Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/5005b4-301d-4a5b-9c96-43883487e492/1/D9NwI2i9GWnwqtTMP-lMhwE-_uY.roa
File: D9NwI2i9GWnwqtTMP-lMhwE-_uY.roa (raw, json)
Hash identifier: UEJwezP2RTY1UeQEIHCEg50vo8uEDHb88wpWoWJ/KCo=
Subject key identifier: 0F:D3:70:23:68:BD:19:69:F0:AA:D4:CC:3F:E9:4C:87:01:3E:FE:E6
Certificate issuer: /CN=cdb63efa269a1411754e1cdaab848fb06fa08411
Certificate serial: 0192FC55E87418C2E7EE760CA333F518AA24
Authority key identifier: CD:B6:3E:FA:26:9A:14:11:75:4E:1C:DA:AB:84:8F:B0:6F:A0:84:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbY--iaaFBF1Thzaq4SPsG-ghBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/5005b4-301d-4a5b-9c96-43883487e492/1/D9NwI2i9GWnwqtTMP-lMhwE-_uY.roa
Signing time: Tue 05 Nov 2024 12:39:01 +0000
ROA not before: Tue 05 Nov 2024 12:39:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42714
IP address blocks: 31.170.128.0/19 maxlen: 24
31.170.128.0/20 maxlen: 24
31.170.144.0/21 maxlen: 24
31.170.152.0/21 maxlen: 24
193.200.38.0/24 maxlen: 24
193.200.39.0/24 maxlen: 24
195.211.184.0/22 maxlen: 24
2a02:7640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/5005b4-301d-4a5b-9c96-43883487e492/1/zbY--iaaFBF1Thzaq4SPsG-ghBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/5005b4-301d-4a5b-9c96-43883487e492/1/zbY--iaaFBF1Thzaq4SPsG-ghBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zbY--iaaFBF1Thzaq4SPsG-ghBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:55:e8:74:18:c2:e7:ee:76:0c:a3:33:f5:18:aa:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb63efa269a1411754e1cdaab848fb06fa08411
Validity
Not Before: Nov 5 12:39:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fd3702368bd1969f0aad4cc3fe94c87013efee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d1:ec:22:e0:cd:1c:7b:5b:cf:8e:bd:1b:eb:
68:57:41:39:b9:99:98:24:cc:7e:b9:22:62:fd:7b:
72:d7:77:c9:f5:62:89:f0:80:f0:fd:51:40:61:0b:
c0:13:b3:3f:d3:c6:16:15:bc:29:89:6f:da:72:1b:
11:0b:40:e7:a5:79:42:ca:4d:c7:43:f9:c6:9b:e1:
31:63:5e:6a:0d:04:41:c9:94:67:80:e1:09:0d:cf:
d9:a1:f8:16:f4:22:93:68:90:00:ae:82:6d:50:35:
4a:f8:f2:cf:06:ba:f6:5e:5e:7f:35:f7:84:5f:c2:
36:79:98:76:12:d8:18:f1:34:5e:5a:f3:e1:f8:35:
15:ce:44:d9:39:38:06:d3:5d:1b:64:b5:15:b5:44:
98:56:69:42:38:81:8f:af:93:41:b2:64:f8:54:5f:
b8:30:7d:40:1b:ac:bd:15:10:76:4f:81:2b:b8:54:
ad:34:9b:1c:02:27:a3:63:3c:58:d6:4f:1e:ae:8e:
fb:7b:51:fe:0a:16:d0:b1:90:d2:31:5b:1b:f5:b6:
0e:98:a3:b8:8f:6d:1d:32:37:ef:82:86:75:bb:32:
e8:a2:af:a1:14:7f:6a:71:f4:b4:4a:10:3f:12:a5:
f1:96:e6:a7:12:e6:4f:29:46:6f:75:9a:cf:a2:dc:
fb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D3:70:23:68:BD:19:69:F0:AA:D4:CC:3F:E9:4C:87:01:3E:FE:E6
X509v3 Authority Key Identifier:
keyid:CD:B6:3E:FA:26:9A:14:11:75:4E:1C:DA:AB:84:8F:B0:6F:A0:84:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbY--iaaFBF1Thzaq4SPsG-ghBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5005b4-301d-4a5b-9c96-43883487e492/1/D9NwI2i9GWnwqtTMP-lMhwE-_uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/5005b4-301d-4a5b-9c96-43883487e492/1/zbY--iaaFBF1Thzaq4SPsG-ghBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.128.0/19
193.200.38.0/23
195.211.184.0/22
IPv6:
2a02:7640::/32
Signature Algorithm: sha256WithRSAEncryption
25:fc:28:41:e6:85:4f:02:86:f6:18:02:00:c6:16:93:5f:87:
07:67:68:ff:65:25:a3:38:46:f7:2d:0b:73:bf:ae:8f:c0:57:
fe:f7:7a:30:e4:f4:e8:38:91:22:8f:5f:07:62:ca:08:9c:85:
6e:e3:fc:79:05:54:bc:3d:a3:4e:a6:c8:c2:3d:6f:3a:c5:8f:
16:81:36:f6:47:07:4b:91:ea:ed:59:59:3f:9f:ac:97:fe:fa:
32:0c:e1:27:2f:4b:28:e1:7d:9b:74:42:f7:1f:92:aa:fe:0f:
b6:9d:9d:55:63:8f:be:5e:d5:a6:83:83:7d:de:9b:df:8c:fc:
ad:22:1c:eb:5c:11:20:57:ab:38:2e:4a:f1:64:b3:d6:1f:dd:
23:16:8a:bc:d5:bb:65:ce:58:d7:58:d6:01:9a:65:0e:ba:bf:
02:13:1d:8c:ea:cc:92:15:9d:90:b8:cb:98:d6:86:24:45:34:
9f:b5:46:f4:73:15:b6:d4:56:69:e4:25:b1:87:b7:b1:e1:f2:
70:41:49:bb:f2:97:8c:39:b6:d8:a8:92:d8:41:70:43:f5:a0:
c3:3c:b2:c0:6b:f2:5b:60:16:d8:d5:2a:65:2d:c9:b8:b6:f4:
5f:03:e1:80:8a:3c:97:7e:4f:d7:58:b4:de:69:0c:29:e1:2c:
bd:d8:7d:a3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZL8Veh0GMLn7nYMozP1GKokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjYzZWZhMjY5YTE0MTE3NTRlMWNkYWFiODQ4ZmIwNmZh
MDg0MTEwHhcNMjQxMTA1MTIzOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQzNzAyMzY4YmQxOTY5ZjBhYWQ0Y2MzZmU5NGM4NzAxM2VmZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dHsIuDNHHtbz469G+toV0E5uZmY
JMx+uSJi/Xty13fJ9WKJ8IDw/VFAYQvAE7M/08YWFbwpiW/achsRC0DnpXlCyk3H
Q/nGm+ExY15qDQRByZRngOEJDc/ZofgW9CKTaJAAroJtUDVK+PLPBrr2Xl5/NfeE
X8I2eZh2EtgY8TReWvPh+DUVzkTZOTgG010bZLUVtUSYVmlCOIGPr5NBsmT4VF+4
MH1AG6y9FRB2T4EruFStNJscAiejYzxY1k8ero77e1H+ChbQsZDSMVsb9bYOmKO4
j20dMjfvgoZ1uzLooq+hFH9qcfS0ShA/EqXxluanEuZPKUZvdZrPotz72wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA/TcCNovRlp8KrUzD/pTIcBPv7mMB8GA1UdIwQY
MBaAFM22PvommhQRdU4c2quEj7BvoIQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJZLS1pYWFGQkYxVGh6YXE0U1BzRy1naEJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS81MDA1YjQtMzAxZC00YTViLTljOTYt
NDM4ODM0ODdlNDkyLzEvRDlOd0kyaTlHV253cXRUTVAtbE1od0UtX3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS81MDA1YjQtMzAxZC00YTViLTljOTYtNDM4ODM0ODdlNDky
LzEvemJZLS1pYWFGQkYxVGh6YXE0U1BzRy1naEJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFH6qAAwQB
wcgmAwQCw9O4MA0EAgACMAcDBQAqAnZAMA0GCSqGSIb3DQEBCwUAA4IBAQAl/ChB
5oVPAob2GAIAxhaTX4cHZ2j/ZSWjOEb3LQtzv66PwFf+93ow5PToOJEij18HYsoI
nIVu4/x5BVS8PaNOpsjCPW86xY8WgTb2RwdLkertWVk/n6yX/voyDOEnL0so4X2b
dEL3H5Kq/g+2nZ1VY4++XtWmg4N93pvfjPytIhzrXBEgV6s4LkrxZLPWH90jFoq8
1btlzljXWNYBmmUOur8CEx2M6sySFZ2QuMuY1oYkRTSftUb0cxW21FZp5CWxh7ex
4fJwQUm78peMObbYqJLYQXBD9aDDPLLAa/JbYBbY1SplLcm4tvRfA+GAijyXfk/X
WLTeaQwp4Sy92H2j
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:22:04 2024 by rpki-client on console-ams.rpki-client.org