Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/CDj4JHXHOLC8ZcR3cr__wQkXnWQ.roa
File: CDj4JHXHOLC8ZcR3cr__wQkXnWQ.roa (raw, json)
Hash identifier: JFI6OQZj5u+oHj8xFU1VGSMJuZkQSJlHp+qhy23e1G4=
Subject key identifier: 08:38:F8:24:75:C7:38:B0:BC:65:C4:77:72:BF:FF:C1:09:17:9D:64
Certificate issuer: /CN=af63a47acdba8ec1cd85d4d79f36b35b698e5f89
Certificate serial: 018CC56E37E67542D0C6CDBE4B77AEAC7A39
Authority key identifier: AF:63:A4:7A:CD:BA:8E:C1:CD:85:D4:D7:9F:36:B3:5B:69:8E:5F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/CDj4JHXHOLC8ZcR3cr__wQkXnWQ.roa
Signing time: Mon 01 Jan 2024 14:29:43 +0000
ROA not before: Mon 01 Jan 2024 14:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12700
IP address blocks: 91.202.242.0/24 maxlen: 24
91.202.243.0/24 maxlen: 24
91.202.241.0/24 maxlen: 24
31.131.39.0/24 maxlen: 24
91.202.240.0/24 maxlen: 24
91.202.240.0/22 maxlen: 22
31.131.33.0/24 maxlen: 24
31.131.38.0/24 maxlen: 24
31.131.32.0/24 maxlen: 24
31.131.32.0/21 maxlen: 21
31.131.36.0/24 maxlen: 24
31.131.37.0/24 maxlen: 24
31.131.34.0/24 maxlen: 24
31.131.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:37:e6:75:42:d0:c6:cd:be:4b:77:ae:ac:7a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af63a47acdba8ec1cd85d4d79f36b35b698e5f89
Validity
Not Before: Jan 1 14:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0838f82475c738b0bc65c47772bfffc109179d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:55:79:2f:00:f1:62:21:fc:b7:15:1c:76:71:
51:51:4d:31:32:cc:3f:77:53:4c:0f:0b:84:a6:f9:
f4:1b:5a:d8:63:37:2a:86:63:5f:5f:28:f1:33:cb:
50:cc:54:a3:39:d1:79:ef:f5:cf:d4:22:61:d0:5f:
69:eb:8e:24:0c:6a:3f:bb:cd:35:73:4f:c6:d2:15:
ae:66:94:9b:af:56:a3:5c:4c:91:9f:da:e5:da:09:
5a:1c:e4:43:67:0a:c1:31:b9:3f:5c:32:aa:da:e8:
1d:d4:a3:59:1c:86:52:8e:89:81:e3:c8:ad:f8:3f:
d1:62:94:e8:76:37:87:75:9c:42:b2:4b:3f:70:d1:
01:a5:e4:ec:c4:59:d4:44:16:87:9e:54:f4:e9:ac:
0e:ff:3e:1e:79:ed:a3:9e:6b:24:4d:7e:24:51:dc:
e0:a4:97:95:13:42:fa:9e:c6:28:42:02:10:1b:9d:
77:46:15:43:4a:c1:7d:de:2a:c1:c1:1f:47:34:cc:
6b:91:be:13:86:b3:1b:95:62:55:8e:bd:5e:b7:48:
c4:bb:82:25:c0:8e:92:a3:a2:89:32:e0:e2:3c:2c:
7f:04:10:33:cc:14:57:52:c1:ad:88:8b:99:9c:a8:
8f:51:59:6e:e7:a9:9a:df:7a:d0:25:5f:41:05:06:
fe:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:38:F8:24:75:C7:38:B0:BC:65:C4:77:72:BF:FF:C1:09:17:9D:64
X509v3 Authority Key Identifier:
keyid:AF:63:A4:7A:CD:BA:8E:C1:CD:85:D4:D7:9F:36:B3:5B:69:8E:5F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/CDj4JHXHOLC8ZcR3cr__wQkXnWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.32.0/21
91.202.240.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:06:35:b9:3c:e1:9a:0b:d8:d2:a5:51:89:8d:f1:ea:89:c3:
07:f8:3f:94:a7:4b:cd:aa:1a:cb:1a:a0:ee:d1:43:bd:74:43:
6e:f0:1e:40:de:5e:70:b6:c0:43:7f:6e:dd:8d:f6:24:6f:bd:
e8:f8:1b:ed:eb:d0:06:08:e5:37:9d:ec:a3:29:fa:b6:0f:7a:
ff:68:fc:32:d8:d0:fb:5d:59:df:66:70:a9:97:73:93:e7:0d:
b4:c4:f5:33:84:7c:a2:19:aa:df:92:13:1a:e1:4e:f3:47:da:
1d:e4:6e:7c:c5:8d:94:62:98:9e:e9:17:a5:59:a1:2b:a8:d9:
db:ea:3f:83:f8:04:1b:e5:30:e9:b3:c9:8d:73:bf:56:e2:c7:
2c:f7:87:58:ef:40:1b:d4:b8:e6:00:cd:ea:56:c3:22:1e:3d:
5a:c0:b5:ec:66:fb:b5:a8:28:2f:91:32:6e:a7:9d:e9:57:64:
e4:f4:fb:62:91:57:3d:13:71:6c:fe:3d:cb:2d:bb:b4:b1:94:
5c:6c:5d:4a:08:d4:f3:bc:30:13:6e:86:b3:a1:e9:f9:de:49:
e8:55:69:c2:c4:5f:a9:8c:24:9e:8b:9a:11:c9:30:ff:7e:b1:
b5:f4:c1:e4:02:66:58:87:b8:e4:30:cd:65:24:c4:3d:18:17:
8d:0a:34:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbjfmdULQxs2+S3eurHo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjNhNDdhY2RiYThlYzFjZDg1ZDRkNzlmMzZiMzViNjk4
ZTVmODkwHhcNMjQwMTAxMTQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM4ZjgyNDc1YzczOGIwYmM2NWM0Nzc3MmJmZmZjMTA5MTc5ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FV5LwDxYiH8txUcdnFRUU0xMsw/
d1NMDwuEpvn0G1rYYzcqhmNfXyjxM8tQzFSjOdF57/XP1CJh0F9p644kDGo/u801
c0/G0hWuZpSbr1ajXEyRn9rl2glaHORDZwrBMbk/XDKq2ugd1KNZHIZSjomB48it
+D/RYpTodjeHdZxCsks/cNEBpeTsxFnURBaHnlT06awO/z4eee2jnmskTX4kUdzg
pJeVE0L6nsYoQgIQG513RhVDSsF93irBwR9HNMxrkb4ThrMblWJVjr1et0jEu4Il
wI6So6KJMuDiPCx/BBAzzBRXUsGtiIuZnKiPUVlu56ma33rQJV9BBQb+9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAg4+CR1xziwvGXEd3K//8EJF51kMB8GA1UdIwQY
MBaAFK9jpHrNuo7BzYXU1582s1tpjl+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJPa2VzMjZqc0hOaGRUWG56YXpXMm1PWDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jNGQ3YjAtNmViZi00Y2FjLWE4YWQt
ZmUzZTMxOGNhZTljLzEvQ0RqNEpIWEhPTEM4WmNSM2NyX193UWtYbldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jNGQ3YjAtNmViZi00Y2FjLWE4YWQtZmUzZTMxOGNhZTlj
LzEvcjJPa2VzMjZqc0hOaGRUWG56YXpXMm1PWDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH4MgAwQC
W8rwMA0GCSqGSIb3DQEBCwUAA4IBAQCyBjW5POGaC9jSpVGJjfHqicMH+D+Up0vN
qhrLGqDu0UO9dENu8B5A3l5wtsBDf27djfYkb73o+Bvt69AGCOU3neyjKfq2D3r/
aPwy2ND7XVnfZnCpl3OT5w20xPUzhHyiGarfkhMa4U7zR9od5G58xY2UYpie6Rel
WaErqNnb6j+D+AQb5TDps8mNc79W4scs94dY70Ab1LjmAM3qVsMiHj1awLXsZvu1
qCgvkTJup53pV2Tk9PtikVc9E3Fs/j3LLbu0sZRcbF1KCNTzvDATboazoen53kno
VWnCxF+pjCSei5oRyTD/frG19MHkAmZYh7jkMM1lJMQ9GBeNCjQI
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:18:28 2024 by rpki-client on console-fra.rpki-client.org