Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/070630-5234-49c4-84fe-15bda6b867cb/1/FFHveHe0RpmM3HZFbpgr0AtxWA8.roa
File: FFHveHe0RpmM3HZFbpgr0AtxWA8.roa (raw, json)
Hash identifier: HIZsmfgT8uLOhAc9PwyrEHnTJb+uL3ERa4M/QJWyY4I=
Subject key identifier: 14:51:EF:78:77:B4:46:99:8C:DC:76:45:6E:98:2B:D0:0B:71:58:0F
Certificate issuer: /CN=53b1a8ebc3ecf7f5db7f6cacd00e920af85ae8b4
Certificate serial: 018CC64B8B937F10DDC5A5BD559F400245D7
Authority key identifier: 53:B1:A8:EB:C3:EC:F7:F5:DB:7F:6C:AC:D0:0E:92:0A:F8:5A:E8:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Go68Ps9_Xbf2ys0A6SCvha6LQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/070630-5234-49c4-84fe-15bda6b867cb/1/FFHveHe0RpmM3HZFbpgr0AtxWA8.roa
Signing time: Mon 01 Jan 2024 18:31:28 +0000
ROA not before: Mon 01 Jan 2024 18:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31078
IP address blocks: 31.220.136.0/21 maxlen: 21
193.34.24.0/22 maxlen: 22
217.115.0.0/20 maxlen: 20
2a00:1328::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/070630-5234-49c4-84fe-15bda6b867cb/1/U7Go68Ps9_Xbf2ys0A6SCvha6LQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/070630-5234-49c4-84fe-15bda6b867cb/1/U7Go68Ps9_Xbf2ys0A6SCvha6LQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7Go68Ps9_Xbf2ys0A6SCvha6LQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:8b:93:7f:10:dd:c5:a5:bd:55:9f:40:02:45:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b1a8ebc3ecf7f5db7f6cacd00e920af85ae8b4
Validity
Not Before: Jan 1 18:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1451ef7877b446998cdc76456e982bd00b71580f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:41:ec:3b:4e:e7:de:02:c8:42:a4:1a:cf:80:
a5:4e:dc:31:eb:05:d7:b8:fd:c9:73:e8:cc:02:ba:
a2:5e:d5:72:f5:e3:21:0c:21:52:a5:f1:67:c5:29:
3a:c5:f8:73:da:ae:d2:77:88:9b:28:fe:08:d6:65:
91:b6:dc:94:4d:6c:66:d0:5f:b6:fd:6f:6d:5d:fa:
34:a6:94:8c:75:2d:02:77:66:75:9b:92:4e:2f:dc:
7f:b5:1d:e0:16:74:07:89:77:2a:a3:7e:1f:77:af:
ce:b3:7b:4c:00:19:4d:8e:59:ea:d6:9a:a5:ec:64:
a6:21:2f:95:0b:b9:a4:ac:b3:a8:e4:b7:27:ad:f6:
93:2f:89:91:36:da:6c:2f:aa:8f:06:d4:96:28:0b:
d1:f4:59:73:bd:7b:cc:d6:b4:ed:e1:d4:fb:f6:b1:
72:40:73:8d:b7:19:2c:c0:e6:d0:7c:06:1d:53:3a:
0a:e6:51:d1:09:8a:94:fc:8c:e0:2a:70:bb:15:fe:
05:68:68:8e:aa:ad:bb:38:12:b7:9f:07:62:db:d6:
a2:5b:23:11:d8:cb:78:bc:a1:99:a2:bd:55:95:3e:
f6:09:fe:2e:55:da:0f:77:c6:2a:38:50:9e:2b:32:
2f:df:3e:f6:85:73:c1:39:06:a5:f8:7b:36:63:3d:
1d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:51:EF:78:77:B4:46:99:8C:DC:76:45:6E:98:2B:D0:0B:71:58:0F
X509v3 Authority Key Identifier:
keyid:53:B1:A8:EB:C3:EC:F7:F5:DB:7F:6C:AC:D0:0E:92:0A:F8:5A:E8:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Go68Ps9_Xbf2ys0A6SCvha6LQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/070630-5234-49c4-84fe-15bda6b867cb/1/FFHveHe0RpmM3HZFbpgr0AtxWA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/070630-5234-49c4-84fe-15bda6b867cb/1/U7Go68Ps9_Xbf2ys0A6SCvha6LQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.136.0/21
193.34.24.0/22
217.115.0.0/20
IPv6:
2a00:1328::/32
Signature Algorithm: sha256WithRSAEncryption
17:75:d9:9e:1e:e2:88:ca:26:29:ee:93:43:2a:1f:71:4e:ba:
3f:fa:d0:44:e8:49:da:ed:bb:d4:1a:b0:6f:a5:b8:ee:46:1c:
84:05:9d:70:98:b5:64:d8:ae:27:4a:bb:32:a6:f9:17:ac:b3:
3e:29:e5:4f:55:ca:3d:ec:f9:78:e9:bc:8c:85:5b:58:99:ff:
b0:11:2c:fa:30:56:21:77:79:d7:f2:4b:ab:99:9f:e6:20:05:
ec:3e:92:a7:37:f9:03:76:95:af:18:bf:a4:2a:09:1f:54:57:
83:05:c0:70:d1:22:02:d0:c9:26:85:ea:f3:00:1f:ee:4b:70:
d5:2c:3a:95:b9:97:f0:9a:12:9f:99:b4:f8:ac:a2:12:c3:d2:
57:40:94:97:50:b9:35:09:94:d1:3e:d2:72:18:61:2e:ec:7a:
e9:59:f6:3a:c0:6b:e1:21:84:9f:ec:34:f1:9f:90:f4:03:6b:
f1:02:8f:f9:1e:9c:41:9b:da:e5:43:e8:7f:02:6a:10:7a:18:
b3:44:8d:88:54:f4:1c:52:ea:1a:52:66:99:ed:47:98:42:4f:
f8:53:95:a8:4d:16:63:70:63:63:8a:d0:fb:19:63:99:92:54:
13:75:2e:e2:b6:46:80:95:f2:f9:ee:4d:c1:1e:f3:91:30:f6:
07:c6:17:d4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS4uTfxDdxaW9VZ9AAkXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjFhOGViYzNlY2Y3ZjVkYjdmNmNhY2QwMGU5MjBhZjg1
YWU4YjQwHhcNMjQwMTAxMTgzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDUxZWY3ODc3YjQ0Njk5OGNkYzc2NDU2ZTk4MmJkMDBiNzE1ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0HsO07n3gLIQqQaz4ClTtwx6wXX
uP3Jc+jMArqiXtVy9eMhDCFSpfFnxSk6xfhz2q7Sd4ibKP4I1mWRttyUTWxm0F+2
/W9tXfo0ppSMdS0Cd2Z1m5JOL9x/tR3gFnQHiXcqo34fd6/Os3tMABlNjlnq1pql
7GSmIS+VC7mkrLOo5LcnrfaTL4mRNtpsL6qPBtSWKAvR9FlzvXvM1rTt4dT79rFy
QHONtxkswObQfAYdUzoK5lHRCYqU/IzgKnC7Ff4FaGiOqq27OBK3nwdi29aiWyMR
2Mt4vKGZor1VlT72Cf4uVdoPd8YqOFCeKzIv3z72hXPBOQal+Hs2Yz0dYQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBRR73h3tEaZjNx2RW6YK9ALcVgPMB8GA1UdIwQY
MBaAFFOxqOvD7Pf1239srNAOkgr4Wui0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdHbzY4UHM5X1hiZjJ5czBBNlNDdmhhNkxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8wNzA2MzAtNTIzNC00OWM0LTg0ZmUt
MTViZGE2Yjg2N2NiLzEvRkZIdmVIZTBScG1NM0haRmJwZ3IwQXR4V0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8wNzA2MzAtNTIzNC00OWM0LTg0ZmUtMTViZGE2Yjg2N2Ni
LzEvVTdHbzY4UHM5X1hiZjJ5czBBNlNDdmhhNkxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH9yIAwQC
wSIYAwQE2XMAMA0EAgACMAcDBQAqABMoMA0GCSqGSIb3DQEBCwUAA4IBAQAXddme
HuKIyiYp7pNDKh9xTro/+tBE6Ena7bvUGrBvpbjuRhyEBZ1wmLVk2K4nSrsypvkX
rLM+KeVPVco97Pl46byMhVtYmf+wESz6MFYhd3nX8kurmZ/mIAXsPpKnN/kDdpWv
GL+kKgkfVFeDBcBw0SIC0MkmherzAB/uS3DVLDqVuZfwmhKfmbT4rKISw9JXQJSX
ULk1CZTRPtJyGGEu7HrpWfY6wGvhIYSf7DTxn5D0A2vxAo/5HpxBm9rlQ+h/AmoQ
ehizRI2IVPQcUuoaUmaZ7UeYQk/4U5WoTRZjcGNjitD7GWOZklQTdS7itkaAlfL5
7k3BHvORMPYHxhfU
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:01 2024 by rpki-client on console-fra.rpki-client.org