Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/nAfxBRTMzDdwHNdEu8M1Qbkre7k.roa
File: nAfxBRTMzDdwHNdEu8M1Qbkre7k.roa (raw, json)
Hash identifier: qTWsKsyywvTTcu/hf4T0NXZNm0FvofP2g8D7I+sx+GE=
Subject key identifier: 9C:07:F1:05:14:CC:CC:37:70:1C:D7:44:BB:C3:35:41:B9:2B:7B:B9
Certificate issuer: /CN=bbbb2a4302094f4c3f5bada547ef4f7ede18e903
Certificate serial: 018CC500F06D4C6A1BEE2957050E6BA88FE4
Authority key identifier: BB:BB:2A:43:02:09:4F:4C:3F:5B:AD:A5:47:EF:4F:7E:DE:18:E9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/nAfxBRTMzDdwHNdEu8M1Qbkre7k.roa
Signing time: Mon 01 Jan 2024 12:30:22 +0000
ROA not before: Mon 01 Jan 2024 12:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201749
IP address blocks: 194.31.93.0/24 maxlen: 24
194.31.220.0/24 maxlen: 24
194.31.199.0/24 maxlen: 24
194.31.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/u7sqQwIJT0w_W62lR-9Pft4Y6QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/u7sqQwIJT0w_W62lR-9Pft4Y6QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f0:6d:4c:6a:1b:ee:29:57:05:0e:6b:a8:8f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbbb2a4302094f4c3f5bada547ef4f7ede18e903
Validity
Not Before: Jan 1 12:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c07f10514cccc37701cd744bbc33541b92b7bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:65:d1:c4:97:12:cb:51:f0:6f:cf:a7:1a:58:
3d:ce:88:aa:31:cc:ae:84:4f:9f:59:e8:01:8d:8a:
f0:1c:bd:44:d0:b0:dc:5f:77:d3:cf:8b:db:c8:55:
91:2d:d0:d7:db:81:10:07:4e:f6:34:9a:f4:66:0f:
06:d6:1c:1d:4a:36:31:7c:1e:6c:e6:63:e8:49:d7:
15:ac:df:3b:4f:48:23:e5:15:f7:70:a0:82:c8:25:
cb:88:49:4e:fe:1f:61:3a:44:64:50:fd:f6:78:8c:
43:ea:2f:30:44:4b:66:d2:a2:d8:bb:cc:82:73:7e:
c1:f1:d3:84:4f:d3:c4:e0:5f:3f:65:e0:c4:d7:69:
d9:77:a2:68:1f:aa:1a:30:ab:1f:57:8a:e3:4d:42:
7c:6c:52:7d:7e:91:de:1d:80:a8:91:55:f6:31:59:
93:65:21:9c:4b:7e:66:20:d8:fb:b0:4e:91:1f:c2:
4b:d7:4b:5f:58:eb:ca:23:93:6d:11:8d:22:d1:5b:
a0:62:8d:84:91:f4:4e:1c:1e:aa:d0:cf:18:05:4c:
0e:db:19:2d:f3:23:06:ad:7e:c1:bc:4b:7d:c4:17:
30:92:ff:20:c8:8d:ed:0b:be:9a:06:6f:8e:e7:25:
5c:37:5f:51:f9:07:5c:bb:7b:26:9a:a9:50:ca:2f:
9a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:07:F1:05:14:CC:CC:37:70:1C:D7:44:BB:C3:35:41:B9:2B:7B:B9
X509v3 Authority Key Identifier:
keyid:BB:BB:2A:43:02:09:4F:4C:3F:5B:AD:A5:47:EF:4F:7E:DE:18:E9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7sqQwIJT0w_W62lR-9Pft4Y6QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/nAfxBRTMzDdwHNdEu8M1Qbkre7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c399a4-53b6-4271-9b90-32bf1641fb3b/1/u7sqQwIJT0w_W62lR-9Pft4Y6QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.93.0/24
194.31.193.0/24
194.31.199.0/24
194.31.220.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:e3:ab:be:f0:2b:06:04:16:bf:67:d5:6e:c6:c5:b0:a8:6e:
e2:f8:e0:3c:36:a3:13:9e:14:15:a0:a4:73:5c:77:34:48:ad:
50:e5:e6:8e:fa:51:2d:79:77:7b:55:7a:f7:7e:c3:86:f9:87:
d2:02:e5:62:7d:7a:04:81:db:b9:01:ef:5f:36:33:a2:fb:8a:
9c:28:fb:f0:12:a5:9d:a1:7e:14:00:42:3c:07:79:a9:c0:86:
89:3e:11:7c:cb:f4:ba:82:c5:e9:d1:55:f2:a8:0f:45:35:a3:
a7:c6:62:44:e1:a5:f0:f6:4d:ec:86:63:03:b3:82:d2:de:56:
59:0b:22:2e:60:4a:fd:1d:09:c4:84:c3:9b:92:b1:0c:7c:9c:
23:02:fa:8f:da:e0:5e:03:49:58:60:45:ee:93:4a:f0:1a:60:
60:a7:08:3f:31:9f:d2:63:0b:f2:ba:3d:b7:a9:7c:f7:cb:ed:
c7:27:44:46:18:0f:cc:93:5c:e1:79:5f:b8:7d:14:b5:49:c6:
aa:61:2d:f1:78:48:af:59:a8:59:9f:c4:da:87:61:1f:15:e7:
f6:85:6a:c4:f5:6b:05:60:95:47:9d:6a:a4:9e:68:d1:a7:02:
e5:cb:37:49:f1:c2:ba:af:90:c6:62:9b:f2:fb:61:58:04:2e:
61:bc:0b:7d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFAPBtTGob7ilXBQ5rqI/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYmIyYTQzMDIwOTRmNGMzZjViYWRhNTQ3ZWY0ZjdlZGUx
OGU5MDMwHhcNMjQwMTAxMTIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzA3ZjEwNTE0Y2NjYzM3NzAxY2Q3NDRiYmMzMzU0MWI5MmI3YmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2XRxJcSy1Hwb8+nGlg9zoiqMcyu
hE+fWegBjYrwHL1E0LDcX3fTz4vbyFWRLdDX24EQB072NJr0Zg8G1hwdSjYxfB5s
5mPoSdcVrN87T0gj5RX3cKCCyCXLiElO/h9hOkRkUP32eIxD6i8wREtm0qLYu8yC
c37B8dOET9PE4F8/ZeDE12nZd6JoH6oaMKsfV4rjTUJ8bFJ9fpHeHYCokVX2MVmT
ZSGcS35mINj7sE6RH8JL10tfWOvKI5NtEY0i0VugYo2EkfROHB6q0M8YBUwO2xkt
8yMGrX7BvEt9xBcwkv8gyI3tC76aBm+O5yVcN19R+Qdcu3smmqlQyi+atwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJwH8QUUzMw3cBzXRLvDNUG5K3u5MB8GA1UdIwQY
MBaAFLu7KkMCCU9MP1utpUfvT37eGOkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdzcVF3SUpUMHdfVzYybFItOVBmdDRZNlFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMzk5YTQtNTNiNi00MjcxLTliOTAt
MzJiZjE2NDFmYjNiLzEvbkFmeEJSVE16RGR3SE5kRXU4TTFRYmtyZTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMzk5YTQtNTNiNi00MjcxLTliOTAtMzJiZjE2NDFmYjNi
LzEvdTdzcVF3SUpUMHdfVzYybFItOVBmdDRZNlFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwh9dAwQA
wh/BAwQAwh/HAwQAwh/cMA0GCSqGSIb3DQEBCwUAA4IBAQCa46u+8CsGBBa/Z9Vu
xsWwqG7i+OA8NqMTnhQVoKRzXHc0SK1Q5eaO+lEteXd7VXr3fsOG+YfSAuVifXoE
gdu5Ae9fNjOi+4qcKPvwEqWdoX4UAEI8B3mpwIaJPhF8y/S6gsXp0VXyqA9FNaOn
xmJE4aXw9k3shmMDs4LS3lZZCyIuYEr9HQnEhMObkrEMfJwjAvqP2uBeA0lYYEXu
k0rwGmBgpwg/MZ/SYwvyuj23qXz3y+3HJ0RGGA/Mk1zheV+4fRS1ScaqYS3xeEiv
WahZn8Tah2EfFef2hWrE9WsFYJVHnWqknmjRpwLlyzdJ8cK6r5DGYpvy+2FYBC5h
vAt9
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:58:00 2024 by rpki-client on console-ams.rpki-client.org