Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/nWwGacz0AhC8Z-Xp6mqM9ipWKKU.roa
File: nWwGacz0AhC8Z-Xp6mqM9ipWKKU.roa (raw, json)
Hash identifier: Tu3lriZhOQmVGmEc8vRF5dW9MoKr/3JZuKstNPzwO7U=
Subject key identifier: 9D:6C:06:69:CC:F4:02:10:BC:67:E5:E9:EA:6A:8C:F6:2A:56:28:A5
Certificate issuer: /CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
Certificate serial: 018CC72711B61C8F564C66A055A9206360E4
Authority key identifier: CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/nWwGacz0AhC8Z-Xp6mqM9ipWKKU.roa
Signing time: Mon 01 Jan 2024 22:31:15 +0000
ROA not before: Mon 01 Jan 2024 22:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62095
IP address blocks: 31.169.73.0/24 maxlen: 24
185.11.248.0/24 maxlen: 24
185.11.251.0/24 maxlen: 24
185.11.250.0/24 maxlen: 24
185.11.249.0/24 maxlen: 24
2a02:ed40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:11:b6:1c:8f:56:4c:66:a0:55:a9:20:63:60:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
Validity
Not Before: Jan 1 22:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d6c0669ccf40210bc67e5e9ea6a8cf62a5628a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ed:23:1f:4b:aa:93:0e:b9:bd:a3:bf:52:46:
3a:20:dd:58:d1:4d:15:6b:27:d2:69:99:e6:bb:8f:
d2:65:6a:1c:5d:f6:d9:16:d8:37:39:29:5a:9f:f0:
bf:3b:3b:6c:37:c7:38:89:1e:e4:fc:ba:b2:4d:d4:
06:fb:23:aa:ba:5e:13:3d:1e:89:0c:cb:ed:c5:0d:
85:74:f5:6b:61:45:2a:90:c4:8f:1b:e5:18:56:96:
ec:69:3b:c4:ae:47:ce:6e:49:88:d1:04:6c:c0:f7:
6e:a9:fa:4d:52:5e:1e:e5:5d:45:7e:ce:f5:8b:f5:
8c:19:17:f6:2d:c8:ac:0c:e3:73:c3:9b:d4:b6:ca:
ce:53:a2:f4:cf:a8:08:20:54:88:b0:ac:87:e7:da:
cb:e7:a5:d1:17:ff:c6:02:40:a7:13:2e:f7:d2:9c:
9c:6b:79:ff:70:d6:de:b7:e8:ff:43:6d:28:a5:57:
45:f3:22:8e:5f:ad:62:78:00:06:bb:fb:a5:d4:ae:
79:1e:85:9b:4a:1c:2d:17:87:31:11:24:9f:2e:f2:
a6:fc:a3:0c:98:a4:da:65:2f:b3:36:65:86:b3:a2:
f5:af:f4:a2:f2:7b:9f:11:94:41:5c:8e:d9:66:46:
19:c7:33:cd:8e:e8:86:5a:88:c6:8a:5a:31:e1:cc:
e8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6C:06:69:CC:F4:02:10:BC:67:E5:E9:EA:6A:8C:F6:2A:56:28:A5
X509v3 Authority Key Identifier:
keyid:CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/nWwGacz0AhC8Z-Xp6mqM9ipWKKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.73.0/24
185.11.248.0/22
IPv6:
2a02:ed40::/29
Signature Algorithm: sha256WithRSAEncryption
0b:e0:71:70:ea:1d:65:69:ba:51:b6:aa:3f:90:d5:bb:a7:91:
ef:5e:4d:0f:f4:2a:b7:78:5a:36:6b:6b:55:bb:fa:82:0c:eb:
b0:64:56:89:25:af:c6:2d:70:6e:f4:95:d9:0d:e1:2a:d8:79:
e6:cd:61:3f:a0:90:61:6f:fb:da:4c:2a:02:d3:9b:da:11:90:
7b:4e:cd:ee:d6:e7:3e:d7:db:78:70:ca:b8:9d:3f:8d:8a:58:
9c:e3:e1:1a:06:8d:13:55:23:c7:df:54:fe:e0:ad:38:2f:1a:
3a:c2:38:a5:16:a5:a0:f3:d9:e5:b6:3e:3d:3a:37:96:97:a1:
34:ae:21:70:4a:73:a1:97:5f:ca:ef:93:9c:9e:1b:ca:76:3d:
14:dc:24:17:ae:bb:82:0c:5c:c5:97:5d:3e:58:ab:f5:8a:a6:
cb:4d:70:69:79:db:cd:05:7f:e7:df:73:f0:71:bc:cf:9f:e0:
06:95:d5:dd:8c:17:a4:35:52:fe:e9:aa:f2:51:51:12:e6:d1:
49:72:53:a8:44:dc:b3:3c:e3:3f:c5:90:3a:d2:6d:da:9c:3c:
9f:df:e7:53:c8:81:3e:90:9c:62:da:f6:c0:b4:0f:18:8b:ea:
b6:a5:a5:a6:5c:c5:98:23:51:1c:d6:d0:5f:93:5a:e4:34:c2:
c5:89:fc:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJxG2HI9WTGagVakgY2DkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2I4NmU2NTQ3MGY5OTRkZmE2ZDZmZWU4ZTI2NGRiNjJl
MjRhZjkwHhcNMjQwMTAxMjIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDZjMDY2OWNjZjQwMjEwYmM2N2U1ZTllYTZhOGNmNjJhNTYyOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu0jH0uqkw65vaO/UkY6IN1Y0U0V
ayfSaZnmu4/SZWocXfbZFtg3OSlan/C/OztsN8c4iR7k/LqyTdQG+yOqul4TPR6J
DMvtxQ2FdPVrYUUqkMSPG+UYVpbsaTvErkfObkmI0QRswPduqfpNUl4e5V1Ffs71
i/WMGRf2LcisDONzw5vUtsrOU6L0z6gIIFSIsKyH59rL56XRF//GAkCnEy730pyc
a3n/cNbet+j/Q20opVdF8yKOX61ieAAGu/ul1K55HoWbShwtF4cxESSfLvKm/KMM
mKTaZS+zNmWGs6L1r/Si8nufEZRBXI7ZZkYZxzPNjuiGWojGilox4czo6QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ1sBmnM9AIQvGfl6epqjPYqViilMB8GA1UdIwQY
MBaAFMo7huZUcPmU36bW/ujiZNti4kr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgt
OTUzMWQyNGUwNjEwLzEvbld3R2FjejBBaEM4Wi1YcDZtcU05aXBXS0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgtOTUzMWQyNGUwNjEw
LzEveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAH6lJAwQC
uQv4MA0EAgACMAcDBQMqAu1AMA0GCSqGSIb3DQEBCwUAA4IBAQAL4HFw6h1labpR
tqo/kNW7p5HvXk0P9Cq3eFo2a2tVu/qCDOuwZFaJJa/GLXBu9JXZDeEq2HnmzWE/
oJBhb/vaTCoC05vaEZB7Ts3u1uc+19t4cMq4nT+Nilic4+EaBo0TVSPH31T+4K04
Lxo6wjilFqWg89nltj49OjeWl6E0riFwSnOhl1/K75OcnhvKdj0U3CQXrruCDFzF
l10+WKv1iqbLTXBpedvNBX/n33PwcbzPn+AGldXdjBekNVL+6aryUVES5tFJclOo
RNyzPOM/xZA60m3anDyf3+dTyIE+kJxi2vbAtA8Yi+q2paWmXMWYI1Ec1tBfk1rk
NMLFifzz
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:32:54 2024 by rpki-client on console-ams.rpki-client.org