Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/AhQjIhLeSXFzV3EwOIuLmAYUWHI.roa
File: AhQjIhLeSXFzV3EwOIuLmAYUWHI.roa (raw, json)
Hash identifier: wvFUf8hPHR9k2fIECL8xcnvY98iE7pv692suq549SYA=
Subject key identifier: 02:14:23:22:12:DE:49:71:73:57:71:30:38:8B:8B:98:06:14:58:72
Certificate issuer: /CN=9110100f3cc787d6315303cb7fc88d9e25e56ea8
Certificate serial: 018CC56DFC52BA75A1B45E5A0AD850979FB5
Authority key identifier: 91:10:10:0F:3C:C7:87:D6:31:53:03:CB:7F:C8:8D:9E:25:E5:6E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRAQDzzHh9YxUwPLf8iNniXlbqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/AhQjIhLeSXFzV3EwOIuLmAYUWHI.roa
Signing time: Mon 01 Jan 2024 14:29:28 +0000
ROA not before: Mon 01 Jan 2024 14:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56823
IP address blocks: 176.109.175.0/24 maxlen: 24
176.109.174.0/24 maxlen: 24
176.109.173.0/24 maxlen: 24
31.134.208.0/21 maxlen: 21
31.134.210.0/24 maxlen: 24
31.134.209.0/24 maxlen: 24
31.134.211.0/24 maxlen: 24
31.134.213.0/24 maxlen: 24
31.134.212.0/24 maxlen: 24
31.134.215.0/24 maxlen: 24
31.134.214.0/24 maxlen: 24
176.109.168.0/24 maxlen: 24
176.109.168.0/21 maxlen: 21
176.109.170.0/24 maxlen: 24
176.109.169.0/24 maxlen: 24
176.109.172.0/24 maxlen: 24
176.109.171.0/24 maxlen: 24
2001:67c:1378::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/kRAQDzzHh9YxUwPLf8iNniXlbqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/kRAQDzzHh9YxUwPLf8iNniXlbqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kRAQDzzHh9YxUwPLf8iNniXlbqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fc:52:ba:75:a1:b4:5e:5a:0a:d8:50:97:9f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9110100f3cc787d6315303cb7fc88d9e25e56ea8
Validity
Not Before: Jan 1 14:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0214232212de497173577130388b8b9806145872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:ea:d5:9a:a2:1f:33:9c:5e:af:73:47:0c:
6c:66:ce:bc:03:ea:a9:64:5e:9f:ff:cc:63:b4:ad:
61:20:1c:a0:36:87:3d:1b:b4:17:c9:fc:ef:f1:4a:
a4:9f:00:51:70:08:90:46:e0:b3:93:77:2b:80:df:
48:45:00:78:c5:06:f0:c3:dd:5e:cf:49:25:6a:2a:
25:77:df:ac:34:9a:4c:35:6a:02:1b:05:29:83:8d:
fe:0c:d1:87:67:96:5d:1b:d1:b6:fc:ee:29:72:6a:
55:7c:5b:24:b5:98:ac:ba:b8:0b:13:a6:3f:da:a7:
35:33:0b:20:57:16:aa:3f:d0:d8:6a:14:b0:c5:26:
0b:1c:9b:a5:ec:f1:84:84:b2:5e:e4:56:08:a0:cf:
20:5c:f6:eb:79:03:e6:00:3e:d7:76:14:ff:0d:7a:
35:19:69:6a:66:a9:6b:bd:8e:51:f3:1a:23:fe:13:
34:d4:25:b6:74:74:00:61:98:8b:84:77:e3:18:01:
a5:3b:bc:51:d0:78:d1:8a:c0:f0:39:46:23:65:b1:
ac:09:1f:bb:bd:eb:19:22:dc:bb:dc:9b:0b:47:4b:
cf:6d:e1:b8:cb:b0:e2:e2:2e:58:b4:1c:02:28:84:
c6:52:e4:82:1a:c0:e2:da:57:2e:0a:86:5a:da:cd:
99:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:14:23:22:12:DE:49:71:73:57:71:30:38:8B:8B:98:06:14:58:72
X509v3 Authority Key Identifier:
keyid:91:10:10:0F:3C:C7:87:D6:31:53:03:CB:7F:C8:8D:9E:25:E5:6E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRAQDzzHh9YxUwPLf8iNniXlbqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/AhQjIhLeSXFzV3EwOIuLmAYUWHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d900b3-5462-4eb4-9c90-0e0377d4e6d6/1/kRAQDzzHh9YxUwPLf8iNniXlbqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.208.0/21
176.109.168.0/21
IPv6:
2001:67c:1378::/48
Signature Algorithm: sha256WithRSAEncryption
1c:77:32:79:12:61:ae:b0:6f:80:a8:5f:fd:9f:86:48:61:f1:
21:11:4b:44:d8:4f:56:0e:98:7a:d8:51:95:06:2f:16:66:2f:
6a:12:cf:c0:90:80:1a:67:90:83:c3:22:82:dc:98:b1:07:63:
ac:72:de:b1:25:72:3e:3a:5c:05:df:47:b8:37:8f:57:36:7b:
f9:78:ac:7f:77:af:fa:bc:70:72:39:5b:69:2a:5c:9e:89:47:
f8:11:c2:de:2f:d3:2a:76:2d:bc:a5:7e:2b:97:6d:62:c4:69:
d1:05:e1:5d:03:99:01:d6:85:7a:ea:36:ed:ca:c1:11:6f:2a:
67:01:f1:5b:92:af:86:10:90:b2:ad:ab:f1:d5:3c:7d:16:96:
15:29:da:87:66:c3:ba:e4:98:5f:64:4b:ee:a1:3c:57:5e:d2:
70:25:28:e3:98:c2:db:23:09:54:20:2b:67:a1:42:68:86:75:
47:a2:be:8b:20:5b:ee:8b:13:ca:f6:44:71:80:34:f0:cc:ad:
80:e2:02:8a:b4:b3:b9:fd:78:d3:6f:81:44:c3:3d:ad:40:3c:
92:19:06:34:1f:5b:56:0b:91:9b:ca:53:e3:ab:5c:56:bd:35:
77:61:3e:70:cc:c3:d8:39:e6:d9:6f:d0:5c:c7:5d:8a:e8:15:
1f:49:d1:e5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFbfxSunWhtF5aCthQl5+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTAxMDBmM2NjNzg3ZDYzMTUzMDNjYjdmYzg4ZDllMjVl
NTZlYTgwHhcNMjQwMTAxMTQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjE0MjMyMjEyZGU0OTcxNzM1NzcxMzAzODhiOGI5ODA2MTQ1ODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNDq1ZqiHzOcXq9zRwxsZs68A+qp
ZF6f/8xjtK1hIBygNoc9G7QXyfzv8UqknwBRcAiQRuCzk3crgN9IRQB4xQbww91e
z0klaiold9+sNJpMNWoCGwUpg43+DNGHZ5ZdG9G2/O4pcmpVfFsktZisurgLE6Y/
2qc1MwsgVxaqP9DYahSwxSYLHJul7PGEhLJe5FYIoM8gXPbreQPmAD7XdhT/DXo1
GWlqZqlrvY5R8xoj/hM01CW2dHQAYZiLhHfjGAGlO7xR0HjRisDwOUYjZbGsCR+7
vesZIty73JsLR0vPbeG4y7Di4i5YtBwCKITGUuSCGsDi2lcuCoZa2s2ZswIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAIUIyIS3klxc1dxMDiLi5gGFFhyMB8GA1UdIwQY
MBaAFJEQEA88x4fWMVMDy3/IjZ4l5W6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JBUUR6ekhoOVl4VXdQTGY4aU5uaVhsYnFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kOTAwYjMtNTQ2Mi00ZWI0LTljOTAt
MGUwMzc3ZDRlNmQ2LzEvQWhRakloTGVTWEZ6VjNFd09JdUxtQVlVV0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kOTAwYjMtNTQ2Mi00ZWI0LTljOTAtMGUwMzc3ZDRlNmQ2
LzEva1JBUUR6ekhoOVl4VXdQTGY4aU5uaVhsYnFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDH4bQAwQD
sG2oMA8EAgACMAkDBwAgAQZ8E3gwDQYJKoZIhvcNAQELBQADggEBABx3MnkSYa6w
b4CoX/2fhkhh8SERS0TYT1YOmHrYUZUGLxZmL2oSz8CQgBpnkIPDIoLcmLEHY6xy
3rElcj46XAXfR7g3j1c2e/l4rH93r/q8cHI5W2kqXJ6JR/gRwt4v0yp2LbylfiuX
bWLEadEF4V0DmQHWhXrqNu3KwRFvKmcB8VuSr4YQkLKtq/HVPH0WlhUp2odmw7rk
mF9kS+6hPFde0nAlKOOYwtsjCVQgK2ehQmiGdUeivosgW+6LE8r2RHGANPDMrYDi
Aoq0s7n9eNNvgUTDPa1APJIZBjQfW1YLkZvKU+OrXFa9NXdhPnDMw9g55tlv0FzH
XYroFR9J0eU=
-----END CERTIFICATE-----
Generated at Fri Nov 15 19:05:42 2024 by rpki-client on console-ams.rpki-client.org