Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/1-KPwF4nrnRQnMV59U4Q3NN9da10.roa
File: 1-KPwF4nrnRQnMV59U4Q3NN9da10.roa (raw, json)
Hash identifier: q46Vm5JbNr26FALZ3SKg/2+K2yQy2Qi2HcubjV8s1xI=
Subject key identifier: F8:A3:F0:17:89:EB:9D:14:27:31:5E:7D:53:84:37:34:DF:5D:6B:5D
Certificate issuer: /CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Certificate serial: 01932F0050BB658C5911EF9359E2024D847C
Authority key identifier: 86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/1-KPwF4nrnRQnMV59U4Q3NN9da10.roa
Signing time: Fri 15 Nov 2024 08:46:10 +0000
ROA not before: Fri 15 Nov 2024 08:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15924
IP address blocks: 31.186.2.0/24 maxlen: 24
31.186.3.0/24 maxlen: 24
31.186.4.0/24 maxlen: 24
31.186.5.0/24 maxlen: 24
31.186.7.0/24 maxlen: 24
31.186.8.0/24 maxlen: 24
31.186.9.0/24 maxlen: 24
31.186.10.0/24 maxlen: 24
31.186.11.0/24 maxlen: 24
31.186.12.0/24 maxlen: 24
31.186.13.0/24 maxlen: 24
31.186.14.0/24 maxlen: 24
31.186.15.0/24 maxlen: 24
31.186.16.0/24 maxlen: 24
31.186.17.0/24 maxlen: 24
31.186.18.0/24 maxlen: 24
31.186.19.0/24 maxlen: 24
31.186.20.0/24 maxlen: 24
31.186.28.0/24 maxlen: 24
31.186.30.0/24 maxlen: 24
31.186.31.0/24 maxlen: 24
2a0d:a000:0:a00::/56 maxlen: 56
2a0d:a000:0:b00::/56 maxlen: 56
2a0d:a000:0:c00::/56 maxlen: 56
2a0d:a000:0:d00::/56 maxlen: 56
2a0d:a000:0:e00::/56 maxlen: 56
2a0d:a000:0:f00::/56 maxlen: 56
2a0d:a000:0:1000::/56 maxlen: 56
2a0d:a000:0:1100::/56 maxlen: 56
2a0d:a000:0:1200::/56 maxlen: 56
2a0d:a000:0:1300::/56 maxlen: 56
2a0d:a000:0:1400::/56 maxlen: 56
2a0d:a000:0:1500::/56 maxlen: 56
2a0d:a000:0:1600::/56 maxlen: 56
2a0d:a000:0:1700::/56 maxlen: 56
2a0d:a000:0:1800::/56 maxlen: 56
2a0d:a000:0:1900::/56 maxlen: 56
2a0d:a000:0:1a00::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:00:50:bb:65:8c:59:11:ef:93:59:e2:02:4d:84:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Validity
Not Before: Nov 15 08:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8a3f01789eb9d1427315e7d53843734df5d6b5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d0:54:c6:18:04:3f:44:f6:b5:a0:f0:a4:7c:
82:3f:de:1a:4c:52:e7:6c:ba:bf:ab:6c:4f:2c:ed:
71:d9:25:02:cf:6a:73:bb:31:69:99:87:f9:c6:10:
7f:99:9d:90:2f:77:1a:5a:8c:b4:fb:84:18:f6:98:
aa:05:5c:d2:21:0d:37:c8:a0:a4:3d:f1:69:56:6f:
7e:5e:d1:dd:eb:93:e5:fd:cd:45:6c:f4:9c:3d:4d:
a3:03:82:11:9e:b3:d7:75:63:e3:e6:ef:d4:d1:66:
58:35:1d:a9:1c:7b:89:c9:50:3a:7c:3c:49:be:7e:
70:6f:7c:26:65:a4:e7:e7:e0:8e:fa:9b:dc:84:a5:
4d:c6:f4:58:62:93:ec:e7:08:e0:e0:25:d0:9f:e2:
80:1f:ff:53:36:32:ce:8e:e5:da:ab:7b:22:c3:33:
d5:52:f3:c3:c7:e0:03:7e:59:3e:8d:b0:c6:30:f9:
6e:5c:f3:06:1f:49:24:32:ea:24:c2:02:f6:a0:70:
bb:6e:91:ba:97:dc:39:b3:d7:d2:87:bd:f2:e3:ec:
4a:a2:65:2e:db:d5:66:ca:0a:74:3f:b3:ff:65:06:
02:eb:1c:f9:e1:96:75:38:a8:81:a2:c5:5b:2c:c1:
97:db:70:48:19:68:d0:03:3d:8d:c5:4b:26:35:a4:
1b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A3:F0:17:89:EB:9D:14:27:31:5E:7D:53:84:37:34:DF:5D:6B:5D
X509v3 Authority Key Identifier:
keyid:86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/1-KPwF4nrnRQnMV59U4Q3NN9da10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.2.0-31.186.5.255
31.186.7.0-31.186.20.255
31.186.28.0/24
31.186.30.0/23
IPv6:
2a0d:a000:0:a00::-2a0d:a000:0:1aff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9d:30:65:86:a7:e3:58:ce:ce:de:1c:81:4b:dc:53:70:4c:bb:
7b:57:89:05:a2:70:cb:af:e9:67:3e:99:5d:c9:30:c7:5e:61:
bb:89:18:b7:76:61:f0:c3:f4:15:89:27:d8:e5:1c:11:c4:7b:
d7:de:f8:48:87:85:7c:d1:13:20:6c:f9:5f:68:67:5e:7c:fd:
bb:19:a3:c2:a1:f8:b8:08:9b:de:90:9a:98:36:ae:05:9e:a1:
1e:93:1b:d4:df:3a:67:b8:54:4b:4c:69:bb:ac:ff:86:a9:5d:
4e:0e:c2:cb:d9:7c:42:c7:9e:29:bd:d4:b3:4d:41:66:c8:5c:
7b:65:68:bd:4c:65:cf:3d:cd:f4:79:ff:60:7d:8f:d9:41:87:
61:1c:a6:1e:e3:f6:c6:42:a2:b5:55:90:61:e8:f9:c0:f7:53:
1e:56:05:3c:d9:9a:5d:10:e4:81:a6:66:54:a5:d5:5d:6c:ea:
a5:7b:a4:e4:f4:87:d2:b1:e9:75:ae:7b:18:cf:ef:cc:2c:25:
58:6e:03:e2:4a:44:0a:31:ba:b4:e9:99:fa:45:f5:b2:93:0f:
0e:a6:d9:a8:37:28:cf:f5:e8:c6:a8:61:8c:cb:cf:16:8b:d4:
ec:c7:17:a9:50:c9:79:e5:c0:40:9b:58:16:b5:86:da:a3:72:
76:86:30:ef
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZMvAFC7ZYxZEe+TWeICTYR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWYyYzcxNjZiYjM0YTY5NmZkZTJmYmFjZWY0MDAxYjBh
OGU3ZTIwHhcNMjQxMTE1MDg0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGEzZjAxNzg5ZWI5ZDE0MjczMTVlN2Q1Mzg0MzczNGRmNWQ2YjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutBUxhgEP0T2taDwpHyCP94aTFLn
bLq/q2xPLO1x2SUCz2pzuzFpmYf5xhB/mZ2QL3caWoy0+4QY9piqBVzSIQ03yKCk
PfFpVm9+XtHd65Pl/c1FbPScPU2jA4IRnrPXdWPj5u/U0WZYNR2pHHuJyVA6fDxJ
vn5wb3wmZaTn5+CO+pvchKVNxvRYYpPs5wjg4CXQn+KAH/9TNjLOjuXaq3siwzPV
UvPDx+ADflk+jbDGMPluXPMGH0kkMuokwgL2oHC7bpG6l9w5s9fSh73y4+xKomUu
29Vmygp0P7P/ZQYC6xz54ZZ1OKiBosVbLMGX23BIGWjQAz2NxUsmNaQbUQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPij8BeJ650UJzFefVOENzTfXWtdMB8GA1UdIwQY
MBaAFIavLHFmuzSmlv3i+6zvQAGwqOfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEt
ZTRmNTg3MDQ4MDRlLzEvMS1LUHdGNG5yblJRbk1WNTlVNFEzTk45ZGExMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2YvZjhmNjZkLThhNDctNDQzMS1hZjUxLWU0ZjU4NzA0ODA0
ZS8xL2hxOHNjV2E3TkthV19lTDdyTzlBQWJDbzUtSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBfBggrBgEFBQcBBwEB/wRQME4wLgQCAAEwKDAMAwQBH7oC
AwQBH7oEMAwDBAAfugcDBAAfuhQDBAAfuhwDBAEfuh4wHAQCAAIwFjAUAwgBKg2g
AAAACgMIACoNoAAAABowDQYJKoZIhvcNAQELBQADggEBAJ0wZYan41jOzt4cgUvc
U3BMu3tXiQWicMuv6Wc+mV3JMMdeYbuJGLd2YfDD9BWJJ9jlHBHEe9fe+EiHhXzR
EyBs+V9oZ158/bsZo8Kh+LgIm96Qmpg2rgWeoR6TG9TfOme4VEtMabus/4apXU4O
wsvZfELHnim91LNNQWbIXHtlaL1MZc89zfR5/2B9j9lBh2Ecph7j9sZCorVVkGHo
+cD3Ux5WBTzZml0Q5IGmZlSl1V1s6qV7pOT0h9Kx6XWuexjP78wsJVhuA+JKRAox
urTpmfpF9bKTDw6m2ag3KM/16MaoYYzLzxaL1OzHF6lQyXnlwECbWBa1htqjcnaG
MO8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:14 2024 by rpki-client on console-ams.rpki-client.org