Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ebc78b-578c-4a4f-9a4e-e29157679604/1/OmvpgIxEO2OtEwLz2ma7jcE1qaU.roa
File: OmvpgIxEO2OtEwLz2ma7jcE1qaU.roa (raw, json)
Hash identifier: B1KjKFAbgf7jES+miYyFU21AJDfxsJAFkGgOs4G0LXg=
Subject key identifier: 3A:6B:E9:80:8C:44:3B:63:AD:13:02:F3:DA:66:BB:8D:C1:35:A9:A5
Certificate issuer: /CN=dd206b8bd221574c96592443195b9005769c724d
Certificate serial: 0191D17B4608D50794B924F34D3A5D4AF186
Authority key identifier: DD:20:6B:8B:D2:21:57:4C:96:59:24:43:19:5B:90:05:76:9C:72:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SBri9IhV0yWWSRDGVuQBXacck0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ebc78b-578c-4a4f-9a4e-e29157679604/1/OmvpgIxEO2OtEwLz2ma7jcE1qaU.roa
Signing time: Sun 08 Sep 2024 11:53:22 +0000
ROA not before: Sun 08 Sep 2024 11:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56632
IP address blocks: 31.7.129.0/24 maxlen: 24
31.7.130.0/24 maxlen: 24
31.7.131.0/24 maxlen: 24
31.7.133.0/24 maxlen: 24
31.7.135.0/24 maxlen: 24
31.7.136.0/24 maxlen: 24
31.7.137.0/24 maxlen: 24
31.7.138.0/24 maxlen: 24
31.7.139.0/24 maxlen: 24
31.7.140.0/24 maxlen: 24
31.7.142.0/24 maxlen: 24
31.7.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/ebc78b-578c-4a4f-9a4e-e29157679604/1/3SBri9IhV0yWWSRDGVuQBXacck0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/ebc78b-578c-4a4f-9a4e-e29157679604/1/3SBri9IhV0yWWSRDGVuQBXacck0.mft
rsync://rpki.ripe.net/repository/DEFAULT/3SBri9IhV0yWWSRDGVuQBXacck0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 17:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d1:7b:46:08:d5:07:94:b9:24:f3:4d:3a:5d:4a:f1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd206b8bd221574c96592443195b9005769c724d
Validity
Not Before: Sep 8 11:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a6be9808c443b63ad1302f3da66bb8dc135a9a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e2:7d:04:6b:46:fe:9e:47:7e:75:e8:43:6b:
46:27:d6:c9:df:33:48:42:26:1b:75:94:d6:5f:28:
8f:49:e3:67:15:76:62:74:b1:4d:21:1a:73:5d:28:
83:d7:eb:e8:46:d7:74:77:57:f1:59:75:76:0e:7e:
70:fa:6e:00:64:c0:20:ff:0e:ed:9c:f0:13:45:87:
b7:36:8d:74:0b:a9:c9:3b:1e:82:66:5e:a8:f6:85:
47:43:f7:69:1b:65:02:c0:81:83:6d:b9:db:2d:e1:
d3:72:16:da:2c:5f:6e:23:3a:89:b1:7f:68:41:e3:
a5:79:e3:5e:cc:0e:9b:30:96:ca:ab:64:e6:0e:bb:
ad:7b:5c:6e:10:07:fb:0e:91:f1:5d:6a:30:21:73:
ef:56:34:72:3e:4f:bc:cd:8c:c5:0f:b6:29:70:da:
6f:ea:61:89:2d:76:cb:91:4f:59:af:0e:d9:aa:5e:
d6:b1:98:1f:aa:32:3d:a8:f6:5c:21:56:54:4a:c5:
41:dd:75:09:26:a2:c1:7a:fb:19:db:76:84:1a:9e:
af:b9:60:6e:65:4e:fa:68:7d:b5:18:27:0c:95:52:
0d:96:c5:5a:8e:00:f4:21:d2:cb:e0:78:02:c7:22:
3e:ae:89:00:e2:f6:f5:4a:61:7a:f7:97:0d:3d:f9:
22:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6B:E9:80:8C:44:3B:63:AD:13:02:F3:DA:66:BB:8D:C1:35:A9:A5
X509v3 Authority Key Identifier:
keyid:DD:20:6B:8B:D2:21:57:4C:96:59:24:43:19:5B:90:05:76:9C:72:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SBri9IhV0yWWSRDGVuQBXacck0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ebc78b-578c-4a4f-9a4e-e29157679604/1/OmvpgIxEO2OtEwLz2ma7jcE1qaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ebc78b-578c-4a4f-9a4e-e29157679604/1/3SBri9IhV0yWWSRDGVuQBXacck0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.129.0-31.7.131.255
31.7.133.0/24
31.7.135.0-31.7.140.255
31.7.142.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:df:d6:f5:84:21:b7:07:ba:6f:d3:b2:e7:5c:d4:da:09:77:
1d:c2:23:2c:56:43:85:55:2e:19:d1:44:cc:71:09:1e:59:40:
73:cf:06:95:8e:3e:4d:95:1c:0d:29:b0:39:a2:c1:17:2f:bf:
76:0e:cf:b2:3a:47:0f:30:a0:6c:0f:7f:06:2a:0e:6b:27:e5:
05:ff:72:71:36:e0:6f:44:53:76:40:5c:3b:2c:e7:93:7f:50:
8d:02:06:cc:a7:f8:bc:c9:e6:ae:19:95:29:b7:07:62:8a:6f:
89:f2:eb:72:8b:fa:15:75:50:1b:0e:99:05:86:d1:09:82:3e:
d1:a1:8e:3e:4a:87:67:00:bf:b3:36:cb:4c:9d:e0:68:86:47:
1d:f1:a1:e7:1e:b0:c6:ac:a3:d3:3e:77:24:f2:2a:79:a1:d9:
2d:ae:e8:ab:a0:1c:94:f2:a3:d9:a6:4b:c8:8b:84:ec:38:88:
1f:7d:3e:80:1a:bc:9e:28:63:d1:74:78:4b:ec:6c:bc:85:c9:
53:0a:65:69:92:0a:b1:ca:c0:4a:60:49:fe:59:5a:30:e9:9c:
90:1c:ae:e4:da:34:db:34:98:8a:69:7f:50:ea:8f:5d:88:c6:
5e:e3:8d:91:68:28:7a:bb:f8:b0:4f:0f:6a:58:8d:b1:0e:da:
b8:a7:77:a8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZHRe0YI1QeUuSTzTTpdSvGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMjA2YjhiZDIyMTU3NGM5NjU5MjQ0MzE5NWI5MDA1NzY5
YzcyNGQwHhcNMjQwOTA4MTE1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZiZTk4MDhjNDQzYjYzYWQxMzAyZjNkYTY2YmI4ZGMxMzVhOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveJ9BGtG/p5HfnXoQ2tGJ9bJ3zNI
QiYbdZTWXyiPSeNnFXZidLFNIRpzXSiD1+voRtd0d1fxWXV2Dn5w+m4AZMAg/w7t
nPATRYe3No10C6nJOx6CZl6o9oVHQ/dpG2UCwIGDbbnbLeHTchbaLF9uIzqJsX9o
QeOleeNezA6bMJbKq2TmDrute1xuEAf7DpHxXWowIXPvVjRyPk+8zYzFD7YpcNpv
6mGJLXbLkU9Zrw7Zql7WsZgfqjI9qPZcIVZUSsVB3XUJJqLBevsZ23aEGp6vuWBu
ZU76aH21GCcMlVINlsVajgD0IdLL4HgCxyI+rokA4vb1SmF695cNPfkiJwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDpr6YCMRDtjrRMC89pmu43BNamlMB8GA1UdIwQY
MBaAFN0ga4vSIVdMllkkQxlbkAV2nHJNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1NCcmk5SWhWMHlXV1NSREdWdVFCWGFjY2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lYmM3OGItNTc4Yy00YTRmLTlhNGUt
ZTI5MTU3Njc5NjA0LzEvT212cGdJeEVPMk90RXdMejJtYTdqY0UxcWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lYmM3OGItNTc4Yy00YTRmLTlhNGUtZTI5MTU3Njc5NjA0
LzEvM1NCcmk5SWhWMHlXV1NSREdWdVFCWGFjY2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAAfB4ED
BAIfB4ADBAAfB4UwDAMEAB8HhwMEAB8HjAMEAR8HjjANBgkqhkiG9w0BAQsFAAOC
AQEAC9/W9YQhtwe6b9Oy51zU2gl3HcIjLFZDhVUuGdFEzHEJHllAc88GlY4+TZUc
DSmwOaLBFy+/dg7PsjpHDzCgbA9/BioOayflBf9ycTbgb0RTdkBcOyznk39QjQIG
zKf4vMnmrhmVKbcHYopvifLrcov6FXVQGw6ZBYbRCYI+0aGOPkqHZwC/szbLTJ3g
aIZHHfGh5x6wxqyj0z53JPIqeaHZLa7oq6AclPKj2aZLyIuE7DiIH30+gBq8nihj
0XR4S+xsvIXJUwplaZIKscrASmBJ/llaMOmckByu5No02zSYiml/UOqPXYjGXuON
kWgoerv4sE8PaliNsQ7auKd3qA==
-----END CERTIFICATE-----
Generated at Fri Dec 27 20:42:36 2024 by rpki-client on console-fra.rpki-client.org