Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/frxTbneHihZOK3Y_HlYI4_vf8zs.roa
File: frxTbneHihZOK3Y_HlYI4_vf8zs.roa (raw, json)
Hash identifier: yBaMPNBt8TK1EEpz5w4oU2Up848Yw+CYMkwX8S0vbUQ=
Subject key identifier: 7E:BC:53:6E:77:87:8A:16:4E:2B:76:3F:1E:56:08:E3:FB:DF:F3:3B
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 018CC793D6E1F76A172652BE3172E0B494C2
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/frxTbneHihZOK3Y_HlYI4_vf8zs.roa
Signing time: Tue 02 Jan 2024 00:30:03 +0000
ROA not before: Tue 02 Jan 2024 00:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14178
IP address blocks: 194.31.98.0/24 maxlen: 24
194.31.97.0/24 maxlen: 24
31.210.20.0/24 maxlen: 24
162.12.206.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:d6:e1:f7:6a:17:26:52:be:31:72:e0:b4:94:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Jan 2 00:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ebc536e77878a164e2b763f1e5608e3fbdff33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1a:d2:6d:93:37:47:26:ef:5b:f3:6d:2b:d9:
46:09:2f:e3:f7:ab:b3:2c:0b:9b:c5:20:f0:45:89:
7d:bf:b4:9c:0d:b7:b5:3e:3d:a2:cd:21:81:e2:b2:
c6:14:52:98:84:03:23:0f:0e:c0:ba:45:fc:b1:84:
2d:16:a3:7f:a9:d9:2c:4b:48:56:d3:37:48:33:62:
0c:ec:52:9d:d8:8f:3c:01:36:16:8f:2a:90:2e:67:
7a:30:a4:24:b5:d5:cc:00:4c:ab:a4:03:19:03:36:
f6:be:16:72:6a:d7:88:e1:0a:92:79:71:98:48:08:
9e:d5:29:70:d9:10:7d:11:68:30:50:dd:36:47:85:
4c:b6:15:84:ea:67:e4:05:de:e7:f0:34:42:22:cb:
5a:d5:53:54:6d:fb:c8:e7:f9:83:5d:b7:93:b9:c1:
15:ca:79:3b:64:61:79:27:ff:3e:c9:3c:19:56:6e:
dc:7f:63:64:ea:ba:a6:07:42:83:c5:17:5b:8e:4f:
3e:24:34:68:6f:f4:89:0c:e7:d8:10:ef:25:b8:bf:
f4:6e:4e:d0:e5:d3:4e:70:9f:cd:43:a0:3e:99:2a:
3a:c4:c6:9f:81:cd:8c:d5:ca:e9:33:fc:cc:77:2b:
d5:3e:59:3b:84:b9:1f:70:50:53:6b:5b:17:d7:ab:
52:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:BC:53:6E:77:87:8A:16:4E:2B:76:3F:1E:56:08:E3:FB:DF:F3:3B
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/frxTbneHihZOK3Y_HlYI4_vf8zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.20.0/24
162.12.206.0/23
194.31.97.0-194.31.98.255
Signature Algorithm: sha256WithRSAEncryption
a3:03:73:a6:ae:0e:41:54:ad:4f:2c:d7:58:92:52:22:c6:26:
b9:97:fa:e8:ef:d7:50:14:bc:b3:f5:58:b1:ba:11:6b:49:77:
cf:05:86:90:0b:5c:d0:14:15:22:10:f0:cd:99:d7:55:e6:83:
fd:5d:64:01:f9:cb:6c:ac:5a:11:03:14:5f:3a:32:d6:07:b7:
ba:46:06:f4:91:08:d7:76:a5:7c:0a:b5:7f:1c:5f:2e:04:68:
d7:29:77:2b:d7:76:af:b9:2f:c3:99:f5:d0:dc:24:d0:ec:8d:
c7:d3:89:b7:d9:db:62:0c:e9:bf:2c:d7:9d:92:ab:d1:a8:15:
69:b3:e4:d0:14:8b:9c:21:08:0e:a9:75:d3:89:23:6d:8b:92:
66:4c:34:ae:47:2e:4f:8c:e1:ee:a7:8c:95:b3:bb:dc:88:e6:
d0:e5:87:30:29:97:45:19:d5:29:fa:94:aa:b3:5b:83:fa:24:
70:09:8f:aa:d5:15:83:f8:1b:7e:cf:46:a3:40:1a:14:ef:f4:
ef:ad:e5:da:ba:7a:58:c8:e4:d4:00:6c:46:24:1f:57:cf:a3:
87:82:10:1d:4a:9e:e8:38:40:81:b6:47:28:03:23:d1:20:2c:
1f:12:a6:be:df:4a:c7:64:35:5f:ae:72:81:1b:47:29:7a:a2:
4d:c3:3d:ff
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHk9bh92oXJlK+MXLgtJTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjQwMTAyMDAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWJjNTM2ZTc3ODc4YTE2NGUyYjc2M2YxZTU2MDhlM2ZiZGZmMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxrSbZM3RybvW/NtK9lGCS/j96uz
LAubxSDwRYl9v7ScDbe1Pj2izSGB4rLGFFKYhAMjDw7AukX8sYQtFqN/qdksS0hW
0zdIM2IM7FKd2I88ATYWjyqQLmd6MKQktdXMAEyrpAMZAzb2vhZyateI4QqSeXGY
SAie1Slw2RB9EWgwUN02R4VMthWE6mfkBd7n8DRCIsta1VNUbfvI5/mDXbeTucEV
ynk7ZGF5J/8+yTwZVm7cf2Nk6rqmB0KDxRdbjk8+JDRob/SJDOfYEO8luL/0bk7Q
5dNOcJ/NQ6A+mSo6xMafgc2M1crpM/zMdyvVPlk7hLkfcFBTa1sX16tS9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH68U253h4oWTit2Px5WCOP73/M7MB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvZnJ4VGJuZUhpaFpPSzNZX0hsWUk0X3ZmOHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAH9IUAwQB
ogzOMAwDBADCH2EDBADCH2IwDQYJKoZIhvcNAQELBQADggEBAKMDc6auDkFUrU8s
11iSUiLGJrmX+ujv11AUvLP1WLG6EWtJd88FhpALXNAUFSIQ8M2Z11Xmg/1dZAH5
y2ysWhEDFF86MtYHt7pGBvSRCNd2pXwKtX8cXy4EaNcpdyvXdq+5L8OZ9dDcJNDs
jcfTibfZ22IM6b8s152Sq9GoFWmz5NAUi5whCA6pddOJI22LkmZMNK5HLk+M4e6n
jJWzu9yI5tDlhzApl0UZ1Sn6lKqzW4P6JHAJj6rVFYP4G37PRqNAGhTv9O+t5dq6
eljI5NQAbEYkH1fPo4eCEB1Knug4QIG2RygDI9EgLB8Spr7fSsdkNV+ucoEbRyl6
ok3DPf8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:46:22 2024 by rpki-client on console-fra.rpki-client.org