Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/ErX2r9-5t9IBPpMORMKJDzOg5Sc.roa
File: ErX2r9-5t9IBPpMORMKJDzOg5Sc.roa (raw, json)
Hash identifier: i9JSzN7y0lULkkpOHRi29tb/SZQHj0ZAv2FD23YdCIU=
Subject key identifier: 12:B5:F6:AF:DF:B9:B7:D2:01:3E:93:0E:44:C2:89:0F:33:A0:E5:27
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018D6A4E5B8C19F640B1708AEB4AE50E6DA8
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/ErX2r9-5t9IBPpMORMKJDzOg5Sc.roa
Signing time: Fri 02 Feb 2024 14:52:16 +0000
ROA not before: Fri 02 Feb 2024 14:52:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.0.0/20 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.17.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
46.19.64.0/22 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
141.98.234.0/24 maxlen: 24
185.166.196.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:4e:5b:8c:19:f6:40:b1:70:8a:eb:4a:e5:0e:6d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 2 14:52:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12b5f6afdfb9b7d2013e930e44c2890f33a0e527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0d:1a:92:26:59:9c:bc:72:44:b8:46:9a:2b:
19:df:66:f8:fc:ed:bd:97:67:ed:5f:dd:91:ef:a8:
bf:9a:41:f2:28:0c:9b:ee:57:05:5f:81:7d:ed:9f:
6a:30:67:0f:af:a9:ff:b6:47:29:e2:cc:12:25:fb:
73:98:3a:21:c8:fd:0d:74:24:ab:ac:58:88:7b:02:
b8:34:69:43:8c:e6:fd:e0:2f:29:fb:26:17:27:cb:
47:dd:97:a6:9c:a9:66:b3:9e:bf:1d:92:86:7b:11:
5c:ea:1d:c2:8d:81:dc:f8:37:71:73:1c:f9:3a:52:
4a:bb:82:c2:1f:0a:de:89:56:a3:20:f5:a2:0b:7d:
67:37:59:52:66:aa:5d:67:e1:2d:94:36:73:6a:63:
37:dc:a0:73:d6:05:48:18:0b:0b:9b:53:21:36:91:
ce:48:52:49:dd:49:dc:df:85:74:44:1b:b3:74:2b:
26:63:4f:4c:8c:5b:b8:91:07:5f:ff:45:58:81:09:
db:4e:b4:d7:90:77:a4:be:91:df:3c:ba:7a:80:a4:
77:80:a0:41:53:fa:ea:98:a8:26:27:b2:c0:ac:12:
c4:d4:97:0c:ba:7f:c9:a2:14:0e:68:33:4e:33:1b:
63:d1:13:45:d8:be:f8:6c:ef:cb:de:45:ad:90:4f:
02:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B5:F6:AF:DF:B9:B7:D2:01:3E:93:0E:44:C2:89:0F:33:A0:E5:27
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/ErX2r9-5t9IBPpMORMKJDzOg5Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
46.19.64.0/22
81.200.144.0-81.200.157.255
94.198.216.0/22
141.98.234.0/24
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:3c:0e:46:24:41:55:be:1a:01:c7:35:c4:81:4a:9b:2f:0f:
02:e9:32:c7:eb:4a:c5:1f:59:24:3e:70:15:15:9b:ad:38:db:
e2:5c:5d:c7:af:79:d2:c5:03:16:8d:30:cb:ae:18:74:01:54:
de:f9:95:5e:6a:19:9b:61:32:81:72:3c:7f:56:9e:d0:27:4e:
af:8a:ae:cc:cd:83:f0:fa:88:bd:d2:0e:24:bb:1d:cf:a0:83:
9e:8d:ad:84:7e:55:31:06:86:4c:33:fe:9c:01:99:b2:20:66:
35:7c:c6:89:9b:fb:24:4d:e7:47:c1:95:18:bc:ce:fc:11:54:
cf:4d:b4:dc:d1:fd:81:67:d4:b2:b4:27:55:f8:13:8e:99:1e:
e0:be:ff:57:ab:8f:22:16:3b:ee:f0:93:23:66:3a:c2:8f:4e:
45:24:c9:e6:f2:80:29:c8:d7:9a:b5:a2:ad:ec:70:07:df:15:
d5:c2:a5:8c:12:cd:bf:98:c9:bd:83:9a:16:c8:03:88:d2:8f:
48:8c:94:73:6b:e0:00:08:cd:57:9d:55:62:40:d3:7b:53:f6:
fb:eb:d5:64:28:73:66:e3:63:11:43:3a:94:bb:78:da:cd:ec:
3a:74:ce:cd:c4:92:75:14:1a:d9:5b:9e:95:ca:fa:9c:4e:20:
7e:49:86:05
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY1qTluMGfZAsXCK60rlDm2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMjAyMTQ1MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmI1ZjZhZmRmYjliN2QyMDEzZTkzMGU0NGMyODkwZjMzYTBlNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw0akiZZnLxyRLhGmisZ32b4/O29
l2ftX92R76i/mkHyKAyb7lcFX4F97Z9qMGcPr6n/tkcp4swSJftzmDohyP0NdCSr
rFiIewK4NGlDjOb94C8p+yYXJ8tH3ZemnKlms56/HZKGexFc6h3CjYHc+Ddxcxz5
OlJKu4LCHwreiVajIPWiC31nN1lSZqpdZ+EtlDZzamM33KBz1gVIGAsLm1MhNpHO
SFJJ3Unc34V0RBuzdCsmY09MjFu4kQdf/0VYgQnbTrTXkHekvpHfPLp6gKR3gKBB
U/rqmKgmJ7LArBLE1JcMun/JohQOaDNOMxtj0RNF2L74bO/L3kWtkE8CwQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFBK19q/fubfSAT6TDkTCiQ8zoOUnMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvRXJYMnI5LTV0OUlCUHBNT1JNS0pEek9nNVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAATBNMAsDAwAfgQME
AB+BFDAMAwQAH4EXAwQBH4EcAwQAH4EfAwQCJdxQAwQCLhNAMAwDBARRyJADBAFR
yJwDBAJextgDBACNYuoDBAG5psQwDQYJKoZIhvcNAQELBQADggEBAKI8DkYkQVW+
GgHHNcSBSpsvDwLpMsfrSsUfWSQ+cBUVm6042+JcXcevedLFAxaNMMuuGHQBVN75
lV5qGZthMoFyPH9WntAnTq+KrszNg/D6iL3SDiS7Hc+gg56NrYR+VTEGhkwz/pwB
mbIgZjV8xomb+yRN50fBlRi8zvwRVM9NtNzR/YFn1LK0J1X4E46ZHuC+/1erjyIW
O+7wkyNmOsKPTkUkyebygCnI15q1oq3scAffFdXCpYwSzb+Yyb2DmhbIA4jSj0iM
lHNr4AAIzVedVWJA03tT9vvr1WQoc2bjYxFDOpS7eNrN7Dp0zs3EknUUGtlbnpXK
+pxOIH5JhgU=
-----END CERTIFICATE-----
Generated at Thu May 23 00:42:15 2024 by rpki-client on console-ams.rpki-client.org