Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/jihCSe2NR3XhVl-EPY_j3BKggtA.roa
File: jihCSe2NR3XhVl-EPY_j3BKggtA.roa (raw, json)
Hash identifier: q/tB82o0FR45ki+wreGCrseoxm3RgTA3Y1L5aA7xphs=
Subject key identifier: 8E:28:42:49:ED:8D:47:75:E1:56:5F:84:3D:8F:E3:DC:12:A0:82:D0
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018EADE7BA86D11C47F1C562BB30A932E816
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/jihCSe2NR3XhVl-EPY_j3BKggtA.roa
Signing time: Fri 05 Apr 2024 10:57:08 +0000
ROA not before: Fri 05 Apr 2024 10:57:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 31.57.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:e7:ba:86:d1:1c:47:f1:c5:62:bb:30:a9:32:e8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Apr 5 10:57:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e284249ed8d4775e1565f843d8fe3dc12a082d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6d:0a:35:7f:ab:61:a4:89:63:fd:49:83:78:
a6:2e:0f:5d:6b:ae:73:c9:f6:48:4a:5b:85:f5:97:
8d:ed:c7:46:22:9a:a4:68:0e:7e:ed:2b:df:9c:be:
f6:c6:86:b2:94:0f:f7:35:ba:a5:fa:a3:1f:dc:13:
71:34:00:f5:c9:39:ff:ef:12:13:0a:7d:7c:2f:27:
3a:6d:46:cf:b0:29:b4:0e:3e:17:a6:d6:00:bf:25:
98:49:f5:bd:7a:c4:44:69:cf:d9:c1:3d:ab:4a:85:
a6:04:d4:7c:e1:a0:56:bc:44:95:8a:5f:f1:a2:65:
47:1f:0e:a1:05:1d:0b:e4:9c:b6:03:0c:7b:72:67:
89:52:92:8d:12:09:9d:30:2f:e1:05:0d:c7:ab:b2:
67:8e:56:2c:44:09:bf:ff:3f:0b:1d:20:5e:fe:24:
83:dc:e3:62:4c:c0:49:35:9b:48:a8:c4:dd:ec:d1:
16:27:2d:f7:f1:82:0e:13:df:fb:92:11:96:51:30:
a2:f7:35:3e:5d:9c:1c:84:83:01:55:c6:4e:84:e1:
b0:01:e4:98:ed:2f:0d:d5:55:f9:08:5f:34:b5:56:
96:a4:e6:3f:f6:11:34:80:6b:05:38:b3:62:b2:05:
99:a5:c7:54:5a:33:53:e5:ef:7d:33:63:43:ca:c4:
36:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:28:42:49:ED:8D:47:75:E1:56:5F:84:3D:8F:E3:DC:12:A0:82:D0
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/jihCSe2NR3XhVl-EPY_j3BKggtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:d3:80:7b:c0:13:fd:6a:01:30:87:0a:30:25:dd:60:65:71:
ab:8a:91:03:25:00:aa:3f:6b:ea:d5:ad:70:68:03:c0:f0:29:
3f:e1:7f:0b:7e:8e:d3:81:cc:4d:11:ed:07:37:86:76:3c:99:
5e:14:d8:df:da:f2:4a:0b:e9:4d:dd:6f:64:14:8c:a5:b7:59:
ea:4a:8e:ca:92:ea:92:19:de:55:b1:17:58:f2:ea:52:b9:9e:
5f:57:9e:02:41:da:f0:54:7e:6d:d0:0d:7b:36:d0:57:a4:dd:
0a:ea:35:6b:ae:d1:7f:8f:4b:8c:99:cb:9d:91:e4:a6:8a:cd:
13:d4:da:8b:70:65:26:d0:5c:dc:3e:eb:1c:17:20:06:74:53:
bf:00:8d:82:c5:bf:48:c6:97:eb:e2:90:3a:90:92:e1:23:15:
01:86:9e:9a:ab:6e:a7:40:7e:d3:df:c6:d9:34:0b:26:87:63:
78:71:e2:1e:40:9c:73:30:cb:a8:ce:3b:fa:9c:de:2c:88:6b:
ee:f7:ca:e9:b0:ae:34:bb:cb:f8:1e:a6:68:2d:6e:2f:52:75:
c7:1c:20:40:b4:87:fa:53:b7:fb:fa:a2:c6:3e:90:d6:41:89:
fe:c6:82:5d:cd:29:a0:a4:11:92:41:da:56:58:4f:3b:7f:a3:
41:f8:9d:b7
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAY6t57qG0RxH8cViuzCpMugWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNDA1MTA1NzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTI4NDI0OWVkOGQ0Nzc1ZTE1NjVmODQzZDhmZTNkYzEyYTA4MmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym0KNX+rYaSJY/1Jg3imLg9da65z
yfZISluF9ZeN7cdGIpqkaA5+7SvfnL72xoaylA/3Nbql+qMf3BNxNAD1yTn/7xIT
Cn18Lyc6bUbPsCm0Dj4XptYAvyWYSfW9esREac/ZwT2rSoWmBNR84aBWvESVil/x
omVHHw6hBR0L5Jy2Awx7cmeJUpKNEgmdMC/hBQ3Hq7JnjlYsRAm//z8LHSBe/iSD
3ONiTMBJNZtIqMTd7NEWJy338YIOE9/7khGWUTCi9zU+XZwchIMBVcZOhOGwAeSY
7S8N1VX5CF80tVaWpOY/9hE0gGsFOLNisgWZpcdUWjNT5e99M2NDysQ2GQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFI4oQkntjUd14VZfhD2P49wSoILQMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvamloQ1NlMk5SM1hoVmwtRVBZX2ozQktnZ3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAHzkwDQYJ
KoZIhvcNAQELBQADggEBAATTgHvAE/1qATCHCjAl3WBlcauKkQMlAKo/a+rVrXBo
A8DwKT/hfwt+jtOBzE0R7Qc3hnY8mV4U2N/a8koL6U3db2QUjKW3WepKjsqS6pIZ
3lWxF1jy6lK5nl9XngJB2vBUfm3QDXs20Fek3QrqNWuu0X+PS4yZy52R5KaKzRPU
2otwZSbQXNw+6xwXIAZ0U78AjYLFv0jGl+vikDqQkuEjFQGGnpqrbqdAftPfxtk0
CyaHY3hx4h5AnHMwy6jOO/qc3iyIa+73yumwrjS7y/gepmgtbi9SdcccIEC0h/pT
t/v6osY+kNZBif7Ggl3NKaCkEZJB2lZYTzt/o0H4nbc=
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:04:47 2024 by rpki-client on console-fra.rpki-client.org