Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/2f7c79-3f6b-444a-8ec5-7bdca7516e75/1/ql7Yx1-7fD0Wf6-SegHUdSV00S0.roa
File: ql7Yx1-7fD0Wf6-SegHUdSV00S0.roa (raw, json)
Hash identifier: FhJMcYqUXJsEquFAyEcQy6qgm+tTB+m46gQXHrAqVtk=
Subject key identifier: AA:5E:D8:C7:5F:BB:7C:3D:16:7F:AF:92:7A:01:D4:75:25:74:D1:2D
Certificate issuer: /CN=103aa909e8db00f8377a450dbca57d051f4bf435
Certificate serial: 018CC3B6CD4AD146989166FBDE96780909D3
Authority key identifier: 10:3A:A9:09:E8:DB:00:F8:37:7A:45:0D:BC:A5:7D:05:1F:4B:F4:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EDqpCejbAPg3ekUNvKV9BR9L9DU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/2f7c79-3f6b-444a-8ec5-7bdca7516e75/1/ql7Yx1-7fD0Wf6-SegHUdSV00S0.roa
Signing time: Mon 01 Jan 2024 06:29:46 +0000
ROA not before: Mon 01 Jan 2024 06:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56787
IP address blocks: 31.223.177.0/24 maxlen: 24
31.223.178.0/24 maxlen: 24
31.223.179.0/24 maxlen: 24
31.223.176.0/24 maxlen: 24
31.223.181.0/24 maxlen: 24
31.223.182.0/24 maxlen: 24
31.223.180.0/24 maxlen: 24
31.223.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/2f7c79-3f6b-444a-8ec5-7bdca7516e75/1/EDqpCejbAPg3ekUNvKV9BR9L9DU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/2f7c79-3f6b-444a-8ec5-7bdca7516e75/1/EDqpCejbAPg3ekUNvKV9BR9L9DU.mft
rsync://rpki.ripe.net/repository/DEFAULT/EDqpCejbAPg3ekUNvKV9BR9L9DU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:cd:4a:d1:46:98:91:66:fb:de:96:78:09:09:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=103aa909e8db00f8377a450dbca57d051f4bf435
Validity
Not Before: Jan 1 06:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa5ed8c75fbb7c3d167faf927a01d4752574d12d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1b:64:fa:67:e5:91:27:b5:7a:32:1e:0e:42:
ae:58:71:bb:b1:db:76:3e:e2:49:df:50:4e:ea:08:
e1:c5:da:81:7a:50:ac:eb:d9:c0:a9:2d:42:c2:5b:
8b:92:25:45:f1:07:8b:dc:77:df:72:68:29:75:4f:
43:e7:90:07:89:52:a6:89:de:33:57:2a:69:79:a5:
9f:62:2b:af:40:36:90:3e:a7:7f:6f:aa:fa:c5:59:
24:df:32:10:b7:e7:bd:f3:d3:13:ec:bd:f6:8c:2c:
31:67:d6:0c:37:84:e8:bd:3a:e2:b4:95:51:91:fa:
5d:00:e7:18:95:32:07:fb:5a:d6:80:4a:0a:c7:e4:
ee:1d:78:a2:82:ea:fa:e3:b1:92:45:cd:7c:5b:29:
64:d1:d3:b6:f5:0b:55:66:a8:76:55:bc:f6:cd:bd:
b7:8b:a8:bf:e8:8b:0f:5e:67:f4:a2:05:63:36:27:
af:b9:e3:28:56:78:27:21:4d:1e:a3:56:60:d0:f1:
44:54:15:cf:44:4f:45:46:85:83:d6:e7:b8:de:7f:
45:4b:ab:8c:31:2f:2a:eb:f6:3f:99:ba:8f:2f:f0:
92:2d:ca:e0:79:93:a6:fa:2d:3c:60:17:5d:33:4a:
38:e1:0d:1d:18:75:b7:91:cf:e6:eb:f6:33:01:b9:
cb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5E:D8:C7:5F:BB:7C:3D:16:7F:AF:92:7A:01:D4:75:25:74:D1:2D
X509v3 Authority Key Identifier:
keyid:10:3A:A9:09:E8:DB:00:F8:37:7A:45:0D:BC:A5:7D:05:1F:4B:F4:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDqpCejbAPg3ekUNvKV9BR9L9DU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2f7c79-3f6b-444a-8ec5-7bdca7516e75/1/ql7Yx1-7fD0Wf6-SegHUdSV00S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2f7c79-3f6b-444a-8ec5-7bdca7516e75/1/EDqpCejbAPg3ekUNvKV9BR9L9DU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.176.0/21
Signature Algorithm: sha256WithRSAEncryption
15:f5:1e:6e:74:2a:21:f2:27:37:39:48:d7:a3:e5:4d:9d:46:
55:c0:43:c4:e2:ec:3f:a0:87:b8:dc:b5:35:bf:16:ed:5d:d2:
9e:93:05:42:26:16:cc:74:61:c5:c6:95:7d:bd:66:eb:d7:2c:
52:fe:08:6f:07:c6:83:54:f2:19:d6:87:5a:1c:4f:f0:24:1c:
0f:2f:4c:31:3c:4c:94:d3:ab:fc:23:78:f8:3c:74:e5:75:bf:
40:8f:b7:c6:f7:2e:e1:d6:c2:f6:ee:0b:b9:70:93:02:c3:54:
a7:4e:1a:57:82:3b:91:3c:4f:d4:c4:9c:3e:d7:55:38:26:c5:
ec:40:18:a2:90:21:a9:59:36:73:22:3b:1b:10:30:2d:03:c5:
c0:6c:ce:d2:2a:8b:b5:70:64:a9:fa:0f:1e:70:73:ac:9a:b5:
21:c0:b5:f6:53:98:cd:3c:8b:c4:76:65:2f:dd:77:33:26:4e:
62:df:2f:9b:cc:76:eb:b3:9d:a2:c1:70:7f:8e:cc:11:a2:f6:
ea:90:85:26:59:8b:3e:66:11:c3:49:4f:80:47:4a:5a:80:da:
73:0f:fc:e1:db:b5:0a:92:0c:56:e2:34:57:b1:3f:45:44:4e:
8d:63:20:2c:b3:74:20:43:04:80:aa:4b:0c:7d:9d:28:80:14:
84:a5:6e:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDts1K0UaYkWb73pZ4CQnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwM2FhOTA5ZThkYjAwZjgzNzdhNDUwZGJjYTU3ZDA1MWY0
YmY0MzUwHhcNMjQwMTAxMDYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTVlZDhjNzVmYmI3YzNkMTY3ZmFmOTI3YTAxZDQ3NTI1NzRkMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRtk+mflkSe1ejIeDkKuWHG7sdt2
PuJJ31BO6gjhxdqBelCs69nAqS1CwluLkiVF8QeL3HffcmgpdU9D55AHiVKmid4z
VyppeaWfYiuvQDaQPqd/b6r6xVkk3zIQt+e989MT7L32jCwxZ9YMN4TovTritJVR
kfpdAOcYlTIH+1rWgEoKx+TuHXiigur647GSRc18Wylk0dO29QtVZqh2Vbz2zb23
i6i/6IsPXmf0ogVjNievueMoVngnIU0eo1Zg0PFEVBXPRE9FRoWD1ue43n9FS6uM
MS8q6/Y/mbqPL/CSLcrgeZOm+i08YBddM0o44Q0dGHW3kc/m6/YzAbnLZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpe2Mdfu3w9Fn+vknoB1HUldNEtMB8GA1UdIwQY
MBaAFBA6qQno2wD4N3pFDbylfQUfS/Q1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURxcENlamJBUGczZWtVTnZLVjlCUjlMOURVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yZjdjNzktM2Y2Yi00NDRhLThlYzUt
N2JkY2E3NTE2ZTc1LzEvcWw3WXgxLTdmRDBXZjYtU2VnSFVkU1YwMFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yZjdjNzktM2Y2Yi00NDRhLThlYzUtN2JkY2E3NTE2ZTc1
LzEvRURxcENlamJBUGczZWtVTnZLVjlCUjlMOURVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH9+wMA0G
CSqGSIb3DQEBCwUAA4IBAQAV9R5udCoh8ic3OUjXo+VNnUZVwEPE4uw/oIe43LU1
vxbtXdKekwVCJhbMdGHFxpV9vWbr1yxS/ghvB8aDVPIZ1odaHE/wJBwPL0wxPEyU
06v8I3j4PHTldb9Aj7fG9y7h1sL27gu5cJMCw1SnThpXgjuRPE/UxJw+11U4JsXs
QBiikCGpWTZzIjsbEDAtA8XAbM7SKou1cGSp+g8ecHOsmrUhwLX2U5jNPIvEdmUv
3XczJk5i3y+bzHbrs52iwXB/jswRovbqkIUmWYs+ZhHDSU+AR0pagNpzD/zh27UK
kgxW4jRXsT9FRE6NYyAss3QgQwSAqksMfZ0ogBSEpW7h
-----END CERTIFICATE-----
Generated at Sat May 11 06:32:27 2024 by rpki-client on console-ams.rpki-client.org