Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/IaYftj_WMwfhvYVghiz91le9lDc.roa
File: IaYftj_WMwfhvYVghiz91le9lDc.roa (raw, json)
Hash identifier: wJd1Jkg6+DKg6ZiDecDJscVFA8IsxpMSbDKIRW9KGhs=
Subject key identifier: 21:A6:1F:B6:3F:D6:33:07:E1:BD:85:60:86:2C:FD:D6:57:BD:94:37
Certificate issuer: /CN=df0ba4f56e6f037725286037afc3c14c293b9b82
Certificate serial: 018CCA2A19AA3D069227E1968D51FCB6F3A0
Authority key identifier: DF:0B:A4:F5:6E:6F:03:77:25:28:60:37:AF:C3:C1:4C:29:3B:9B:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/IaYftj_WMwfhvYVghiz91le9lDc.roa
Signing time: Tue 02 Jan 2024 12:33:25 +0000
ROA not before: Tue 02 Jan 2024 12:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39138
IP address blocks: 31.172.0.0/18 maxlen: 24
185.148.248.0/22 maxlen: 24
83.243.0.0/21 maxlen: 24
195.182.2.0/24 maxlen: 24
31.172.96.0/21 maxlen: 24
2001:67c:194::/48 maxlen: 48
2a01:a700::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/3wuk9W5vA3clKGA3r8PBTCk7m4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/3wuk9W5vA3clKGA3r8PBTCk7m4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:19:aa:3d:06:92:27:e1:96:8d:51:fc:b6:f3:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0ba4f56e6f037725286037afc3c14c293b9b82
Validity
Not Before: Jan 2 12:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21a61fb63fd63307e1bd8560862cfdd657bd9437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:c5:98:8c:2c:0a:e9:62:02:a9:db:f0:1e:13:
63:2e:2d:b8:c6:8e:07:b0:dc:2a:99:a7:d1:d2:a6:
9a:b8:cb:28:6c:fb:ca:9d:3c:bd:f8:f2:07:6c:ee:
b2:44:97:91:ea:3c:a3:8b:21:b5:a3:ea:e7:d7:74:
27:99:ce:ee:74:a5:b6:57:25:7f:c3:b9:a5:f0:c1:
b4:a5:b2:7f:c6:ec:2d:eb:e8:79:4a:b8:47:1b:dd:
bc:0a:32:2e:23:ce:03:41:f7:be:18:ed:bc:4b:d6:
a7:f6:1e:91:9e:f6:ff:d1:4d:49:8f:f1:5d:58:12:
d1:f5:0f:51:e1:75:ff:25:ad:07:d5:43:83:6d:1d:
60:3c:fe:4e:eb:17:27:f1:5d:b9:51:13:e3:22:e7:
eb:b0:9d:49:0e:0b:b6:75:6e:3d:b8:e6:0b:5d:3e:
4c:cf:76:df:7c:18:f1:55:12:73:7f:97:85:2d:f0:
92:aa:f9:fa:7a:5b:22:60:63:4b:6f:ab:62:a6:0b:
19:4b:0c:62:15:df:3f:80:ea:1c:be:43:54:f7:b3:
16:e9:4d:49:2c:e5:62:58:e7:35:29:33:2f:09:04:
6b:a6:cd:a6:5c:98:2e:64:b1:ae:bc:6d:e8:f3:1d:
d2:46:87:19:9d:18:93:fd:c2:28:a6:f2:8d:9d:02:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A6:1F:B6:3F:D6:33:07:E1:BD:85:60:86:2C:FD:D6:57:BD:94:37
X509v3 Authority Key Identifier:
keyid:DF:0B:A4:F5:6E:6F:03:77:25:28:60:37:AF:C3:C1:4C:29:3B:9B:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wuk9W5vA3clKGA3r8PBTCk7m4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/IaYftj_WMwfhvYVghiz91le9lDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a80bd9-ba11-458e-84e2-36c678900f79/1/3wuk9W5vA3clKGA3r8PBTCk7m4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.0.0/18
31.172.96.0/21
83.243.0.0/21
185.148.248.0/22
195.182.2.0/24
IPv6:
2001:67c:194::/48
2a01:a700::/29
Signature Algorithm: sha256WithRSAEncryption
47:94:60:c4:2d:40:e0:76:3a:df:7e:3d:0f:c3:da:5f:56:d4:
df:84:14:08:e9:a6:2f:30:8d:ff:8a:ce:f1:36:e9:e5:1c:09:
35:f0:b5:60:c0:16:6d:d3:35:7f:49:99:1e:a0:c0:65:f5:05:
6e:9a:12:bc:02:6b:a9:99:68:ff:39:bd:2a:e9:01:37:28:44:
ec:02:d1:bb:56:bc:a6:97:3d:c3:dd:cc:29:75:b8:27:73:ac:
85:62:ac:3e:13:32:0d:eb:70:e0:63:80:a5:db:13:4e:aa:19:
52:ff:89:e8:07:32:33:20:f9:7d:da:7f:76:c1:64:09:93:1d:
55:a1:3d:76:90:be:dd:ba:2c:e1:53:b4:cf:6a:a7:ef:19:99:
cf:97:e3:d0:62:ca:4a:45:5d:a5:fa:65:11:34:f7:8c:3d:cd:
c1:c9:59:ee:26:ac:66:05:bb:39:d7:bb:24:8e:ba:0d:83:a0:
b6:3c:7c:4c:b0:1c:02:59:4f:b3:fb:c8:5a:89:8b:01:be:d2:
fb:86:63:c3:34:77:d4:d7:28:a5:92:fc:a2:70:f4:77:bd:67:
86:ac:8f:d0:c4:07:d8:3d:9d:c3:79:f4:39:72:1a:cb:b9:39:
4e:b5:a8:74:8a:3e:1c:c5:f8:30:75:ba:f2:16:c1:8a:8e:de:
02:28:21:13
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzKKhmqPQaSJ+GWjVH8tvOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMGJhNGY1NmU2ZjAzNzcyNTI4NjAzN2FmYzNjMTRjMjkz
YjliODIwHhcNMjQwMTAyMTIzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE2MWZiNjNmZDYzMzA3ZTFiZDg1NjA4NjJjZmRkNjU3YmQ5NDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9sWYjCwK6WICqdvwHhNjLi24xo4H
sNwqmafR0qaauMsobPvKnTy9+PIHbO6yRJeR6jyjiyG1o+rn13Qnmc7udKW2VyV/
w7ml8MG0pbJ/xuwt6+h5SrhHG928CjIuI84DQfe+GO28S9an9h6Rnvb/0U1Jj/Fd
WBLR9Q9R4XX/Ja0H1UODbR1gPP5O6xcn8V25URPjIufrsJ1JDgu2dW49uOYLXT5M
z3bffBjxVRJzf5eFLfCSqvn6elsiYGNLb6tipgsZSwxiFd8/gOocvkNU97MW6U1J
LOViWOc1KTMvCQRrps2mXJguZLGuvG3o8x3SRocZnRiT/cIopvKNnQIExwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCGmH7Y/1jMH4b2FYIYs/dZXvZQ3MB8GA1UdIwQY
MBaAFN8LpPVubwN3JShgN6/DwUwpO5uCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3d1azlXNXZBM2NsS0dBM3I4UEJUQ2s3bTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hODBiZDktYmExMS00NThlLTg0ZTIt
MzZjNjc4OTAwZjc5LzEvSWFZZnRqX1dNd2ZodllWZ2hpejkxbGU5bERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hODBiZDktYmExMS00NThlLTg0ZTItMzZjNjc4OTAwZjc5
LzEvM3d1azlXNXZBM2NsS0dBM3I4UEJUQ2s3bTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQGH6wAAwQD
H6xgAwQDU/MAAwQCuZT4AwQAw7YCMBYEAgACMBADBwAgAQZ8AZQDBQMqAacAMA0G
CSqGSIb3DQEBCwUAA4IBAQBHlGDELUDgdjrffj0Pw9pfVtTfhBQI6aYvMI3/is7x
NunlHAk18LVgwBZt0zV/SZkeoMBl9QVumhK8AmupmWj/Ob0q6QE3KETsAtG7Vrym
lz3D3cwpdbgnc6yFYqw+EzIN63DgY4Cl2xNOqhlS/4noBzIzIPl92n92wWQJkx1V
oT12kL7duizhU7TPaqfvGZnPl+PQYspKRV2l+mURNPeMPc3ByVnuJqxmBbs517sk
jroNg6C2PHxMsBwCWU+z+8haiYsBvtL7hmPDNHfU1yilkvyicPR3vWeGrI/QxAfY
PZ3DefQ5chrLuTlOtah0ij4cxfgwdbryFsGKjt4CKCET
-----END CERTIFICATE-----
Generated at Wed May 15 17:14:24 2024 by rpki-client on console-ams.rpki-client.org