Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kupqA0brw7tQ1E2IqQoWIJf1iDE.roa
File: kupqA0brw7tQ1E2IqQoWIJf1iDE.roa (raw, json)
Hash identifier: pHy65jY/7l6nxjCEXqMdK/DYRp6M6BltuTNMeIBZdjw=
Subject key identifier: 92:EA:6A:03:46:EB:C3:BB:50:D4:4D:88:A9:0A:16:20:97:F5:88:31
Certificate issuer: /CN=93202129969576ce357fae26c9c7cf98a8250ea6
Certificate serial: 0192D8DC1EF37DF9A9D334DF6FBD8A1605C1
Authority key identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kupqA0brw7tQ1E2IqQoWIJf1iDE.roa
Signing time: Tue 29 Oct 2024 15:19:17 +0000
ROA not before: Tue 29 Oct 2024 15:19:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 31.209.192.0/18 maxlen: 24
85.220.0.0/17 maxlen: 24
157.157.0.0/16 maxlen: 24
2001:1a98::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.mft
rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:dc:1e:f3:7d:f9:a9:d3:34:df:6f:bd:8a:16:05:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93202129969576ce357fae26c9c7cf98a8250ea6
Validity
Not Before: Oct 29 15:19:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92ea6a0346ebc3bb50d44d88a90a162097f58831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9d:fc:74:86:13:63:e0:2c:47:3f:9b:ef:6a:
f1:d3:e0:6d:31:71:84:a0:dc:58:ab:2b:4c:97:04:
45:db:23:31:26:d6:ac:5e:16:27:ee:22:11:cf:e3:
4a:39:f4:f7:90:00:d5:89:87:3d:86:61:d2:06:5c:
41:e9:2c:37:ce:a7:37:a0:3b:5f:f1:40:f4:d3:9a:
02:fb:e2:66:e0:f9:64:0c:23:cb:cf:3d:63:67:ea:
32:b0:d4:19:38:36:6e:0d:fa:a2:b9:c4:06:88:30:
9f:28:e1:a7:5c:84:0b:f7:cc:3c:a5:ee:62:55:95:
ab:69:21:0e:a4:18:8d:eb:73:08:2f:7e:b6:7b:09:
0e:c8:74:21:b2:3a:46:7e:4e:6c:14:1a:36:a9:3c:
d4:3c:90:a0:1e:e1:3c:75:3a:d7:5a:f3:73:9c:74:
75:3c:bc:0c:a6:75:4d:c2:34:d9:7c:ad:ca:e9:38:
37:62:35:0a:25:2b:86:34:36:9f:20:64:25:82:3a:
8f:58:6b:4d:44:b9:51:db:3b:c8:a1:fd:74:71:e4:
e4:14:81:0e:f1:71:83:78:d7:ae:f1:a4:55:ab:c4:
b2:06:0e:aa:7f:65:29:ef:20:e9:71:30:a7:55:d4:
1c:0e:d6:50:bf:5b:15:8a:af:76:88:e8:30:68:b8:
53:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EA:6A:03:46:EB:C3:BB:50:D4:4D:88:A9:0A:16:20:97:F5:88:31
X509v3 Authority Key Identifier:
keyid:93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kupqA0brw7tQ1E2IqQoWIJf1iDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.192.0/18
85.220.0.0/17
157.157.0.0/16
IPv6:
2001:1a98::/32
Signature Algorithm: sha256WithRSAEncryption
14:d0:a3:48:87:c7:00:72:f8:9b:77:3d:b0:09:28:a2:80:d4:
2a:85:e0:58:c3:f0:97:43:eb:96:94:3e:08:b1:6e:f8:62:de:
81:71:2e:f3:53:5e:db:d8:f6:24:d2:60:99:8e:77:ec:ed:4f:
b1:8c:0c:c6:bf:32:7c:fa:e7:42:7a:36:60:53:2b:9e:b2:54:
92:ec:4c:b6:5e:c1:91:09:cc:5f:44:bd:b6:9c:5f:ce:99:de:
a4:78:4b:88:73:21:00:8c:37:0b:ef:fd:c0:d3:b9:bd:7d:04:
92:48:8f:c3:53:a3:6c:09:e7:6d:72:8a:7a:ed:ef:a6:5f:fb:
36:b5:56:b9:68:77:a8:77:d5:3b:85:b5:e0:b2:06:7b:59:e1:
08:17:2f:99:63:d0:85:e2:11:38:4a:53:74:61:dd:80:d2:23:
b5:10:96:28:07:3b:83:f6:9c:73:cc:70:18:56:6f:e4:46:ab:
6e:c1:ce:d6:de:76:44:f1:48:94:db:18:5a:32:42:93:45:f1:
a1:7b:b5:b8:74:f8:9d:39:b0:7c:c0:99:98:1a:59:84:18:0f:
f1:fa:7e:eb:1b:b1:92:29:82:b1:82:8a:02:65:c0:65:55:12:
7a:5c:fc:16:41:e9:39:e4:14:a7:48:55:1e:48:3a:9c:f0:e6:
9f:0f:0d:9b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZLY3B7zffmp0zTfb72KFgXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjAyMTI5OTY5NTc2Y2UzNTdmYWUyNmM5YzdjZjk4YTgy
NTBlYTYwHhcNMjQxMDI5MTUxOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmVhNmEwMzQ2ZWJjM2JiNTBkNDRkODhhOTBhMTYyMDk3ZjU4ODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1538dIYTY+AsRz+b72rx0+BtMXGE
oNxYqytMlwRF2yMxJtasXhYn7iIRz+NKOfT3kADViYc9hmHSBlxB6Sw3zqc3oDtf
8UD005oC++Jm4PlkDCPLzz1jZ+oysNQZODZuDfqiucQGiDCfKOGnXIQL98w8pe5i
VZWraSEOpBiN63MIL362ewkOyHQhsjpGfk5sFBo2qTzUPJCgHuE8dTrXWvNznHR1
PLwMpnVNwjTZfK3K6Tg3YjUKJSuGNDafIGQlgjqPWGtNRLlR2zvIof10ceTkFIEO
8XGDeNeu8aRVq8SyBg6qf2Up7yDpcTCnVdQcDtZQv1sViq92iOgwaLhTfwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJLqagNG68O7UNRNiKkKFiCX9YgxMB8GA1UdIwQY
MBaAFJMgISmWlXbONX+uJsnHz5ioJQ6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMt
NWFkNThhYmZiYjFmLzEva3VwcUEwYnJ3N3RRMUUySXFRb1dJSmYxaURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMtNWFkNThhYmZiYjFm
LzEva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQGH9HAAwQH
VdwAAwMAnZ0wDQQCAAIwBwMFACABGpgwDQYJKoZIhvcNAQELBQADggEBABTQo0iH
xwBy+Jt3PbAJKKKA1CqF4FjD8JdD65aUPgixbvhi3oFxLvNTXtvY9iTSYJmOd+zt
T7GMDMa/Mnz650J6NmBTK56yVJLsTLZewZEJzF9EvbacX86Z3qR4S4hzIQCMNwvv
/cDTub19BJJIj8NTo2wJ521yinrt76Zf+za1Vrlod6h31TuFteCyBntZ4QgXL5lj
0IXiEThKU3Rh3YDSI7UQligHO4P2nHPMcBhWb+RGq27BztbedkTxSJTbGFoyQpNF
8aF7tbh0+J05sHzAmZgaWYQYD/H6fusbsZIpgrGCigJlwGVVEnpc/BZB6TnkFKdI
VR5IOpzw5p8PDZs=
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:39:07 2024 by rpki-client on console-fra.rpki-client.org