Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/3RVVWDvz9MrdCu_p8jgiK0vqbpo.roa
File: 3RVVWDvz9MrdCu_p8jgiK0vqbpo.roa (raw, json)
Hash identifier: QJkdODYduWXwePcaQiT/rKCama7aIxrvASoV1AFJCJ8=
Subject key identifier: DD:15:55:58:3B:F3:F4:CA:DD:0A:EF:E9:F2:38:22:2B:4B:EA:6E:9A
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 018CCA99982EE88F38FF161331A31821C342
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/3RVVWDvz9MrdCu_p8jgiK0vqbpo.roa
Signing time: Tue 02 Jan 2024 14:35:12 +0000
ROA not before: Tue 02 Jan 2024 14:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56703
IP address blocks: 194.26.117.0/24 maxlen: 24
31.40.0.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.mft
rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:98:2e:e8:8f:38:ff:16:13:31:a3:18:21:c3:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Jan 2 14:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd1555583bf3f4cadd0aefe9f238222b4bea6e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e7:38:f7:43:57:d3:7e:4d:df:cb:04:4d:48:
4d:49:43:32:f2:64:9f:a2:c5:49:fd:69:72:e3:7c:
ba:36:51:fd:a8:19:11:b2:96:15:da:dc:e1:f5:92:
6a:5c:e3:f1:07:2a:fe:cb:12:95:6a:ba:45:8e:e9:
2d:9a:e3:50:28:60:08:3f:41:40:68:af:a1:f6:68:
e9:86:25:6a:02:e8:19:81:b1:23:56:ae:c3:17:d9:
1c:ff:ac:0a:a2:ac:9b:9b:97:60:db:52:36:ee:65:
7a:1e:0d:3b:9f:32:36:2e:0d:16:14:ba:6d:5a:15:
56:63:14:04:b7:f3:86:05:9c:0a:c5:87:9e:c9:54:
1e:71:d1:71:e5:ac:78:86:4e:1e:6b:4c:5b:87:99:
76:dd:5b:78:c5:8a:5a:80:ad:d1:81:1e:04:26:dd:
7d:c9:67:a8:41:ab:07:05:f8:a9:46:27:e4:9e:b5:
75:ec:40:05:cf:26:36:69:69:e7:e7:0a:7c:e1:96:
ea:4d:8c:bd:ec:c6:34:f7:76:a4:89:f5:11:e9:ad:
21:e9:0a:bd:c6:93:59:34:ce:fd:29:7a:71:79:47:
6b:42:a6:78:3b:c6:55:f8:d7:05:8e:ec:b8:da:f5:
b7:e3:5b:7e:db:78:85:83:a3:b3:13:54:ca:07:f6:
d4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:15:55:58:3B:F3:F4:CA:DD:0A:EF:E9:F2:38:22:2B:4B:EA:6E:9A
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/3RVVWDvz9MrdCu_p8jgiK0vqbpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.0.0/23
194.26.117.0/24
Signature Algorithm: sha256WithRSAEncryption
03:40:6d:20:57:58:9b:f6:ef:60:94:3c:7f:7c:12:fe:d0:64:
11:2d:63:cb:d4:41:3e:0e:e2:8d:cc:56:af:79:9d:5f:fe:94:
70:3f:18:da:c3:81:61:37:de:56:7f:45:ca:0c:49:d2:3e:3b:
19:b1:8e:fa:7a:24:1e:4c:b0:16:d3:58:13:52:8b:2b:46:61:
2e:e9:40:b7:c3:5a:c5:2a:9a:05:5c:d9:14:ca:f0:a9:37:e2:
56:02:8f:e7:28:fc:ef:77:99:54:87:ea:53:e9:8e:1c:08:59:
e5:cb:04:e5:c2:aa:41:3d:cc:28:84:7a:35:a3:6c:74:29:c7:
7b:fc:c0:56:b6:3c:16:a2:7d:11:e5:76:eb:5f:9f:23:d2:ca:
be:18:cc:32:14:61:df:6a:16:8b:e1:37:b5:66:70:64:66:ef:
85:74:22:90:ea:89:95:8c:80:87:50:85:cf:4a:e8:e8:ba:10:
9e:a3:8a:fc:bd:9c:81:f0:bf:47:9c:1e:2f:ae:82:45:18:d8:
8d:27:ae:df:e8:0f:2a:ee:fb:fe:5e:11:cb:cd:a6:11:97:08:
de:f1:8e:87:a2:f7:91:60:4c:b3:27:4f:9c:40:08:9d:61:5d:
fc:fe:46:ec:11:9b:cb:27:e3:1b:06:63:8a:72:68:30:c9:b9:
88:35:fc:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKmZgu6I84/xYTMaMYIcNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZTAyYjdlZWRmZmMzOGFiNWVhYjQ0MTYxNzJlN2Q4OGU5
YWQxZTIwHhcNMjQwMTAyMTQzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDE1NTU1ODNiZjNmNGNhZGQwYWVmZTlmMjM4MjIyYjRiZWE2ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApec490NX035N38sETUhNSUMy8mSf
osVJ/Wly43y6NlH9qBkRspYV2tzh9ZJqXOPxByr+yxKVarpFjuktmuNQKGAIP0FA
aK+h9mjphiVqAugZgbEjVq7DF9kc/6wKoqybm5dg21I27mV6Hg07nzI2Lg0WFLpt
WhVWYxQEt/OGBZwKxYeeyVQecdFx5ax4hk4ea0xbh5l23Vt4xYpagK3RgR4EJt19
yWeoQasHBfipRifknrV17EAFzyY2aWnn5wp84ZbqTYy97MY093akifUR6a0h6Qq9
xpNZNM79KXpxeUdrQqZ4O8ZV+NcFjuy42vW341t+23iFg6OzE1TKB/bUXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN0VVVg78/TK3Qrv6fI4IitL6m6aMB8GA1UdIwQY
MBaAFI/gK37t/8OKteq0QWFy59iOmtHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYt
NTE0NmYxM2I3MWExLzEvM1JWVldEdno5TXJkQ3VfcDhqZ2lLMHZxYnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYtNTE0NmYxM2I3MWEx
LzEvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHygAAwQA
whp1MA0GCSqGSIb3DQEBCwUAA4IBAQADQG0gV1ib9u9glDx/fBL+0GQRLWPL1EE+
DuKNzFaveZ1f/pRwPxjaw4FhN95Wf0XKDEnSPjsZsY76eiQeTLAW01gTUosrRmEu
6UC3w1rFKpoFXNkUyvCpN+JWAo/nKPzvd5lUh+pT6Y4cCFnlywTlwqpBPcwohHo1
o2x0Kcd7/MBWtjwWon0R5XbrX58j0sq+GMwyFGHfahaL4Te1ZnBkZu+FdCKQ6omV
jICHUIXPSujouhCeo4r8vZyB8L9HnB4vroJFGNiNJ67f6A8q7vv+XhHLzaYRlwje
8Y6HoveRYEyzJ0+cQAidYV38/kbsEZvLJ+MbBmOKcmgwybmINfw/
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:57:42 2024 by rpki-client on console-ams.rpki-client.org