Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/cI7p-rXR9j1obS6EQ1BTOfUGyxc.roa
File: cI7p-rXR9j1obS6EQ1BTOfUGyxc.roa (raw, json)
Hash identifier: iwKT2XwziGQVH3YabQExlCBeeh4to6sYNHIF8E7q7U4=
Subject key identifier: 70:8E:E9:FA:B5:D1:F6:3D:68:6D:2E:84:43:50:53:39:F5:06:CB:17
Certificate issuer: /CN=a939cc1621ee3010ae98e127bd254a7833fd2827
Certificate serial: 019034BF5BC34B102DD33A52380CFA8DDA6F
Authority key identifier: A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/cI7p-rXR9j1obS6EQ1BTOfUGyxc.roa
Signing time: Thu 20 Jun 2024 08:24:34 +0000
ROA not before: Thu 20 Jun 2024 08:24:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48964
IP address blocks: 31.133.114.0/24 maxlen: 24
31.133.116.0/24 maxlen: 24
31.133.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/qTnMFiHuMBCumOEnvSVKeDP9KCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/qTnMFiHuMBCumOEnvSVKeDP9KCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:34:bf:5b:c3:4b:10:2d:d3:3a:52:38:0c:fa:8d:da:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a939cc1621ee3010ae98e127bd254a7833fd2827
Validity
Not Before: Jun 20 08:24:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=708ee9fab5d1f63d686d2e8443505339f506cb17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:50:bc:77:1d:aa:59:02:de:7c:69:d5:28:d9:
f0:39:8a:16:ad:fd:51:c8:d0:0f:c6:de:d5:1f:c8:
2c:a3:81:d6:49:d0:c6:21:16:c1:b2:fb:a5:0c:a8:
97:47:6d:49:13:6c:e6:de:5e:ee:b8:79:21:1d:7f:
ae:ae:31:1f:fb:be:96:d7:a7:24:82:77:09:7d:0c:
1a:f3:aa:c2:01:0a:23:54:04:9c:b5:8e:d7:b3:12:
fc:1e:99:e1:8c:48:27:ec:37:55:c9:cd:a1:2a:45:
db:60:66:9a:22:40:b3:c6:10:df:7d:c5:83:11:a3:
fd:c6:96:0d:20:41:07:a9:e0:a4:4e:44:24:94:e8:
f2:c9:96:66:32:01:5d:f9:12:a4:11:81:63:26:cf:
48:d1:fc:b2:b1:56:f5:d5:b8:10:cf:44:2f:ae:a4:
e0:8b:49:34:3a:1e:ad:8a:a2:46:5f:09:64:67:c3:
29:9c:e3:1e:66:4e:4d:04:ab:4f:29:de:72:91:3f:
ab:d9:1e:9e:3e:67:b2:ee:65:8e:27:cc:c5:8e:6f:
c8:7b:d1:5c:ed:94:39:a5:25:81:cb:87:18:0a:d3:
33:27:37:75:e9:ce:77:1c:bf:a4:ec:bc:3a:03:d6:
2b:8b:c4:16:be:df:4a:bc:5f:00:01:38:a8:90:4c:
6c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8E:E9:FA:B5:D1:F6:3D:68:6D:2E:84:43:50:53:39:F5:06:CB:17
X509v3 Authority Key Identifier:
keyid:A9:39:CC:16:21:EE:30:10:AE:98:E1:27:BD:25:4A:78:33:FD:28:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qTnMFiHuMBCumOEnvSVKeDP9KCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/cI7p-rXR9j1obS6EQ1BTOfUGyxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d5bf72-3115-4c71-a1bf-b06194d13c6b/1/qTnMFiHuMBCumOEnvSVKeDP9KCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.114.0/24
31.133.116.0/24
31.133.119.0/24
Signature Algorithm: sha256WithRSAEncryption
af:94:2d:f3:29:d1:ff:30:0d:0a:61:b1:fd:09:28:c0:fd:7f:
03:51:8a:8d:54:1f:81:1d:0a:ad:b7:ef:9e:ad:2b:b5:76:06:
44:5f:74:03:62:bf:c9:e2:f1:ae:8c:d9:9b:41:6a:e3:d7:6d:
41:1d:d5:5e:b5:50:25:f9:3a:9d:91:ae:3a:c5:9c:5e:f0:aa:
09:2c:05:00:64:d9:3a:1f:86:b4:57:c1:66:8f:c1:83:36:60:
4c:4e:b3:7b:bf:ed:5d:07:9d:b4:22:74:a5:12:1d:91:87:6d:
c2:ab:b9:b1:f7:da:28:68:ae:49:d4:d8:bb:71:08:be:51:1f:
98:7a:7e:80:9d:ae:4d:98:85:3d:f5:f9:c6:10:a9:2b:b4:a0:
f1:8b:62:41:a1:f1:0a:7d:da:4e:ac:92:ea:ae:24:6d:3c:bf:
dd:14:5b:03:0a:b3:ac:f5:53:80:fe:59:b4:63:38:76:0f:6c:
1a:30:59:1f:ad:04:f5:21:5b:1a:cd:dc:92:b7:b7:70:03:48:
5a:f0:10:95:d0:15:10:22:0a:81:2e:70:ef:ad:88:74:ae:62:
9a:5d:1e:68:25:c2:2e:34:e4:97:21:c0:4e:42:fb:e8:e7:c3:
53:0b:b5:50:19:58:22:97:9a:92:45:98:5e:4e:04:2b:74:48:
bc:69:85:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZA0v1vDSxAt0zpSOAz6jdpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MzljYzE2MjFlZTMwMTBhZTk4ZTEyN2JkMjU0YTc4MzNm
ZDI4MjcwHhcNMjQwNjIwMDgyNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhlZTlmYWI1ZDFmNjNkNjg2ZDJlODQ0MzUwNTMzOWY1MDZjYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VC8dx2qWQLefGnVKNnwOYoWrf1R
yNAPxt7VH8gso4HWSdDGIRbBsvulDKiXR21JE2zm3l7uuHkhHX+urjEf+76W16ck
gncJfQwa86rCAQojVASctY7XsxL8HpnhjEgn7DdVyc2hKkXbYGaaIkCzxhDffcWD
EaP9xpYNIEEHqeCkTkQklOjyyZZmMgFd+RKkEYFjJs9I0fyysVb11bgQz0QvrqTg
i0k0Oh6tiqJGXwlkZ8MpnOMeZk5NBKtPKd5ykT+r2R6ePmey7mWOJ8zFjm/Ie9Fc
7ZQ5pSWBy4cYCtMzJzd16c53HL+k7Lw6A9Yri8QWvt9KvF8AATiokExs9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHCO6fq10fY9aG0uhENQUzn1BssXMB8GA1UdIwQY
MBaAFKk5zBYh7jAQrpjhJ70lSngz/SgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVRuTUZpSHVNQkN1bU9FbnZTVktlRFA5S0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kNWJmNzItMzExNS00YzcxLWExYmYt
YjA2MTk0ZDEzYzZiLzEvY0k3cC1yWFI5ajFvYlM2RVExQlRPZlVHeXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kNWJmNzItMzExNS00YzcxLWExYmYtYjA2MTk0ZDEzYzZi
LzEvcVRuTUZpSHVNQkN1bU9FbnZTVktlRFA5S0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH4VyAwQA
H4V0AwQAH4V3MA0GCSqGSIb3DQEBCwUAA4IBAQCvlC3zKdH/MA0KYbH9CSjA/X8D
UYqNVB+BHQqtt++erSu1dgZEX3QDYr/J4vGujNmbQWrj121BHdVetVAl+Tqdka46
xZxe8KoJLAUAZNk6H4a0V8Fmj8GDNmBMTrN7v+1dB520InSlEh2Rh23Cq7mx99oo
aK5J1Ni7cQi+UR+Yen6Ana5NmIU99fnGEKkrtKDxi2JBofEKfdpOrJLqriRtPL/d
FFsDCrOs9VOA/lm0Yzh2D2waMFkfrQT1IVsazdySt7dwA0ha8BCV0BUQIgqBLnDv
rYh0rmKaXR5oJcIuNOSXIcBOQvvo58NTC7VQGVgil5qSRZheTgQrdEi8aYWs
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:27 2024 by rpki-client on console-ams.rpki-client.org