Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/uaazccLN6Mk4sx0EaEhEvn5C3x0.roa
File: uaazccLN6Mk4sx0EaEhEvn5C3x0.roa (raw, json)
Hash identifier: v+tP2jEaMonsS2eBuWt5qEl+U+sbi9qBetOBwIDVmAo=
Subject key identifier: B9:A6:B3:71:C2:CD:E8:C9:38:B3:1D:04:68:48:44:BE:7E:42:DF:1D
Certificate issuer: /CN=958b37436a89faca2c4f7e60f9ac4d47a199ad66
Certificate serial: 019425FC08AA6E2D6920344FCB2F5FE0A268
Authority key identifier: 95:8B:37:43:6A:89:FA:CA:2C:4F:7E:60:F9:AC:4D:47:A1:99:AD:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lYs3Q2qJ-sosT35g-axNR6GZrWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/uaazccLN6Mk4sx0EaEhEvn5C3x0.roa
Signing time: Thu 02 Jan 2025 07:47:41 +0000
ROA not before: Thu 02 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198392
IP address blocks: 31.217.224.0/24 maxlen: 24
31.217.225.0/24 maxlen: 24
31.217.226.0/24 maxlen: 24
31.217.227.0/24 maxlen: 24
31.217.228.0/24 maxlen: 24
31.217.229.0/24 maxlen: 24
31.217.230.0/24 maxlen: 24
31.217.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/lYs3Q2qJ-sosT35g-axNR6GZrWY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/lYs3Q2qJ-sosT35g-axNR6GZrWY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lYs3Q2qJ-sosT35g-axNR6GZrWY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:08:aa:6e:2d:69:20:34:4f:cb:2f:5f:e0:a2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=958b37436a89faca2c4f7e60f9ac4d47a199ad66
Validity
Not Before: Jan 2 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9a6b371c2cde8c938b31d04684844be7e42df1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:ae:80:ca:66:e7:43:3f:1f:ea:8b:68:06:
83:86:63:b8:15:86:8b:74:70:32:bb:97:58:41:51:
30:a6:53:da:79:11:d9:94:d6:7d:c6:0b:51:b4:31:
ef:22:a7:c9:d7:ab:dc:3d:8a:2d:98:ad:3f:ff:dd:
5e:d0:52:dd:f3:71:77:25:84:98:cf:4b:16:46:de:
52:c3:ec:85:80:cb:20:b8:b0:4b:69:55:d7:1b:1c:
ad:ec:ce:10:c0:07:8e:46:c8:85:11:fe:9e:c1:8e:
50:be:fe:36:e1:d2:ad:3d:ac:f8:7d:5b:e2:5f:0e:
fc:7a:78:d0:8e:27:56:5f:03:ca:33:f6:14:31:26:
46:42:50:05:6c:49:b8:47:2f:19:94:af:52:04:06:
67:e7:ed:e9:b8:b3:ce:06:69:ef:33:70:8f:38:39:
76:b7:6f:e2:cc:3f:4a:73:c5:7a:20:98:fc:2c:62:
9d:2f:62:de:8a:14:2c:28:08:ec:6f:80:76:b5:cb:
42:7c:82:1e:5b:a5:ac:3f:37:05:1d:97:c2:67:bb:
97:a3:51:99:c9:6a:54:18:d8:74:b5:a0:0e:64:ba:
08:f9:1c:89:39:59:e1:b7:a7:29:d0:40:87:84:32:
0d:4e:32:dd:56:78:66:44:3a:84:e9:5d:5f:d1:9b:
c0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A6:B3:71:C2:CD:E8:C9:38:B3:1D:04:68:48:44:BE:7E:42:DF:1D
X509v3 Authority Key Identifier:
keyid:95:8B:37:43:6A:89:FA:CA:2C:4F:7E:60:F9:AC:4D:47:A1:99:AD:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lYs3Q2qJ-sosT35g-axNR6GZrWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/uaazccLN6Mk4sx0EaEhEvn5C3x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/e31f39-c9f4-42c2-a03e-12125312b2a3/1/lYs3Q2qJ-sosT35g-axNR6GZrWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.224.0/21
Signature Algorithm: sha256WithRSAEncryption
33:d8:13:8a:5a:e9:d3:a3:94:1d:6f:dc:33:ea:e7:41:7c:19:
e6:46:db:c2:70:26:48:50:25:5a:42:e7:53:a4:78:5c:bd:22:
3d:34:bd:01:a1:25:48:1d:9b:3e:be:24:31:26:44:ef:48:a1:
5e:70:41:b2:eb:92:89:cd:d3:56:f1:1a:f4:75:72:89:27:81:
8f:5d:f6:45:3d:27:c9:5a:fc:41:e1:e0:10:64:87:81:59:33:
fa:11:22:ca:40:c0:73:89:df:a6:94:63:0b:78:43:be:2c:40:
ff:b5:3b:6f:46:d6:c3:e7:6c:7b:85:8d:aa:b6:4e:05:13:92:
1c:7b:4c:a2:70:2d:28:8c:c6:1c:d9:f7:d1:73:3d:f4:a9:ab:
b7:db:93:d4:bc:b6:02:68:9e:d6:8c:8a:75:38:05:e0:9e:8c:
10:d7:4e:b9:a3:b5:e7:02:6f:ae:e9:99:0d:76:1f:77:f2:d8:
78:79:fe:86:92:e6:e2:48:c9:56:a1:ef:12:b5:68:51:c0:f3:
b2:b9:ce:54:56:69:f0:05:2c:36:34:ab:ae:42:c6:ed:18:d9:
c8:d8:f6:de:e6:7c:1f:17:cb:8d:a0:69:7b:e3:f2:b5:3a:b5:
02:a6:ef:65:ef:f6:91:39:a8:e2:3a:57:ee:e2:e7:35:e2:09:
78:89:69:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/Aiqbi1pIDRPyy9f4KJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OGIzNzQzNmE4OWZhY2EyYzRmN2U2MGY5YWM0ZDQ3YTE5
OWFkNjYwHhcNMjUwMTAyMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWE2YjM3MWMyY2RlOGM5MzhiMzFkMDQ2ODQ4NDRiZTdlNDJkZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYWugMpm50M/H+qLaAaDhmO4FYaL
dHAyu5dYQVEwplPaeRHZlNZ9xgtRtDHvIqfJ16vcPYotmK0//91e0FLd83F3JYSY
z0sWRt5Sw+yFgMsguLBLaVXXGxyt7M4QwAeORsiFEf6ewY5Qvv424dKtPaz4fVvi
Xw78enjQjidWXwPKM/YUMSZGQlAFbEm4Ry8ZlK9SBAZn5+3puLPOBmnvM3CPODl2
t2/izD9Kc8V6IJj8LGKdL2LeihQsKAjsb4B2tctCfIIeW6WsPzcFHZfCZ7uXo1GZ
yWpUGNh0taAOZLoI+RyJOVnht6cp0ECHhDINTjLdVnhmRDqE6V1f0ZvA5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLmms3HCzejJOLMdBGhIRL5+Qt8dMB8GA1UdIwQY
MBaAFJWLN0NqifrKLE9+YPmsTUehma1mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFlzM1EycUotc29zVDM1Zy1heE5SNkdacldZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9lMzFmMzktYzlmNC00MmMyLWEwM2Ut
MTIxMjUzMTJiMmEzLzEvdWFhemNjTE42TWs0c3gwRWFFaEV2bjVDM3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9lMzFmMzktYzlmNC00MmMyLWEwM2UtMTIxMjUzMTJiMmEz
LzEvbFlzM1EycUotc29zVDM1Zy1heE5SNkdacldZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH9ngMA0G
CSqGSIb3DQEBCwUAA4IBAQAz2BOKWunTo5Qdb9wz6udBfBnmRtvCcCZIUCVaQudT
pHhcvSI9NL0BoSVIHZs+viQxJkTvSKFecEGy65KJzdNW8Rr0dXKJJ4GPXfZFPSfJ
WvxB4eAQZIeBWTP6ESLKQMBzid+mlGMLeEO+LED/tTtvRtbD52x7hY2qtk4FE5Ic
e0yicC0ojMYc2ffRcz30qau325PUvLYCaJ7WjIp1OAXgnowQ1065o7XnAm+u6ZkN
dh938th4ef6GkubiSMlWoe8StWhRwPOyuc5UVmnwBSw2NKuuQsbtGNnI2Pbe5nwf
F8uNoGl74/K1OrUCpu9l7/aROajiOlfu4uc14gl4iWkS
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:56:24 2025 by rpki-client