Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/_JG9glJTq5UTzgDAAUaCdzB1Efs.roa
File: _JG9glJTq5UTzgDAAUaCdzB1Efs.roa (raw, json)
Hash identifier: 5YgujM448ovyAKx4iso0IuwI7gFM3N8DPLhAm7yybeY=
Subject key identifier: FC:91:BD:82:52:53:AB:95:13:CE:00:C0:01:46:82:77:30:75:11:FB
Certificate issuer: /CN=6264318c1aaa7ca0603155a883d43926ef97e87c
Certificate serial: 0192D7E980CE9D024408B2D1B757894F5FDC
Authority key identifier: 62:64:31:8C:1A:AA:7C:A0:60:31:55:A8:83:D4:39:26:EF:97:E8:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/_JG9glJTq5UTzgDAAUaCdzB1Efs.roa
Signing time: Tue 29 Oct 2024 10:54:17 +0000
ROA not before: Tue 29 Oct 2024 10:54:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56616
IP address blocks: 31.7.88.0/22 maxlen: 24
31.7.88.0/23 maxlen: 23
31.7.88.0/24 maxlen: 24
31.7.89.0/24 maxlen: 24
31.7.90.0/23 maxlen: 23
31.7.90.0/24 maxlen: 24
31.7.91.0/24 maxlen: 24
185.116.20.0/22 maxlen: 24
185.116.20.0/23 maxlen: 23
185.116.20.0/24 maxlen: 24
185.116.21.0/24 maxlen: 24
185.116.22.0/23 maxlen: 23
185.116.22.0/24 maxlen: 24
185.116.23.0/24 maxlen: 24
2a0a:d340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.mft
rsync://rpki.ripe.net/repository/DEFAULT/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:e9:80:ce:9d:02:44:08:b2:d1:b7:57:89:4f:5f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6264318c1aaa7ca0603155a883d43926ef97e87c
Validity
Not Before: Oct 29 10:54:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc91bd825253ab9513ce00c001468277307511fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e8:89:80:a9:a8:ec:c0:6a:72:83:98:f4:ab:
4d:d0:a8:6d:bd:50:99:7d:4d:2f:b2:36:a4:0f:45:
3f:dd:d7:84:39:3c:71:69:9a:49:2e:7b:d1:64:81:
9e:4f:3a:66:99:fe:ae:cc:5d:96:36:e6:f0:fc:ff:
f1:86:49:08:7f:01:8e:f5:21:b3:6a:78:b0:96:07:
9a:37:43:f4:65:1c:a9:a5:ce:da:d0:ff:36:61:f6:
5c:a8:e5:98:15:3f:5b:9d:3b:8c:96:bd:b0:e2:b5:
ea:5a:b1:dd:bf:30:8a:0f:df:4c:4b:8f:c0:a6:14:
ed:55:25:f5:d4:c4:b0:98:37:da:6a:d3:e0:43:48:
8d:f4:75:89:13:e1:d6:d2:33:61:9f:ad:7e:9d:ed:
82:e7:b6:30:73:6d:69:97:73:77:a5:f0:43:36:ef:
f2:11:c0:8b:a8:15:c2:90:e8:79:83:21:79:1a:97:
3f:21:b3:b3:e4:bb:de:21:95:c8:90:e9:b2:12:c9:
f9:f3:19:b5:f9:e1:25:b3:67:0d:88:37:81:a2:be:
de:c6:96:c2:9d:25:b6:ab:85:38:e9:49:00:e5:de:
65:fa:5c:f4:be:aa:ce:07:92:8c:13:2f:f9:b2:b3:
c7:d1:2c:1e:5a:41:a2:06:4e:8c:ec:36:64:ac:7a:
e3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:91:BD:82:52:53:AB:95:13:CE:00:C0:01:46:82:77:30:75:11:FB
X509v3 Authority Key Identifier:
keyid:62:64:31:8C:1A:AA:7C:A0:60:31:55:A8:83:D4:39:26:EF:97:E8:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/_JG9glJTq5UTzgDAAUaCdzB1Efs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/f6b642-872b-4b7d-bd6a-b91a27055204/1/YmQxjBqqfKBgMVWog9Q5Ju-X6Hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.88.0/22
185.116.20.0/22
IPv6:
2a0a:d340::/29
Signature Algorithm: sha256WithRSAEncryption
29:7e:5e:ea:da:98:7b:c2:cd:45:7a:35:07:8b:d2:02:74:a7:
24:db:97:69:cb:41:74:6f:18:24:65:9e:22:73:9c:58:ac:43:
da:db:96:3d:84:3c:bb:a4:55:f9:d3:a1:ae:df:48:a8:46:8d:
5e:e9:33:5a:c4:52:c2:42:8f:1d:2c:7f:c9:50:b6:0b:a9:7a:
90:16:09:6d:1b:cf:54:65:17:cf:b7:28:d8:59:55:c5:37:f2:
a4:cb:02:62:d6:b0:b1:78:3f:0c:61:96:0a:a1:57:7f:ee:26:
19:f1:35:9f:50:a5:b4:5a:eb:53:23:b3:17:65:cb:74:b7:c9:
8e:ef:dc:76:31:75:13:fe:67:8a:a3:3c:92:e8:5c:4e:1f:a2:
49:13:d2:8a:e3:f2:d4:2c:6f:dd:51:d8:90:c3:74:79:53:01:
04:c5:42:5d:a1:9f:49:fe:9b:12:86:7d:88:e6:22:0f:48:44:
eb:6b:ee:36:f5:f0:2f:5c:58:50:d2:87:c2:19:c4:78:77:b9:
f8:3f:a9:36:90:ac:71:e5:92:05:f4:21:22:56:9d:7c:4f:60:
67:e8:72:4b:25:41:19:7d:7f:61:92:3a:7e:32:a4:1f:6b:a3:
3a:46:77:57:b0:f3:2c:fd:79:cf:62:e0:a6:8a:94:f2:3b:1d:
7a:ed:c1:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZLX6YDOnQJECLLRt1eJT1/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNjQzMThjMWFhYTdjYTA2MDMxNTVhODgzZDQzOTI2ZWY5
N2U4N2MwHhcNMjQxMDI5MTA1NDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzkxYmQ4MjUyNTNhYjk1MTNjZTAwYzAwMTQ2ODI3NzMwNzUxMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+iJgKmo7MBqcoOY9KtN0KhtvVCZ
fU0vsjakD0U/3deEOTxxaZpJLnvRZIGeTzpmmf6uzF2WNubw/P/xhkkIfwGO9SGz
aniwlgeaN0P0ZRyppc7a0P82YfZcqOWYFT9bnTuMlr2w4rXqWrHdvzCKD99MS4/A
phTtVSX11MSwmDfaatPgQ0iN9HWJE+HW0jNhn61+ne2C57Ywc21pl3N3pfBDNu/y
EcCLqBXCkOh5gyF5Gpc/IbOz5LveIZXIkOmyEsn58xm1+eEls2cNiDeBor7expbC
nSW2q4U46UkA5d5l+lz0vqrOB5KMEy/5srPH0SweWkGiBk6M7DZkrHrj9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPyRvYJSU6uVE84AwAFGgncwdRH7MB8GA1UdIwQY
MBaAFGJkMYwaqnygYDFVqIPUOSbvl+h8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1ReGpCcXFmS0JnTVZXb2c5UTVKdS1YNkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9mNmI2NDItODcyYi00YjdkLWJkNmEt
YjkxYTI3MDU1MjA0LzEvX0pHOWdsSlRxNVVUemdEQUFVYUNkekIxRWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9mNmI2NDItODcyYi00YjdkLWJkNmEtYjkxYTI3MDU1MjA0
LzEvWW1ReGpCcXFmS0JnTVZXb2c5UTVKdS1YNkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCHwdYAwQC
uXQUMA0EAgACMAcDBQMqCtNAMA0GCSqGSIb3DQEBCwUAA4IBAQApfl7q2ph7ws1F
ejUHi9ICdKck25dpy0F0bxgkZZ4ic5xYrEPa25Y9hDy7pFX506Gu30ioRo1e6TNa
xFLCQo8dLH/JULYLqXqQFgltG89UZRfPtyjYWVXFN/KkywJi1rCxeD8MYZYKoVd/
7iYZ8TWfUKW0WutTI7MXZct0t8mO79x2MXUT/meKozyS6FxOH6JJE9KK4/LULG/d
UdiQw3R5UwEExUJdoZ9J/psShn2I5iIPSETra+429fAvXFhQ0ofCGcR4d7n4P6k2
kKxx5ZIF9CEiVp18T2Bn6HJLJUEZfX9hkjp+MqQfa6M6RndXsPMs/XnPYuCmipTy
Ox167cEX
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:23 2024 by rpki-client on console-fra.rpki-client.org