Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/3dcXvZbMj3vpm5FqY_T5qjhxGc0.roa
File: 3dcXvZbMj3vpm5FqY_T5qjhxGc0.roa (raw, json)
Hash identifier: R6dHbrGjMZwfKi55wN28PCH8WOTgU24seA19nQuu3cs=
Subject key identifier: DD:D7:17:BD:96:CC:8F:7B:E9:9B:91:6A:63:F4:F9:AA:38:71:19:CD
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 018E41F083EA69377D48374CDA40285335A8
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/3dcXvZbMj3vpm5FqY_T5qjhxGc0.roa
Signing time: Fri 15 Mar 2024 11:47:45 +0000
ROA not before: Fri 15 Mar 2024 11:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.80.0/24 maxlen: 24
31.169.83.0/24 maxlen: 24
31.169.86.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:41:f0:83:ea:69:37:7d:48:37:4c:da:40:28:53:35:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Mar 15 11:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddd717bd96cc8f7be99b916a63f4f9aa387119cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:12:d1:89:c3:1a:f3:8e:4f:2c:ae:c1:68:38:
87:b3:38:96:f3:4c:f7:cb:6d:60:00:29:5c:94:af:
04:7c:fd:d3:27:31:e0:92:3e:18:7d:5d:6a:c3:e0:
2f:68:5f:02:68:12:51:0d:a6:62:ce:f9:ad:81:72:
83:5b:e7:4f:30:93:b1:52:10:82:9c:23:fe:41:12:
38:b0:fb:b3:ea:4e:f0:27:79:ad:0f:86:7e:18:05:
db:d7:eb:cb:6c:33:e3:88:27:92:82:f3:d6:57:5a:
e9:a9:83:98:f0:65:22:00:5c:d5:19:10:cd:63:23:
44:b6:56:b6:12:8f:74:ff:58:7d:2a:8a:69:cf:18:
5b:ed:d5:2a:59:10:00:bf:79:e8:d9:dd:2d:6a:a3:
20:3f:aa:7e:e7:15:fd:ea:17:36:07:9f:c8:5b:0d:
aa:2a:13:7b:1c:10:5b:27:9e:e4:a8:88:76:26:01:
d7:e9:ee:3d:96:a3:c1:66:dc:59:dc:84:ff:ac:95:
e2:15:c2:8c:7f:e2:8a:89:b2:62:3c:78:5b:ba:70:
64:c1:b4:91:6f:bf:6b:79:c8:f0:eb:26:35:39:c3:
bf:42:35:af:63:37:11:81:13:9d:c3:60:57:c0:b4:
bf:2a:b6:87:d9:f6:76:97:09:b5:70:c6:69:77:f2:
f6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D7:17:BD:96:CC:8F:7B:E9:9B:91:6A:63:F4:F9:AA:38:71:19:CD
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/3dcXvZbMj3vpm5FqY_T5qjhxGc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.80.0/24
31.169.83.0/24
31.169.86.0/24
31.169.90.0/24
Signature Algorithm: sha256WithRSAEncryption
67:18:43:59:d2:85:b3:74:6f:73:84:e8:02:0c:93:c2:92:a5:
5e:3a:99:99:7f:b2:45:7e:a1:c1:8e:ae:75:d2:52:53:10:55:
22:dc:1d:ad:ab:39:77:c4:89:ee:21:ba:f8:e9:ab:73:de:0c:
ec:93:69:2c:c4:84:f8:41:ad:09:70:4d:aa:ce:c9:45:5d:14:
03:79:6e:2a:b0:9d:02:ef:a3:eb:ea:1e:2a:09:39:66:17:bd:
22:c9:a8:07:42:43:d1:05:0f:64:a2:b4:6d:85:e0:df:ea:41:
39:53:f5:e3:3f:55:1d:3a:fd:01:31:f9:65:94:da:02:22:7a:
b8:f3:92:38:7f:03:72:0a:9e:c0:46:58:c9:0d:d0:ef:c0:97:
18:d2:2f:3b:54:d3:3f:54:64:72:d4:8a:71:82:e9:22:b9:59:
5f:14:73:59:c5:c3:95:51:16:96:c3:4d:83:d9:5c:08:9f:e9:
ef:86:2f:90:3b:c4:aa:f6:cc:48:c4:b0:14:88:98:72:e5:ec:
73:7a:4d:2c:3e:a5:ac:77:30:a2:24:96:b0:9e:f2:dd:e2:9e:
f7:86:20:53:00:c3:5d:49:ae:a0:e7:5c:10:85:74:43:24:ad:
2e:a8:b4:82:11:60:e9:61:a7:54:36:9d:3f:5a:d8:df:14:84:
20:b9:e3:e2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5B8IPqaTd9SDdM2kAoUzWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQwMzE1MTE0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ3MTdiZDk2Y2M4ZjdiZTk5YjkxNmE2M2Y0ZjlhYTM4NzExOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhLRicMa845PLK7BaDiHsziW80z3
y21gAClclK8EfP3TJzHgkj4YfV1qw+AvaF8CaBJRDaZizvmtgXKDW+dPMJOxUhCC
nCP+QRI4sPuz6k7wJ3mtD4Z+GAXb1+vLbDPjiCeSgvPWV1rpqYOY8GUiAFzVGRDN
YyNEtla2Eo90/1h9Koppzxhb7dUqWRAAv3no2d0taqMgP6p+5xX96hc2B5/IWw2q
KhN7HBBbJ57kqIh2JgHX6e49lqPBZtxZ3IT/rJXiFcKMf+KKibJiPHhbunBkwbSR
b79recjw6yY1OcO/QjWvYzcRgROdw2BXwLS/KraH2fZ2lwm1cMZpd/L2nwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN3XF72WzI976ZuRamP0+ao4cRnNMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvM2RjWHZaYk1qM3ZwbTVGcVlfVDVxamh4R2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH6lQAwQA
H6lTAwQAH6lWAwQAH6laMA0GCSqGSIb3DQEBCwUAA4IBAQBnGENZ0oWzdG9zhOgC
DJPCkqVeOpmZf7JFfqHBjq510lJTEFUi3B2tqzl3xInuIbr46atz3gzsk2ksxIT4
Qa0JcE2qzslFXRQDeW4qsJ0C76Pr6h4qCTlmF70iyagHQkPRBQ9korRtheDf6kE5
U/XjP1UdOv0BMflllNoCInq485I4fwNyCp7ARljJDdDvwJcY0i87VNM/VGRy1Ipx
gukiuVlfFHNZxcOVURaWw02D2VwIn+nvhi+QO8Sq9sxIxLAUiJhy5exzek0sPqWs
dzCiJJawnvLd4p73hiBTAMNdSa6g51wQhXRDJK0uqLSCEWDpYadUNp0/WtjfFIQg
uePi
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:43:21 2024 by rpki-client on console-ams.rpki-client.org