Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/ZrzYAmGs-VUvz7f1ocFvpe8gzpU.roa
File: ZrzYAmGs-VUvz7f1ocFvpe8gzpU.roa (raw, json)
Hash identifier: mUvy8LY4BDUu5sAXkySh9jjR1xl8x3UXWQZhQpCJIJs=
Subject key identifier: 66:BC:D8:02:61:AC:F9:55:2F:CF:B7:F5:A1:C1:6F:A5:EF:20:CE:95
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018DF49C1EB6B8C971352ABDDD61DE297088
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/ZrzYAmGs-VUvz7f1ocFvpe8gzpU.roa
Signing time: Thu 29 Feb 2024 11:24:48 +0000
ROA not before: Thu 29 Feb 2024 11:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201776
IP address blocks: 31.40.132.0/24 maxlen: 24
31.40.134.0/24 maxlen: 24
31.40.137.0/24 maxlen: 24
31.40.138.0/24 maxlen: 24
31.40.140.0/24 maxlen: 24
31.40.143.0/24 maxlen: 24
31.40.151.0/24 maxlen: 24
31.40.153.0/24 maxlen: 24
31.40.162.0/23 maxlen: 23
31.40.165.0/24 maxlen: 24
31.40.167.0/24 maxlen: 24
31.40.172.0/23 maxlen: 23
31.40.178.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:9c:1e:b6:b8:c9:71:35:2a:bd:dd:61:de:29:70:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Feb 29 11:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66bcd80261acf9552fcfb7f5a1c16fa5ef20ce95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6b:b1:25:a0:e1:f6:0a:8f:b3:33:86:7c:bf:
a4:fe:58:5c:12:c1:aa:d5:14:e5:c5:a2:f1:e3:c8:
77:fe:b8:eb:51:95:86:90:eb:86:23:f9:39:d6:59:
33:79:21:dc:b7:f3:1e:10:59:5e:55:c6:2f:69:80:
c0:56:61:05:ed:05:63:f3:60:b6:35:f1:cd:99:75:
79:3d:12:3f:31:0c:86:5e:10:9d:b2:cc:98:22:19:
9e:58:f7:44:99:d7:6d:b4:d5:ba:fb:dd:5e:75:01:
91:73:d1:be:af:27:b1:b2:9a:d5:b5:d3:eb:85:49:
cb:31:0c:df:26:53:7a:22:c5:4e:ae:3d:a3:7e:5c:
8a:1a:f7:6f:1c:cc:90:a8:a6:51:63:17:4c:4b:6f:
11:fb:3b:1f:97:44:87:5b:41:4f:7c:8a:66:71:f6:
5b:3d:e3:cf:42:cd:78:e2:aa:20:2f:c1:e2:16:40:
60:0e:43:ac:44:88:bc:ab:45:6b:5a:82:b9:71:d3:
60:e1:91:19:b0:2e:2b:cf:ed:6f:f0:18:3a:7c:92:
68:81:13:09:09:a4:33:b2:2b:34:3b:1f:ac:3e:b9:
89:84:32:0f:20:74:e2:a7:92:37:5b:47:3a:d7:61:
7f:53:64:13:f6:e1:c7:af:76:24:fe:c6:31:e3:86:
8d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BC:D8:02:61:AC:F9:55:2F:CF:B7:F5:A1:C1:6F:A5:EF:20:CE:95
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/ZrzYAmGs-VUvz7f1ocFvpe8gzpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.132.0/24
31.40.134.0/24
31.40.137.0-31.40.138.255
31.40.140.0/24
31.40.143.0/24
31.40.151.0/24
31.40.153.0/24
31.40.162.0/23
31.40.165.0/24
31.40.167.0/24
31.40.172.0/23
31.40.178.0/23
Signature Algorithm: sha256WithRSAEncryption
85:89:c7:f1:74:43:1a:25:4f:88:d6:4c:8e:97:e4:11:d1:50:
f2:36:8b:84:a0:c5:26:81:75:ce:67:a2:f7:4c:dc:29:60:04:
28:01:44:86:bf:0b:16:f7:b8:fa:29:e3:9e:9b:d6:12:65:6e:
ca:63:26:ea:66:9b:75:28:d5:7b:e4:eb:68:50:2d:18:08:17:
66:19:e6:f3:14:84:0f:eb:7e:1c:be:c6:82:5e:63:f2:1a:f4:
36:d3:a6:eb:e9:e1:cc:6a:a8:9a:82:e9:9a:4a:cd:7c:17:57:
4e:71:fc:a4:97:da:8a:9c:0f:e9:1a:6e:6b:14:82:1c:e6:33:
a5:d2:76:af:9f:6d:bb:83:a9:cd:a6:9f:06:e0:89:f5:d0:eb:
7d:c1:79:75:5c:ab:57:0f:f7:5d:bf:5f:0f:e6:c6:3c:c2:2a:
7e:79:1d:ca:80:f2:cb:aa:59:3a:0c:6b:37:e5:b6:69:37:1a:
ad:e9:21:a3:a3:08:fc:43:90:62:45:f4:53:46:20:ab:3f:bc:
d5:d1:24:35:c3:fc:cc:b2:dd:aa:4d:76:5f:fe:e5:96:de:46:
7b:cb:3e:4a:b7:a7:73:9e:b3:d2:d7:6f:f9:95:eb:2a:a4:cd:
08:94:29:8e:0f:93:54:f1:71:1c:4e:cf:77:a6:3d:98:c8:95:
6f:33:e0:22
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY30nB62uMlxNSq93WHeKXCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjQwMjI5MTEyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmJjZDgwMjYxYWNmOTU1MmZjZmI3ZjVhMWMxNmZhNWVmMjBjZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGuxJaDh9gqPszOGfL+k/lhcEsGq
1RTlxaLx48h3/rjrUZWGkOuGI/k51lkzeSHct/MeEFleVcYvaYDAVmEF7QVj82C2
NfHNmXV5PRI/MQyGXhCdssyYIhmeWPdEmddttNW6+91edQGRc9G+ryexsprVtdPr
hUnLMQzfJlN6IsVOrj2jflyKGvdvHMyQqKZRYxdMS28R+zsfl0SHW0FPfIpmcfZb
PePPQs144qogL8HiFkBgDkOsRIi8q0VrWoK5cdNg4ZEZsC4rz+1v8Bg6fJJogRMJ
CaQzsis0Ox+sPrmJhDIPIHTip5I3W0c612F/U2QT9uHHr3Yk/sYx44aNOwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFGa82AJhrPlVL8+39aHBb6XvIM6VMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvWnJ6WUFtR3MtVlV2ejdmMW9jRnZwZThnenBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAHyiEAwQA
HyiGMAwDBAAfKIkDBAAfKIoDBAAfKIwDBAAfKI8DBAAfKJcDBAAfKJkDBAEfKKID
BAAfKKUDBAAfKKcDBAEfKKwDBAEfKLIwDQYJKoZIhvcNAQELBQADggEBAIWJx/F0
QxolT4jWTI6X5BHRUPI2i4SgxSaBdc5novdM3ClgBCgBRIa/Cxb3uPop456b1hJl
bspjJupmm3Uo1Xvk62hQLRgIF2YZ5vMUhA/rfhy+xoJeY/Ia9DbTpuvp4cxqqJqC
6ZpKzXwXV05x/KSX2oqcD+kabmsUghzmM6XSdq+fbbuDqc2mnwbgifXQ633BeXVc
q1cP912/Xw/mxjzCKn55HcqA8suqWToMazfltmk3Gq3pIaOjCPxDkGJF9FNGIKs/
vNXRJDXD/Myy3apNdl/+5ZbeRnvLPkq3p3Oes9LXb/mV6yqkzQiUKY4Pk1TxcRxO
z3emPZjIlW8z4CI=
-----END CERTIFICATE-----
Generated at Wed May 22 03:36:55 2024 by rpki-client on console-ams.rpki-client.org