Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/yUoubtxrOMt1hei8V83kQ31289g.roa
File: yUoubtxrOMt1hei8V83kQ31289g.roa (raw, json)
Hash identifier: dNVXRiu17fHrziwX/LT5FHf+wq5WTbUkJ5WLnKnanPc=
Subject key identifier: C9:4A:2E:6E:DC:6B:38:CB:75:85:E8:BC:57:CD:E4:43:7D:76:F3:D8
Certificate issuer: /CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Certificate serial: 018CC2DB45AD6F81FE1EB386C8763F75C567
Authority key identifier: E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/yUoubtxrOMt1hei8V83kQ31289g.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 185.206.58.0/24 maxlen: 24
185.206.59.0/24 maxlen: 24
31.42.131.0/24 maxlen: 24
31.42.129.0/24 maxlen: 24
31.42.128.0/24 maxlen: 24
31.42.144.0/24 maxlen: 24
31.42.145.0/24 maxlen: 24
31.42.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:45:ad:6f:81:fe:1e:b3:86:c8:76:3f:75:c5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c94a2e6edc6b38cb7585e8bc57cde4437d76f3d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e0:ff:50:d5:63:4d:d3:cb:0f:cc:a1:c3:8a:
4b:92:64:fe:b6:f1:81:3d:d7:70:9d:fe:87:e9:34:
65:ce:2c:22:a8:f9:4e:2e:ef:58:79:62:08:33:c5:
ae:f3:04:42:ec:98:9c:1c:87:39:ef:94:76:81:f2:
87:b3:54:4a:12:f9:9a:74:c9:2b:4d:90:c4:be:9d:
08:b0:58:e1:6c:bf:b8:f3:94:50:87:09:cb:52:45:
81:ce:5c:1e:02:c8:ee:82:d8:df:40:fb:f2:63:5e:
90:68:a8:72:8a:8a:d5:c6:ee:96:63:d2:74:2e:2d:
63:65:c5:c8:86:5c:8f:ee:89:0a:a6:02:4d:04:a3:
df:d0:4c:f8:4d:d0:5d:72:dc:0e:22:2b:30:29:86:
52:a6:8c:76:93:79:ce:1b:8d:09:0d:fe:8e:10:a5:
32:8a:bd:12:45:dd:92:93:77:ed:b8:4a:32:cb:aa:
b5:1b:15:f5:79:6c:c1:77:84:a0:47:8b:59:b8:38:
95:82:f8:01:85:cb:08:7d:8e:46:95:ed:14:9c:a3:
a9:d4:bb:bd:8e:c5:d2:7c:c5:d1:39:03:e8:69:c1:
c8:ed:2f:67:34:e0:57:2f:00:ae:82:f1:d7:a1:ac:
f1:86:b0:4f:80:d3:bf:ab:c0:cb:b7:de:aa:6f:84:
2f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4A:2E:6E:DC:6B:38:CB:75:85:E8:BC:57:CD:E4:43:7D:76:F3:D8
X509v3 Authority Key Identifier:
keyid:E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/yUoubtxrOMt1hei8V83kQ31289g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.128.0/23
31.42.131.0/24
31.42.144.0/23
31.42.153.0/24
185.206.58.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:1b:47:db:33:b3:a0:ec:b7:29:8c:e1:8c:04:78:c4:a6:cc:
a2:79:da:63:b3:10:ec:35:e0:d8:b3:31:f6:3a:2f:b8:8e:ae:
e0:8c:1b:f6:f4:d7:05:44:a9:2b:26:5a:be:03:76:e0:da:56:
d0:6f:4e:09:0d:58:bb:da:39:bd:73:8b:94:93:d1:42:fa:7e:
5f:4e:49:67:e5:94:8c:77:cb:a9:af:df:cb:ec:7d:5b:f6:ff:
2c:fb:e9:11:1e:44:83:cf:de:32:0f:3e:3d:fc:a0:2d:7c:cf:
c2:54:2c:a8:d8:0b:51:59:64:c1:51:4c:19:59:30:80:f6:1a:
14:bd:bc:6f:2c:29:40:db:fb:3b:7e:d3:52:64:09:73:62:5a:
6c:7f:b0:4f:16:fd:b0:72:eb:b8:ed:f2:8b:3f:ce:9e:06:1f:
71:86:97:1d:d2:d9:ee:3f:39:76:fe:26:51:54:58:43:b4:b6:
a3:a5:fa:9a:13:f7:15:e7:fe:bd:59:af:61:30:4b:b3:54:c2:
67:01:c6:e1:6d:e2:1a:8d:29:71:aa:fa:5e:9d:3a:c8:17:78:
c2:45:63:fa:f4:e6:ae:75:90:4d:a7:61:72:0c:ee:2a:61:59:
96:67:95:4f:a3:c8:1f:d3:ca:da:8e:98:bb:f4:41:52:d8:2f:
49:6e:bf:f5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC20Wtb4H+HrOGyHY/dcVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTlkMGNkNjU1OTNkOTY5ZThkNDUzODJhMTk0YWFhNzNj
MGZmOGMwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTRhMmU2ZWRjNmIzOGNiNzU4NWU4YmM1N2NkZTQ0MzdkNzZmM2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseD/UNVjTdPLD8yhw4pLkmT+tvGB
Pddwnf6H6TRlziwiqPlOLu9YeWIIM8Wu8wRC7JicHIc575R2gfKHs1RKEvmadMkr
TZDEvp0IsFjhbL+485RQhwnLUkWBzlweAsjugtjfQPvyY16QaKhyiorVxu6WY9J0
Li1jZcXIhlyP7okKpgJNBKPf0Ez4TdBdctwOIiswKYZSpox2k3nOG40JDf6OEKUy
ir0SRd2Sk3ftuEoyy6q1GxX1eWzBd4SgR4tZuDiVgvgBhcsIfY5Gle0UnKOp1Lu9
jsXSfMXROQPoacHI7S9nNOBXLwCugvHXoazxhrBPgNO/q8DLt96qb4QvdQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMlKLm7cazjLdYXovFfN5EN9dvPYMB8GA1UdIwQY
MBaAFOMZ0M1lWT2Wno1FOCoZSqpzwP+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjkt
MjE3Y2Y5Mzg0NWJjLzEveVVvdWJ0eHJPTXQxaGVpOFY4M2tRMzEyODlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjktMjE3Y2Y5Mzg0NWJj
LzEvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHyqAAwQA
HyqDAwQBHyqQAwQAHyqZAwQBuc46MA0GCSqGSIb3DQEBCwUAA4IBAQBNG0fbM7Og
7LcpjOGMBHjEpsyiedpjsxDsNeDYszH2Oi+4jq7gjBv29NcFRKkrJlq+A3bg2lbQ
b04JDVi72jm9c4uUk9FC+n5fTkln5ZSMd8upr9/L7H1b9v8s++kRHkSDz94yDz49
/KAtfM/CVCyo2AtRWWTBUUwZWTCA9hoUvbxvLClA2/s7ftNSZAlzYlpsf7BPFv2w
cuu47fKLP86eBh9xhpcd0tnuPzl2/iZRVFhDtLajpfqaE/cV5/69Wa9hMEuzVMJn
AcbhbeIajSlxqvpenTrIF3jCRWP69OaudZBNp2FyDO4qYVmWZ5VPo8gf08rajpi7
9EFS2C9Jbr/1
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:45:56 2024 by rpki-client on console-fra.rpki-client.org