Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/f-o-yDPAwK9jNP0ntoLNiUicaWw.roa
File: f-o-yDPAwK9jNP0ntoLNiUicaWw.roa (raw, json)
Hash identifier: 4Ekak8G9cP7h//bCjLAg3YLyV5apVhYm16uwa1IOYCg=
Subject key identifier: 7F:EA:3E:C8:33:C0:C0:AF:63:34:FD:27:B6:82:CD:89:48:9C:69:6C
Certificate issuer: /CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Certificate serial: 01910378F6EC9D6EB77C19134B3FB51049F3
Authority key identifier: E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/f-o-yDPAwK9jNP0ntoLNiUicaWw.roa
Signing time: Tue 30 Jul 2024 11:49:04 +0000
ROA not before: Tue 30 Jul 2024 11:49:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 31.42.128.0/24 maxlen: 24
31.42.129.0/24 maxlen: 24
31.42.131.0/24 maxlen: 24
31.42.144.0/24 maxlen: 24
31.42.145.0/24 maxlen: 24
31.42.153.0/24 maxlen: 24
185.206.56.0/24 maxlen: 24
185.206.57.0/24 maxlen: 24
185.206.58.0/24 maxlen: 24
185.206.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:78:f6:ec:9d:6e:b7:7c:19:13:4b:3f:b5:10:49:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Validity
Not Before: Jul 30 11:49:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fea3ec833c0c0af6334fd27b682cd89489c696c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:32:b6:f4:14:60:df:3e:92:77:a3:10:88:b0:
05:13:28:33:4b:35:82:31:bf:77:49:93:77:c0:7b:
c2:47:d6:96:ad:6a:72:c4:ac:e0:59:e5:29:4a:56:
79:1d:f3:b0:01:ea:ed:c7:b8:b6:a0:c8:46:66:12:
3a:2a:6d:16:22:8a:53:69:43:06:6f:42:19:ed:f8:
76:13:d2:29:5a:60:a4:c0:9f:ea:9c:a8:5b:d4:62:
cf:94:b8:bb:df:5c:b7:da:90:24:65:bb:30:87:b3:
c0:57:88:ae:4a:5d:18:cd:28:03:a7:25:c1:4b:a4:
f8:c1:2a:dd:11:43:96:f7:a9:49:40:cf:6a:4a:4d:
b4:ff:9c:0e:de:03:43:69:c4:a0:fc:bc:85:1f:1c:
81:5e:f7:26:43:55:55:6d:72:f2:68:47:3b:4b:d9:
df:96:45:30:b5:c5:57:be:28:29:07:d4:25:d0:e6:
a6:4e:79:6f:de:c8:c3:01:b5:5b:0d:f9:cd:d4:fe:
b0:44:32:a1:16:6f:7f:00:da:6f:fb:fe:68:1d:4f:
14:39:b4:1f:69:fa:df:0d:69:49:f9:61:3b:a2:60:
dd:7e:a4:1e:5f:44:d2:94:c8:19:d6:86:84:54:a1:
c8:da:06:d9:f8:a1:6b:08:f9:af:14:d3:ee:84:e3:
c1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:EA:3E:C8:33:C0:C0:AF:63:34:FD:27:B6:82:CD:89:48:9C:69:6C
X509v3 Authority Key Identifier:
keyid:E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/f-o-yDPAwK9jNP0ntoLNiUicaWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.128.0/23
31.42.131.0/24
31.42.144.0/23
31.42.153.0/24
185.206.56.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:b4:25:6b:62:98:14:b0:d1:65:9f:7c:8f:b0:15:53:49:27:
d2:93:f0:9a:5c:16:3d:92:85:33:27:c1:49:83:70:bc:c6:bf:
d4:75:f3:54:d5:97:ec:0a:3b:b6:38:b0:07:cb:c6:e9:df:cb:
9c:fc:02:25:53:8a:da:9b:93:46:8b:66:60:dc:be:82:23:0f:
33:02:29:6c:7d:f4:e2:5b:0f:57:cb:69:4d:8b:59:43:4a:ae:
01:2f:cd:c2:89:59:1c:f7:73:55:88:16:ab:63:93:0c:87:b0:
60:e7:35:c8:91:41:1b:aa:73:d2:b7:5e:3e:fd:c5:dd:a1:d4:
40:a3:9f:da:19:7e:55:de:87:9e:8e:32:20:4c:33:03:da:e3:
ca:0b:76:da:11:09:89:18:c9:57:28:99:2e:5c:7f:93:58:04:
b3:ac:b7:f6:ba:a2:32:13:b2:35:3d:d6:28:82:81:f5:7b:3d:
cf:a8:d1:0f:fa:bc:9f:d1:97:2e:cf:62:64:e8:a1:55:8c:cd:
0f:9c:10:e6:f0:f5:e3:fd:4c:fd:9a:0b:1a:71:f2:59:38:35:
f5:ef:12:4b:14:1f:53:df:c1:e1:2c:12:c1:2a:9a:fa:6b:cf:
37:65:15:c2:b4:cc:97:c5:e1:89:8d:6e:85:18:a4:7d:78:b9:
94:47:dd:85
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZEDePbsnW63fBkTSz+1EEnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTlkMGNkNjU1OTNkOTY5ZThkNDUzODJhMTk0YWFhNzNj
MGZmOGMwHhcNMjQwNzMwMTE0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmVhM2VjODMzYzBjMGFmNjMzNGZkMjdiNjgyY2Q4OTQ4OWM2OTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjK29BRg3z6Sd6MQiLAFEygzSzWC
Mb93SZN3wHvCR9aWrWpyxKzgWeUpSlZ5HfOwAertx7i2oMhGZhI6Km0WIopTaUMG
b0IZ7fh2E9IpWmCkwJ/qnKhb1GLPlLi731y32pAkZbswh7PAV4iuSl0YzSgDpyXB
S6T4wSrdEUOW96lJQM9qSk20/5wO3gNDacSg/LyFHxyBXvcmQ1VVbXLyaEc7S9nf
lkUwtcVXvigpB9Ql0OamTnlv3sjDAbVbDfnN1P6wRDKhFm9/ANpv+/5oHU8UObQf
afrfDWlJ+WE7omDdfqQeX0TSlMgZ1oaEVKHI2gbZ+KFrCPmvFNPuhOPBxQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH/qPsgzwMCvYzT9J7aCzYlInGlsMB8GA1UdIwQY
MBaAFOMZ0M1lWT2Wno1FOCoZSqpzwP+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjkt
MjE3Y2Y5Mzg0NWJjLzEvZi1vLXlEUEF3SzlqTlAwbnRvTE5pVWljYVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjktMjE3Y2Y5Mzg0NWJj
LzEvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHyqAAwQA
HyqDAwQBHyqQAwQAHyqZAwQCuc44MA0GCSqGSIb3DQEBCwUAA4IBAQAqtCVrYpgU
sNFln3yPsBVTSSfSk/CaXBY9koUzJ8FJg3C8xr/UdfNU1ZfsCju2OLAHy8bp38uc
/AIlU4ram5NGi2Zg3L6CIw8zAilsffTiWw9Xy2lNi1lDSq4BL83CiVkc93NViBar
Y5MMh7Bg5zXIkUEbqnPSt14+/cXdodRAo5/aGX5V3oeejjIgTDMD2uPKC3baEQmJ
GMlXKJkuXH+TWASzrLf2uqIyE7I1PdYogoH1ez3PqNEP+ryf0Zcuz2Jk6KFVjM0P
nBDm8PXj/Uz9mgsacfJZODX17xJLFB9T38HhLBLBKpr6a883ZRXCtMyXxeGJjW6F
GKR9eLmUR92F
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:49:03 2024 by rpki-client on console-fra.rpki-client.org