.42.162.0/24 maxlen: 24
31.42.161.0/24 maxlen: 24
31.42.164.0/24 maxlen: 24
31.42.163.0/24 maxlen: 24
31.42.165.0/24 maxlen: 24
31.42.167.0/24 maxlen: 24
31.42.169.0/24 maxlen: 24
31.42.168.0/24 maxlen: 24
31.42.171.0/24 maxlen: 24
31.42.170.0/24 maxlen: 24
31.42.172.0/24 maxlen: 24
31.42.172.0/23 maxlen: 23
31.42.174.0/24 maxlen: 24
31.42.173.0/24 maxlen: 24
31.42.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:22:dd:57:49:13:f8:57:81:c7:0a:6d:2b:ff:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95e81311ef1d36ecc6d125e36c82c26f915b0df7
Validity
Not Before: Jan 1 18:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed5de98f0c1fc6b8b831493ccab2dcd065c944df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a0:1a:7b:37:da:e9:a0:9c:17:aa:b9:7f:a0:
cf:ae:1d:ff:68:f3:f8:33:92:2f:4d:d1:1b:c9:e6:
78:d8:96:be:24:ce:ee:38:45:5e:3f:8c:70:e1:34:
22:52:8b:17:5d:ea:89:19:86:68:a4:11:85:d8:46:
9e:2e:3f:b1:35:68:c9:d2:e5:fd:08:4b:a1:af:cc:
b6:94:81:9e:ad:6c:36:52:4a:db:84:55:a9:f6:82:
f0:6a:b8:3b:57:db:df:a8:06:bf:72:e4:fb:75:2d:
fd:f3:b2:a9:91:8a:6e:43:62:d6:3d:86:55:ed:68:
6c:a0:b1:20:a5:1f:75:4c:a8:05:07:1c:89:0f:b5:
f1:5e:bc:cd:28:b0:df:03:43:09:d6:90:fd:83:20:
5d:8f:8f:2e:bc:c0:df:54:44:36:c8:de:de:b6:00:
56:f3:cc:aa:6a:e1:56:71:14:2a:f7:8d:d9:ba:8a:
48:d6:c2:fe:f1:e8:08:04:a6:b9:07:48:16:24:ff:
47:e6:a6:5c:36:fb:7c:73:11:18:9e:46:b7:35:94:
2b:e0:c4:1f:db:cf:83:87:c6:ba:4f:42:04:87:7e:
1b:46:1c:c9:b5:85:2b:9b:a1:37:da:65:b6:4e:22:
c9:ee:18:7f:73:08:4b:2b:7c:ba:ce:4e:a2:8b:97:
66:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:5D:E9:8F:0C:1F:C6:B8:B8:31:49:3C:CA:B2:DC:D0:65:C9:44:DF
X509v3 Authority Key Identifier:
keyid:95:E8:13:11:EF:1D:36:EC:C6:D1:25:E3:6C:82:C2:6F:91:5B:0D:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/legTEe8dNuzG0SXjbILCb5FbDfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/7V3pjwwfxri4MUk8yrLc0GXJRN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c06bc-8ca1-4091-9418-734fab6fec6f/1/legTEe8dNuzG0SXjbILCb5FbDfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.160.0/20
Signature Algorithm: sha256WithRSAEncryption
78:ff:10:23:95:70:c1:f0:73:77:04:f0:e2:af:8c:f4:08:71:
87:c1:fe:ff:46:e4:20:3c:9d:e6:2e:53:2e:5f:d9:93:d2:bc:
5e:72:39:6d:55:51:02:f7:da:b6:b9:56:43:53:17:88:33:72:
00:12:28:7a:50:43:54:3c:1b:85:70:10:d5:4c:0b:53:3b:95:
27:13:a9:4d:b3:d6:86:b7:fc:63:ff:6e:cf:cf:1a:dd:f7:3f:
f2:2d:f9:49:b3:8a:d4:c2:a1:0a:92:6a:b2:3e:db:c9:01:05:
ef:8f:93:75:d5:8c:b3:64:b1:94:40:ee:dd:25:a8:1a:e3:93:
41:b0:b4:2b:7a:23:4a:88:0d:8c:1f:fd:2c:43:d1:f4:aa:37:
70:9e:26:d5:ce:e1:76:94:03:dc:c1:56:58:96:54:e3:32:e7:
e6:ad:9a:68:2f:d6:c6:13:d2:d7:db:15:c0:f7:59:de:85:81:
14:ef:4a:f1:26:ad:7e:1d:42:ed:88:d3:a9:a9:68:56:b8:ad:
87:2b:de:eb:73:53:66:43:3a:1c:ba:b0:2e:72:37:94:81:d4:
38:be:74:b6:47:46:a8:47:a0:95:f6:5a:11:b7:f5:4d:fb:e6:
7b:89:19:af:dc:38:97:2e:fb:6e:a3:e5:cd:0b:f0:77:e5:d6:
d7:af:0c:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSyLdV0kT+FeBxwptK//dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTgxMzExZWYxZDM2ZWNjNmQxMjVlMzZjODJjMjZmOTE1
YjBkZjcwHhcNMjQwMTAxMTgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDVkZTk4ZjBjMWZjNmI4YjgzMTQ5M2NjYWIyZGNkMDY1Yzk0NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaAaezfa6aCcF6q5f6DPrh3/aPP4
M5IvTdEbyeZ42Ja+JM7uOEVeP4xw4TQiUosXXeqJGYZopBGF2EaeLj+xNWjJ0uX9
CEuhr8y2lIGerWw2UkrbhFWp9oLwarg7V9vfqAa/cuT7dS3987KpkYpuQ2LWPYZV
7WhsoLEgpR91TKgFBxyJD7XxXrzNKLDfA0MJ1pD9gyBdj48uvMDfVEQ2yN7etgBW
88yqauFWcRQq943ZuopI1sL+8egIBKa5B0gWJP9H5qZcNvt8cxEYnka3NZQr4MQf
28+Dh8a6T0IEh34bRhzJtYUrm6E32mW2TiLJ7hh/cwhLK3y6zk6ii5dmuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1d6Y8MH8a4uDFJPMqy3NBlyUTfMB8GA1UdIwQY
MBaAFJXoExHvHTbsxtEl42yCwm+RWw33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81YzA2YmMtOGNhMS00MDkxLTk0MTgt
NzM0ZmFiNmZlYzZmLzEvN1YzcGp3d2Z4cmk0TVVrOHlyTGMwR1hKUk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC81YzA2YmMtOGNhMS00MDkxLTk0MTgtNzM0ZmFiNmZlYzZm
LzEvbGVnVEVlOGROdXpHMFNYamJJTENiNUZiRGZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEHyqgMA0G
CSqGSIb3DQEBCwUAA4IBAQB4/xAjlXDB8HN3BPDir4z0CHGHwf7/RuQgPJ3mLlMu
X9mT0rxecjltVVEC99q2uVZDUxeIM3IAEih6UENUPBuFcBDVTAtTO5UnE6lNs9aG
t/xj/27Pzxrd9z/yLflJs4rUwqEKkmqyPtvJAQXvj5N11YyzZLGUQO7dJaga45NB
sLQreiNKiA2MH/0sQ9H0qjdwnibVzuF2lAPcwVZYllTjMufmrZpoL9bGE9LX2xXA
91nehYEU70rxJq1+HULtiNOpqWhWuK2HK97rc1NmQzocurAucjeUgdQ4vnS2R0ao
R6CV9loRt/VN++Z7iRmv3DiXLvtuo+XNC/B35dbXrwyS
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:07:43 2024 by rpki-client on console-ams.rpki-client.org