Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/PVzHlZQS4lqwb0uPDGa6e2lTvBU.roa
File: PVzHlZQS4lqwb0uPDGa6e2lTvBU.roa (raw, json)
Hash identifier: 3R5b/1CHymkpxKr+jSWR2O1u6d2CunRsNveSoynKfk8=
Subject key identifier: 3D:5C:C7:95:94:12:E2:5A:B0:6F:4B:8F:0C:66:BA:7B:69:53:BC:15
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 018CC72721E442E49C343730E5B597A6F41E
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/PVzHlZQS4lqwb0uPDGa6e2lTvBU.roa
Signing time: Mon 01 Jan 2024 22:31:19 +0000
ROA not before: Mon 01 Jan 2024 22:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48737
IP address blocks: 31.169.75.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:21:e4:42:e4:9c:34:37:30:e5:b5:97:a6:f4:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jan 1 22:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d5cc7959412e25ab06f4b8f0c66ba7b6953bc15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3a:4b:99:c4:30:66:a2:3a:b8:24:5c:9d:b5:
3d:8c:47:28:b6:97:61:7c:94:c6:6a:b2:5d:b1:dd:
39:b0:57:ec:0a:ad:4d:b0:d3:24:97:8d:fa:15:5a:
f3:c5:be:b2:72:9c:a9:3a:91:02:3e:e3:e9:35:2a:
c2:54:8e:7c:bd:b9:70:b3:3a:dd:94:a6:da:51:f6:
8e:72:9d:9c:8f:fb:8d:c3:6e:15:8e:c9:e8:50:52:
ff:a5:09:8e:90:d2:2a:39:b0:e2:ce:49:5a:62:5f:
01:95:6a:b5:2c:32:64:13:b8:2e:28:58:46:d3:4a:
12:90:75:1b:e9:53:44:dc:bb:dc:69:99:99:15:0f:
42:d3:9e:1b:1d:6f:0d:d2:dd:1c:60:3e:91:bc:df:
5b:da:e2:b1:e4:cc:53:fc:1b:5f:de:55:63:e7:6b:
33:5d:62:48:e7:19:1b:50:eb:4e:39:e2:89:0b:83:
ce:2d:d9:d4:6f:4e:97:a8:27:5d:cf:6e:ce:12:51:
35:af:36:79:c2:b6:ec:3b:d4:ff:bc:e3:7a:1f:52:
e3:80:59:2f:a4:04:4f:22:3b:d1:71:93:f7:5e:16:
12:09:67:60:59:31:ae:fd:e4:2b:81:39:20:6f:83:
c9:5f:7a:6e:6e:ea:69:3c:7a:c0:60:61:3b:e8:b8:
82:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:5C:C7:95:94:12:E2:5A:B0:6F:4B:8F:0C:66:BA:7B:69:53:BC:15
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/PVzHlZQS4lqwb0uPDGa6e2lTvBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.75.0/24
31.169.85.0/24
31.169.87.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:90:24:e7:d4:60:73:8b:8a:44:62:3f:86:0d:91:d3:85:4c:
d1:f6:64:7b:43:97:47:d7:e9:b5:bb:83:9e:be:00:cc:88:ca:
0b:e2:b7:de:b9:1d:97:35:e4:fb:75:eb:b0:70:a0:cf:c8:ba:
62:6e:6f:e5:d7:37:c4:11:dd:d5:ec:c2:6f:52:08:e2:e1:ac:
25:0a:9a:49:28:53:86:ff:fc:73:0b:a0:c4:76:47:46:a8:2b:
94:5a:76:71:e1:59:12:6a:bb:67:27:61:0a:44:cc:94:dc:87:
15:6a:5e:75:a6:a0:d0:35:74:e0:29:34:a3:69:18:8a:44:6d:
91:9b:87:73:8e:24:83:9f:ab:a3:55:ae:85:c1:09:47:a4:82:
e6:6b:80:d0:8c:33:0f:8a:b4:55:da:9d:7e:2a:c0:30:a5:49:
3b:38:f7:dc:fe:db:5e:9d:5c:ae:31:c5:af:f4:d2:ad:14:f2:
c7:c8:30:2a:72:8b:80:fb:c2:84:ab:88:67:c6:bc:f0:7f:1e:
48:de:ba:42:78:34:01:af:5e:dd:1e:57:70:a4:1e:9e:77:1a:
7f:f5:6a:fa:f5:79:da:69:b6:41:7f:07:7a:91:eb:5e:1b:eb:
7e:08:bb:cb:27:64:1b:54:80:68:57:3d:75:f6:01:69:f6:62:
ed:8e:e3:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJyHkQuScNDcw5bWXpvQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQwMTAxMjIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDVjYzc5NTk0MTJlMjVhYjA2ZjRiOGYwYzY2YmE3YjY5NTNiYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzpLmcQwZqI6uCRcnbU9jEcotpdh
fJTGarJdsd05sFfsCq1NsNMkl436FVrzxb6ycpypOpECPuPpNSrCVI58vblwszrd
lKbaUfaOcp2cj/uNw24VjsnoUFL/pQmOkNIqObDizklaYl8BlWq1LDJkE7guKFhG
00oSkHUb6VNE3LvcaZmZFQ9C054bHW8N0t0cYD6RvN9b2uKx5MxT/Btf3lVj52sz
XWJI5xkbUOtOOeKJC4POLdnUb06XqCddz27OElE1rzZ5wrbsO9T/vON6H1LjgFkv
pARPIjvRcZP3XhYSCWdgWTGu/eQrgTkgb4PJX3pubuppPHrAYGE76LiCPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD1cx5WUEuJasG9LjwxmuntpU7wVMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvUFZ6SGxaUVM0bHF3YjB1UERHYTZlMmxUdkJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH6lLAwQA
H6lVAwQAH6lXMA0GCSqGSIb3DQEBCwUAA4IBAQB9kCTn1GBzi4pEYj+GDZHThUzR
9mR7Q5dH1+m1u4OevgDMiMoL4rfeuR2XNeT7deuwcKDPyLpibm/l1zfEEd3V7MJv
Ugji4awlCppJKFOG//xzC6DEdkdGqCuUWnZx4VkSartnJ2EKRMyU3IcVal51pqDQ
NXTgKTSjaRiKRG2Rm4dzjiSDn6ujVa6FwQlHpILma4DQjDMPirRV2p1+KsAwpUk7
OPfc/ttenVyuMcWv9NKtFPLHyDAqcouA+8KEq4hnxrzwfx5I3rpCeDQBr17dHldw
pB6edxp/9Wr69XnaabZBfwd6keteG+t+CLvLJ2QbVIBoVz119gFp9mLtjuMs
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:03:42 2024 by rpki-client on console-fra.rpki-client.org