Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/wFwYrSSc2S72uDQ4-PiDVK4v_dA.roa
File: wFwYrSSc2S72uDQ4-PiDVK4v_dA.roa (raw, json)
Hash identifier: z4KftwqLRqZtd5fZ8IownIVoVyV9vfsEAh8GzYwJSlA=
Subject key identifier: C0:5C:18:AD:24:9C:D9:2E:F6:B8:34:38:F8:F8:83:54:AE:2F:FD:D0
Certificate issuer: /CN=828bbad6f4916842bbe320284fafe10caf59edf0
Certificate serial: 019329A046EC311BCEEFC18F9AD0F47B43B3
Authority key identifier: 82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/wFwYrSSc2S72uDQ4-PiDVK4v_dA.roa
Signing time: Thu 14 Nov 2024 07:43:09 +0000
ROA not before: Thu 14 Nov 2024 07:43:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41321
IP address blocks: 31.3.150.0/24 maxlen: 24
31.3.151.0/24 maxlen: 24
80.70.171.0/24 maxlen: 24
80.70.174.0/24 maxlen: 24
2a00:d340:ffe0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.mft
rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:29:a0:46:ec:31:1b:ce:ef:c1:8f:9a:d0:f4:7b:43:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=828bbad6f4916842bbe320284fafe10caf59edf0
Validity
Not Before: Nov 14 07:43:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c05c18ad249cd92ef6b83438f8f88354ae2ffdd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:31:f7:95:ad:05:43:e6:00:70:a3:a6:45:d5:
a1:fe:ff:df:f1:5b:ed:ad:7b:41:14:3f:ce:b9:fe:
f4:79:8d:78:00:09:6d:43:4f:b2:7b:a3:38:fb:ef:
ed:d4:d8:af:af:b0:fe:d4:e3:53:0a:85:7f:b5:eb:
79:95:56:81:24:9d:b0:17:b6:ae:9d:b5:e8:c8:c6:
13:61:04:44:87:33:ca:b4:55:e6:98:6e:da:20:3e:
3a:d5:de:c6:27:5e:db:7e:61:48:41:92:76:02:40:
59:e5:83:d2:32:19:ea:9b:bd:c5:09:04:d0:66:6b:
28:49:b8:73:3f:16:56:79:f7:c8:49:b3:4f:be:7e:
ef:99:60:1e:4c:0c:ff:c7:de:47:c6:f9:e0:0d:8b:
85:9d:3b:d6:5e:1c:01:98:33:81:3f:6f:d7:47:51:
82:3d:f3:8e:3f:73:c8:53:66:1e:63:c2:39:3c:c7:
00:91:7f:67:3a:3f:ae:cc:bd:42:b7:01:26:d8:8b:
d3:e1:a7:03:c0:3c:c4:7f:ef:28:4a:de:86:f8:6d:
84:6b:d7:78:55:45:f1:02:8a:03:ed:9c:bb:dc:cb:
ab:b8:47:3b:65:5a:5d:f4:9e:eb:eb:86:87:ab:ca:
81:b9:03:f3:db:fa:6a:69:1a:7a:4b:a5:8e:8b:ac:
f4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:5C:18:AD:24:9C:D9:2E:F6:B8:34:38:F8:F8:83:54:AE:2F:FD:D0
X509v3 Authority Key Identifier:
keyid:82:8B:BA:D6:F4:91:68:42:BB:E3:20:28:4F:AF:E1:0C:AF:59:ED:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gou61vSRaEK74yAoT6_hDK9Z7fA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/wFwYrSSc2S72uDQ4-PiDVK4v_dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/83f977-82b8-4695-9c08-1896555a2f0e/1/gou61vSRaEK74yAoT6_hDK9Z7fA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.150.0/23
80.70.171.0/24
80.70.174.0/24
IPv6:
2a00:d340:ffe0::/48
Signature Algorithm: sha256WithRSAEncryption
3a:99:5a:5b:e5:a6:de:78:c3:0b:74:c9:c4:6e:3e:ba:68:2d:
93:a6:73:c9:8a:f5:45:71:c2:62:66:ee:85:7b:ee:d8:af:cf:
a2:2b:da:d7:2c:cb:25:98:4b:d6:0e:ed:62:a5:9a:49:f5:c8:
e1:20:ab:ea:6e:0f:c1:0a:c6:06:9b:57:e1:ba:ed:5a:46:7e:
f6:19:3c:29:77:95:49:d4:a6:79:dc:6b:91:fd:3a:43:c8:44:
02:ce:a6:ae:c0:e6:82:c5:e7:ba:0d:25:20:5f:84:54:e1:fb:
dd:76:3b:f9:f8:97:e7:d4:c6:98:74:2f:7c:85:be:e0:24:64:
d6:39:02:6b:ab:01:fb:d9:37:36:95:ca:6c:65:e3:3d:4b:e9:
2b:a5:c1:0c:de:f3:02:cb:96:9f:f9:02:94:b4:f9:b3:02:fe:
61:af:46:96:fa:46:6d:fb:ea:4a:cc:50:fe:ed:d9:77:77:91:
7c:19:db:c0:d0:1b:ac:28:fb:ba:e1:fe:20:bb:80:46:6c:8b:
35:0a:28:e6:54:b5:56:66:79:b2:a9:12:fc:5d:ce:f4:d5:2f:
0a:ec:57:6e:37:e5:f1:ad:3e:d6:1c:99:4d:e4:31:e3:9f:b1:
19:06:05:e1:04:ce:49:76:40:89:8a:6e:60:6f:1a:39:0e:26:
93:b1:c4:72
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZMpoEbsMRvO78GPmtD0e0OzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOGJiYWQ2ZjQ5MTY4NDJiYmUzMjAyODRmYWZlMTBjYWY1
OWVkZjAwHhcNMjQxMTE0MDc0MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDVjMThhZDI0OWNkOTJlZjZiODM0MzhmOGY4ODM1NGFlMmZmZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTH3la0FQ+YAcKOmRdWh/v/f8Vvt
rXtBFD/Ouf70eY14AAltQ0+ye6M4++/t1Nivr7D+1ONTCoV/tet5lVaBJJ2wF7au
nbXoyMYTYQREhzPKtFXmmG7aID461d7GJ17bfmFIQZJ2AkBZ5YPSMhnqm73FCQTQ
ZmsoSbhzPxZWeffISbNPvn7vmWAeTAz/x95HxvngDYuFnTvWXhwBmDOBP2/XR1GC
PfOOP3PIU2YeY8I5PMcAkX9nOj+uzL1CtwEm2IvT4acDwDzEf+8oSt6G+G2Ea9d4
VUXxAooD7Zy73MuruEc7ZVpd9J7r64aHq8qBuQPz2/pqaRp6S6WOi6z06QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMBcGK0knNku9rg0OPj4g1SuL/3QMB8GA1UdIwQY
MBaAFIKLutb0kWhCu+MgKE+v4QyvWe3wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgt
MTg5NjU1NWEyZjBlLzEvd0Z3WXJTU2MyUzcydURRNC1QaURWSzR2X2RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84M2Y5NzctODJiOC00Njk1LTljMDgtMTg5NjU1NWEyZjBl
LzEvZ291NjF2U1JhRUs3NHlBb1Q2X2hESzlaN2ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBHwOWAwQA
UEarAwQAUEauMA8EAgACMAkDBwAqANNA/+AwDQYJKoZIhvcNAQELBQADggEBADqZ
Wlvlpt54wwt0ycRuPrpoLZOmc8mK9UVxwmJm7oV77tivz6Ir2tcsyyWYS9YO7WKl
mkn1yOEgq+puD8EKxgabV+G67VpGfvYZPCl3lUnUpnnca5H9OkPIRALOpq7A5oLF
57oNJSBfhFTh+912O/n4l+fUxph0L3yFvuAkZNY5AmurAfvZNzaVymxl4z1L6Sul
wQze8wLLlp/5ApS0+bMC/mGvRpb6Rm376krMUP7t2Xd3kXwZ28DQG6wo+7rh/iC7
gEZsizUKKOZUtVZmebKpEvxdzvTVLwrsV2435fGtPtYcmU3kMeOfsRkGBeEEzkl2
QImKbmBvGjkOJpOxxHI=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:52:14 2024 by rpki-client on console-fra.rpki-client.org