Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/RKmdGADkx54SO9sVhuwlPCSt1RU.roa
File: RKmdGADkx54SO9sVhuwlPCSt1RU.roa (raw, json)
Hash identifier: qeabw04+OLp8cmK2D9ghl/gw6lcJcFUl4YiVyp2wYXg=
Subject key identifier: 44:A9:9D:18:00:E4:C7:9E:12:3B:DB:15:86:EC:25:3C:24:AD:D5:15
Certificate issuer: /CN=942588b91da9cca81b49e603a988e2b1eabddc98
Certificate serial: 018DC6784EFA17057549D5F27A84F323E029
Authority key identifier: 94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/RKmdGADkx54SO9sVhuwlPCSt1RU.roa
Signing time: Tue 20 Feb 2024 12:23:09 +0000
ROA not before: Tue 20 Feb 2024 12:23:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34661
IP address blocks: 31.42.124.0/22 maxlen: 22
193.110.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:78:4e:fa:17:05:75:49:d5:f2:7a:84:f3:23:e0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942588b91da9cca81b49e603a988e2b1eabddc98
Validity
Not Before: Feb 20 12:23:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44a99d1800e4c79e123bdb1586ec253c24add515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:06:3f:83:fc:cb:79:5e:a7:c1:77:79:3c:9b:
cf:4c:98:e7:5a:58:40:16:96:35:d2:eb:db:96:b3:
c8:46:7e:ed:4b:ff:8c:ac:97:a1:6e:56:c2:f2:9d:
93:7b:23:f5:72:f8:f2:32:f7:93:3c:2d:d1:03:5f:
51:44:e3:b4:6b:60:2e:c2:23:25:9f:d3:51:24:46:
c7:df:7a:71:dd:1e:1c:b0:ca:32:62:4f:0a:1b:ac:
9e:9a:39:55:50:2b:dd:18:32:cb:d8:fb:3c:66:04:
0d:00:df:42:93:f9:28:39:69:0a:74:e7:57:a2:b0:
3d:93:ae:a7:5e:88:cf:59:d4:4c:37:00:ae:01:0a:
0b:39:b9:ef:9d:39:d8:33:cc:6b:e7:e2:e9:40:2e:
21:94:62:fa:a6:2c:c1:9d:33:1a:11:29:bc:89:92:
56:00:ba:e9:e7:7b:44:89:cc:e7:6f:e2:8b:a3:97:
67:50:39:b0:cc:d3:82:66:38:0c:98:73:2e:23:72:
d5:4c:6e:9f:ad:fa:b7:dd:4a:9c:33:91:ca:2f:2e:
30:c2:0a:7a:48:41:59:ee:f4:77:5b:86:51:6c:06:
14:4e:39:f5:af:e3:c3:84:ce:f7:b0:be:4a:19:32:
e7:3c:1a:7c:a7:2e:88:1d:78:e6:ab:20:38:39:a1:
74:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A9:9D:18:00:E4:C7:9E:12:3B:DB:15:86:EC:25:3C:24:AD:D5:15
X509v3 Authority Key Identifier:
keyid:94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/RKmdGADkx54SO9sVhuwlPCSt1RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.124.0/22
193.110.20.0/22
Signature Algorithm: sha256WithRSAEncryption
57:ce:ed:33:34:f6:37:b7:f3:45:18:7b:d3:96:fc:ad:dd:65:
1e:34:7e:8b:50:a5:43:31:77:83:90:5f:80:16:b9:c9:80:27:
3b:c9:8e:41:b5:fb:be:5d:61:08:83:62:4c:5e:34:a6:00:ec:
5b:2a:eb:eb:ac:95:2f:5b:2d:7c:a5:d1:d1:1f:9c:13:d4:0a:
1a:e2:38:25:15:4c:46:64:f0:8c:3c:b0:80:47:09:32:bc:6b:
aa:8a:2f:76:6b:8d:8b:0a:a0:a8:fc:db:5e:34:80:e5:bb:21:
02:dd:c8:16:b0:11:b4:de:7f:f0:bd:f2:d9:6b:50:66:13:2d:
3c:38:6d:35:26:a6:59:8d:8d:e6:fa:21:af:1c:5e:ef:7f:5f:
f1:77:8a:c1:8a:59:88:2b:57:6b:69:60:72:15:6e:30:8c:9c:
3b:f7:c3:28:22:fc:ef:0a:4b:65:25:9e:cf:13:31:30:9a:76:
69:78:90:b6:05:71:1f:28:a0:51:cc:a5:c7:43:0c:2f:8a:50:
33:49:39:95:30:cc:ed:04:b6:6b:1d:7c:52:0e:86:79:2b:7e:
2c:ce:a2:cc:77:19:58:59:cc:7c:aa:f9:27:f4:b0:85:75:14:
e9:5f:9b:44:0d:ad:f6:63:4e:4c:3e:01:0d:a9:c7:0d:e1:55:
4c:c0:1e:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3GeE76FwV1SdXyeoTzI+ApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MjU4OGI5MWRhOWNjYTgxYjQ5ZTYwM2E5ODhlMmIxZWFi
ZGRjOTgwHhcNMjQwMjIwMTIyMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGE5OWQxODAwZTRjNzllMTIzYmRiMTU4NmVjMjUzYzI0YWRkNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgY/g/zLeV6nwXd5PJvPTJjnWlhA
FpY10uvblrPIRn7tS/+MrJehblbC8p2TeyP1cvjyMveTPC3RA19RROO0a2AuwiMl
n9NRJEbH33px3R4csMoyYk8KG6yemjlVUCvdGDLL2Ps8ZgQNAN9Ck/koOWkKdOdX
orA9k66nXojPWdRMNwCuAQoLObnvnTnYM8xr5+LpQC4hlGL6pizBnTMaESm8iZJW
ALrp53tEicznb+KLo5dnUDmwzNOCZjgMmHMuI3LVTG6frfq33UqcM5HKLy4wwgp6
SEFZ7vR3W4ZRbAYUTjn1r+PDhM73sL5KGTLnPBp8py6IHXjmqyA4OaF0iwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFESpnRgA5MeeEjvbFYbsJTwkrdUVMB8GA1UdIwQY
MBaAFJQliLkdqcyoG0nmA6mI4rHqvdyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQt
NjVkYWFkNjMyOTU3LzEvUkttZEdBRGt4NTRTTzlzVmh1d2xQQ1N0MVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQtNjVkYWFkNjMyOTU3
LzEvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHyp8AwQC
wW4UMA0GCSqGSIb3DQEBCwUAA4IBAQBXzu0zNPY3t/NFGHvTlvyt3WUeNH6LUKVD
MXeDkF+AFrnJgCc7yY5Btfu+XWEIg2JMXjSmAOxbKuvrrJUvWy18pdHRH5wT1Aoa
4jglFUxGZPCMPLCARwkyvGuqii92a42LCqCo/NteNIDluyEC3cgWsBG03n/wvfLZ
a1BmEy08OG01JqZZjY3m+iGvHF7vf1/xd4rBilmIK1draWByFW4wjJw798MoIvzv
CktlJZ7PEzEwmnZpeJC2BXEfKKBRzKXHQwwvilAzSTmVMMztBLZrHXxSDoZ5K34s
zqLMdxlYWcx8qvkn9LCFdRTpX5tEDa32Y05MPgENqccN4VVMwB7+
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:12:42 2024 by rpki-client on console-fra.rpki-client.org