Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/y0KAEcvqGynBC8ilQTh3z6kcneE.roa
File: y0KAEcvqGynBC8ilQTh3z6kcneE.roa (raw, json)
Hash identifier: o/XRI7AGCunPFZNTEFxipZPUsi/owiH2iW/Oii/o5vo=
Subject key identifier: CB:42:80:11:CB:EA:1B:29:C1:0B:C8:A5:41:38:77:CF:A9:1C:9D:E1
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018D860377B27A2B2E95A6816753E63B967B
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/y0KAEcvqGynBC8ilQTh3z6kcneE.roa
Signing time: Wed 07 Feb 2024 23:59:50 +0000
ROA not before: Wed 07 Feb 2024 23:59:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51032
IP address blocks: 31.128.128.0/19 maxlen: 24
31.130.0.0/19 maxlen: 24
31.130.12.0/22 maxlen: 22
31.130.16.0/20 maxlen: 20
31.130.31.192/29 maxlen: 29
62.122.88.0/21 maxlen: 24
89.23.128.0/19 maxlen: 19
89.23.128.0/21 maxlen: 24
89.23.144.0/20 maxlen: 24
89.23.146.0/24 maxlen: 24
89.23.147.0/24 maxlen: 24
89.23.160.0/19 maxlen: 19
89.23.168.0/21 maxlen: 21
89.23.176.0/21 maxlen: 21
91.123.80.0/20 maxlen: 20
91.202.204.0/22 maxlen: 22
93.157.160.0/21 maxlen: 21
93.157.162.0/24 maxlen: 24
93.157.163.0/24 maxlen: 24
178.212.80.0/21 maxlen: 24
178.216.176.0/21 maxlen: 21
2a13:2c80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 May 2024 13:36:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:86:03:77:b2:7a:2b:2e:95:a6:81:67:53:e6:3b:96:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Feb 7 23:59:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb428011cbea1b29c10bc8a5413877cfa91c9de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2b:c4:2c:10:cd:0a:24:60:36:d0:9e:6f:bf:
8c:45:4c:4f:9a:bf:04:38:88:7e:3b:f7:d3:c5:c0:
85:89:42:77:fe:cb:6d:69:80:75:69:83:5e:2c:c7:
e8:21:b5:7a:08:87:d1:f1:84:0f:4e:e9:d7:5d:4d:
1c:a3:55:a2:18:b4:49:5d:5c:8a:82:8c:5a:82:1f:
c8:bc:4d:bd:59:27:e2:eb:ca:c0:20:7d:c6:8c:68:
56:0e:e8:c3:d0:fa:b3:78:95:9e:2e:be:d4:a6:b7:
80:f9:a1:a3:00:39:1d:c5:24:ad:be:26:57:1b:97:
f2:37:1a:b1:cd:6a:bd:39:30:2d:b3:40:64:d7:fe:
5b:9b:4b:b5:2a:93:1f:8c:15:74:91:d1:27:65:67:
26:61:c1:1e:20:94:0b:20:91:73:2e:91:cb:3c:6a:
75:d7:93:33:6d:40:b4:19:15:b8:ff:9f:d2:f5:08:
9b:13:b5:34:28:b1:45:8c:fe:f6:ea:1e:32:7c:a7:
40:83:61:9e:7c:85:d4:45:aa:88:3d:c9:ae:a0:30:
94:24:c6:11:82:cc:64:07:39:37:de:15:cf:a1:b7:
d8:0d:74:ba:5d:b5:f3:08:b1:4d:0f:0f:94:63:2d:
a2:ee:c3:fd:7c:ea:c2:0a:0b:ff:bd:76:a7:83:24:
b0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:42:80:11:CB:EA:1B:29:C1:0B:C8:A5:41:38:77:CF:A9:1C:9D:E1
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/y0KAEcvqGynBC8ilQTh3z6kcneE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.128.0/19
31.130.0.0/19
62.122.88.0/21
89.23.128.0/18
91.123.80.0/20
91.202.204.0/22
93.157.160.0/21
178.212.80.0/21
178.216.176.0/21
IPv6:
2a13:2c80::/29
Signature Algorithm: sha256WithRSAEncryption
b8:3b:a2:4a:a0:b9:94:01:70:f7:65:23:2e:8a:ce:7b:57:9f:
a2:5b:90:f1:8d:7c:c3:99:ef:3b:8d:3e:4d:38:9f:ab:1c:f6:
c0:92:b2:c9:08:63:43:2e:02:08:67:c8:0e:cc:e0:e6:df:35:
fa:d2:d1:ff:dd:36:24:dd:e1:9a:32:5d:74:9d:f3:29:43:fc:
b4:45:74:bd:1d:35:5d:63:f4:cc:1e:c0:12:7d:60:a3:06:37:
f6:fb:71:1f:5a:e7:ea:e7:3b:75:5d:d9:50:2d:be:be:b7:bb:
4c:7c:cb:c7:4d:3c:e3:e8:8b:c3:37:81:ab:f9:de:41:48:03:
f7:f4:b0:6e:c5:16:c3:23:98:8c:48:c9:70:f2:17:41:0f:b3:
fb:00:91:06:b7:60:a3:ac:f9:be:0b:0a:37:38:37:67:c5:c6:
c2:dc:10:11:11:c8:36:2f:a8:67:63:96:80:89:6f:8d:7b:c8:
e1:32:b3:72:7a:ce:6e:cb:46:68:cd:d2:67:aa:ec:9b:49:f3:
64:d6:6c:bb:11:8f:b0:ab:db:48:94:46:c4:5a:f4:a9:f5:ca:
fb:3d:3e:87:2f:21:4a:1f:a1:a2:a7:8b:b6:ce:23:d2:b9:b3:
ef:dd:d3:40:d6:e4:cb:bb:3d:1d:96:43:05:ed:2d:c1:d0:59:
b2:fa:eb:5f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY2GA3eyeisulaaBZ1PmO5Z7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjQwMjA3MjM1OTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjQyODAxMWNiZWExYjI5YzEwYmM4YTU0MTM4NzdjZmE5MWM5ZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCvELBDNCiRgNtCeb7+MRUxPmr8E
OIh+O/fTxcCFiUJ3/sttaYB1aYNeLMfoIbV6CIfR8YQPTunXXU0co1WiGLRJXVyK
goxagh/IvE29WSfi68rAIH3GjGhWDujD0PqzeJWeLr7UpreA+aGjADkdxSStviZX
G5fyNxqxzWq9OTAts0Bk1/5bm0u1KpMfjBV0kdEnZWcmYcEeIJQLIJFzLpHLPGp1
15MzbUC0GRW4/5/S9QibE7U0KLFFjP726h4yfKdAg2GefIXURaqIPcmuoDCUJMYR
gsxkBzk33hXPobfYDXS6XbXzCLFNDw+UYy2i7sP9fOrCCgv/vXangySwtwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMtCgBHL6hspwQvIpUE4d8+pHJ3hMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEveTBLQUVjdnFHeW5CQzhpbFFUaDN6NmtjbmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFH4CAAwQF
H4IAAwQDPnpYAwQGWReAAwQEW3tQAwQCW8rMAwQDXZ2gAwQDstRQAwQDstiwMA0E
AgACMAcDBQMqEyyAMA0GCSqGSIb3DQEBCwUAA4IBAQC4O6JKoLmUAXD3ZSMuis57
V5+iW5DxjXzDme87jT5NOJ+rHPbAkrLJCGNDLgIIZ8gOzODm3zX60tH/3TYk3eGa
Ml10nfMpQ/y0RXS9HTVdY/TMHsASfWCjBjf2+3EfWufq5zt1XdlQLb6+t7tMfMvH
TTzj6IvDN4Gr+d5BSAP39LBuxRbDI5iMSMlw8hdBD7P7AJEGt2CjrPm+Cwo3ODdn
xcbC3BAREcg2L6hnY5aAiW+Ne8jhMrNyes5uy0ZozdJnquybSfNk1my7EY+wq9tI
lEbEWvSp9cr7PT6HLyFKH6Gip4u2ziPSubPv3dNA1uTLuz0dlkMF7S3B0Fmy+utf
-----END CERTIFICATE-----
Generated at Tue May 14 20:20:25 2024 by rpki-client on console-ams.rpki-client.org