Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/rxhcZOLbdZUxFqgAOk557E2CIKk.roa
File: rxhcZOLbdZUxFqgAOk557E2CIKk.roa (raw, json)
Hash identifier: 9yNwpQwii/xKlQmk+xbc66Aa8krZDRk0EHJawZzo9vI=
Subject key identifier: AF:18:5C:64:E2:DB:75:95:31:16:A8:00:3A:4E:79:EC:4D:82:20:A9
Certificate issuer: /CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
Certificate serial: 018CC9BCFCD9795B70ACBD67B68B3125338A
Authority key identifier: DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/rxhcZOLbdZUxFqgAOk557E2CIKk.roa
Signing time: Tue 02 Jan 2024 10:34:15 +0000
ROA not before: Tue 02 Jan 2024 10:34:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31317
IP address blocks: 31.220.112.0/21 maxlen: 32
185.95.112.0/22 maxlen: 32
195.192.192.0/21 maxlen: 32
45.119.124.0/22 maxlen: 32
185.156.28.0/22 maxlen: 32
195.192.200.0/21 maxlen: 32
185.114.140.0/22 maxlen: 32
37.251.224.0/21 maxlen: 32
185.178.56.0/22 maxlen: 32
37.251.232.0/21 maxlen: 32
2a05:fb80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:fc:d9:79:5b:70:ac:bd:67:b6:8b:31:25:33:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
Validity
Not Before: Jan 2 10:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af185c64e2db75953116a8003a4e79ec4d8220a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:95:31:2b:4d:e8:57:58:7c:78:12:7c:94:9b:
a6:e0:af:a9:f4:aa:91:d0:53:ea:05:83:6e:5f:c0:
c1:f1:08:68:c3:c3:64:cb:2a:80:3e:fc:5b:1b:c4:
ca:0e:32:ce:02:41:50:6f:40:53:e4:4f:d0:4b:c7:
e0:bb:d4:ba:8f:5a:35:d1:8f:fb:35:77:23:ff:5a:
67:e1:a1:e5:4b:57:50:14:e5:b2:8b:a4:36:51:d9:
a4:5d:b0:8c:36:d8:de:35:b5:c1:55:c3:d3:28:df:
26:c5:81:85:1c:0b:e2:1d:70:b1:e9:69:9c:96:4f:
26:6e:b5:db:c1:21:1d:36:70:28:fe:5a:4b:33:97:
a8:96:1e:be:f3:b6:ac:2f:ac:18:ae:c4:50:74:45:
00:b3:95:ad:f5:23:a4:44:8f:2c:94:17:5d:57:7f:
e0:06:5e:bf:d4:f5:10:60:6d:ce:42:2f:7c:23:bf:
9a:13:cb:44:da:13:21:fa:3a:03:0a:57:c0:7d:a0:
fe:29:4e:7f:ee:40:e4:cb:8b:be:99:24:9e:f1:14:
a9:03:d6:c9:e5:09:32:c2:9b:c2:98:06:f6:f4:40:
c3:a4:5c:1e:3f:0d:9b:a8:93:cb:a3:c9:53:45:1a:
86:07:c6:49:54:f4:4a:51:dc:be:fa:3f:3a:44:a8:
66:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:18:5C:64:E2:DB:75:95:31:16:A8:00:3A:4E:79:EC:4D:82:20:A9
X509v3 Authority Key Identifier:
keyid:DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/rxhcZOLbdZUxFqgAOk557E2CIKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.112.0/21
37.251.224.0/20
45.119.124.0/22
185.95.112.0/22
185.114.140.0/22
185.156.28.0/22
185.178.56.0/22
195.192.192.0/20
IPv6:
2a05:fb80::/29
Signature Algorithm: sha256WithRSAEncryption
56:2e:b1:a9:64:3c:5d:fa:1b:e4:c0:ee:dc:49:c1:81:d5:03:
3b:45:66:c0:78:c0:7f:8c:7e:60:f2:d7:3b:5f:39:b2:97:ac:
c0:3b:ec:d0:ed:24:e0:c2:15:10:4b:4b:0d:2c:87:80:6a:74:
e3:03:f4:9e:a6:36:6f:e5:08:1c:7e:2a:b3:fe:36:47:d6:79:
c1:68:03:b6:8f:72:6b:b3:80:67:10:fe:4e:b6:0c:37:8e:e5:
42:9e:17:83:08:5f:6f:95:28:5e:65:fd:78:40:ab:1c:b2:21:
4f:b0:a0:37:e4:4e:23:68:8c:63:63:0a:8b:0a:49:e7:5c:88:
d4:79:15:de:e4:07:55:4b:eb:2f:3e:97:db:3d:7d:1f:c0:86:
8b:29:3e:1b:0b:9e:06:db:76:e0:17:4e:ad:38:68:da:54:f9:
f0:d3:95:21:57:0f:92:5c:a2:c4:16:10:81:c9:58:f9:d8:e1:
71:8d:8d:e5:00:a0:43:22:09:57:05:98:b4:23:1b:fb:6c:50:
99:20:b5:b7:ae:b4:41:bc:e6:99:60:cf:2a:f2:ef:13:ed:17:
3d:8d:69:f2:f6:c8:5a:7b:1d:83:e9:f8:5e:5c:60:70:15:22:
0a:06:fb:da:74:bd:48:29:9b:3c:0d:10:14:37:75:21:18:75:
06:36:dd:0d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzJvPzZeVtwrL1ntosxJTOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDU5NzBlNjUwYzJhYWYxYWI2YTNhMzNhODM3MzI0NjZh
MTUxMmUwHhcNMjQwMTAyMTAzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjE4NWM2NGUyZGI3NTk1MzExNmE4MDAzYTRlNzllYzRkODIyMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpUxK03oV1h8eBJ8lJum4K+p9KqR
0FPqBYNuX8DB8Qhow8NkyyqAPvxbG8TKDjLOAkFQb0BT5E/QS8fgu9S6j1o10Y/7
NXcj/1pn4aHlS1dQFOWyi6Q2UdmkXbCMNtjeNbXBVcPTKN8mxYGFHAviHXCx6Wmc
lk8mbrXbwSEdNnAo/lpLM5eolh6+87asL6wYrsRQdEUAs5Wt9SOkRI8slBddV3/g
Bl6/1PUQYG3OQi98I7+aE8tE2hMh+joDClfAfaD+KU5/7kDky4u+mSSe8RSpA9bJ
5QkywpvCmAb29EDDpFwePw2bqJPLo8lTRRqGB8ZJVPRKUdy++j86RKhmBQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFK8YXGTi23WVMRaoADpOeexNgiCpMB8GA1UdIwQY
MBaAFNwFlw5lDCqvGrajozqDcyRmoVEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTkt
NjdhNTQwZTI5N2YwLzEvcnhoY1pPTGJkWlV4RnFnQU9rNTU3RTJDSUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTktNjdhNTQwZTI5N2Yw
LzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDH9xwAwQE
JfvgAwQCLXd8AwQCuV9wAwQCuXKMAwQCuZwcAwQCubI4AwQEw8DAMA0EAgACMAcD
BQMqBfuAMA0GCSqGSIb3DQEBCwUAA4IBAQBWLrGpZDxd+hvkwO7cScGB1QM7RWbA
eMB/jH5g8tc7Xzmyl6zAO+zQ7STgwhUQS0sNLIeAanTjA/SepjZv5Qgcfiqz/jZH
1nnBaAO2j3Jrs4BnEP5Otgw3juVCnheDCF9vlSheZf14QKscsiFPsKA35E4jaIxj
YwqLCknnXIjUeRXe5AdVS+svPpfbPX0fwIaLKT4bC54G23bgF06tOGjaVPnw05Uh
Vw+SXKLEFhCByVj52OFxjY3lAKBDIglXBZi0Ixv7bFCZILW3rrRBvOaZYM8q8u8T
7Rc9jWny9shaex2D6fheXGBwFSIKBvvadL1IKZs8DRAUN3UhGHUGNt0N
-----END CERTIFICATE-----
Generated at Fri May 24 16:30:45 2024 by rpki-client on console-ams.rpki-client.org