Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/_qRr_hYypyBPLYoGSzYhoIebQgs.roa
File: _qRr_hYypyBPLYoGSzYhoIebQgs.roa (raw, json)
Hash identifier: mXfpkQOOejnhb2BZNrE/tm/lroZTBepBrnyt2Girav8=
Subject key identifier: FE:A4:6B:FE:16:32:A7:20:4F:2D:8A:06:4B:36:21:A0:87:9B:42:0B
Certificate issuer: /CN=3eecd4caa9a3a57715e3d5d66bccd7185afe40da
Certificate serial: 018CC348B636732EC0A9C9A7EDEC06F1157B
Authority key identifier: 3E:EC:D4:CA:A9:A3:A5:77:15:E3:D5:D6:6B:CC:D7:18:5A:FE:40:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/_qRr_hYypyBPLYoGSzYhoIebQgs.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12678
IP address blocks: 159.253.176.0/22 maxlen: 22
159.253.180.0/24 maxlen: 24
185.153.128.0/22 maxlen: 24
159.253.181.0/24 maxlen: 24
31.222.64.0/22 maxlen: 23
31.222.70.0/24 maxlen: 24
31.222.70.0/23 maxlen: 23
31.222.71.0/24 maxlen: 24
31.222.66.0/23 maxlen: 24
31.222.68.0/23 maxlen: 23
31.222.72.0/22 maxlen: 24
31.222.78.0/23 maxlen: 24
31.222.76.0/23 maxlen: 23
2a00:aea0:213::/48 maxlen: 48
2a00:aea0:113::/48 maxlen: 48
2a00:aea0:211::/48 maxlen: 48
2a00:aea0:111::/48 maxlen: 48
2a00:aea0:212::/48 maxlen: 48
2a00:aea0:112::/48 maxlen: 48
2a00:aea0:6500::/40 maxlen: 40
2a00:aea0:600::/40 maxlen: 40
2a00:aea0:200::/40 maxlen: 40
2a00:aea0:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.mft
rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b6:36:73:2e:c0:a9:c9:a7:ed:ec:06:f1:15:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eecd4caa9a3a57715e3d5d66bccd7185afe40da
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fea46bfe1632a7204f2d8a064b3621a0879b420b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:09:83:b8:f0:b8:32:cc:ed:72:2a:e0:57:54:
76:53:79:59:4c:13:ac:83:73:9c:57:c1:10:77:13:
7b:49:7c:89:0e:9a:cc:3b:bd:93:81:3a:f6:81:6c:
5f:20:54:bd:af:e2:a9:cc:3d:4b:e6:be:8d:6a:ba:
53:7d:c1:e8:c1:86:b1:e8:48:02:b1:9f:17:51:27:
1a:57:40:6b:b9:dd:12:66:99:97:cd:e6:22:ad:62:
e6:ed:4a:82:9c:09:64:96:cb:b0:18:2b:99:16:61:
da:36:bb:ff:0f:1b:ce:9e:f9:cf:a0:88:95:12:50:
a0:61:5b:8c:36:c4:93:dc:75:fb:df:ff:ef:91:0c:
48:33:5f:50:7d:d1:cd:c1:e9:f8:b4:3b:dc:e5:5f:
75:77:98:e3:71:61:f3:46:a0:a2:14:43:58:ce:62:
a5:44:b7:f7:f7:97:2e:06:b7:29:4e:8e:b8:b8:50:
3f:3b:db:5d:56:3e:9b:2c:3b:7b:63:bb:91:60:b4:
ca:77:98:f6:1a:de:a8:9a:5a:0e:96:db:97:37:48:
49:ba:6c:33:22:88:eb:0f:c5:f3:60:d8:be:d9:0f:
1f:16:69:45:42:11:97:52:e5:c0:58:b0:44:81:be:
5c:79:ea:36:f6:d7:0e:8f:38:08:25:55:03:87:20:
8a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A4:6B:FE:16:32:A7:20:4F:2D:8A:06:4B:36:21:A0:87:9B:42:0B
X509v3 Authority Key Identifier:
keyid:3E:EC:D4:CA:A9:A3:A5:77:15:E3:D5:D6:6B:CC:D7:18:5A:FE:40:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/_qRr_hYypyBPLYoGSzYhoIebQgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.64.0/20
159.253.176.0-159.253.181.255
185.153.128.0/22
IPv6:
2a00:aea0:100::-2a00:aea0:2ff:ffff:ffff:ffff:ffff:ffff
2a00:aea0:600::/40
2a00:aea0:6500::/40
Signature Algorithm: sha256WithRSAEncryption
7d:83:b9:0f:58:d9:7d:73:52:ca:e7:9f:5e:93:44:28:3e:32:
88:c3:34:44:f2:dd:51:1f:8c:4a:05:6d:04:e3:e2:8d:b8:d5:
e6:4c:f4:9f:e2:61:53:73:49:4f:60:9f:44:08:58:fe:db:26:
4c:1b:9e:bb:55:22:82:c1:a5:40:17:3a:5c:6e:a8:3f:2c:44:
8d:cc:4d:58:6f:d9:fc:e8:27:bc:01:d3:a4:8b:60:7a:df:30:
ea:cc:c8:fb:33:c4:b7:33:81:67:fd:fa:46:15:f3:a2:d5:b3:
d6:a3:26:2c:9d:da:76:29:d1:5a:75:bf:d7:2b:88:7f:38:5f:
3f:7f:70:39:34:54:01:00:a3:ea:18:35:49:63:fa:63:89:22:
56:e7:a3:2c:2b:d6:f1:af:47:ee:6b:bf:1a:d2:94:ad:3a:78:
cb:b4:20:4d:7c:84:b3:52:4d:ab:71:c5:08:7d:7c:29:f3:08:
89:bb:16:c8:48:d8:d3:7b:5b:da:b7:d0:02:41:43:4a:dd:ac:
85:3d:7d:aa:ab:e1:69:30:20:51:89:fe:26:2c:d8:54:c2:1d:
cd:c3:ba:9d:d4:fe:6a:36:1f:74:99:66:1d:33:b5:19:e7:3e:
4d:c8:db:28:9c:c0:0b:51:18:d4:1b:b2:82:75:f4:65:f6:f5:
b7:ec:9f:2f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzDSLY2cy7Aqcmn7ewG8RV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNkNGNhYTlhM2E1NzcxNWUzZDVkNjZiY2NkNzE4NWFm
ZTQwZGEwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWE0NmJmZTE2MzJhNzIwNGYyZDhhMDY0YjM2MjFhMDg3OWI0MjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAmDuPC4MsztcirgV1R2U3lZTBOs
g3OcV8EQdxN7SXyJDprMO72TgTr2gWxfIFS9r+KpzD1L5r6NarpTfcHowYax6EgC
sZ8XUScaV0Brud0SZpmXzeYirWLm7UqCnAlklsuwGCuZFmHaNrv/DxvOnvnPoIiV
ElCgYVuMNsST3HX73//vkQxIM19QfdHNwen4tDvc5V91d5jjcWHzRqCiFENYzmKl
RLf395cuBrcpTo64uFA/O9tdVj6bLDt7Y7uRYLTKd5j2Gt6omloOltuXN0hJumwz
IojrD8XzYNi+2Q8fFmlFQhGXUuXAWLBEgb5ceeo29tcOjzgIJVUDhyCKKQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFP6ka/4WMqcgTy2KBks2IaCHm0ILMB8GA1UdIwQY
MBaAFD7s1Mqpo6V3FePV1mvM1xha/kDaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6VXlxbWpwWGNWNDlYV2E4elhHRnItUU5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNjQ1YjItYWYyZS00YzBkLTk4MTIt
NjllZWM1YjRiNTA1LzEvX3FScl9oWXlweUJQTFlvR1N6WWhvSWViUWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8zNjQ1YjItYWYyZS00YzBkLTk4MTItNjllZWM1YjRiNTA1
LzEvUHV6VXlxbWpwWGNWNDlYV2E4elhHRnItUU5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAgBAIAATAaAwQEH95AMAwD
BASf/bADBAGf/bQDBAK5mYAwKAQCAAIwIjAQAwYAKgCuoAEDBgAqAK6gAgMGACoA
rqAGAwYAKgCuoGUwDQYJKoZIhvcNAQELBQADggEBAH2DuQ9Y2X1zUsrnn16TRCg+
MojDNETy3VEfjEoFbQTj4o241eZM9J/iYVNzSU9gn0QIWP7bJkwbnrtVIoLBpUAX
OlxuqD8sRI3MTVhv2fzoJ7wB06SLYHrfMOrMyPszxLczgWf9+kYV86LVs9ajJiyd
2nYp0Vp1v9criH84Xz9/cDk0VAEAo+oYNUlj+mOJIlbnoywr1vGvR+5rvxrSlK06
eMu0IE18hLNSTatxxQh9fCnzCIm7FshI2NN7W9q30AJBQ0rdrIU9faqr4WkwIFGJ
/iYs2FTCHc3Dup3U/mo2H3SZZh0ztRnnPk3I2yicwAtRGNQbsoJ19GX29bfsny8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:33 2024 by rpki-client on console-ams.rpki-client.org