Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/3ZjVqXhMJRiyBdMOa03WryGuLlQ.roa
File: 3ZjVqXhMJRiyBdMOa03WryGuLlQ.roa (raw, json)
Hash identifier: XS7f4kv2R0049AiOJCugwVJoYCvHdNGr/8HojCRaOdU=
Subject key identifier: DD:98:D5:A9:78:4C:25:18:B2:05:D3:0E:6B:4D:D6:AF:21:AE:2E:54
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 018CC64A091F0DCD737FB1B95B9CFB625922
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/3ZjVqXhMJRiyBdMOa03WryGuLlQ.roa
Signing time: Mon 01 Jan 2024 18:29:49 +0000
ROA not before: Mon 01 Jan 2024 18:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 31.133.80.0/22 maxlen: 22
31.133.84.0/22 maxlen: 22
176.103.224.0/22 maxlen: 22
31.133.88.0/22 maxlen: 22
176.103.232.0/22 maxlen: 22
176.103.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:09:1f:0d:cd:73:7f:b1:b9:5b:9c:fb:62:59:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jan 1 18:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd98d5a9784c2518b205d30e6b4dd6af21ae2e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c6:4b:4b:72:5d:c4:60:53:af:d1:3c:3c:56:
47:76:b7:67:a3:01:a0:f3:ed:6d:80:14:fa:b7:37:
a1:ef:dd:22:50:0f:57:cb:d3:ee:e3:2f:7d:db:ac:
cd:73:5f:b3:aa:83:8e:74:62:c1:d1:ad:34:ef:dd:
a3:b9:49:6b:9b:63:e5:04:c5:2b:f2:00:ba:3a:b0:
5b:49:49:7c:f5:83:12:6a:58:a5:eb:23:8a:98:f6:
29:3e:6e:6a:63:b3:64:84:23:78:b2:d4:59:c3:b9:
fb:d4:b4:e0:d7:76:a6:75:83:03:66:06:b7:d9:3c:
27:d6:a9:ea:83:29:11:fc:4b:92:f1:33:d8:d1:6c:
ea:b0:8c:07:76:c7:e9:63:f8:a1:e7:4b:90:6e:88:
c0:44:ae:4d:79:66:a8:f2:38:d6:a8:34:0d:a1:f2:
ec:b6:9d:a9:b0:7a:27:5c:6c:1f:01:ea:a6:11:51:
65:0d:31:b9:c4:9f:7a:49:af:57:ea:b5:2d:f6:a9:
53:91:5b:3b:5f:2c:c3:33:ae:7f:38:b6:9f:01:67:
80:80:2f:b6:18:aa:8e:f4:94:5c:73:93:0e:cd:55:
47:7e:44:af:9f:7c:05:cf:f0:12:0f:67:d1:a7:a9:
75:a9:04:08:6c:1e:3e:23:81:70:e6:75:59:13:1a:
6e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:98:D5:A9:78:4C:25:18:B2:05:D3:0E:6B:4D:D6:AF:21:AE:2E:54
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/3ZjVqXhMJRiyBdMOa03WryGuLlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0-31.133.91.255
176.103.224.0/22
176.103.232.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:e5:c6:e4:4d:db:29:d8:45:ae:af:ae:a6:e6:6d:05:fd:a3:
30:fc:0e:5b:a2:f2:a4:b9:e5:75:5c:4f:18:78:82:df:89:02:
34:b1:31:47:4b:30:d7:79:5d:32:26:b4:1e:d0:90:d5:ea:28:
b7:7f:97:5a:1b:0e:9e:dd:a5:e1:b8:9d:0e:a6:87:62:fc:30:
a7:53:d8:f3:6c:be:74:d2:9d:a0:1e:83:f7:3a:b7:e1:15:a4:
95:9e:ad:b8:bb:c6:0d:c4:49:9b:d6:a4:29:f3:aa:50:7e:fc:
95:9f:f4:f5:5d:6d:28:5a:28:79:cb:37:dd:00:cf:ec:71:ff:
f4:e7:54:5d:e8:4a:4e:27:d6:5f:dc:e1:f7:eb:bd:30:d8:a7:
66:fd:7e:b1:9f:5b:bc:d2:68:48:d7:1e:e4:86:f1:56:da:c0:
f6:98:d3:e4:47:fa:83:66:aa:92:1b:41:6a:7f:00:b5:c5:c1:
ed:ca:97:38:7b:b9:d9:51:c8:ea:fb:e6:34:57:a3:9b:71:ea:
1f:24:27:61:95:c9:ef:52:5c:d4:6d:30:01:b6:0f:3b:53:cc:
1e:dc:f0:15:f8:6e:5b:57:fd:5d:90:e3:cc:fa:60:37:7e:87:
76:bb:f2:cd:14:7e:e0:cf:b4:f3:25:58:1e:17:10:d7:54:19:
4e:38:2f:9f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGSgkfDc1zf7G5W5z7YlkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjQwMTAxMTgyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk4ZDVhOTc4NGMyNTE4YjIwNWQzMGU2YjRkZDZhZjIxYWUyZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsZLS3JdxGBTr9E8PFZHdrdnowGg
8+1tgBT6tzeh790iUA9Xy9Pu4y9926zNc1+zqoOOdGLB0a00792juUlrm2PlBMUr
8gC6OrBbSUl89YMSalil6yOKmPYpPm5qY7NkhCN4stRZw7n71LTg13amdYMDZga3
2Twn1qnqgykR/EuS8TPY0WzqsIwHdsfpY/ih50uQbojARK5NeWao8jjWqDQNofLs
tp2psHonXGwfAeqmEVFlDTG5xJ96Sa9X6rUt9qlTkVs7XyzDM65/OLafAWeAgC+2
GKqO9JRcc5MOzVVHfkSvn3wFz/ASD2fRp6l1qQQIbB4+I4Fw5nVZExpugQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFN2Y1al4TCUYsgXTDmtN1q8hri5UMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvM1pqVnFYaE1KUml5QmRNT2EwM1dyeUd1TGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAQfhVAD
BAIfhVgDBAKwZ+ADBAOwZ+gwDQYJKoZIhvcNAQELBQADggEBAG7lxuRN2ynYRa6v
rqbmbQX9ozD8Dlui8qS55XVcTxh4gt+JAjSxMUdLMNd5XTImtB7QkNXqKLd/l1ob
Dp7dpeG4nQ6mh2L8MKdT2PNsvnTSnaAeg/c6t+EVpJWerbi7xg3ESZvWpCnzqlB+
/JWf9PVdbShaKHnLN90Az+xx//TnVF3oSk4n1l/c4ffrvTDYp2b9frGfW7zSaEjX
HuSG8VbawPaY0+RH+oNmqpIbQWp/ALXFwe3Klzh7udlRyOr75jRXo5tx6h8kJ2GV
ye9SXNRtMAG2DztTzB7c8BX4bltX/V2Q48z6YDd+h3a78s0UfuDPtPMlWB4XENdU
GU44L58=
-----END CERTIFICATE-----
Generated at Sun May 19 15:03:29 2024 by rpki-client on console-ams.rpki-client.org