Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/tmATuX-VZA0yJNAC9-cLbhetqjk.roa
File: tmATuX-VZA0yJNAC9-cLbhetqjk.roa (raw, json)
Hash identifier: Tr5BC31Vik5STw9z4HyQr5H3bD0r0DhS787gnc5P0Cg=
Subject key identifier: B6:60:13:B9:7F:95:64:0D:32:24:D0:02:F7:E7:0B:6E:17:AD:AA:39
Certificate issuer: /CN=942588b91da9cca81b49e603a988e2b1eabddc98
Certificate serial: 018F28ED2A12A65F1275FB04A6E5CB080E3A
Authority key identifier: 94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/tmATuX-VZA0yJNAC9-cLbhetqjk.roa
Signing time: Mon 29 Apr 2024 08:16:22 +0000
ROA not before: Mon 29 Apr 2024 08:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210541
IP address blocks: 31.42.112.0/21 maxlen: 23
31.42.112.0/23 maxlen: 23
31.42.114.0/24 maxlen: 24
31.42.116.0/23 maxlen: 24
31.42.117.0/24 maxlen: 24
31.42.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:28:ed:2a:12:a6:5f:12:75:fb:04:a6:e5:cb:08:0e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942588b91da9cca81b49e603a988e2b1eabddc98
Validity
Not Before: Apr 29 08:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b66013b97f95640d3224d002f7e70b6e17adaa39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:74:45:05:4d:d3:da:50:25:94:3e:76:f5:d3:
e0:5a:45:64:63:2f:37:d4:71:c4:43:4b:38:d2:af:
38:ba:69:14:6d:e8:2b:e8:61:dd:00:30:41:1e:3e:
4b:07:4f:43:0d:00:3d:58:fb:66:f0:d7:b3:5b:e9:
ab:aa:66:eb:20:76:f9:e7:36:05:bf:1d:43:1d:5d:
73:af:c1:c5:13:75:5a:a7:10:f1:89:68:12:42:2e:
d8:6b:7e:78:ca:01:91:14:0b:0a:ed:3d:01:4a:70:
e2:79:f0:9d:f1:2d:dd:63:21:e4:a8:b6:ca:76:42:
95:d5:f9:6b:c3:b7:2d:03:b8:68:df:bf:42:85:c6:
93:93:d0:e5:92:5a:f0:fe:ec:d6:57:19:d5:14:56:
8e:03:eb:61:80:2e:1f:3d:b3:53:45:6f:00:c0:73:
1d:14:d4:5f:37:cf:e3:16:d9:8d:5f:00:19:1a:a4:
85:9f:5e:df:34:4b:98:ef:3c:ed:fb:9f:b7:5a:e5:
11:7f:a5:14:74:d9:7d:d9:49:8d:c2:0d:e3:31:eb:
b5:b0:30:a5:a5:69:ad:b5:54:15:00:14:e7:02:96:
41:87:6c:17:3f:19:3c:1f:69:a9:45:84:cc:88:da:
b8:0d:0a:f9:42:bf:00:52:4d:11:42:c2:1c:33:47:
42:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:60:13:B9:7F:95:64:0D:32:24:D0:02:F7:E7:0B:6E:17:AD:AA:39
X509v3 Authority Key Identifier:
keyid:94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/tmATuX-VZA0yJNAC9-cLbhetqjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.112.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:74:80:a4:a6:93:55:64:78:c7:66:d8:e6:66:dc:16:0f:f9:
cf:c3:f2:d0:ad:79:db:d2:8a:3f:74:3b:b9:8f:9a:8b:58:41:
b1:f0:08:b5:88:29:08:99:be:f4:f9:09:11:9e:1e:e4:4b:f2:
dc:82:d6:6f:bd:6b:b4:be:f4:1e:f1:c7:ae:fe:c9:06:af:16:
ca:30:c5:1e:24:bd:46:6f:e0:12:3a:04:5a:e7:6d:92:b7:56:
24:c0:7e:bb:66:9d:cf:23:e3:b8:a8:06:61:aa:15:66:62:37:
89:f3:de:d6:db:2e:5f:d7:3b:f7:13:e7:83:e0:72:cb:f2:04:
9e:6c:10:9d:b4:a0:24:0a:38:a1:e8:9a:2a:ad:6b:9d:d9:e2:
ad:24:3e:a1:0f:8d:5c:ab:8a:f3:6d:d6:3b:7f:dc:88:aa:03:
cd:b2:ea:50:fd:21:3d:aa:db:ce:bb:74:e5:71:b3:aa:8d:24:
66:82:7c:e4:22:69:7f:fe:fa:10:3e:29:0c:ca:cc:ae:fa:26:
7d:2c:f8:f2:79:42:cc:fa:70:f7:b2:01:74:54:61:b4:fb:a1:
29:29:69:5c:18:b9:cc:9c:38:d7:ad:a6:c6:e1:05:5c:60:3e:
c9:66:9f:f5:de:72:b5:da:74:41:9d:7f:b0:e0:3e:1f:38:53:
20:73:49:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8o7SoSpl8SdfsEpuXLCA46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MjU4OGI5MWRhOWNjYTgxYjQ5ZTYwM2E5ODhlMmIxZWFi
ZGRjOTgwHhcNMjQwNDI5MDgxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjYwMTNiOTdmOTU2NDBkMzIyNGQwMDJmN2U3MGI2ZTE3YWRhYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHRFBU3T2lAllD529dPgWkVkYy83
1HHEQ0s40q84umkUbegr6GHdADBBHj5LB09DDQA9WPtm8NezW+mrqmbrIHb55zYF
vx1DHV1zr8HFE3VapxDxiWgSQi7Ya354ygGRFAsK7T0BSnDiefCd8S3dYyHkqLbK
dkKV1flrw7ctA7ho379ChcaTk9Dlklrw/uzWVxnVFFaOA+thgC4fPbNTRW8AwHMd
FNRfN8/jFtmNXwAZGqSFn17fNEuY7zzt+5+3WuURf6UUdNl92UmNwg3jMeu1sDCl
pWmttVQVABTnApZBh2wXPxk8H2mpRYTMiNq4DQr5Qr8AUk0RQsIcM0dCMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZgE7l/lWQNMiTQAvfnC24Xrao5MB8GA1UdIwQY
MBaAFJQliLkdqcyoG0nmA6mI4rHqvdyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQt
NjVkYWFkNjMyOTU3LzEvdG1BVHVYLVZaQTB5Sk5BQzktY0xiaGV0cWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQtNjVkYWFkNjMyOTU3
LzEvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDHypwMA0G
CSqGSIb3DQEBCwUAA4IBAQCKdICkppNVZHjHZtjmZtwWD/nPw/LQrXnb0oo/dDu5
j5qLWEGx8Ai1iCkImb70+QkRnh7kS/LcgtZvvWu0vvQe8ceu/skGrxbKMMUeJL1G
b+ASOgRa522St1YkwH67Zp3PI+O4qAZhqhVmYjeJ897W2y5f1zv3E+eD4HLL8gSe
bBCdtKAkCjih6JoqrWud2eKtJD6hD41cq4rzbdY7f9yIqgPNsupQ/SE9qtvOu3Tl
cbOqjSRmgnzkIml//voQPikMysyu+iZ9LPjyeULM+nD3sgF0VGG0+6EpKWlcGLnM
nDjXrabG4QVcYD7JZp/13nK12nRBnX+w4D4fOFMgc0nd
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:49:03 2024 by rpki-client on console-fra.rpki-client.org