Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/upUJX6jvUgJl64mYBBUxFNHhVlQ.roa
File: upUJX6jvUgJl64mYBBUxFNHhVlQ.roa (raw, json)
Hash identifier: hjMbyKeiJOeWKptiBKRl+7xy463rxTH8o92CNVRU0T0=
Subject key identifier: BA:95:09:5F:A8:EF:52:02:65:EB:89:98:04:15:31:14:D1:E1:56:54
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 018CC64B21DEDAE58AE5AA9693131DFD1C1E
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/upUJX6jvUgJl64mYBBUxFNHhVlQ.roa
Signing time: Mon 01 Jan 2024 18:31:01 +0000
ROA not before: Mon 01 Jan 2024 18:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48910
IP address blocks: 31.186.226.0/23 maxlen: 23
31.186.250.0/23 maxlen: 24
95.172.68.0/22 maxlen: 22
95.172.66.0/23 maxlen: 24
95.172.80.0/23 maxlen: 23
95.172.92.0/23 maxlen: 24
2a02:b50:8000::/34 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:21:de:da:e5:8a:e5:aa:96:93:13:1d:fd:1c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jan 1 18:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba95095fa8ef520265eb899804153114d1e15654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:02:77:69:94:8b:c6:f6:0c:a6:db:11:81:3a:
33:a1:1c:bc:06:1a:e0:0b:dd:63:f1:0c:6a:f5:60:
1c:4b:13:29:64:a8:87:5b:38:b3:46:aa:f9:fa:3b:
76:0f:75:81:9a:94:37:ca:db:9f:d3:32:3e:c9:dc:
3d:9e:d8:59:46:f5:fc:49:23:f1:57:fe:8c:90:6d:
a0:df:76:de:23:96:ba:24:7f:05:2f:b7:fb:58:2d:
60:23:4e:24:62:e8:1f:55:fd:6f:a3:66:1b:5b:98:
5c:2f:f0:08:03:27:d5:b7:c1:3f:a2:71:77:0d:c2:
74:95:4d:05:c8:4f:01:b1:31:d8:2a:4f:ac:65:31:
82:1c:e0:0c:64:47:35:d9:dc:49:fa:39:a3:68:87:
8d:4b:66:e2:7f:3e:62:b6:51:45:d6:b1:33:c0:a3:
2c:cf:a1:3d:04:4a:39:7d:af:11:98:57:d7:97:6b:
95:84:65:83:fc:48:5a:ca:f7:86:43:10:9f:38:94:
f7:29:91:54:8e:93:26:00:14:11:12:d9:27:fa:14:
7f:1f:3f:fa:05:79:b7:6a:cb:f7:67:59:af:17:87:
77:ab:33:96:98:b9:fd:40:3e:e7:81:67:5e:44:a7:
48:77:2e:5c:30:58:31:ce:46:bd:a2:13:8a:16:a8:
69:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:95:09:5F:A8:EF:52:02:65:EB:89:98:04:15:31:14:D1:E1:56:54
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/upUJX6jvUgJl64mYBBUxFNHhVlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.226.0/23
31.186.250.0/23
95.172.66.0-95.172.71.255
95.172.80.0/23
95.172.92.0/23
IPv6:
2a02:b50:8000::/34
Signature Algorithm: sha256WithRSAEncryption
81:6a:9b:8d:97:db:7e:ad:fc:28:f9:b8:a6:bc:14:3a:26:37:
d7:e4:f8:eb:d3:3c:6f:21:75:23:4b:ee:14:a8:5d:e0:1b:0c:
2b:34:85:35:20:a4:6c:4c:c1:c0:bf:1e:67:41:da:f6:34:5f:
83:0e:60:12:5b:19:31:31:c2:8b:98:9d:37:12:e8:1a:7e:79:
c3:e3:a6:49:41:28:e5:fc:db:f7:01:cc:9f:6b:74:51:79:a4:
ef:5e:8d:3f:9a:fd:eb:cf:fd:b5:aa:a2:a5:d6:35:7a:5a:a4:
e8:fb:3d:7b:2b:89:3b:73:4f:e1:7d:2e:55:78:87:24:a1:16:
81:b1:e6:23:4e:d8:34:20:d9:1c:78:61:69:7c:3d:f8:7d:7f:
46:ab:d8:74:ef:f0:bb:f2:de:5e:01:15:80:67:ae:97:9d:c3:
fa:72:4f:bd:60:fc:e1:29:41:ca:7b:d9:28:b8:cb:7b:5d:ef:
ac:6c:3a:84:5f:31:10:aa:6d:88:88:ac:bc:68:b4:bc:e7:ec:
0d:0a:7d:d4:4b:ac:de:23:18:70:ba:6a:57:e9:7b:65:35:4e:
3a:fa:af:e3:eb:73:7b:f8:94:c0:08:e1:84:98:6a:55:99:32:
e7:c1:f1:60:57:a9:59:54:af:62:d6:87:39:62:14:61:41:76:
3e:e1:bd:ad
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzGSyHe2uWK5aqWkxMd/RweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjQwMTAxMTgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk1MDk1ZmE4ZWY1MjAyNjVlYjg5OTgwNDE1MzExNGQxZTE1NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gJ3aZSLxvYMptsRgTozoRy8Bhrg
C91j8Qxq9WAcSxMpZKiHWzizRqr5+jt2D3WBmpQ3ytuf0zI+ydw9nthZRvX8SSPx
V/6MkG2g33beI5a6JH8FL7f7WC1gI04kYugfVf1vo2YbW5hcL/AIAyfVt8E/onF3
DcJ0lU0FyE8BsTHYKk+sZTGCHOAMZEc12dxJ+jmjaIeNS2bifz5itlFF1rEzwKMs
z6E9BEo5fa8RmFfXl2uVhGWD/EhayveGQxCfOJT3KZFUjpMmABQREtkn+hR/Hz/6
BXm3asv3Z1mvF4d3qzOWmLn9QD7ngWdeRKdIdy5cMFgxzka9ohOKFqhpFwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLqVCV+o71ICZeuJmAQVMRTR4VZUMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvdXBVSlg2anZVZ0psNjRtWUJCVXhGTkhoVmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAsBAIAATAmAwQBH7riAwQB
H7r6MAwDBAFfrEIDBANfrEADBAFfrFADBAFfrFwwDgQCAAIwCAMGBioCC1CAMA0G
CSqGSIb3DQEBCwUAA4IBAQCBapuNl9t+rfwo+bimvBQ6JjfX5Pjr0zxvIXUjS+4U
qF3gGwwrNIU1IKRsTMHAvx5nQdr2NF+DDmASWxkxMcKLmJ03EugafnnD46ZJQSjl
/Nv3Acyfa3RReaTvXo0/mv3rz/21qqKl1jV6WqTo+z17K4k7c0/hfS5VeIckoRaB
seYjTtg0INkceGFpfD34fX9Gq9h07/C78t5eARWAZ66XncP6ck+9YPzhKUHKe9ko
uMt7Xe+sbDqEXzEQqm2IiKy8aLS85+wNCn3US6zeIxhwumpX6XtlNU46+q/j63N7
+JTACOGEmGpVmTLnwfFgV6lZVK9i1oc5YhRhQXY+4b2t
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:56:20 2024 by rpki-client on console-ams.rpki-client.org