Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/Y0x9WRRm8LGXrDY60YLb7fQKN6o.roa
File: Y0x9WRRm8LGXrDY60YLb7fQKN6o.roa (raw, json)
Hash identifier: 7xS+1cffUZDCQlgKN/80wv8EHSC0d4mFOeNdQLpaN1k=
Subject key identifier: 63:4C:7D:59:14:66:F0:B1:97:AC:36:3A:D1:82:DB:ED:F4:0A:37:AA
Certificate issuer: /CN=d25f2cd1a9f0da435f2e3b3ee70e64fdaf4b6121
Certificate serial: 018CC2DB16E435BE1B79587C5B326F40F1E9
Authority key identifier: D2:5F:2C:D1:A9:F0:DA:43:5F:2E:3B:3E:E7:0E:64:FD:AF:4B:61:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0l8s0anw2kNfLjs-5w5k_a9LYSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/Y0x9WRRm8LGXrDY60YLb7fQKN6o.roa
Signing time: Mon 01 Jan 2024 02:29:47 +0000
ROA not before: Mon 01 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38176
IP address blocks: 31.47.93.0/24 maxlen: 24
31.47.92.0/24 maxlen: 24
31.47.95.0/24 maxlen: 24
31.47.94.0/24 maxlen: 24
31.47.91.0/24 maxlen: 24
31.47.90.0/24 maxlen: 24
31.47.89.0/24 maxlen: 24
31.47.88.0/24 maxlen: 24
31.47.88.0/21 maxlen: 21
185.198.105.0/24 maxlen: 24
185.198.104.0/24 maxlen: 24
185.198.107.0/24 maxlen: 24
185.198.106.0/24 maxlen: 24
185.198.106.0/23 maxlen: 23
2a0a:1a40:c000::/34 maxlen: 34
2a0a:1a40:8000::/34 maxlen: 34
2a0a:1a40:4000::/34 maxlen: 34
2a0a:1a40::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/0l8s0anw2kNfLjs-5w5k_a9LYSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/0l8s0anw2kNfLjs-5w5k_a9LYSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/0l8s0anw2kNfLjs-5w5k_a9LYSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 10:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:16:e4:35:be:1b:79:58:7c:5b:32:6f:40:f1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d25f2cd1a9f0da435f2e3b3ee70e64fdaf4b6121
Validity
Not Before: Jan 1 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=634c7d591466f0b197ac363ad182dbedf40a37aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:34:32:91:1a:45:58:bc:d0:b1:b0:96:b5:a9:
73:30:4c:0a:84:e7:e5:83:97:bf:fc:11:89:4d:f6:
69:7e:16:cf:62:50:9f:cd:c9:6c:b7:a0:0f:4b:3c:
83:b2:77:a8:76:5f:0f:7a:77:b8:e7:cc:af:26:0e:
39:2d:22:ac:33:d4:13:6e:4a:db:2e:37:fe:ce:f9:
7b:8a:6a:dc:e5:bb:d4:cf:29:88:a3:14:34:15:54:
54:7b:9f:8c:a1:37:51:a6:05:0c:ee:a4:aa:cc:f3:
6f:46:16:ad:8e:c7:6a:9e:d0:c8:eb:94:8d:7c:0e:
b6:45:5a:22:ca:62:ad:b6:35:f7:82:ab:1e:9b:2b:
59:88:28:78:f1:12:8b:46:9c:10:c6:43:74:06:ac:
f4:54:bf:82:a6:80:ad:75:e0:c5:80:6c:ea:3a:e2:
55:65:87:93:f8:9c:53:20:09:bc:8f:87:02:38:cc:
5e:c1:83:96:dc:03:c1:e0:f8:0b:f7:a1:f9:8d:a8:
34:a2:80:22:05:8d:3a:fe:55:0a:a3:b6:be:bd:2b:
00:82:1b:8e:8f:7a:16:bb:33:2d:c9:18:07:71:fe:
2c:79:d0:64:bf:72:9f:0a:25:1c:38:99:28:8f:f1:
b2:58:7c:ad:f9:37:b2:6f:c0:7c:dd:18:1b:d2:f0:
88:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4C:7D:59:14:66:F0:B1:97:AC:36:3A:D1:82:DB:ED:F4:0A:37:AA
X509v3 Authority Key Identifier:
keyid:D2:5F:2C:D1:A9:F0:DA:43:5F:2E:3B:3E:E7:0E:64:FD:AF:4B:61:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0l8s0anw2kNfLjs-5w5k_a9LYSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/Y0x9WRRm8LGXrDY60YLb7fQKN6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/0l8s0anw2kNfLjs-5w5k_a9LYSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.88.0/21
185.198.104.0/22
IPv6:
2a0a:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
13:bd:bd:cf:33:97:3f:af:eb:53:dd:b2:cd:07:b3:20:d6:8b:
8c:2f:ae:3c:b2:b4:4a:72:33:dc:42:cc:25:67:c8:00:ae:5e:
f6:49:a2:1d:dd:d4:53:90:73:3a:1b:28:d3:73:46:9d:8a:90:
3b:a8:07:af:47:3b:ff:2b:38:00:ac:0a:a9:43:8d:fa:96:8d:
66:1d:dd:98:20:c9:7e:53:6e:2f:d2:c1:5d:12:af:13:c3:e4:
0a:2f:54:f0:5b:8a:45:20:f7:ee:57:30:b4:b3:17:97:14:5f:
16:46:c1:8b:78:8f:44:7e:60:88:6e:71:9b:19:0f:47:ad:2a:
2a:34:5b:51:d3:df:a9:65:43:35:96:9b:1f:9d:7b:81:25:59:
5a:2a:34:f4:b2:83:64:b5:f6:9a:e7:ff:64:2c:aa:06:05:4e:
cc:7d:46:02:92:d3:35:d7:b6:f5:b3:0f:82:29:f4:0d:c4:68:
1f:34:01:0f:2c:8d:96:39:b0:27:44:b8:9d:2f:26:7b:f0:e0:
2e:4b:de:d7:c1:2e:c8:57:d5:a4:23:eb:ff:58:73:85:78:ac:
b7:c4:f6:77:49:ba:8b:ca:09:a6:5f:a4:e6:fd:92:93:24:8c:
78:c4:2b:11:56:80:13:d3:79:12:c1:ad:86:71:3b:82:1e:29:
98:0c:92:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2xbkNb4beVh8WzJvQPHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNWYyY2QxYTlmMGRhNDM1ZjJlM2IzZWU3MGU2NGZkYWY0
YjYxMjEwHhcNMjQwMTAxMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRjN2Q1OTE0NjZmMGIxOTdhYzM2M2FkMTgyZGJlZGY0MGEzN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDQykRpFWLzQsbCWtalzMEwKhOfl
g5e//BGJTfZpfhbPYlCfzclst6APSzyDsneodl8Pene458yvJg45LSKsM9QTbkrb
Ljf+zvl7imrc5bvUzymIoxQ0FVRUe5+MoTdRpgUM7qSqzPNvRhatjsdqntDI65SN
fA62RVoiymKttjX3gqsemytZiCh48RKLRpwQxkN0Bqz0VL+CpoCtdeDFgGzqOuJV
ZYeT+JxTIAm8j4cCOMxewYOW3APB4PgL96H5jag0ooAiBY06/lUKo7a+vSsAghuO
j3oWuzMtyRgHcf4sedBkv3KfCiUcOJkoj/GyWHyt+Teyb8B83Rgb0vCI8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGNMfVkUZvCxl6w2OtGC2+30CjeqMB8GA1UdIwQY
MBaAFNJfLNGp8NpDXy47PucOZP2vS2EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGw4czBhbncya05mTGpzLTV3NWtfYTlMWVNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yZDEyNWYtMWE2MC00NjhkLWE5M2Et
YzViNmFlY2I2YzljLzEvWTB4OVdSUm04TEdYckRZNjBZTGI3ZlFLTjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yZDEyNWYtMWE2MC00NjhkLWE5M2EtYzViNmFlY2I2Yzlj
LzEvMGw4czBhbncya05mTGpzLTV3NWtfYTlMWVNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHy9YAwQC
ucZoMA0EAgACMAcDBQAqChpAMA0GCSqGSIb3DQEBCwUAA4IBAQATvb3PM5c/r+tT
3bLNB7Mg1ouML648srRKcjPcQswlZ8gArl72SaId3dRTkHM6GyjTc0adipA7qAev
Rzv/KzgArAqpQ436lo1mHd2YIMl+U24v0sFdEq8Tw+QKL1TwW4pFIPfuVzC0sxeX
FF8WRsGLeI9EfmCIbnGbGQ9HrSoqNFtR09+pZUM1lpsfnXuBJVlaKjT0soNktfaa
5/9kLKoGBU7MfUYCktM117b1sw+CKfQNxGgfNAEPLI2WObAnRLidLyZ78OAuS97X
wS7IV9WkI+v/WHOFeKy3xPZ3SbqLygmmX6Tm/ZKTJIx4xCsRVoAT03kSwa2GcTuC
HimYDJIk
-----END CERTIFICATE-----
Generated at Mon May 27 16:29:44 2024 by rpki-client on console-ams.rpki-client.org