Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Cp7l4Ql7V0wNo2AF0N9qB1XYurg.roa
File: Cp7l4Ql7V0wNo2AF0N9qB1XYurg.roa (raw, json)
Hash identifier: nJ1cTF6YaGvnhhpRMceAoZME3cT3KcP/o9w4/6OkRII=
Subject key identifier: 0A:9E:E5:E1:09:7B:57:4C:0D:A3:60:05:D0:DF:6A:07:55:D8:BA:B8
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018F0F93B2B64C9F6E8F56166E827E2ADED5
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Cp7l4Ql7V0wNo2AF0N9qB1XYurg.roa
Signing time: Wed 24 Apr 2024 10:08:08 +0000
ROA not before: Wed 24 Apr 2024 10:08:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215623
IP address blocks: 31.15.20.0/24 maxlen: 24
31.15.21.0/24 maxlen: 24
31.15.22.0/24 maxlen: 24
31.15.23.0/24 maxlen: 24
192.162.66.0/24 maxlen: 24
192.162.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 04:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:93:b2:b6:4c:9f:6e:8f:56:16:6e:82:7e:2a:de:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Apr 24 10:08:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a9ee5e1097b574c0da36005d0df6a0755d8bab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:00:62:32:75:2e:bc:6d:04:32:ba:9e:7f:05:
da:64:b5:6c:c3:cd:f1:92:4b:fc:47:f3:05:51:b9:
69:5b:df:56:ca:3e:31:d3:83:7b:bf:16:ae:b3:79:
6f:8d:61:5c:9c:39:b7:32:a5:84:6c:e3:39:25:f6:
6a:93:16:23:fe:a7:c2:fb:07:89:95:a0:e5:6c:15:
f3:4d:b9:c5:a6:c5:57:0e:62:71:4d:4d:74:af:f1:
e4:4e:d8:6e:1a:02:b6:5d:67:8d:73:b8:3b:e5:f8:
80:90:53:5b:16:4b:e6:e5:25:ed:83:e8:46:80:51:
af:69:cd:e6:4c:8c:9e:54:4d:1d:5e:53:44:95:69:
3c:ed:57:93:f8:3c:83:e0:ba:a6:30:7d:8d:55:4c:
00:9b:bc:f9:3b:70:e6:ab:dd:34:81:aa:12:bf:0b:
df:d0:33:02:25:54:93:17:18:c7:ef:70:02:0e:97:
a1:6f:72:53:43:75:31:b3:0a:ff:f1:73:a8:9d:50:
8a:55:a7:e5:46:5a:49:bb:05:24:34:ed:c2:2a:ec:
a6:9d:db:16:71:d1:1e:1b:b3:13:fa:56:f7:7c:de:
37:3d:fd:cb:64:0d:4f:5d:c2:f3:2b:be:94:f2:c2:
e1:00:5d:ff:5d:6f:a2:93:8b:d4:f2:5c:2b:47:ab:
df:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:9E:E5:E1:09:7B:57:4C:0D:A3:60:05:D0:DF:6A:07:55:D8:BA:B8
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Cp7l4Ql7V0wNo2AF0N9qB1XYurg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.20.0/22
192.162.66.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:7e:3b:c4:18:20:bc:6d:36:d0:76:af:b1:8a:0b:95:01:32:
d1:89:3e:a7:c5:a8:0f:a5:ed:16:3d:84:c3:fc:04:d3:34:dc:
90:b5:c3:3f:aa:1b:75:63:7e:da:77:5f:68:4e:81:be:aa:e0:
94:26:48:a7:8b:e6:05:3b:0d:83:99:26:69:20:88:91:b3:43:
a6:9c:0e:ed:fc:da:e6:ae:4e:32:f2:8e:18:92:dc:60:3b:2a:
a9:5e:47:b3:b3:d7:f5:a2:85:a5:cc:29:a9:8b:c0:71:cc:54:
42:79:1c:da:2c:7f:48:1e:9f:cf:6d:61:36:eb:aa:1e:66:3d:
75:73:34:2b:f6:f7:61:67:11:7b:24:bb:de:20:84:cd:b5:61:
98:78:86:c4:85:04:a4:2e:09:43:b2:2b:f5:64:58:95:4d:0e:
f2:99:a8:e3:9f:ed:bd:77:07:06:93:34:9c:62:2c:08:3a:eb:
7f:72:b9:a3:f9:c0:35:23:f8:d7:7b:33:60:5e:c9:08:51:78:
2c:9c:b0:09:88:28:bb:80:cf:1e:12:4b:92:fb:5c:22:83:12:
64:22:a2:57:53:da:5a:34:77:f0:6f:f7:e7:30:8c:89:19:de:
6a:42:0f:bb:95:62:94:87:07:a2:d3:72:36:06:dd:28:cb:1c:
fc:3f:85:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8Pk7K2TJ9uj1YWboJ+Kt7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNDI0MTAwODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTllZTVlMTA5N2I1NzRjMGRhMzYwMDVkMGRmNmEwNzU1ZDhiYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQBiMnUuvG0EMrqefwXaZLVsw83x
kkv8R/MFUblpW99Wyj4x04N7vxaus3lvjWFcnDm3MqWEbOM5JfZqkxYj/qfC+weJ
laDlbBXzTbnFpsVXDmJxTU10r/HkTthuGgK2XWeNc7g75fiAkFNbFkvm5SXtg+hG
gFGvac3mTIyeVE0dXlNElWk87VeT+DyD4LqmMH2NVUwAm7z5O3Dmq900gaoSvwvf
0DMCJVSTFxjH73ACDpehb3JTQ3Uxswr/8XOonVCKVaflRlpJuwUkNO3CKuymndsW
cdEeG7MT+lb3fN43Pf3LZA1PXcLzK76U8sLhAF3/XW+ik4vU8lwrR6vf2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAqe5eEJe1dMDaNgBdDfagdV2Lq4MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvQ3A3bDRRbDdWMHdObzJBRjBOOXFCMVhZdXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHw8UAwQB
wKJCMA0GCSqGSIb3DQEBCwUAA4IBAQC6fjvEGCC8bTbQdq+xiguVATLRiT6nxagP
pe0WPYTD/ATTNNyQtcM/qht1Y37ad19oToG+quCUJkini+YFOw2DmSZpIIiRs0Om
nA7t/Nrmrk4y8o4YktxgOyqpXkezs9f1ooWlzCmpi8BxzFRCeRzaLH9IHp/PbWE2
66oeZj11czQr9vdhZxF7JLveIITNtWGYeIbEhQSkLglDsiv1ZFiVTQ7ymajjn+29
dwcGkzScYiwIOut/crmj+cA1I/jXezNgXskIUXgsnLAJiCi7gM8eEkuS+1wigxJk
IqJXU9paNHfwb/fnMIyJGd5qQg+7lWKUhwei03I2Bt0oyxz8P4XU
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:09:03 2024 by rpki-client on console-ams.rpki-client.org