Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/vJldmS4uYPKMfZrcGvQ9Dm6u9UU.roa
File: vJldmS4uYPKMfZrcGvQ9Dm6u9UU.roa (raw, json)
Hash identifier: FVmdSOQf/IggBoSL5UF3pAM4sosSusQ/X4TY6Vtio+I=
Subject key identifier: BC:99:5D:99:2E:2E:60:F2:8C:7D:9A:DC:1A:F4:3D:0E:6E:AE:F5:45
Certificate issuer: /CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Certificate serial: 018CC94DF2B6BBBBF1315579185715DC96E7
Authority key identifier: DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/vJldmS4uYPKMfZrcGvQ9Dm6u9UU.roa
Signing time: Tue 02 Jan 2024 08:32:57 +0000
ROA not before: Tue 02 Jan 2024 08:32:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15917
IP address blocks: 217.31.0.0/22 maxlen: 22
217.31.0.0/20 maxlen: 20
217.31.4.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:f2:b6:bb:bb:f1:31:55:79:18:57:15:dc:96:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Validity
Not Before: Jan 2 08:32:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc995d992e2e60f28c7d9adc1af43d0e6eaef545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3a:23:2e:d0:f1:38:8c:0c:f9:9b:69:ed:e7:
db:51:ed:22:30:f6:9e:c8:1b:05:41:83:22:b3:a0:
c5:aa:cb:f0:3f:26:e0:81:b0:06:e1:a4:3b:ca:e4:
29:c9:25:9b:f4:5c:07:3d:49:97:cd:8a:ee:e4:72:
31:62:28:58:11:d4:ec:ed:ad:e3:87:87:df:d5:ca:
b8:b2:43:ab:b4:91:37:b6:ab:a6:3b:55:76:07:02:
e8:d2:0f:bf:c2:f0:b3:33:73:00:84:74:17:17:34:
08:f4:93:80:ab:6b:e4:4c:9f:66:3b:06:f5:32:16:
40:e8:2a:0a:ab:ed:d1:b8:bd:c6:0d:63:e0:06:55:
24:5d:40:99:a4:de:4c:66:0f:24:f7:c3:cb:de:03:
1c:52:9c:3a:8e:55:69:77:57:fe:d9:80:39:4e:4a:
d2:e9:f1:1d:61:76:e0:68:7f:d8:7e:59:93:38:0f:
a3:1c:dc:9d:2a:24:b7:cb:56:81:57:74:80:16:25:
b9:9e:c1:da:b9:24:e8:00:a1:46:6d:7b:f1:21:ea:
8f:3f:be:40:98:0a:a9:05:81:16:08:11:ee:f7:47:
1b:74:53:97:35:24:e1:3b:87:7e:a5:dd:a4:3e:7f:
df:b0:02:70:67:1f:50:8e:a2:ed:e5:e2:1c:7a:5a:
3b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:99:5D:99:2E:2E:60:F2:8C:7D:9A:DC:1A:F4:3D:0E:6E:AE:F5:45
X509v3 Authority Key Identifier:
keyid:DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/vJldmS4uYPKMfZrcGvQ9Dm6u9UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.31.0.0/20
Signature Algorithm: sha256WithRSAEncryption
97:d1:00:ab:33:0e:c2:fb:bd:b0:58:62:af:50:03:b9:c5:fe:
6b:ff:dc:06:90:6b:2c:be:00:c4:01:9d:6f:28:67:79:62:cd:
dd:db:8c:fb:88:af:a9:b0:95:bc:e4:c3:33:d9:bb:31:81:c8:
b7:c2:84:73:b3:0a:bd:b4:08:8f:ac:05:3f:44:04:14:d9:6e:
7d:8b:cb:4c:8d:64:0e:15:42:3e:db:39:cd:ee:6e:81:f4:23:
78:23:13:8b:8b:c0:7e:30:75:e9:79:eb:ed:6f:c5:b5:e9:38:
b5:2b:be:e1:b4:62:25:bd:ff:ba:28:87:69:3e:5a:6a:6c:4d:
2c:05:2a:06:20:40:01:86:44:23:2b:0e:be:cf:85:fa:1d:8d:
2f:cf:a6:9f:9b:7b:56:f5:22:98:ba:f6:29:a7:e8:83:f4:c7:
5e:89:c8:b0:ca:e3:d2:d2:04:bc:0a:cd:79:86:a4:86:dc:b6:
0f:b3:a5:04:0f:39:81:22:db:67:92:f9:03:f3:5e:40:7d:41:
a4:d5:29:fe:6d:42:0b:2c:14:53:9a:8c:7f:ae:ed:19:2b:d7:
c8:56:6a:65:54:ab:02:0b:5d:29:f5:4e:35:63:6d:9d:9a:1f:
3d:3b:96:78:91:09:83:a1:42:14:d0:4a:13:8a:2f:01:f6:05:
18:38:1e:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTfK2u7vxMVV5GFcV3JbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNjY0MDM1N2FlNGFlMTBmYzBiM2U5ZDk4ZjJhMGNiMDEx
ODkwM2MwHhcNMjQwMTAyMDgzMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzk5NWQ5OTJlMmU2MGYyOGM3ZDlhZGMxYWY0M2QwZTZlYWVmNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzojLtDxOIwM+Ztp7efbUe0iMPae
yBsFQYMis6DFqsvwPybggbAG4aQ7yuQpySWb9FwHPUmXzYru5HIxYihYEdTs7a3j
h4ff1cq4skOrtJE3tqumO1V2BwLo0g+/wvCzM3MAhHQXFzQI9JOAq2vkTJ9mOwb1
MhZA6CoKq+3RuL3GDWPgBlUkXUCZpN5MZg8k98PL3gMcUpw6jlVpd1f+2YA5TkrS
6fEdYXbgaH/YflmTOA+jHNydKiS3y1aBV3SAFiW5nsHauSToAKFGbXvxIeqPP75A
mAqpBYEWCBHu90cbdFOXNSThO4d+pd2kPn/fsAJwZx9QjqLt5eIcelo7LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyZXZkuLmDyjH2a3Br0PQ5urvVFMB8GA1UdIwQY
MBaAFN5mQDV65K4Q/As+nZjyoMsBGJA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAt
ZmY5N2Y2MmEwOTQ1LzEvdkpsZG1TNHVZUEtNZlpyY0d2UTlEbTZ1OVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAtZmY5N2Y2MmEwOTQ1
LzEvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2R8AMA0G
CSqGSIb3DQEBCwUAA4IBAQCX0QCrMw7C+72wWGKvUAO5xf5r/9wGkGssvgDEAZ1v
KGd5Ys3d24z7iK+psJW85MMz2bsxgci3woRzswq9tAiPrAU/RAQU2W59i8tMjWQO
FUI+2znN7m6B9CN4IxOLi8B+MHXpeevtb8W16Ti1K77htGIlvf+6KIdpPlpqbE0s
BSoGIEABhkQjKw6+z4X6HY0vz6afm3tW9SKYuvYpp+iD9MdeiciwyuPS0gS8Cs15
hqSG3LYPs6UEDzmBIttnkvkD815AfUGk1Sn+bUILLBRTmox/ru0ZK9fIVmplVKsC
C10p9U41Y22dmh89O5Z4kQmDoUIU0EoTii8B9gUYOB62
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:01:08 2024 by rpki-client on console-ams.rpki-client.org