Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/Yafq9JiVRFDo9klwEk7lrjtgCUc.roa
File: Yafq9JiVRFDo9klwEk7lrjtgCUc.roa (raw, json)
Hash identifier: jP6qZz8YXIZEBcZe5MQE1RZwqlOc7gKqqSWjIIpfzrI=
Subject key identifier: 61:A7:EA:F4:98:95:44:50:E8:F6:49:70:12:4E:E5:AE:3B:60:09:47
Certificate issuer: /CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Certificate serial: 018ED247F559B5B3849D07BA04ABAC1DFB90
Authority key identifier: 71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/Yafq9JiVRFDo9klwEk7lrjtgCUc.roa
Signing time: Fri 12 Apr 2024 12:28:34 +0000
ROA not before: Fri 12 Apr 2024 12:28:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47441
IP address blocks: 31.210.137.0/24 maxlen: 24
2a02:e480::/29 maxlen: 29
2a02:e480::/32 maxlen: 32
2a02:e481::/32 maxlen: 32
2a02:e482::/32 maxlen: 32
2a02:e483::/32 maxlen: 32
2a02:e484::/32 maxlen: 32
2a02:e485::/32 maxlen: 32
2a02:e486::/32 maxlen: 32
2a02:e487::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/cV35qvnRzRfKQMlSrY9x8KNDK7c.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/cV35qvnRzRfKQMlSrY9x8KNDK7c.mft
rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:47:f5:59:b5:b3:84:9d:07:ba:04:ab:ac:1d:fb:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=715df9aaf9d1cd17ca40c952ad8f71f0a3432bb7
Validity
Not Before: Apr 12 12:28:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61a7eaf498954450e8f64970124ee5ae3b600947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e9:69:f8:0a:d0:c0:49:73:d0:3e:e6:66:55:
93:5f:b0:9f:11:b8:27:0a:2d:4c:a2:3f:a5:8a:1e:
06:6e:db:e6:ff:38:81:a8:9e:86:f3:c3:db:18:50:
0f:0f:fd:4c:0b:3d:61:27:5c:09:50:db:ac:36:c8:
28:50:ec:96:fd:13:2e:51:bd:43:5c:6b:47:f6:17:
fd:d6:1a:13:4b:ca:60:50:73:9f:b6:54:f3:84:a7:
ec:d5:a5:9f:63:72:bb:13:61:94:cc:75:36:57:ca:
ed:fd:4b:cc:49:ab:36:58:38:5d:f3:fc:c1:9a:4d:
4d:b3:16:57:c6:02:1a:bc:5a:29:73:9d:3d:de:a6:
44:29:1a:6e:76:4b:07:21:c8:22:ed:7b:2b:88:94:
77:d0:f3:d5:a6:ff:1a:66:77:7f:1d:74:a7:12:e2:
d5:28:1f:3d:11:2c:ee:dc:d2:9f:a5:7c:22:b6:ac:
99:0c:05:92:4a:3c:d4:cc:3b:1d:d1:2a:64:c2:35:
ae:66:72:4b:49:2a:16:b4:71:57:d9:9d:c2:7c:2e:
a1:fd:c0:36:36:29:80:fc:25:8b:9b:50:f2:42:60:
64:65:70:a4:34:4c:8d:0e:01:0c:ba:78:c5:25:bb:
24:b7:c0:b9:aa:e8:af:19:a2:c4:01:4a:ed:38:39:
a8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A7:EA:F4:98:95:44:50:E8:F6:49:70:12:4E:E5:AE:3B:60:09:47
X509v3 Authority Key Identifier:
keyid:71:5D:F9:AA:F9:D1:CD:17:CA:40:C9:52:AD:8F:71:F0:A3:43:2B:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cV35qvnRzRfKQMlSrY9x8KNDK7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/Yafq9JiVRFDo9klwEk7lrjtgCUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/023b06-5b1e-44e9-98d8-781be598bf58/1/cV35qvnRzRfKQMlSrY9x8KNDK7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.137.0/24
IPv6:
2a02:e480::/29
Signature Algorithm: sha256WithRSAEncryption
66:29:af:58:09:c5:0a:c5:93:0e:25:42:ad:34:a0:1c:53:4b:
14:8f:9e:35:34:e9:06:14:fd:e8:26:9a:84:ee:37:d2:78:4b:
b3:e8:f9:8e:e9:1b:d5:c5:02:5c:6f:08:8f:cc:da:24:e2:70:
10:29:e7:9c:50:63:30:a8:d0:1c:f1:ea:65:20:b9:be:da:f2:
66:80:88:8f:42:07:e2:df:34:d7:77:ba:28:5e:56:16:6f:4c:
97:95:cd:63:29:46:73:99:7a:de:a8:6e:d3:e4:53:a2:4f:90:
7b:98:a0:d0:6e:b3:68:31:e5:74:bd:60:f1:db:bb:dd:c7:12:
e8:52:5b:00:dc:7e:a6:d0:1f:32:2d:9a:d6:38:ed:10:6c:73:
6a:83:2b:77:2f:0a:9c:eb:7b:c6:45:90:a1:f1:26:7a:92:de:
8a:f9:3a:be:cb:91:ca:74:8b:80:e1:58:96:fc:ce:c8:3f:b7:
e2:d3:d6:40:59:08:e5:1b:b1:27:7f:8b:81:e7:bc:fd:1c:7e:
f9:cf:f5:aa:e6:e3:a2:7c:48:1e:da:70:14:6d:8a:82:69:a7:
68:62:31:14:49:d8:ba:fb:bc:82:6d:7f:ec:22:d5:7a:7f:dd:
f3:ee:ae:16:fe:ff:32:45:14:20:be:7f:08:65:22:16:b9:a2:
72:5c:f2:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7SR/VZtbOEnQe6BKusHfuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNWRmOWFhZjlkMWNkMTdjYTQwYzk1MmFkOGY3MWYwYTM0
MzJiYjcwHhcNMjQwNDEyMTIyODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWE3ZWFmNDk4OTU0NDUwZThmNjQ5NzAxMjRlZTVhZTNiNjAwOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnelp+ArQwElz0D7mZlWTX7CfEbgn
Ci1Moj+lih4Gbtvm/ziBqJ6G88PbGFAPD/1MCz1hJ1wJUNusNsgoUOyW/RMuUb1D
XGtH9hf91hoTS8pgUHOftlTzhKfs1aWfY3K7E2GUzHU2V8rt/UvMSas2WDhd8/zB
mk1NsxZXxgIavFopc5093qZEKRpudksHIcgi7XsriJR30PPVpv8aZnd/HXSnEuLV
KB89ESzu3NKfpXwitqyZDAWSSjzUzDsd0SpkwjWuZnJLSSoWtHFX2Z3CfC6h/cA2
NimA/CWLm1DyQmBkZXCkNEyNDgEMunjFJbskt8C5quivGaLEAUrtODmoaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGGn6vSYlURQ6PZJcBJO5a47YAlHMB8GA1UdIwQY
MBaAFHFd+ar50c0XykDJUq2PcfCjQyu3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1YzNXF2blJ6UmZLUU1sU3JZOXg4S05ESzdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMjNiMDYtNWIxZS00NGU5LTk4ZDgt
NzgxYmU1OThiZjU4LzEvWWFmcTlKaVZSRkRvOWtsd0VrN2xyanRnQ1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMjNiMDYtNWIxZS00NGU5LTk4ZDgtNzgxYmU1OThiZjU4
LzEvY1YzNXF2blJ6UmZLUU1sU3JZOXg4S05ESzdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAH9KJMA0E
AgACMAcDBQMqAuSAMA0GCSqGSIb3DQEBCwUAA4IBAQBmKa9YCcUKxZMOJUKtNKAc
U0sUj541NOkGFP3oJpqE7jfSeEuz6PmO6RvVxQJcbwiPzNok4nAQKeecUGMwqNAc
8eplILm+2vJmgIiPQgfi3zTXd7ooXlYWb0yXlc1jKUZzmXreqG7T5FOiT5B7mKDQ
brNoMeV0vWDx27vdxxLoUlsA3H6m0B8yLZrWOO0QbHNqgyt3Lwqc63vGRZCh8SZ6
kt6K+Tq+y5HKdIuA4ViW/M7IP7fi09ZAWQjlG7Enf4uB57z9HH75z/Wq5uOifEge
2nAUbYqCaadoYjEUSdi6+7yCbX/sItV6f93z7q4W/v8yRRQgvn8IZSIWuaJyXPK7
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:33:58 2024 by rpki-client on console-ams.rpki-client.org