Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/agx6ZMiW12z_5JGj7quXnia5Jqc.roa
File: agx6ZMiW12z_5JGj7quXnia5Jqc.roa (raw, json)
Hash identifier: zTTBkTg7dOxFXFp2HRb/kDasvMalzl23hVu2Z0Y02Ek=
Subject key identifier: 6A:0C:7A:64:C8:96:D7:6C:FF:E4:91:A3:EE:AB:97:9E:26:B9:26:A7
Certificate issuer: /CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Certificate serial: 018E520FB629EA2C881878BFA775358F0BDD
Authority key identifier: 86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/agx6ZMiW12z_5JGj7quXnia5Jqc.roa
Signing time: Mon 18 Mar 2024 14:55:45 +0000
ROA not before: Mon 18 Mar 2024 14:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197720
IP address blocks: 31.186.2.0/24 maxlen: 24
31.186.3.0/24 maxlen: 24
31.186.4.0/24 maxlen: 24
31.186.5.0/24 maxlen: 24
31.186.6.0/24 maxlen: 24
31.186.7.0/24 maxlen: 24
31.186.9.0/24 maxlen: 24
31.186.10.0/24 maxlen: 24
31.186.11.0/24 maxlen: 24
31.186.12.0/24 maxlen: 24
31.186.13.0/24 maxlen: 24
31.186.14.0/24 maxlen: 24
31.186.15.0/24 maxlen: 24
31.186.16.0/24 maxlen: 24
31.186.17.0/24 maxlen: 24
31.186.18.0/24 maxlen: 24
31.186.19.0/24 maxlen: 24
31.186.20.0/24 maxlen: 24
31.186.21.0/24 maxlen: 24
31.186.23.0/24 maxlen: 24
31.186.28.0/24 maxlen: 24
31.186.29.0/24 maxlen: 24
31.186.30.0/24 maxlen: 24
31.186.31.0/24 maxlen: 24
2a0d:a000:0:a00::/56 maxlen: 56
2a0d:a000:0:b00::/56 maxlen: 56
2a0d:a000:0:c00::/56 maxlen: 56
2a0d:a000:0:d00::/56 maxlen: 56
2a0d:a000:0:e00::/56 maxlen: 56
2a0d:a000:0:f00::/56 maxlen: 56
2a0d:a000:0:1000::/56 maxlen: 56
2a0d:a000:0:1100::/56 maxlen: 56
2a0d:a000:0:1200::/56 maxlen: 56
2a0d:a000:0:1300::/56 maxlen: 56
2a0d:a000:0:1400::/56 maxlen: 56
2a0d:a000:0:1500::/56 maxlen: 56
2a0d:a000:0:1600::/56 maxlen: 56
2a0d:a000:0:1700::/56 maxlen: 56
2a0d:a000:0:1800::/56 maxlen: 56
2a0d:a000:0:1900::/56 maxlen: 56
2a0d:a000:0:1a00::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 23:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:0f:b6:29:ea:2c:88:18:78:bf:a7:75:35:8f:0b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86af2c7166bb34a696fde2fbacef4001b0a8e7e2
Validity
Not Before: Mar 18 14:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a0c7a64c896d76cffe491a3eeab979e26b926a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:47:ea:56:1a:47:4d:2a:33:f5:ae:8a:92:bc:
de:5d:3c:94:57:de:1e:b5:d3:4b:d8:5c:55:92:bc:
56:f0:d0:7b:23:9d:05:56:b0:ad:0e:6f:00:ce:b1:
81:35:19:74:70:a7:5e:07:2e:52:3b:79:4f:c7:39:
f3:1a:44:73:46:41:66:4f:94:c9:fe:2a:8e:e5:2f:
8d:b9:a3:da:c7:1f:09:56:dc:14:d3:36:b1:56:88:
95:ea:b2:78:cc:7f:f7:60:e9:7d:fe:af:67:89:75:
21:2e:1d:f2:69:23:8e:74:d3:28:9c:26:81:dd:48:
8f:35:d1:b8:99:9c:7b:6e:1c:0f:e1:db:1a:67:39:
44:a1:46:80:c7:3a:5f:2a:e9:78:02:3d:c2:c9:3c:
50:d0:b4:2c:d2:f8:7c:fa:db:06:ea:ce:95:4d:9a:
ee:95:4d:8f:b3:12:e2:e3:f3:40:f3:37:35:bf:f8:
5b:8e:20:75:8f:29:d1:db:ad:8c:a6:73:41:42:a4:
7c:d4:41:c8:e3:1a:50:4b:a5:07:81:5b:f7:5e:a8:
16:6e:62:4d:75:66:b2:c9:66:19:ad:80:31:3b:9a:
b3:ba:f4:5d:97:6b:0f:8b:65:ab:2d:3d:cb:a0:9c:
7f:d2:80:fd:ad:d3:de:21:58:03:d6:bd:69:76:67:
78:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0C:7A:64:C8:96:D7:6C:FF:E4:91:A3:EE:AB:97:9E:26:B9:26:A7
X509v3 Authority Key Identifier:
keyid:86:AF:2C:71:66:BB:34:A6:96:FD:E2:FB:AC:EF:40:01:B0:A8:E7:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq8scWa7NKaW_eL7rO9AAbCo5-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/agx6ZMiW12z_5JGj7quXnia5Jqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/f8f66d-8a47-4431-af51-e4f58704804e/1/hq8scWa7NKaW_eL7rO9AAbCo5-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.2.0-31.186.7.255
31.186.9.0-31.186.21.255
31.186.23.0/24
31.186.28.0/22
IPv6:
2a0d:a000:0:a00::-2a0d:a000:0:1aff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3e:9b:23:e0:2e:55:c2:6d:2e:50:4e:54:3e:13:19:2b:c9:05:
38:f2:89:2b:55:e4:44:d1:65:63:15:ec:19:98:49:a9:cf:b0:
f1:8e:47:34:3b:db:03:aa:c2:27:14:7f:7d:d3:00:f8:4d:52:
a7:51:14:36:5c:fb:eb:19:b5:50:a6:81:ef:37:1b:77:db:d2:
7e:e9:ee:17:63:23:6d:a2:f3:33:24:1f:af:fa:85:4d:21:ad:
af:2b:30:59:a1:0c:d4:db:0a:d4:97:fb:3c:bc:5f:c2:fe:fc:
f4:03:a1:e2:4b:8c:5e:a4:0b:f6:8a:78:00:ca:56:38:4b:86:
f3:c8:83:b1:93:75:c1:05:5d:03:30:bf:ac:55:01:28:ed:ff:
74:1c:84:a5:64:18:bd:99:5e:0f:ea:ad:93:1f:24:18:85:57:
a1:17:e4:f5:c7:4f:89:ab:09:c1:d2:92:19:86:4c:d6:52:9a:
24:c5:be:11:55:4a:2c:d3:dc:3f:6a:41:5a:26:dd:4f:f5:c0:
94:c0:31:2a:30:95:93:63:ab:b0:2f:9b:08:bf:6d:7f:5e:dd:
c9:88:c6:3f:95:d2:49:cd:3b:20:bc:9a:5a:a2:93:db:a2:ba:
48:a8:fc:18:69:c2:ab:0e:49:d3:d8:7d:cc:69:4a:4a:3c:58:
ac:f8:46:9a
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY5SD7Yp6iyIGHi/p3U1jwvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWYyYzcxNjZiYjM0YTY5NmZkZTJmYmFjZWY0MDAxYjBh
OGU3ZTIwHhcNMjQwMzE4MTQ1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTBjN2E2NGM4OTZkNzZjZmZlNDkxYTNlZWFiOTc5ZTI2YjkyNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkfqVhpHTSoz9a6KkrzeXTyUV94e
tdNL2FxVkrxW8NB7I50FVrCtDm8AzrGBNRl0cKdeBy5SO3lPxznzGkRzRkFmT5TJ
/iqO5S+NuaPaxx8JVtwU0zaxVoiV6rJ4zH/3YOl9/q9niXUhLh3yaSOOdNMonCaB
3UiPNdG4mZx7bhwP4dsaZzlEoUaAxzpfKul4Aj3CyTxQ0LQs0vh8+tsG6s6VTZru
lU2PsxLi4/NA8zc1v/hbjiB1jynR262MpnNBQqR81EHI4xpQS6UHgVv3XqgWbmJN
dWayyWYZrYAxO5qzuvRdl2sPi2WrLT3LoJx/0oD9rdPeIVgD1r1pdmd4XQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFGoMemTIltds/+SRo+6rl54muSanMB8GA1UdIwQY
MBaAFIavLHFmuzSmlv3i+6zvQAGwqOfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEt
ZTRmNTg3MDQ4MDRlLzEvYWd4NlpNaVcxMnpfNUpHajdxdVhuaWE1SnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mOGY2NmQtOGE0Ny00NDMxLWFmNTEtZTRmNTg3MDQ4MDRl
LzEvaHE4c2NXYTdOS2FXX2VMN3JPOUFBYkNvNS1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAuBAIAATAoMAwDBAEfugID
BAMfugAwDAMEAB+6CQMEAR+6FAMEAB+6FwMEAh+6HDAcBAIAAjAWMBQDCAEqDaAA
AAAKAwgAKg2gAAAAGjANBgkqhkiG9w0BAQsFAAOCAQEAPpsj4C5Vwm0uUE5UPhMZ
K8kFOPKJK1XkRNFlYxXsGZhJqc+w8Y5HNDvbA6rCJxR/fdMA+E1Sp1EUNlz76xm1
UKaB7zcbd9vSfunuF2MjbaLzMyQfr/qFTSGtryswWaEM1NsK1Jf7PLxfwv789AOh
4kuMXqQL9op4AMpWOEuG88iDsZN1wQVdAzC/rFUBKO3/dByEpWQYvZleD+qtkx8k
GIVXoRfk9cdPiasJwdKSGYZM1lKaJMW+EVVKLNPcP2pBWibdT/XAlMAxKjCVk2Or
sC+bCL9tf17dyYjGP5XSSc07ILyaWqKT26K6SKj8GGnCqw5J09h9zGlKSjxYrPhG
mg==
-----END CERTIFICATE-----
Generated at Sat Jun 29 08:53:00 2024 by rpki-client on console-ams.rpki-client.org