Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/9PIKHl84kaeIVGJRk6_xafgogDU.roa
File: 9PIKHl84kaeIVGJRk6_xafgogDU.roa (raw, json)
Hash identifier: cvht2CA13cCQlodfI0kxr98XhesIHPvn5n6QGi2fscI=
Subject key identifier: F4:F2:0A:1E:5F:38:91:A7:88:54:62:51:93:AF:F1:69:F8:28:80:35
Certificate issuer: /CN=8ea43bb38d6e0be8c289094ba4adf387d0de40a0
Certificate serial: 018EAE2882BF847BBC355A35FBCE955CEB4C
Authority key identifier: 8E:A4:3B:B3:8D:6E:0B:E8:C2:89:09:4B:A4:AD:F3:87:D0:DE:40:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/9PIKHl84kaeIVGJRk6_xafgogDU.roa
Signing time: Fri 05 Apr 2024 12:07:54 +0000
ROA not before: Fri 05 Apr 2024 12:07:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197746
IP address blocks: 31.22.112.0/24 maxlen: 24
31.22.113.0/24 maxlen: 24
31.22.114.0/24 maxlen: 24
31.22.115.0/24 maxlen: 24
31.22.119.0/24 maxlen: 24
185.23.88.0/24 maxlen: 24
185.23.89.0/24 maxlen: 24
2a00:6620:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/jqQ7s41uC-jCiQlLpK3zh9DeQKA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/jqQ7s41uC-jCiQlLpK3zh9DeQKA.mft
rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:28:82:bf:84:7b:bc:35:5a:35:fb:ce:95:5c:eb:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ea43bb38d6e0be8c289094ba4adf387d0de40a0
Validity
Not Before: Apr 5 12:07:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4f20a1e5f3891a78854625193aff169f8288035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:52:06:5c:93:3f:e3:dc:af:8e:2a:6d:e3:e1:
89:b7:45:f9:ed:3f:51:33:6b:65:22:df:00:87:d6:
f0:17:aa:24:0f:3e:5a:72:5d:ef:2b:50:d3:b7:66:
31:b4:94:ee:8e:0f:82:87:8c:b9:cc:2b:dc:06:f2:
f3:d6:0e:7b:dc:16:59:20:ac:ef:e6:9c:2e:f2:09:
5c:18:48:65:81:85:9c:8c:01:d3:cf:0c:21:40:1e:
f7:21:31:fc:9f:76:76:de:32:e2:e2:7d:df:2f:2b:
b5:8a:e8:a7:fb:53:80:c1:73:9e:d1:72:3e:82:9e:
ef:7c:92:61:93:5f:f1:df:d8:66:44:6a:c5:12:8e:
4e:22:ba:d5:95:27:6d:07:f6:cb:6a:2b:1e:71:89:
3d:ad:cd:c9:75:2e:e8:02:fc:fa:6f:74:bc:5a:58:
66:a0:b8:f1:c8:93:b5:08:fe:67:c1:2d:cd:40:e0:
cd:ca:02:64:ce:da:b3:6c:cc:f9:25:87:d3:6d:63:
91:58:25:e2:6e:04:f5:94:c1:54:55:30:b3:ac:99:
ed:a3:14:73:97:7a:4e:62:4d:d6:a0:43:0e:5c:6b:
40:98:56:dd:33:f4:a7:91:da:84:c5:49:9b:e9:a7:
c3:5f:18:dc:db:ae:ed:08:49:c7:15:7a:3b:5c:45:
c1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F2:0A:1E:5F:38:91:A7:88:54:62:51:93:AF:F1:69:F8:28:80:35
X509v3 Authority Key Identifier:
keyid:8E:A4:3B:B3:8D:6E:0B:E8:C2:89:09:4B:A4:AD:F3:87:D0:DE:40:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/9PIKHl84kaeIVGJRk6_xafgogDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/jqQ7s41uC-jCiQlLpK3zh9DeQKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.112.0/22
31.22.119.0/24
185.23.88.0/23
IPv6:
2a00:6620:2000::/48
Signature Algorithm: sha256WithRSAEncryption
77:9d:b1:dc:42:5e:8e:87:64:07:1f:f0:05:d3:89:d6:28:72:
05:a2:ed:32:4f:8b:90:bb:28:d8:a3:9d:fd:77:87:5a:00:35:
a1:48:8a:4f:4a:ac:40:aa:30:ad:f9:b1:0c:6c:7f:f7:c9:cd:
87:ad:4d:53:9c:e2:33:28:d7:41:6a:9c:ee:df:39:a0:e7:17:
21:8d:96:6e:29:5f:08:52:3d:df:7b:8c:c0:c7:1f:aa:12:42:
40:38:0d:62:5c:6e:96:1f:dc:44:c0:b8:a5:1b:af:89:4a:e9:
81:f8:a9:09:67:27:4a:73:37:ed:40:cf:e8:28:a7:ed:82:df:
2a:56:1a:ea:50:d9:1d:d0:78:26:72:10:74:22:bb:6a:bc:61:
b3:56:a9:ea:6b:af:3c:4c:2b:42:d0:e0:48:fe:0e:b5:f2:49:
6a:99:29:44:cd:dc:ee:83:25:93:93:25:78:f1:17:8c:35:b9:
c6:1a:78:a8:a4:7f:8f:ae:c0:df:5f:c3:8d:1d:56:45:bc:fe:
4c:02:8f:6d:3a:9a:d0:55:71:71:f8:dd:88:67:ee:22:d1:70:
d7:81:a0:69:62:24:25:a5:81:02:e3:9f:88:f8:f3:4a:ac:9a:
0c:07:cf:ff:26:33:12:fc:01:60:7b:34:f2:65:1e:d0:93:30:
1a:48:38:93
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY6uKIK/hHu8NVo1+86VXOtMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYTQzYmIzOGQ2ZTBiZThjMjg5MDk0YmE0YWRmMzg3ZDBk
ZTQwYTAwHhcNMjQwNDA1MTIwNzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGYyMGExZTVmMzg5MWE3ODg1NDYyNTE5M2FmZjE2OWY4Mjg4MDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1IGXJM/49yvjipt4+GJt0X57T9R
M2tlIt8Ah9bwF6okDz5acl3vK1DTt2YxtJTujg+Ch4y5zCvcBvLz1g573BZZIKzv
5pwu8glcGEhlgYWcjAHTzwwhQB73ITH8n3Z23jLi4n3fLyu1iuin+1OAwXOe0XI+
gp7vfJJhk1/x39hmRGrFEo5OIrrVlSdtB/bLaisecYk9rc3JdS7oAvz6b3S8Wlhm
oLjxyJO1CP5nwS3NQODNygJkztqzbMz5JYfTbWORWCXibgT1lMFUVTCzrJntoxRz
l3pOYk3WoEMOXGtAmFbdM/SnkdqExUmb6afDXxjc267tCEnHFXo7XEXBJQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPTyCh5fOJGniFRiUZOv8Wn4KIA1MB8GA1UdIwQY
MBaAFI6kO7ONbgvowokJS6St84fQ3kCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanFRN3M0MXVDLWpDaVFsTHBLM3poOURlUUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82Zjg1YjEtNmEzYy00MDhkLWEzOWIt
MjRmN2Y5NDM2Y2VjLzEvOVBJS0hsODRrYWVJVkdKUms2X3hhZmdvZ0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82Zjg1YjEtNmEzYy00MDhkLWEzOWItMjRmN2Y5NDM2Y2Vj
LzEvanFRN3M0MXVDLWpDaVFsTHBLM3poOURlUUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCHxZwAwQA
HxZ3AwQBuRdYMA8EAgACMAkDBwAqAGYgIAAwDQYJKoZIhvcNAQELBQADggEBAHed
sdxCXo6HZAcf8AXTidYocgWi7TJPi5C7KNijnf13h1oANaFIik9KrECqMK35sQxs
f/fJzYetTVOc4jMo10FqnO7fOaDnFyGNlm4pXwhSPd97jMDHH6oSQkA4DWJcbpYf
3ETAuKUbr4lK6YH4qQlnJ0pzN+1Az+gop+2C3ypWGupQ2R3QeCZyEHQiu2q8YbNW
qeprrzxMK0LQ4Ej+DrXySWqZKUTN3O6DJZOTJXjxF4w1ucYaeKikf4+uwN9fw40d
VkW8/kwCj206mtBVcXH43Yhn7iLRcNeBoGliJCWlgQLjn4j480qsmgwHz/8mMxL8
AWB7NPJlHtCTMBpIOJM=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:51:00 2024 by rpki-client on console-ams.rpki-client.org