Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/2V43uJoIqibOwJxaaAuYUaJC-JM.roa
File: 2V43uJoIqibOwJxaaAuYUaJC-JM.roa (raw, json)
Hash identifier: vcsmRegFkYL+pEdtuFzrXOO3F74+lAzJYEHdimJSqsI=
Subject key identifier: D9:5E:37:B8:9A:08:AA:26:CE:C0:9C:5A:68:0B:98:51:A2:42:F8:93
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 0193496C3B38103AC45C1C958C3751FC3531
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/2V43uJoIqibOwJxaaAuYUaJC-JM.roa
Signing time: Wed 20 Nov 2024 11:54:10 +0000
ROA not before: Wed 20 Nov 2024 11:54:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 31.133.80.0/22 maxlen: 24
31.133.80.0/24 maxlen: 24
31.133.81.0/24 maxlen: 24
31.133.82.0/24 maxlen: 24
31.133.83.0/24 maxlen: 24
31.133.84.0/22 maxlen: 22
31.133.88.0/24 maxlen: 24
31.133.89.0/24 maxlen: 24
31.133.90.0/24 maxlen: 24
31.133.91.0/24 maxlen: 24
176.103.224.0/22 maxlen: 22
176.103.232.0/22 maxlen: 22
176.103.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:6c:3b:38:10:3a:c4:5c:1c:95:8c:37:51:fc:35:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Nov 20 11:54:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d95e37b89a08aa26cec09c5a680b9851a242f893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e4:81:de:dc:c3:90:6b:72:66:fd:e6:c8:ec:
88:58:8e:ed:24:78:27:b8:57:bc:d7:fe:a5:14:29:
9e:0e:35:a7:eb:aa:00:b5:3d:11:26:f0:a5:c7:6a:
c1:a8:72:47:76:f3:ed:b9:24:a1:28:12:c2:48:55:
24:d0:8c:d0:42:7c:35:fa:19:6e:f5:03:ff:a5:4c:
e1:6a:c8:92:47:b7:8d:7e:b9:9f:5a:32:27:87:5d:
cf:a4:5b:df:a7:30:a1:c9:4f:a9:13:05:b1:e2:f0:
34:e9:2a:25:86:0f:e2:f0:a0:7d:ab:28:c9:c5:65:
5a:3a:07:79:66:60:da:8c:af:8a:90:53:8f:38:c0:
58:a5:e6:54:c3:dd:17:92:16:bc:1c:29:a7:6b:d0:
c1:6f:0b:38:f5:27:d9:7b:36:77:0a:cd:48:23:9b:
f6:a1:e3:41:31:98:ea:f5:48:4f:1f:27:cf:ec:26:
95:f7:42:05:90:44:f4:bf:a9:ee:a9:04:43:01:ef:
da:27:8b:f9:8f:07:b7:3f:9f:46:3a:c7:fa:a1:83:
22:7b:7a:ea:54:41:65:ad:b5:c2:e4:95:72:1f:ca:
e4:f9:9e:b2:06:35:bd:7e:78:2e:ef:39:97:2e:c8:
59:c5:35:98:9d:79:61:1e:7c:a9:73:ac:cf:08:0c:
3d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:5E:37:B8:9A:08:AA:26:CE:C0:9C:5A:68:0B:98:51:A2:42:F8:93
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/2V43uJoIqibOwJxaaAuYUaJC-JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0-31.133.91.255
176.103.224.0/22
176.103.232.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:21:13:38:56:4f:1c:2a:df:53:7b:41:4e:e6:a4:e7:71:37:
91:b0:7b:8f:bb:2e:05:5f:4b:67:04:62:59:3e:e8:c9:b2:ce:
62:f7:ba:7f:7d:ba:fa:83:e1:50:72:b5:8c:52:1c:46:e3:d3:
c8:d0:5a:4a:6f:e2:c3:82:fc:09:89:28:e5:4c:ef:2a:be:e1:
f4:df:7d:56:50:0b:bf:25:70:01:d7:42:78:f6:7a:72:87:75:
8f:d5:d9:14:c6:e5:d9:37:5e:98:a7:e0:c8:8e:16:76:70:b0:
e2:40:e7:0a:7b:59:24:b1:3f:b2:3d:55:6d:b4:ed:de:af:39:
85:8a:47:4d:21:ad:8a:f9:28:09:b5:cb:aa:f9:43:bf:a5:9c:
ce:1e:fb:d8:c5:6e:66:55:76:c2:c9:f6:ce:d3:2f:7b:20:2c:
f4:72:64:08:e0:07:31:13:4e:78:b9:4e:49:18:87:54:2a:55:
89:95:4f:9d:12:a5:13:31:33:ae:a7:44:94:b1:d0:74:46:f3:
fc:2c:7e:ca:1a:19:dd:0e:af:9f:10:82:36:5e:93:51:09:3c:
82:ea:b0:4e:51:11:d2:fb:53:15:49:82:f3:58:43:d1:60:13:
ff:ef:71:e9:e4:09:28:83:a8:79:b8:0f:64:1e:e2:17:3e:63:
e8:0b:f8:25
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZNJbDs4EDrEXByVjDdR/DUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjQxMTIwMTE1NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTVlMzdiODlhMDhhYTI2Y2VjMDljNWE2ODBiOTg1MWEyNDJmODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8uSB3tzDkGtyZv3myOyIWI7tJHgn
uFe81/6lFCmeDjWn66oAtT0RJvClx2rBqHJHdvPtuSShKBLCSFUk0IzQQnw1+hlu
9QP/pUzhasiSR7eNfrmfWjInh13PpFvfpzChyU+pEwWx4vA06Solhg/i8KB9qyjJ
xWVaOgd5ZmDajK+KkFOPOMBYpeZUw90Xkha8HCmna9DBbws49SfZezZ3Cs1II5v2
oeNBMZjq9UhPHyfP7CaV90IFkET0v6nuqQRDAe/aJ4v5jwe3P59GOsf6oYMie3rq
VEFlrbXC5JVyH8rk+Z6yBjW9fngu7zmXLshZxTWYnXlhHnypc6zPCAw93wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNleN7iaCKomzsCcWmgLmFGiQviTMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvMlY0M3VKb0lxaWJPd0p4YWFBdVlVYUpDLUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAQfhVAD
BAIfhVgDBAKwZ+ADBAOwZ+gwDQYJKoZIhvcNAQELBQADggEBAJwhEzhWTxwq31N7
QU7mpOdxN5Gwe4+7LgVfS2cEYlk+6MmyzmL3un99uvqD4VBytYxSHEbj08jQWkpv
4sOC/AmJKOVM7yq+4fTffVZQC78lcAHXQnj2enKHdY/V2RTG5dk3Xpin4MiOFnZw
sOJA5wp7WSSxP7I9VW207d6vOYWKR00hrYr5KAm1y6r5Q7+lnM4e+9jFbmZVdsLJ
9s7TL3sgLPRyZAjgBzETTni5TkkYh1QqVYmVT50SpRMxM66nRJSx0HRG8/wsfsoa
Gd0Or58QgjZek1EJPILqsE5REdL7UxVJgvNYQ9FgE//vcenkCSiDqHm4D2Qe4hc+
Y+gL+CU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:41:39 2024 by rpki-client on console-ams.rpki-client.org