Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/VYC86uxe5UnwAnLo-mJqLfSLS7Q.roa
File: VYC86uxe5UnwAnLo-mJqLfSLS7Q.roa (raw, json)
Hash identifier: 2yy/iwgPPp7Wl/x2iusjbbC+5w9Ur2o4jl7tVi9kkWg=
Subject key identifier: 55:80:BC:EA:EC:5E:E5:49:F0:02:72:E8:FA:62:6A:2D:F4:8B:4B:B4
Certificate issuer: /CN=0632542221caef6448cc545214e000071bd56b86
Certificate serial: 018CC726BDF8D5A3E5524D09B36781AB89C5
Authority key identifier: 06:32:54:22:21:CA:EF:64:48:CC:54:52:14:E0:00:07:1B:D5:6B:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BjJUIiHK72RIzFRSFOAABxvVa4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/VYC86uxe5UnwAnLo-mJqLfSLS7Q.roa
Signing time: Mon 01 Jan 2024 22:30:54 +0000
ROA not before: Mon 01 Jan 2024 22:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47286
IP address blocks: 31.129.192.0/19 maxlen: 24
31.129.192.0/23 maxlen: 23
31.129.196.0/22 maxlen: 22
31.129.200.0/21 maxlen: 21
31.129.212.0/22 maxlen: 22
31.129.208.0/22 maxlen: 22
31.129.216.0/22 maxlen: 22
31.129.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/BjJUIiHK72RIzFRSFOAABxvVa4Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/BjJUIiHK72RIzFRSFOAABxvVa4Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/BjJUIiHK72RIzFRSFOAABxvVa4Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:bd:f8:d5:a3:e5:52:4d:09:b3:67:81:ab:89:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0632542221caef6448cc545214e000071bd56b86
Validity
Not Before: Jan 1 22:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5580bceaec5ee549f00272e8fa626a2df48b4bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:09:92:bb:61:8f:be:aa:e3:58:dd:11:c0:78:
0c:ee:44:d5:fd:9f:4c:52:3a:2a:3d:29:ab:d0:f4:
c4:1f:d9:91:6a:cd:5f:d4:5d:7c:59:71:3b:dd:b8:
7a:15:12:a3:ec:bf:4d:fc:83:91:03:b2:bf:c2:79:
47:86:28:45:d4:b7:68:c7:d8:ec:fe:24:e1:79:fb:
0c:00:18:f3:0c:fc:95:6c:6a:ad:14:4c:fe:f7:62:
13:ee:f2:c1:8d:a9:b4:5e:68:5f:58:21:78:08:25:
62:ee:7f:33:03:77:1e:00:7a:0c:0f:17:44:97:2a:
49:7b:76:15:20:0f:92:ec:c0:37:0e:74:4c:5b:8f:
98:d8:af:b4:1d:08:3e:81:92:e1:3d:73:66:76:aa:
ec:41:a2:db:cd:5d:bd:69:7b:18:90:c0:a6:e3:c1:
c5:f6:50:25:ef:5c:f4:33:04:41:9e:59:84:ed:19:
bf:6c:7c:5c:26:db:a3:08:0c:0f:16:1d:b6:d8:fc:
78:49:27:11:3e:88:05:53:77:9e:4e:5d:03:5e:a5:
42:84:9b:8e:90:19:e0:ba:c4:2b:9b:2c:bf:76:78:
e4:5b:8b:a7:34:50:b9:f2:bb:2b:a3:2d:1c:10:3a:
6a:68:d5:80:58:aa:47:6b:d6:07:10:b3:19:dd:27:
2f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:80:BC:EA:EC:5E:E5:49:F0:02:72:E8:FA:62:6A:2D:F4:8B:4B:B4
X509v3 Authority Key Identifier:
keyid:06:32:54:22:21:CA:EF:64:48:CC:54:52:14:E0:00:07:1B:D5:6B:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjJUIiHK72RIzFRSFOAABxvVa4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/VYC86uxe5UnwAnLo-mJqLfSLS7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/6c5aa1-5880-4651-85a4-afd3bf6bc58c/1/BjJUIiHK72RIzFRSFOAABxvVa4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.192.0/19
Signature Algorithm: sha256WithRSAEncryption
69:9c:5f:ff:45:18:cc:88:f6:90:c3:6a:6e:56:e7:6c:b8:f5:
74:76:28:f1:59:0e:ed:0d:50:1a:b7:45:41:28:4b:ec:c1:61:
ae:7d:76:04:16:d4:cd:07:b5:2e:99:82:df:9d:4e:8a:a8:9c:
3f:c8:48:39:74:2b:3d:a7:bd:ae:6e:59:7f:39:6c:26:c2:04:
a3:b5:ac:25:29:a5:18:33:51:a9:16:59:24:86:93:1a:39:58:
0d:7f:a2:42:84:c6:32:77:61:99:b6:40:a2:7d:d8:21:18:e4:
ee:ea:b9:81:08:2d:6d:bb:a0:88:c0:c3:24:a5:b0:6d:aa:a4:
d0:64:13:df:61:99:e0:12:01:dd:db:e5:9c:27:73:67:e2:be:
bd:d4:a7:fb:99:8d:ef:f0:82:95:58:50:72:52:65:2e:f3:f5:
74:d1:97:50:41:ef:8d:70:88:6c:07:ff:6f:58:53:5c:09:d6:
8c:b8:2e:5e:ae:c0:87:44:a5:54:60:5c:b3:2e:d5:a7:6e:92:
3c:65:30:e1:0c:7e:ea:77:fa:73:30:a2:f4:ed:c1:2a:59:9f:
7b:43:47:96:68:3f:fc:8c:0f:21:c0:c2:51:11:38:bf:ad:ed:
ff:45:7e:6e:b7:19:f3:2e:61:1b:68:ed:b6:08:65:5c:2f:da:
2a:32:ec:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJr341aPlUk0Js2eBq4nFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzI1NDIyMjFjYWVmNjQ0OGNjNTQ1MjE0ZTAwMDA3MWJk
NTZiODYwHhcNMjQwMTAxMjIzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTgwYmNlYWVjNWVlNTQ5ZjAwMjcyZThmYTYyNmEyZGY0OGI0YmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgmSu2GPvqrjWN0RwHgM7kTV/Z9M
UjoqPSmr0PTEH9mRas1f1F18WXE73bh6FRKj7L9N/IORA7K/wnlHhihF1Ldox9js
/iThefsMABjzDPyVbGqtFEz+92IT7vLBjam0XmhfWCF4CCVi7n8zA3ceAHoMDxdE
lypJe3YVIA+S7MA3DnRMW4+Y2K+0HQg+gZLhPXNmdqrsQaLbzV29aXsYkMCm48HF
9lAl71z0MwRBnlmE7Rm/bHxcJtujCAwPFh222Px4SScRPogFU3eeTl0DXqVChJuO
kBngusQrmyy/dnjkW4unNFC58rsroy0cEDpqaNWAWKpHa9YHELMZ3ScvWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFWAvOrsXuVJ8AJy6Ppiai30i0u0MB8GA1UdIwQY
MBaAFAYyVCIhyu9kSMxUUhTgAAcb1WuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpKVUlpSEs3MlJJekZSU0ZPQUFCeHZWYTRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy82YzVhYTEtNTg4MC00NjUxLTg1YTQt
YWZkM2JmNmJjNThjLzEvVllDODZ1eGU1VW53QW5Mby1tSnFMZlNMUzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy82YzVhYTEtNTg4MC00NjUxLTg1YTQtYWZkM2JmNmJjNThj
LzEvQmpKVUlpSEs3MlJJekZSU0ZPQUFCeHZWYTRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFH4HAMA0G
CSqGSIb3DQEBCwUAA4IBAQBpnF//RRjMiPaQw2puVudsuPV0dijxWQ7tDVAat0VB
KEvswWGufXYEFtTNB7UumYLfnU6KqJw/yEg5dCs9p72ubll/OWwmwgSjtawlKaUY
M1GpFlkkhpMaOVgNf6JChMYyd2GZtkCifdghGOTu6rmBCC1tu6CIwMMkpbBtqqTQ
ZBPfYZngEgHd2+WcJ3Nn4r691Kf7mY3v8IKVWFByUmUu8/V00ZdQQe+NcIhsB/9v
WFNcCdaMuC5ersCHRKVUYFyzLtWnbpI8ZTDhDH7qd/pzMKL07cEqWZ97Q0eWaD/8
jA8hwMJRETi/re3/RX5utxnzLmEbaO22CGVcL9oqMuyI
-----END CERTIFICATE-----
Generated at Tue Jun 25 23:53:41 2024 by rpki-client on console-ams.rpki-client.org