Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/a4c294-6b52-484e-8265-fc2f5fa77555/1/DY-iJ1NhyqGmB7PLoS3JRDwi480.roa
File: DY-iJ1NhyqGmB7PLoS3JRDwi480.roa (raw, json)
Hash identifier: HZdexff/8xpymIqQD33pTCny0lAoNPX21OZ2K92oYT0=
Subject key identifier: 0D:8F:A2:27:53:61:CA:A1:A6:07:B3:CB:A1:2D:C9:44:3C:22:E3:CD
Certificate issuer: /CN=8c7f325f9aaeb93a83c39e78145c41937d586b77
Certificate serial: 018CC86FB327ADC169630C994DCF730D342B
Authority key identifier: 8C:7F:32:5F:9A:AE:B9:3A:83:C3:9E:78:14:5C:41:93:7D:58:6B:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jH8yX5quuTqDw554FFxBk31Ya3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/a4c294-6b52-484e-8265-fc2f5fa77555/1/DY-iJ1NhyqGmB7PLoS3JRDwi480.roa
Signing time: Tue 02 Jan 2024 04:30:12 +0000
ROA not before: Tue 02 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16039
IP address blocks: 31.177.50.0/24 maxlen: 24
31.177.49.0/24 maxlen: 24
31.177.51.0/24 maxlen: 24
31.177.48.0/24 maxlen: 24
31.177.48.0/21 maxlen: 21
31.177.53.0/24 maxlen: 24
31.177.52.0/24 maxlen: 24
31.177.55.0/24 maxlen: 24
31.177.54.0/24 maxlen: 24
82.199.37.0/24 maxlen: 24
82.199.38.0/24 maxlen: 24
82.199.32.0/24 maxlen: 24
82.199.32.0/20 maxlen: 24
193.42.28.0/22 maxlen: 22
82.199.44.0/24 maxlen: 24
82.199.43.0/24 maxlen: 24
82.199.40.0/24 maxlen: 24
82.199.39.0/24 maxlen: 24
82.199.41.0/24 maxlen: 24
82.199.45.0/24 maxlen: 24
82.199.51.0/24 maxlen: 24
82.199.50.0/24 maxlen: 24
82.199.47.0/24 maxlen: 24
82.199.49.0/24 maxlen: 24
82.199.48.0/20 maxlen: 24
82.199.48.0/24 maxlen: 24
82.199.58.0/24 maxlen: 24
82.199.57.0/24 maxlen: 24
82.199.54.0/24 maxlen: 24
82.199.53.0/24 maxlen: 24
82.199.56.0/24 maxlen: 24
82.199.55.0/24 maxlen: 24
82.199.52.0/24 maxlen: 24
82.199.59.0/24 maxlen: 24
82.199.61.0/24 maxlen: 24
82.199.60.0/24 maxlen: 24
82.199.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/a4c294-6b52-484e-8265-fc2f5fa77555/1/jH8yX5quuTqDw554FFxBk31Ya3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/a4c294-6b52-484e-8265-fc2f5fa77555/1/jH8yX5quuTqDw554FFxBk31Ya3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/jH8yX5quuTqDw554FFxBk31Ya3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:b3:27:ad:c1:69:63:0c:99:4d:cf:73:0d:34:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c7f325f9aaeb93a83c39e78145c41937d586b77
Validity
Not Before: Jan 2 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d8fa2275361caa1a607b3cba12dc9443c22e3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e9:4e:61:7e:26:c6:80:25:a7:6e:48:77:7b:
aa:44:b8:0c:c2:ff:59:1c:3c:f2:e2:0c:63:28:18:
e6:55:6f:26:fb:d6:23:9c:e2:4a:73:46:ad:1f:6d:
e1:a7:3d:9e:0c:fd:96:86:03:b6:be:3f:80:93:7b:
e5:60:ee:06:6c:4c:d9:62:3f:79:88:1f:09:b7:7b:
22:d9:91:be:26:08:1a:50:fd:31:ca:ef:2a:16:00:
19:33:02:c9:e8:57:e6:d3:dd:a0:d0:fc:2c:2f:ae:
61:c0:e4:17:5f:50:ae:68:0a:d5:07:09:84:d8:18:
4b:7e:cb:53:57:e7:aa:60:94:78:84:a4:21:a7:fe:
a8:f7:1c:10:6a:d6:64:64:bc:d3:ad:f5:37:14:bf:
39:fa:7d:7f:9f:5c:4f:61:1a:ea:3a:98:82:53:bd:
d5:c4:39:98:b4:41:99:55:0d:15:75:1d:df:ba:1a:
1a:7a:ee:01:79:58:f3:ba:fc:46:dc:c2:00:9b:76:
52:3d:76:0f:c5:da:6a:d3:5e:d9:81:89:2c:3c:c4:
fe:4b:68:01:c8:e3:fa:22:e0:85:bc:cf:98:c7:33:
80:b7:da:e8:b5:45:b1:a5:61:6d:d1:70:e5:f3:66:
e5:09:6f:41:53:69:12:ac:a7:98:b1:b6:63:3b:a9:
58:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8F:A2:27:53:61:CA:A1:A6:07:B3:CB:A1:2D:C9:44:3C:22:E3:CD
X509v3 Authority Key Identifier:
keyid:8C:7F:32:5F:9A:AE:B9:3A:83:C3:9E:78:14:5C:41:93:7D:58:6B:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jH8yX5quuTqDw554FFxBk31Ya3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a4c294-6b52-484e-8265-fc2f5fa77555/1/DY-iJ1NhyqGmB7PLoS3JRDwi480.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a4c294-6b52-484e-8265-fc2f5fa77555/1/jH8yX5quuTqDw554FFxBk31Ya3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.48.0/21
82.199.32.0/19
193.42.28.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:c4:ab:37:62:df:6e:cb:70:5f:a3:4f:90:57:a1:44:95:19:
7d:0f:74:ff:02:ff:ec:ee:da:f7:2e:6b:1e:ee:91:ed:7b:13:
e0:ec:1a:db:44:2f:ff:c0:71:ca:ea:fa:b2:e2:3d:72:67:e5:
6b:39:42:ef:f3:9c:38:54:3a:c1:f2:09:e6:53:69:01:53:4c:
b7:ea:01:38:1b:e2:c4:2a:3d:b9:6b:7a:0d:86:d3:5e:de:0b:
b4:15:09:61:5f:a3:38:1c:17:d5:e0:d8:33:1d:1a:2d:0f:07:
96:65:5b:88:db:b6:4c:67:a9:3d:8d:82:1d:1a:67:1c:13:3f:
94:8f:66:f5:90:2a:20:f6:eb:85:af:4f:25:cd:4f:61:ce:08:
7a:01:02:82:99:f1:46:fc:cd:e8:cc:82:8f:26:d7:fc:61:17:
13:58:7d:0b:49:d9:cc:07:e3:9e:d8:19:2c:e4:69:18:65:a5:
61:3b:1e:f9:cd:40:cd:0f:fa:2c:b7:a1:2b:e8:77:10:53:2f:
05:e0:75:ea:a1:02:10:7e:f3:c8:6c:56:5e:8d:da:d4:ba:68:
7d:07:14:5a:d7:4f:ce:ca:c6:f2:07:24:ca:85:84:3c:4f:3c:
72:3a:b9:49:ed:f5:34:76:3f:52:34:28:f9:65:47:5f:88:84:
15:8c:f1:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb7MnrcFpYwyZTc9zDTQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjN2YzMjVmOWFhZWI5M2E4M2MzOWU3ODE0NWM0MTkzN2Q1
ODZiNzcwHhcNMjQwMTAyMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhmYTIyNzUzNjFjYWExYTYwN2IzY2JhMTJkYzk0NDNjMjJlM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuelOYX4mxoAlp25Id3uqRLgMwv9Z
HDzy4gxjKBjmVW8m+9YjnOJKc0atH23hpz2eDP2WhgO2vj+Ak3vlYO4GbEzZYj95
iB8Jt3si2ZG+JggaUP0xyu8qFgAZMwLJ6Ffm092g0PwsL65hwOQXX1CuaArVBwmE
2BhLfstTV+eqYJR4hKQhp/6o9xwQatZkZLzTrfU3FL85+n1/n1xPYRrqOpiCU73V
xDmYtEGZVQ0VdR3fuhoaeu4BeVjzuvxG3MIAm3ZSPXYPxdpq017ZgYksPMT+S2gB
yOP6IuCFvM+YxzOAt9rotUWxpWFt0XDl82blCW9BU2kSrKeYsbZjO6lYgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA2PoidTYcqhpgezy6EtyUQ8IuPNMB8GA1UdIwQY
MBaAFIx/Ml+arrk6g8OeeBRcQZN9WGt3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakg4eVg1cXV1VHFEdzU1NEZGeEJrMzFZYTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hNGMyOTQtNmI1Mi00ODRlLTgyNjUt
ZmMyZjVmYTc3NTU1LzEvRFktaUoxTmh5cUdtQjdQTG9TM0pSRHdpNDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hNGMyOTQtNmI1Mi00ODRlLTgyNjUtZmMyZjVmYTc3NTU1
LzEvakg4eVg1cXV1VHFEdzU1NEZGeEJrMzFZYTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH7EwAwQF
UscgAwQCwSocMA0GCSqGSIb3DQEBCwUAA4IBAQCOxKs3Yt9uy3Bfo0+QV6FElRl9
D3T/Av/s7tr3Lmse7pHtexPg7BrbRC//wHHK6vqy4j1yZ+VrOULv85w4VDrB8gnm
U2kBU0y36gE4G+LEKj25a3oNhtNe3gu0FQlhX6M4HBfV4NgzHRotDweWZVuI27ZM
Z6k9jYIdGmccEz+Uj2b1kCog9uuFr08lzU9hzgh6AQKCmfFG/M3ozIKPJtf8YRcT
WH0LSdnMB+Oe2Bks5GkYZaVhOx75zUDND/ost6Er6HcQUy8F4HXqoQIQfvPIbFZe
jdrUumh9BxRa10/OysbyByTKhYQ8TzxyOrlJ7fU0dj9SNCj5ZUdfiIQVjPHi
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:45:21 2024 by rpki-client on console-ams.rpki-client.org