Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/5HWRva5iyxcfuLMntGPqSdoHh5Y.roa
File: 5HWRva5iyxcfuLMntGPqSdoHh5Y.roa (raw, json)
Hash identifier: SnZWswcta6QtsV9aXgVm14IVLWYZPNK0FxJf7I2YmdQ=
Subject key identifier: E4:75:91:BD:AE:62:CB:17:1F:B8:B3:27:B4:63:EA:49:DA:07:87:96
Certificate issuer: /CN=08418e9690d0fb711abf3874e1c500a627693c0a
Certificate serial: 018CC726E3277F039D9FEC0ABB1333B7DD0B
Authority key identifier: 08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/5HWRva5iyxcfuLMntGPqSdoHh5Y.roa
Signing time: Mon 01 Jan 2024 22:31:03 +0000
ROA not before: Mon 01 Jan 2024 22:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33171
IP address blocks: 31.217.254.0/24 maxlen: 24
2a11:7346::/32 maxlen: 32
2a11:7347::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 15:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:e3:27:7f:03:9d:9f:ec:0a:bb:13:33:b7:dd:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08418e9690d0fb711abf3874e1c500a627693c0a
Validity
Not Before: Jan 1 22:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e47591bdae62cb171fb8b327b463ea49da078796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:86:d7:7f:b7:0b:0a:50:b5:11:d2:97:15:
f4:53:fc:10:3d:36:d0:92:01:b5:3e:3c:0f:42:ba:
71:29:50:84:f3:74:6b:75:9b:be:d5:21:c1:40:78:
11:b6:ff:0b:84:1a:6c:1f:4d:fa:08:e3:8f:9c:c6:
5c:65:f1:9e:eb:7e:6b:0e:14:fa:9d:95:f4:dd:6d:
91:ac:c3:a1:12:f0:11:64:42:bc:5a:ed:2a:e6:81:
cd:5c:94:ba:f5:e8:ae:15:64:de:23:0c:c3:6b:3a:
be:52:a3:d2:d2:13:8c:12:56:08:cc:c3:58:2b:17:
6c:5b:cb:ad:56:39:7a:59:77:78:58:e6:92:a9:47:
b7:d0:81:08:94:83:be:9a:6b:47:cf:84:8a:55:44:
7d:13:2b:e4:26:f6:69:a0:7d:ec:73:91:a4:fc:ac:
8c:a7:e0:3d:1e:54:a1:1d:3f:98:90:1e:eb:66:1c:
6d:f2:2b:96:7f:9c:49:18:55:7e:81:53:f8:2a:a3:
6b:ee:86:9e:d0:93:7b:11:83:23:d7:25:39:3d:c2:
b6:5f:7d:f0:31:d6:bd:a8:73:a0:c3:f3:21:80:a7:
67:a1:d5:f7:1f:9f:44:1b:86:db:1d:e9:0e:e5:c4:
53:87:9f:9f:ff:a7:ec:5d:94:5f:ef:d5:b8:c4:c4:
a7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:75:91:BD:AE:62:CB:17:1F:B8:B3:27:B4:63:EA:49:DA:07:87:96
X509v3 Authority Key Identifier:
keyid:08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/5HWRva5iyxcfuLMntGPqSdoHh5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.254.0/24
IPv6:
2a11:7346::/31
Signature Algorithm: sha256WithRSAEncryption
5b:6e:32:4e:00:67:35:e8:31:ae:3a:eb:8f:dd:86:87:30:35:
a3:3b:4b:c5:f1:e8:4b:80:2d:e5:c5:8a:7a:22:e2:9a:48:e5:
da:aa:0d:00:4e:9b:43:84:75:03:fb:f9:fe:82:64:3c:7b:0c:
56:ec:de:fb:e6:41:6e:e6:d3:f2:f4:b3:87:39:90:80:3a:76:
d7:ea:44:0e:8e:0c:af:ab:87:05:b1:09:84:e8:a9:7d:01:f9:
37:2c:75:fe:93:70:29:a7:24:9d:36:97:b9:2c:70:98:5e:2c:
55:53:e3:e9:1f:79:d7:bd:9b:16:7a:1b:9c:97:eb:e7:35:63:
68:46:da:a0:36:18:83:08:41:95:b6:c5:2b:02:e8:78:75:40:
d7:df:9e:3e:74:29:4c:50:48:e5:a0:d0:3f:bc:1a:39:69:ac:
86:3c:97:dd:4f:45:b3:96:6a:1c:05:b4:13:a4:f9:20:27:1a:
9f:c9:92:91:17:77:83:e2:19:41:18:1f:67:0b:e5:87:c0:5f:
b3:03:45:0b:c4:05:ae:fe:53:c5:da:bb:ec:f7:aa:98:0f:d3:
0b:49:c7:cc:8a:57:31:a9:49:49:5c:d2:5a:08:51:97:fd:66:
d7:d3:e4:fd:96:c7:17:06:3c:c7:de:90:d7:82:d3:17:7c:34:
5d:8b:ed:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJuMnfwOdn+wKuxMzt90LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDE4ZTk2OTBkMGZiNzExYWJmMzg3NGUxYzUwMGE2Mjc2
OTNjMGEwHhcNMjQwMTAxMjIzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc1OTFiZGFlNjJjYjE3MWZiOGIzMjdiNDYzZWE0OWRhMDc4Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSyG13+3CwpQtRHSlxX0U/wQPTbQ
kgG1PjwPQrpxKVCE83RrdZu+1SHBQHgRtv8LhBpsH036COOPnMZcZfGe635rDhT6
nZX03W2RrMOhEvARZEK8Wu0q5oHNXJS69eiuFWTeIwzDazq+UqPS0hOMElYIzMNY
KxdsW8utVjl6WXd4WOaSqUe30IEIlIO+mmtHz4SKVUR9EyvkJvZpoH3sc5Gk/KyM
p+A9HlShHT+YkB7rZhxt8iuWf5xJGFV+gVP4KqNr7oae0JN7EYMj1yU5PcK2X33w
Mda9qHOgw/MhgKdnodX3H59EG4bbHekO5cRTh5+f/6fsXZRf79W4xMSn/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOR1kb2uYssXH7izJ7Rj6knaB4eWMB8GA1UdIwQY
MBaAFAhBjpaQ0PtxGr84dOHFAKYnaTwKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYt
MjJjMGNhMjEzMzgwLzEvNUhXUnZhNWl5eGNmdUxNbnRHUHFTZG9IaDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYtMjJjMGNhMjEzMzgw
LzEvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAH9n+MA0E
AgACMAcDBQEqEXNGMA0GCSqGSIb3DQEBCwUAA4IBAQBbbjJOAGc16DGuOuuP3YaH
MDWjO0vF8ehLgC3lxYp6IuKaSOXaqg0ATptDhHUD+/n+gmQ8ewxW7N775kFu5tPy
9LOHOZCAOnbX6kQOjgyvq4cFsQmE6Kl9Afk3LHX+k3AppySdNpe5LHCYXixVU+Pp
H3nXvZsWehucl+vnNWNoRtqgNhiDCEGVtsUrAuh4dUDX354+dClMUEjloNA/vBo5
aayGPJfdT0WzlmocBbQTpPkgJxqfyZKRF3eD4hlBGB9nC+WHwF+zA0ULxAWu/lPF
2rvs96qYD9MLScfMilcxqUlJXNJaCFGX/WbX0+T9lscXBjzH3pDXgtMXfDRdi+2M
-----END CERTIFICATE-----
Generated at Thu May 9 22:57:46 2024 by rpki-client on console-ams.rpki-client.org