Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/6DIruzDtNLKY1KvbdU4FS7XhypI.roa
File: 6DIruzDtNLKY1KvbdU4FS7XhypI.roa (raw, json)
Hash identifier: 53jiJ/d4P/JJYdJgNQ8EuImodhF9BPPsybfL9g9nxqk=
Subject key identifier: E8:32:2B:BB:30:ED:34:B2:98:D4:AB:DB:75:4E:05:4B:B5:E1:CA:92
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018CC7953325470999368C4CC127BEB443FF
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/6DIruzDtNLKY1KvbdU4FS7XhypI.roa
Signing time: Tue 02 Jan 2024 00:31:33 +0000
ROA not before: Tue 02 Jan 2024 00:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50437
IP address blocks: 31.131.164.0/22 maxlen: 22
46.151.224.0/22 maxlen: 22
176.116.132.0/22 maxlen: 22
176.116.131.0/24 maxlen: 24
176.116.128.0/24 maxlen: 24
176.116.130.0/24 maxlen: 24
176.116.129.0/24 maxlen: 24
46.151.228.0/22 maxlen: 22
91.228.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:33:25:47:09:99:36:8c:4c:c1:27:be:b4:43:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 2 00:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8322bbb30ed34b298d4abdb754e054bb5e1ca92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c5:7c:8e:c0:c9:46:65:01:13:5a:66:58:29:
a5:af:34:97:7f:03:67:88:fe:50:68:d4:1c:69:75:
bd:91:33:b8:81:02:84:ef:85:b8:2a:da:02:2f:38:
10:28:ad:b1:7c:66:d2:72:db:85:26:7f:d3:97:b5:
d0:f6:bc:c2:de:f2:a3:83:53:d3:4b:2a:10:c0:fb:
6e:dd:24:64:c1:19:aa:10:4e:85:e9:66:b0:b0:4e:
64:7a:70:73:f4:da:d8:df:6b:54:26:cf:49:ff:a9:
14:2b:99:c4:92:62:61:f4:34:fc:af:82:a8:6e:8a:
40:00:6b:fc:d1:da:2b:99:9d:3d:0c:c7:b9:8a:a6:
6a:02:02:f7:c4:96:a7:32:93:e6:ba:d3:4b:d3:b5:
d8:c1:a0:29:4f:e4:05:58:5d:75:4e:67:88:df:48:
1a:9f:0e:5d:cb:77:b6:1b:30:22:79:f4:0b:2b:20:
19:8e:2f:0c:8f:e0:0d:e3:0b:4b:b4:a3:38:aa:3a:
5f:b6:19:73:64:86:aa:e1:ef:12:2c:ee:08:2c:40:
db:81:e2:f7:65:c5:18:42:43:21:b3:f8:b3:2c:29:
56:b8:87:61:9e:ca:89:a4:80:6c:74:8d:90:31:64:
c9:de:85:b1:47:aa:37:8a:5c:a9:c8:55:ba:f1:9d:
76:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:32:2B:BB:30:ED:34:B2:98:D4:AB:DB:75:4E:05:4B:B5:E1:CA:92
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/6DIruzDtNLKY1KvbdU4FS7XhypI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.164.0/22
46.151.224.0/21
91.228.145.0/24
176.116.128.0/21
Signature Algorithm: sha256WithRSAEncryption
4e:0a:19:e9:af:97:a8:7a:a9:46:f6:d6:2f:9f:89:f1:d0:ce:
a8:e8:f0:26:e0:56:55:ab:40:ba:ab:45:8a:c3:a5:9f:5c:fa:
f8:75:b0:c8:18:95:95:37:d2:93:cb:2b:0b:e4:20:7e:37:c5:
2e:ee:ee:3a:ad:74:41:b3:36:86:9d:b3:e2:83:ba:5f:71:a7:
9f:8e:23:ae:fd:82:6f:dc:fa:53:68:b0:cb:bd:51:6f:98:89:
6b:8e:ba:5e:b4:00:95:7f:00:9f:76:98:db:80:15:12:d1:97:
94:b5:f0:2c:a4:bf:a8:6a:c4:26:dd:8b:ea:30:f3:56:23:f4:
7a:18:0a:af:5b:56:20:e5:04:23:e3:d2:c8:ce:6e:b7:5c:5e:
ca:6b:33:13:75:f3:97:16:0a:48:39:e2:3f:19:ad:31:9b:0d:
8b:f9:6c:98:a1:a8:2a:41:ea:9c:07:af:35:a7:fd:08:6d:50:
99:e3:a7:c8:83:9a:58:55:94:cf:72:ff:14:bc:68:2a:6b:a4:
61:04:52:b9:c1:92:39:22:95:cc:eb:94:8d:a5:74:af:57:0f:
98:27:fa:9a:ba:e1:28:95:fe:97:19:23:8c:77:48:be:41:b2:
0e:21:43:9c:c8:fc:0c:d3:0a:c0:ce:e4:81:f6:ac:20:92:79:
be:1b:53:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlTMlRwmZNoxMwSe+tEP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODMyMmJiYjMwZWQzNGIyOThkNGFiZGI3NTRlMDU0YmI1ZTFjYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosV8jsDJRmUBE1pmWCmlrzSXfwNn
iP5QaNQcaXW9kTO4gQKE74W4KtoCLzgQKK2xfGbSctuFJn/Tl7XQ9rzC3vKjg1PT
SyoQwPtu3SRkwRmqEE6F6WawsE5kenBz9NrY32tUJs9J/6kUK5nEkmJh9DT8r4Ko
bopAAGv80dormZ09DMe5iqZqAgL3xJanMpPmutNL07XYwaApT+QFWF11TmeI30ga
nw5dy3e2GzAiefQLKyAZji8Mj+AN4wtLtKM4qjpfthlzZIaq4e8SLO4ILEDbgeL3
ZcUYQkMhs/izLClWuIdhnsqJpIBsdI2QMWTJ3oWxR6o3ilypyFW68Z12kwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOgyK7sw7TSymNSr23VOBUu14cqSMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvNkRJcnV6RHROTEtZMUt2YmRVNEZTN1hoeXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4OkAwQD
LpfgAwQAW+SRAwQDsHSAMA0GCSqGSIb3DQEBCwUAA4IBAQBOChnpr5eoeqlG9tYv
n4nx0M6o6PAm4FZVq0C6q0WKw6WfXPr4dbDIGJWVN9KTyysL5CB+N8Uu7u46rXRB
szaGnbPig7pfcaefjiOu/YJv3PpTaLDLvVFvmIlrjrpetACVfwCfdpjbgBUS0ZeU
tfAspL+oasQm3YvqMPNWI/R6GAqvW1Yg5QQj49LIzm63XF7KazMTdfOXFgpIOeI/
Ga0xmw2L+WyYoagqQeqcB681p/0IbVCZ46fIg5pYVZTPcv8UvGgqa6RhBFK5wZI5
IpXM65SNpXSvVw+YJ/qauuEolf6XGSOMd0i+QbIOIUOcyPwM0wrAzuSB9qwgknm+
G1Oa
-----END CERTIFICATE-----
Generated at Wed May 15 19:53:23 2024 by rpki-client on console-ams.rpki-client.org