Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/1cf3f0-a036-4c76-8b09-5c535b746353/1/xU3rw0yRnalbfvke4mjkbJamhbU.roa
File: xU3rw0yRnalbfvke4mjkbJamhbU.roa (raw, json)
Hash identifier: LmGB/JMNe4NJFNXJLCj1qMLDg8gQNBPgir95sVQ01w8=
Subject key identifier: C5:4D:EB:C3:4C:91:9D:A9:5B:7E:F9:1E:E2:68:E4:6C:96:A6:85:B5
Certificate issuer: /CN=9706aa905465586424f387fdbd83648b72d946de
Certificate serial: 018CC64B06C2B9B37EE13BAA4FA8DE945ACE
Authority key identifier: 97:06:AA:90:54:65:58:64:24:F3:87:FD:BD:83:64:8B:72:D9:46:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lwaqkFRlWGQk84f9vYNki3LZRt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/1cf3f0-a036-4c76-8b09-5c535b746353/1/xU3rw0yRnalbfvke4mjkbJamhbU.roa
Signing time: Mon 01 Jan 2024 18:30:54 +0000
ROA not before: Mon 01 Jan 2024 18:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201964
IP address blocks: 31.187.84.0/22 maxlen: 22
31.187.87.0/24 maxlen: 24
185.55.84.0/22 maxlen: 22
2a02:4820::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/1cf3f0-a036-4c76-8b09-5c535b746353/1/lwaqkFRlWGQk84f9vYNki3LZRt4.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/1cf3f0-a036-4c76-8b09-5c535b746353/1/lwaqkFRlWGQk84f9vYNki3LZRt4.mft
rsync://rpki.ripe.net/repository/DEFAULT/lwaqkFRlWGQk84f9vYNki3LZRt4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:06:c2:b9:b3:7e:e1:3b:aa:4f:a8:de:94:5a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9706aa905465586424f387fdbd83648b72d946de
Validity
Not Before: Jan 1 18:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c54debc34c919da95b7ef91ee268e46c96a685b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fd:8f:00:f3:4a:2b:0b:f7:7f:ce:a1:6e:20:
e0:ba:d7:3a:af:b8:a5:70:ae:71:bd:d4:d9:1b:3d:
e7:a8:c5:ba:f9:80:25:9b:86:24:4d:4b:94:ed:db:
c9:cb:99:bc:40:32:57:3b:4b:a4:9f:15:6e:54:1c:
db:d7:66:d3:75:db:80:50:6e:a8:d5:b7:30:94:57:
d8:ef:82:14:0f:2f:52:91:6e:1a:ad:b5:e9:fc:d0:
0e:ff:ec:19:96:50:40:8f:e8:ba:14:e9:b0:8e:ea:
e2:de:14:14:c9:00:d9:ab:1a:9d:3b:ed:02:89:72:
6c:82:70:74:1a:0d:6c:94:71:50:d2:62:cc:0b:a9:
7d:c3:a4:29:8e:6c:67:29:9a:b0:c0:c4:ee:20:80:
05:9c:42:00:e0:bd:84:ac:d9:9b:3e:77:70:6d:f0:
b6:18:6a:86:ab:fc:c6:fa:fb:15:05:c9:28:46:e1:
72:7b:51:59:a7:6c:45:fe:e9:9b:21:9a:3e:93:f0:
05:f0:a5:38:3b:26:d8:33:08:0a:5f:55:2d:dd:3c:
d1:be:f0:1b:13:1f:8b:b7:67:f3:72:16:3b:ed:da:
c7:3a:a9:2d:31:8e:86:4e:87:e4:13:91:3a:43:1f:
c4:0a:70:77:0e:26:3b:70:76:df:98:10:63:8b:cc:
30:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4D:EB:C3:4C:91:9D:A9:5B:7E:F9:1E:E2:68:E4:6C:96:A6:85:B5
X509v3 Authority Key Identifier:
keyid:97:06:AA:90:54:65:58:64:24:F3:87:FD:BD:83:64:8B:72:D9:46:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwaqkFRlWGQk84f9vYNki3LZRt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/1cf3f0-a036-4c76-8b09-5c535b746353/1/xU3rw0yRnalbfvke4mjkbJamhbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/1cf3f0-a036-4c76-8b09-5c535b746353/1/lwaqkFRlWGQk84f9vYNki3LZRt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.84.0/22
185.55.84.0/22
IPv6:
2a02:4820::/32
Signature Algorithm: sha256WithRSAEncryption
5c:2b:4b:b5:5f:06:19:38:80:84:6a:28:5c:79:ba:af:27:10:
71:41:5e:d5:12:a1:06:9a:7f:27:63:03:9d:8a:95:24:05:3c:
f5:ce:72:ce:9d:e0:50:41:60:01:8c:71:64:c2:49:b5:2c:96:
ff:1e:e5:8f:cf:14:f1:33:fd:cd:8f:5e:bd:a5:74:b8:a8:23:
12:73:9e:f5:3a:b3:4b:91:24:a0:f7:17:2f:5b:4e:de:bb:84:
76:7b:37:72:98:58:6e:58:08:cd:74:9d:0c:af:ca:94:63:6a:
05:dd:f9:74:31:dd:cc:24:8a:e9:a4:0f:d7:83:e3:c3:6a:02:
2b:22:e8:cf:43:f3:ab:fb:0f:56:bd:7e:4f:35:19:b0:73:93:
1a:e5:aa:b0:93:3a:8b:13:b6:9f:80:e1:dd:18:cd:19:d3:e5:
aa:ca:8c:79:15:59:d8:1d:f9:bb:59:c6:13:6e:ca:66:b6:f2:
df:7a:08:8d:e7:57:50:bd:64:81:99:60:56:c9:15:48:ef:de:
b2:24:07:a9:73:ca:39:57:f6:38:47:3c:ff:bf:69:ed:09:80:
81:50:62:4b:9b:1c:5b:f4:f0:ad:f0:a3:c4:d2:dc:ca:37:b0:
f3:9d:84:39:b0:97:5c:12:69:0f:a8:f1:5c:7d:8c:cd:a3:0e:
75:d4:78:4b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSwbCubN+4TuqT6jelFrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MDZhYTkwNTQ2NTU4NjQyNGYzODdmZGJkODM2NDhiNzJk
OTQ2ZGUwHhcNMjQwMTAxMTgzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRkZWJjMzRjOTE5ZGE5NWI3ZWY5MWVlMjY4ZTQ2Yzk2YTY4NWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv2PAPNKKwv3f86hbiDgutc6r7il
cK5xvdTZGz3nqMW6+YAlm4YkTUuU7dvJy5m8QDJXO0uknxVuVBzb12bTdduAUG6o
1bcwlFfY74IUDy9SkW4arbXp/NAO/+wZllBAj+i6FOmwjuri3hQUyQDZqxqdO+0C
iXJsgnB0Gg1slHFQ0mLMC6l9w6QpjmxnKZqwwMTuIIAFnEIA4L2ErNmbPndwbfC2
GGqGq/zG+vsVBckoRuFye1FZp2xF/umbIZo+k/AF8KU4OybYMwgKX1Ut3TzRvvAb
Ex+Lt2fzchY77drHOqktMY6GTofkE5E6Qx/ECnB3DiY7cHbfmBBji8wwCwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMVN68NMkZ2pW375HuJo5GyWpoW1MB8GA1UdIwQY
MBaAFJcGqpBUZVhkJPOH/b2DZIty2UbeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHdhcWtGUmxXR1FrODRmOXZZTmtpM0xaUnQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8xY2YzZjAtYTAzNi00Yzc2LThiMDkt
NWM1MzViNzQ2MzUzLzEveFUzcncweVJuYWxiZnZrZTRtamtiSmFtaGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8xY2YzZjAtYTAzNi00Yzc2LThiMDktNWM1MzViNzQ2MzUz
LzEvbHdhcWtGUmxXR1FrODRmOXZZTmtpM0xaUnQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCH7tUAwQC
uTdUMA0EAgACMAcDBQAqAkggMA0GCSqGSIb3DQEBCwUAA4IBAQBcK0u1XwYZOICE
aihcebqvJxBxQV7VEqEGmn8nYwOdipUkBTz1znLOneBQQWABjHFkwkm1LJb/HuWP
zxTxM/3Nj169pXS4qCMSc571OrNLkSSg9xcvW07eu4R2ezdymFhuWAjNdJ0Mr8qU
Y2oF3fl0Md3MJIrppA/Xg+PDagIrIujPQ/Or+w9WvX5PNRmwc5Ma5aqwkzqLE7af
gOHdGM0Z0+Wqyox5FVnYHfm7WcYTbspmtvLfegiN51dQvWSBmWBWyRVI796yJAep
c8o5V/Y4Rzz/v2ntCYCBUGJLmxxb9PCt8KPE0tzKN7DznYQ5sJdcEmkPqPFcfYzN
ow511HhL
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:49:21 2024 by rpki-client on console-fra.rpki-client.org