Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/hRDrn-2tABLAjK_9rUEp02Pxkt4.roa
File: hRDrn-2tABLAjK_9rUEp02Pxkt4.roa (raw, json)
Hash identifier: x8o6Mu+wkoObvDUfnWpMZLgzyZmZTwtMuTzeNbyXsMM=
Subject key identifier: 85:10:EB:9F:ED:AD:00:12:C0:8C:AF:FD:AD:41:29:D3:63:F1:92:DE
Certificate issuer: /CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Certificate serial: 019228DDABFF82163A102AF4E11AC2C039D7
Authority key identifier: B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/hRDrn-2tABLAjK_9rUEp02Pxkt4.roa
Signing time: Wed 25 Sep 2024 11:07:48 +0000
ROA not before: Wed 25 Sep 2024 11:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48108
IP address blocks: 31.222.227.0/24 maxlen: 24
94.247.137.0/24 maxlen: 24
146.19.84.0/24 maxlen: 24
176.53.146.0/23 maxlen: 23
185.235.230.0/24 maxlen: 24
2001:678:e30::/48 maxlen: 48
2a0a:2e80::/32 maxlen: 32
2a0a:2e82::/32 maxlen: 32
2a11:8480::/32 maxlen: 32
2a11:8481::/32 maxlen: 32
2a11:8482::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.mft
rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:dd:ab:ff:82:16:3a:10:2a:f4:e1:1a:c2:c0:39:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35002ba088d5bd09c1553dced5b0bf3907ff736
Validity
Not Before: Sep 25 11:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8510eb9fedad0012c08caffdad4129d363f192de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:40:89:d5:6c:6c:c2:f1:e8:a6:e6:a8:e4:3c:
c3:f9:30:05:52:53:38:4e:31:af:8a:4e:fa:3a:2b:
7a:ac:9d:90:a5:0e:e3:39:d0:2c:c9:a4:58:ae:fb:
a0:20:85:0c:89:89:bc:93:7e:f7:7d:a1:d1:ac:35:
bf:bd:7b:d8:a1:1d:07:07:0b:ca:b0:1d:84:64:39:
c5:55:0d:90:d1:5a:fa:24:5d:a6:f3:83:17:53:eb:
f2:70:68:9d:2b:f2:f9:4b:ba:82:5b:db:19:8b:13:
9b:32:40:3a:15:12:e6:0b:fb:68:38:59:a9:49:86:
46:8a:99:70:b5:db:44:7e:9f:c6:8f:43:1b:b9:a7:
e7:36:66:b5:87:56:de:29:1c:49:48:04:35:bc:03:
d7:19:38:24:33:50:96:11:3c:8c:13:97:4d:11:2e:
55:5b:c6:e1:d3:84:42:e6:5e:2e:98:17:d6:a0:34:
3e:f5:a5:13:4c:61:3f:c0:65:27:13:76:fd:65:19:
37:f5:4e:6a:c2:9a:2e:e0:21:f3:4b:db:9d:9e:8a:
76:57:bf:26:a7:aa:fd:61:53:bf:4f:82:8f:e1:ff:
b2:f6:bc:4b:f2:29:97:02:fd:62:22:9e:53:08:22:
47:f4:e9:e2:d3:82:45:a7:0b:c6:eb:0c:b0:a2:7c:
c8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:10:EB:9F:ED:AD:00:12:C0:8C:AF:FD:AD:41:29:D3:63:F1:92:DE
X509v3 Authority Key Identifier:
keyid:B3:50:02:BA:08:8D:5B:D0:9C:15:53:DC:ED:5B:0B:F3:90:7F:F7:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ACugiNW9CcFVPc7VsL85B_9zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/hRDrn-2tABLAjK_9rUEp02Pxkt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fe4b06-fc2e-4bcb-877e-af1ef1d7afb8/1/s1ACugiNW9CcFVPc7VsL85B_9zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.227.0/24
94.247.137.0/24
146.19.84.0/24
176.53.146.0/23
185.235.230.0/24
IPv6:
2001:678:e30::/48
2a0a:2e80::/32
2a0a:2e82::/32
2a11:8480::-2a11:8482:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
09:df:87:e7:ac:1e:0e:72:d7:5c:d2:3a:d2:1e:85:5c:f2:0c:
40:4e:59:09:22:51:f7:1e:5c:11:26:d0:06:73:cf:00:51:0b:
cc:a3:15:75:c1:38:1d:32:78:62:6b:32:80:43:48:29:66:4f:
3e:39:c1:2f:7d:a5:40:2f:26:38:7e:ce:5a:55:9f:b6:1c:c9:
82:b1:2b:9a:a2:c2:68:96:ed:ed:52:9f:16:9f:2d:c8:14:51:
0d:7b:6f:12:97:57:c8:00:5e:7e:89:f1:19:4b:a9:02:11:86:
e5:09:b0:b7:51:2e:3d:8f:67:5f:4e:fd:67:3e:26:47:e8:e7:
d2:22:6f:39:04:41:89:28:1a:18:56:85:4e:57:d0:18:97:fa:
f1:7c:e7:10:94:fd:8e:4a:c7:61:8c:e8:cb:2d:c1:aa:1d:51:
85:05:10:b5:97:4a:60:52:63:fe:26:95:03:78:c9:96:22:ea:
77:e2:76:ca:0a:18:28:b5:74:be:6a:6f:86:ce:97:37:e9:65:
dc:f7:c5:3e:86:50:7b:69:5d:1c:76:02:02:df:d2:01:11:49:
58:ac:db:ce:cc:63:d1:df:d9:0c:1d:1a:9a:8c:3e:ab:7c:66:
83:7c:9d:9d:83:b5:0b:7b:7a:af:e5:f5:31:60:e0:ae:e3:fd:
92:4d:90:f3
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZIo3av/ghY6ECr04RrCwDnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTAwMmJhMDg4ZDViZDA5YzE1NTNkY2VkNWIwYmYzOTA3
ZmY3MzYwHhcNMjQwOTI1MTEwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTEwZWI5ZmVkYWQwMDEyYzA4Y2FmZmRhZDQxMjlkMzYzZjE5MmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0CJ1WxswvHopuao5DzD+TAFUlM4
TjGvik76Oit6rJ2QpQ7jOdAsyaRYrvugIIUMiYm8k373faHRrDW/vXvYoR0HBwvK
sB2EZDnFVQ2Q0Vr6JF2m84MXU+vycGidK/L5S7qCW9sZixObMkA6FRLmC/toOFmp
SYZGiplwtdtEfp/Gj0MbuafnNma1h1beKRxJSAQ1vAPXGTgkM1CWETyME5dNES5V
W8bh04RC5l4umBfWoDQ+9aUTTGE/wGUnE3b9ZRk39U5qwpou4CHzS9udnop2V78m
p6r9YVO/T4KP4f+y9rxL8imXAv1iIp5TCCJH9Oni04JFpwvG6wywonzI/wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFIUQ65/trQASwIyv/a1BKdNj8ZLeMB8GA1UdIwQY
MBaAFLNQAroIjVvQnBVT3O1bC/OQf/c2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2Ut
YWYxZWYxZDdhZmI4LzEvaFJEcm4tMnRBQkxBaktfOXJVRXAwMlB4a3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZTRiMDYtZmMyZS00YmNiLTg3N2UtYWYxZWYxZDdhZmI4
LzEvczFBQ3VnaU5XOUNjRlZQYzdWc0w4NUJfOXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQAH97jAwQA
XveJAwQAkhNUAwQBsDWSAwQAuevmMC0EAgACMCcDBwAgAQZ4DjADBQAqCi6AAwUA
KgougjAOAwUHKhGEgAMFACoRhIIwDQYJKoZIhvcNAQELBQADggEBAAnfh+esHg5y
11zSOtIehVzyDEBOWQkiUfceXBEm0AZzzwBRC8yjFXXBOB0yeGJrMoBDSClmTz45
wS99pUAvJjh+zlpVn7YcyYKxK5qiwmiW7e1SnxafLcgUUQ17bxKXV8gAXn6J8RlL
qQIRhuUJsLdRLj2PZ19O/Wc+Jkfo59IibzkEQYkoGhhWhU5X0BiX+vF85xCU/Y5K
x2GM6MstwaodUYUFELWXSmBSY/4mlQN4yZYi6nfidsoKGCi1dL5qb4bOlzfpZdz3
xT6GUHtpXRx2AgLf0gERSVis287MY9Hf2QwdGpqMPqt8ZoN8nZ2DtQt7eq/l9TFg
4K7j/ZJNkPM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:12:17 2024 by rpki-client on console-ams.rpki-client.org