Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8d1b02-b0f9-4e0e-a457-30bdb48da521/1/oYINVcZLN0kcaeeycLyJdAtF8fk.roa
File: oYINVcZLN0kcaeeycLyJdAtF8fk.roa (raw, json)
Hash identifier: 2OKeLXMk+0IfqKOGtXy45pxTb39fHFSrB8l5Sk4NOc8=
Subject key identifier: A1:82:0D:55:C6:4B:37:49:1C:69:E7:B2:70:BC:89:74:0B:45:F1:F9
Certificate issuer: /CN=a6f13d680ce480591bf8b37ddca0faeb3bbe744e
Certificate serial: 018CC500FEC24F6F6FE9BCACCEAF6C1AE783
Authority key identifier: A6:F1:3D:68:0C:E4:80:59:1B:F8:B3:7D:DC:A0:FA:EB:3B:BE:74:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pvE9aAzkgFkb-LN93KD66zu-dE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8d1b02-b0f9-4e0e-a457-30bdb48da521/1/oYINVcZLN0kcaeeycLyJdAtF8fk.roa
Signing time: Mon 01 Jan 2024 12:30:25 +0000
ROA not before: Mon 01 Jan 2024 12:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15480
IP address blocks: 109.32.0.0/13 maxlen: 13
62.140.128.0/20 maxlen: 20
62.72.192.0/19 maxlen: 19
62.140.140.0/23 maxlen: 23
62.140.156.0/23 maxlen: 23
31.136.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8d1b02-b0f9-4e0e-a457-30bdb48da521/1/pvE9aAzkgFkb-LN93KD66zu-dE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8d1b02-b0f9-4e0e-a457-30bdb48da521/1/pvE9aAzkgFkb-LN93KD66zu-dE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pvE9aAzkgFkb-LN93KD66zu-dE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:fe:c2:4f:6f:6f:e9:bc:ac:ce:af:6c:1a:e7:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6f13d680ce480591bf8b37ddca0faeb3bbe744e
Validity
Not Before: Jan 1 12:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1820d55c64b37491c69e7b270bc89740b45f1f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7b:61:57:78:76:3b:24:1b:62:a3:70:1e:84:
70:ee:a1:55:e2:82:1a:b2:fa:8a:c7:50:55:9e:1c:
d2:3c:eb:5f:9a:b0:02:a5:44:63:df:62:d8:b5:7c:
21:34:e7:11:99:be:08:b6:5e:5b:aa:4f:d9:04:76:
1d:cc:ad:2e:1d:6b:78:6c:e0:3a:ac:81:9d:a8:93:
da:3b:72:f7:00:3d:f7:53:a4:b4:15:8f:d2:fd:65:
02:b0:9b:0e:50:fc:09:c1:20:46:44:b0:5b:cd:fb:
ed:86:88:38:93:03:93:bb:af:1d:58:54:68:1e:6b:
e5:90:38:57:77:45:4b:29:d5:b0:56:48:7d:e1:0a:
9b:9d:ea:be:dc:60:22:c9:02:da:45:3f:51:bb:3b:
cf:f2:7f:2e:93:7d:d6:2b:f6:bf:5b:c6:d7:ec:28:
cf:d7:21:36:2d:3e:e2:54:d8:48:14:49:9e:27:ac:
b6:5e:40:d2:61:e2:2f:05:81:c6:5f:c0:4e:61:89:
b3:ca:e9:5b:4e:b8:08:c4:1e:5e:06:83:55:e8:d8:
9a:eb:94:3b:71:09:b2:da:9c:4f:3d:46:eb:d9:03:
6c:18:c9:78:a3:ba:70:8d:46:5b:65:2c:45:c3:b9:
c3:43:01:aa:bb:4a:3b:b0:83:8e:51:43:d1:0e:57:
4a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:82:0D:55:C6:4B:37:49:1C:69:E7:B2:70:BC:89:74:0B:45:F1:F9
X509v3 Authority Key Identifier:
keyid:A6:F1:3D:68:0C:E4:80:59:1B:F8:B3:7D:DC:A0:FA:EB:3B:BE:74:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pvE9aAzkgFkb-LN93KD66zu-dE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8d1b02-b0f9-4e0e-a457-30bdb48da521/1/oYINVcZLN0kcaeeycLyJdAtF8fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8d1b02-b0f9-4e0e-a457-30bdb48da521/1/pvE9aAzkgFkb-LN93KD66zu-dE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.136.0.0/14
62.72.192.0/19
62.140.128.0/20
62.140.156.0/23
109.32.0.0/13
Signature Algorithm: sha256WithRSAEncryption
14:84:83:a6:57:90:e9:d5:43:1c:01:10:c8:cb:76:b0:72:31:
e9:e7:21:84:1e:c2:73:44:ab:4c:04:0f:ee:7b:63:b0:78:e8:
9a:fe:32:a3:2d:1c:d4:2b:45:32:65:01:3f:d1:34:0b:6b:5b:
72:81:bb:b8:b8:41:19:2e:73:be:56:4b:cf:1e:3a:bb:2d:62:
11:10:e3:bc:45:ad:07:2a:2d:7b:96:b9:9b:08:23:33:0e:70:
49:c7:a7:4f:f4:37:95:3a:7d:11:d3:77:da:d9:1a:64:0b:54:
7a:07:9b:c3:e5:78:9a:b1:f2:f7:d1:81:3f:ba:d1:74:1f:b3:
4e:1b:3b:37:9b:98:b3:7a:18:19:f8:d2:54:b1:fe:c5:b9:b0:
3c:6d:99:32:5c:6f:49:8d:bd:cf:1d:69:97:34:3f:0c:e3:06:
91:ad:d4:d1:52:b5:9f:37:bb:99:e1:63:7e:88:87:a7:2a:79:
80:d1:c5:dd:11:dd:71:1e:26:42:f7:1d:0e:49:b1:68:5f:5d:
79:36:3c:e2:15:f0:16:d5:d6:8c:43:dd:9b:9b:ff:71:cd:ae:
29:2c:a1:9b:c3:50:c7:32:e5:40:61:2e:6b:be:32:27:1e:99:
6d:3d:2c:62:47:89:ca:27:38:6e:ee:ae:d0:80:36:bf:4f:a8:
be:e3:0d:66
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFAP7CT29v6byszq9sGueDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZjEzZDY4MGNlNDgwNTkxYmY4YjM3ZGRjYTBmYWViM2Ji
ZTc0NGUwHhcNMjQwMTAxMTIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTgyMGQ1NWM2NGIzNzQ5MWM2OWU3YjI3MGJjODk3NDBiNDVmMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknthV3h2OyQbYqNwHoRw7qFV4oIa
svqKx1BVnhzSPOtfmrACpURj32LYtXwhNOcRmb4Itl5bqk/ZBHYdzK0uHWt4bOA6
rIGdqJPaO3L3AD33U6S0FY/S/WUCsJsOUPwJwSBGRLBbzfvthog4kwOTu68dWFRo
HmvlkDhXd0VLKdWwVkh94Qqbneq+3GAiyQLaRT9RuzvP8n8uk33WK/a/W8bX7CjP
1yE2LT7iVNhIFEmeJ6y2XkDSYeIvBYHGX8BOYYmzyulbTrgIxB5eBoNV6Nia65Q7
cQmy2pxPPUbr2QNsGMl4o7pwjUZbZSxFw7nDQwGqu0o7sIOOUUPRDldKWQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKGCDVXGSzdJHGnnsnC8iXQLRfH5MB8GA1UdIwQY
MBaAFKbxPWgM5IBZG/izfdyg+us7vnROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHZFOWFBemtnRmtiLUxOOTNLRDY2enUtZEU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ZDFiMDItYjBmOS00ZTBlLWE0NTct
MzBiZGI0OGRhNTIxLzEvb1lJTlZjWkxOMGtjYWVleWNMeUpkQXRGOGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ZDFiMDItYjBmOS00ZTBlLWE0NTctMzBiZGI0OGRhNTIx
LzEvcHZFOWFBemtnRmtiLUxOOTNLRDY2enUtZEU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcAwMCH4gDBAU+
SMADBAQ+jIADBAE+jJwDAwNtIDANBgkqhkiG9w0BAQsFAAOCAQEAFISDpleQ6dVD
HAEQyMt2sHIx6echhB7Cc0SrTAQP7ntjsHjomv4yoy0c1CtFMmUBP9E0C2tbcoG7
uLhBGS5zvlZLzx46uy1iERDjvEWtByote5a5mwgjMw5wScenT/Q3lTp9EdN32tka
ZAtUegebw+V4mrHy99GBP7rRdB+zThs7N5uYs3oYGfjSVLH+xbmwPG2ZMlxvSY29
zx1plzQ/DOMGka3U0VK1nze7meFjfoiHpyp5gNHF3RHdcR4mQvcdDkmxaF9deTY8
4hXwFtXWjEPdm5v/cc2uKSyhm8NQxzLlQGEua74yJx6ZbT0sYkeJyic4bu6u0IA2
v0+ovuMNZg==
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:28:12 2024 by rpki-client on console-ams.rpki-client.org