Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/I8SuJ8D_P16pAaDGZGDRSs49hiQ.roa
File: I8SuJ8D_P16pAaDGZGDRSs49hiQ.roa (raw, json)
Hash identifier: vJfQ035vcmoHju7dzzOtq5QMExUk5tbvsV/mkqIcsjY=
Subject key identifier: 23:C4:AE:27:C0:FF:3F:5E:A9:01:A0:C6:64:60:D1:4A:CE:3D:86:24
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 019130D7C608E519B5DD5A7A11F296864BB7
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/I8SuJ8D_P16pAaDGZGDRSs49hiQ.roa
Signing time: Thu 08 Aug 2024 07:15:32 +0000
ROA not before: Thu 08 Aug 2024 07:15:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35384
IP address blocks: 31.41.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 19:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:30:d7:c6:08:e5:19:b5:dd:5a:7a:11:f2:96:86:4b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Aug 8 07:15:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23c4ae27c0ff3f5ea901a0c66460d14ace3d8624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1d:ec:59:9f:ac:2b:8c:2c:16:64:8e:75:20:
68:1b:b9:4c:cc:9a:d8:41:42:c1:64:58:d9:25:2c:
cc:70:dd:43:07:51:23:13:80:ef:94:65:07:ae:d2:
15:9f:99:75:15:57:ef:b3:e6:cf:87:c0:3e:2f:f5:
05:a2:0c:ca:77:21:4b:c5:96:f2:89:f9:37:6d:cb:
14:b3:63:e5:57:54:e8:28:c5:16:b6:84:2a:0e:6a:
00:69:a2:b8:94:b0:f3:eb:71:89:af:93:89:e1:de:
a8:5b:87:94:cb:5c:e7:bb:71:69:4a:4a:c2:bf:3d:
37:3b:2a:59:06:79:3a:29:ce:61:33:d9:ea:f6:56:
79:24:1b:1e:61:4c:14:a6:8c:d7:12:e7:bd:61:ad:
79:4e:87:93:dd:c9:fc:fd:53:97:cb:c0:ec:ea:af:
9b:5e:d5:3a:e1:a0:ac:28:47:21:56:25:5f:1a:84:
e3:00:82:79:88:00:c6:9c:00:bb:97:5d:6e:2e:02:
28:6f:b3:3b:26:0b:6f:1d:af:e0:d5:70:7e:fb:78:
cf:bb:2a:88:6f:9e:c8:5a:fd:f1:2c:da:95:05:57:
9b:a7:3a:95:69:ce:da:c2:84:c3:83:11:b0:c3:d2:
09:fe:1b:7c:0b:53:c8:32:f8:24:c7:74:d2:da:2e:
00:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C4:AE:27:C0:FF:3F:5E:A9:01:A0:C6:64:60:D1:4A:CE:3D:86:24
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/I8SuJ8D_P16pAaDGZGDRSs49hiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.34.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:1b:89:19:6b:f2:9c:d2:37:2c:57:68:72:e6:0a:4f:50:10:
3b:e4:f1:04:ec:fd:7a:17:97:85:ee:32:f0:ab:47:32:5d:04:
49:b7:21:01:66:80:c7:22:8e:b9:2b:56:33:bf:86:7d:84:52:
9d:fd:de:62:de:9f:08:27:4d:ea:f5:46:dd:bc:39:83:48:2c:
95:47:f9:fc:b8:fe:6c:b6:23:8e:36:fc:32:97:0e:c2:bd:5a:
30:d1:d7:b5:a5:61:da:01:a9:ba:ad:b4:30:27:55:fa:d8:47:
5c:17:bd:0a:74:3c:ef:74:6b:4f:72:2b:b4:ee:65:4e:23:19:
f4:f1:18:f5:24:ba:cf:b0:28:0c:23:03:e6:dc:08:96:02:a5:
a7:d1:7f:3d:12:78:b2:ab:de:41:8f:6b:5c:a1:83:2b:e5:1c:
98:18:fc:67:02:da:c7:92:65:a3:d8:3a:d6:d1:9f:b1:63:76:
c5:99:85:aa:f0:6c:63:f2:8b:bc:52:3c:dc:bf:92:09:e7:dd:
fe:50:f5:26:00:d6:4b:a6:2f:e5:7b:2b:1d:a6:e7:f2:2c:5d:
39:ac:79:83:b6:47:ba:bf:79:5c:06:69:df:99:eb:80:34:75:
c6:74:f6:cd:1c:c8:3e:49:81:62:9b:b4:56:26:05:52:06:7e:
6c:90:af:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEw18YI5Rm13Vp6EfKWhku3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjQwODA4MDcxNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2M0YWUyN2MwZmYzZjVlYTkwMWEwYzY2NDYwZDE0YWNlM2Q4NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxx3sWZ+sK4wsFmSOdSBoG7lMzJrY
QULBZFjZJSzMcN1DB1EjE4DvlGUHrtIVn5l1FVfvs+bPh8A+L/UFogzKdyFLxZby
ifk3bcsUs2PlV1ToKMUWtoQqDmoAaaK4lLDz63GJr5OJ4d6oW4eUy1znu3FpSkrC
vz03OypZBnk6Kc5hM9nq9lZ5JBseYUwUpozXEue9Ya15ToeT3cn8/VOXy8Ds6q+b
XtU64aCsKEchViVfGoTjAIJ5iADGnAC7l11uLgIob7M7JgtvHa/g1XB++3jPuyqI
b57IWv3xLNqVBVebpzqVac7awoTDgxGww9IJ/ht8C1PIMvgkx3TS2i4AswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPErifA/z9eqQGgxmRg0UrOPYYkMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvSThTdUo4RF9QMTZwQWFER1pHRFJTczQ5aGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHykiMA0G
CSqGSIb3DQEBCwUAA4IBAQBcG4kZa/Kc0jcsV2hy5gpPUBA75PEE7P16F5eF7jLw
q0cyXQRJtyEBZoDHIo65K1Yzv4Z9hFKd/d5i3p8IJ03q9UbdvDmDSCyVR/n8uP5s
tiOONvwylw7CvVow0de1pWHaAam6rbQwJ1X62EdcF70KdDzvdGtPciu07mVOIxn0
8Rj1JLrPsCgMIwPm3AiWAqWn0X89Eniyq95Bj2tcoYMr5RyYGPxnAtrHkmWj2DrW
0Z+xY3bFmYWq8Gxj8ou8Ujzcv5IJ593+UPUmANZLpi/leysdpufyLF05rHmDtke6
v3lcBmnfmeuANHXGdPbNHMg+SYFim7RWJgVSBn5skK/5
-----END CERTIFICATE-----
Generated at Sat Sep 21 04:50:04 2024 by rpki-client on console-ams.rpki-client.org