Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZjRxUryFRCH3-rY0Vgct3-g8jmU.roa
File: ZjRxUryFRCH3-rY0Vgct3-g8jmU.roa (raw, json)
Hash identifier: I3rcxoDRnoayL225/1ftNV1t7f4IAoMZg8Hl4OB/ZVQ=
Subject key identifier: 66:34:71:52:BC:85:44:21:F7:FA:B6:34:56:07:2D:DF:E8:3C:8E:65
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC802903B13CA7643CC637BE2B00890E3
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZjRxUryFRCH3-rY0Vgct3-g8jmU.roa
Signing time: Tue 02 Jan 2024 02:31:00 +0000
ROA not before: Tue 02 Jan 2024 02:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209365
IP address blocks: 31.170.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:90:3b:13:ca:76:43:cc:63:7b:e2:b0:08:90:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66347152bc854421f7fab63456072ddfe83c8e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f6:83:32:1c:70:fe:59:5b:ac:69:56:34:e9:
2c:90:39:b1:9b:8d:43:93:d9:63:3e:5c:e9:d5:98:
f9:56:0c:40:65:4f:b8:8f:9a:54:3c:eb:35:07:84:
64:8b:9a:56:f0:f2:9c:69:5e:46:3a:39:33:80:b6:
ef:35:b4:3a:96:9a:13:09:e6:6c:75:ca:b9:0f:15:
e7:37:46:95:ba:ce:9f:7a:7e:ae:41:b5:5a:9c:78:
74:d1:e2:6c:6e:da:db:85:c8:74:e6:aa:65:31:ca:
ad:cf:d4:80:6c:0c:f7:38:a2:4a:23:5a:c8:7a:66:
35:f8:05:6f:70:c8:2f:ae:7c:25:20:0e:a7:45:89:
6c:9e:77:5a:89:53:31:1c:db:87:59:57:95:77:7d:
65:80:f5:a3:d6:24:5a:70:d5:1e:a9:8f:8e:6b:86:
21:64:eb:5a:9c:7f:14:59:57:89:99:ef:24:86:2b:
8e:65:63:81:a4:e1:c1:07:c6:e4:00:fc:c8:da:8c:
d8:f2:a7:9c:0a:1a:5e:6e:aa:f4:1c:a4:dd:0d:ad:
8b:e2:5a:8f:25:91:03:7b:60:0c:17:62:08:55:31:
42:14:dd:90:38:13:02:32:92:59:28:97:fc:ac:19:
45:95:1e:8d:5f:a4:df:df:bf:83:2a:6d:53:6d:35:
27:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:34:71:52:BC:85:44:21:F7:FA:B6:34:56:07:2D:DF:E8:3C:8E:65
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZjRxUryFRCH3-rY0Vgct3-g8jmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.103.0/24
Signature Algorithm: sha256WithRSAEncryption
50:96:41:52:e1:b1:eb:80:89:99:00:bc:f8:d2:80:3a:1f:b4:
c9:32:33:47:fa:2e:c8:85:8d:dc:25:fc:b7:61:e0:be:fb:76:
77:60:50:77:bf:ae:23:58:5b:2f:9b:6d:1c:5f:22:ab:a0:5c:
09:27:5a:c8:b1:44:1d:d4:86:b4:23:f7:b9:29:69:e2:df:c7:
7e:5f:d1:95:be:2c:24:09:50:e4:e5:00:6a:af:56:63:b5:e1:
0c:f5:dd:56:8e:ac:9b:3c:5b:f1:37:25:c1:61:79:49:5a:2e:
04:5f:4c:17:a3:bb:4f:37:24:b0:1c:c1:94:3e:2c:5e:be:77:
68:da:da:99:0a:f9:4f:d8:a6:f4:84:a6:8e:9b:a1:b4:14:c4:
fa:04:12:96:19:09:c9:d0:c8:06:ae:c4:a8:8d:f7:ea:15:2b:
39:5a:1f:a1:b4:ee:47:0f:eb:30:9f:9f:d2:ff:81:4b:a3:db:
c7:df:98:8b:b6:10:27:6a:3d:d6:12:78:0a:ea:b3:a2:2c:74:
ff:29:12:f9:bb:02:f2:07:9a:77:c7:ac:82:c8:8a:bb:9e:22:
5e:b0:1e:92:1b:a5:fe:91:8a:d6:3d:7f:40:7e:3a:99:a7:9a:
6b:f3:c9:b2:3a:84:e3:d8:20:dc:6a:a3:6e:83:4b:d5:bc:ee:
00:64:32:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIApA7E8p2Q8xje+KwCJDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjM0NzE1MmJjODU0NDIxZjdmYWI2MzQ1NjA3MmRkZmU4M2M4ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfaDMhxw/llbrGlWNOkskDmxm41D
k9ljPlzp1Zj5VgxAZU+4j5pUPOs1B4Rki5pW8PKcaV5GOjkzgLbvNbQ6lpoTCeZs
dcq5DxXnN0aVus6fen6uQbVanHh00eJsbtrbhch05qplMcqtz9SAbAz3OKJKI1rI
emY1+AVvcMgvrnwlIA6nRYlsnndaiVMxHNuHWVeVd31lgPWj1iRacNUeqY+Oa4Yh
ZOtanH8UWVeJme8khiuOZWOBpOHBB8bkAPzI2ozY8qecChpebqr0HKTdDa2L4lqP
JZEDe2AMF2IIVTFCFN2QOBMCMpJZKJf8rBlFlR6NX6Tf37+DKm1TbTUniwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGY0cVK8hUQh9/q2NFYHLd/oPI5lMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWmpSeFVyeUZSQ0gzLXJZMFZnY3QzLWc4am1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH6pnMA0G
CSqGSIb3DQEBCwUAA4IBAQBQlkFS4bHrgImZALz40oA6H7TJMjNH+i7IhY3cJfy3
YeC++3Z3YFB3v64jWFsvm20cXyKroFwJJ1rIsUQd1Ia0I/e5KWni38d+X9GVviwk
CVDk5QBqr1ZjteEM9d1WjqybPFvxNyXBYXlJWi4EX0wXo7tPNySwHMGUPixevndo
2tqZCvlP2Kb0hKaOm6G0FMT6BBKWGQnJ0MgGrsSojffqFSs5Wh+htO5HD+swn5/S
/4FLo9vH35iLthAnaj3WEngK6rOiLHT/KRL5uwLyB5p3x6yCyIq7niJesB6SG6X+
kYrWPX9AfjqZp5pr88myOoTj2CDcaqNug0vVvO4AZDKS
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:31 2024 by rpki-client on console-ams.rpki-client.org