Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-N3anJOITn6TbV_QRRpmzzkYtt4.roa
File: 1-N3anJOITn6TbV_QRRpmzzkYtt4.roa (raw, json)
Hash identifier: ecsvDBD5V05+j0P1F6yZoeJZBnsd+u1MLiaPRZTMvxI=
Subject key identifier: F8:DD:DA:9C:93:88:4E:7E:93:6D:5F:D0:45:1A:66:CF:39:18:B6:DE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192756E8F2D420E24EEDA047BAD098216E8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-N3anJOITn6TbV_QRRpmzzkYtt4.roa
Signing time: Thu 10 Oct 2024 07:57:12 +0000
ROA not before: Thu 10 Oct 2024 07:57:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205175
IP address blocks: 31.13.212.0/24 maxlen: 24
45.81.36.0/24 maxlen: 32
45.91.194.0/24 maxlen: 32
45.91.195.0/24 maxlen: 32
87.121.220.0/24 maxlen: 24
94.156.106.0/24 maxlen: 32
2a00:1728:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:75:6e:8f:2d:42:0e:24:ee:da:04:7b:ad:09:82:16:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 10 07:57:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8ddda9c93884e7e936d5fd0451a66cf3918b6de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:00:25:68:f1:fe:48:89:7d:19:e3:14:17:
f9:e1:13:b1:a9:26:a6:ef:51:34:5f:ec:45:ca:68:
29:6d:65:78:a1:5a:85:b6:e4:21:6f:e3:7a:0d:ea:
b9:81:1b:0b:ec:63:96:d8:2e:a3:55:7e:db:76:25:
cb:12:90:8e:a6:fd:4e:23:cb:3f:39:be:33:f2:60:
ca:c8:3a:43:4a:e0:01:41:be:5d:60:30:49:d4:6e:
25:b6:53:e4:50:a0:e1:4c:47:f5:cc:ee:3a:69:a1:
49:3d:0d:ff:87:94:70:c4:25:00:bb:a8:08:32:3d:
83:a4:02:3f:34:dd:f8:f1:03:7c:1c:c4:d8:5a:c1:
9b:f9:18:24:ba:7b:21:18:ed:77:0b:d5:aa:0c:a5:
32:75:b1:57:4b:53:c0:d3:80:16:77:8a:f5:e9:18:
c6:9d:40:9d:9b:7d:6f:c9:1a:f7:c1:17:a5:03:ed:
96:6e:28:eb:d9:5a:7e:14:4c:c3:da:43:b3:93:0b:
aa:e2:5b:90:9c:46:0a:07:f1:bf:42:cb:42:4a:9e:
b1:73:05:25:9d:7d:4b:b6:23:09:4a:09:2b:ec:bf:
fc:1f:be:b4:85:bf:35:14:91:01:1b:fc:e5:fb:f3:
b0:46:58:e0:f9:f5:61:c7:ea:92:c1:40:94:6f:9e:
ab:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:DD:DA:9C:93:88:4E:7E:93:6D:5F:D0:45:1A:66:CF:39:18:B6:DE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-N3anJOITn6TbV_QRRpmzzkYtt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.212.0/24
45.81.36.0/24
45.91.194.0/23
87.121.220.0/24
94.156.106.0/24
IPv6:
2a00:1728:31::/48
Signature Algorithm: sha256WithRSAEncryption
2c:ea:d6:ef:a5:1f:b0:cb:3d:33:a6:c7:d1:ac:28:28:be:4d:
e7:bd:02:52:36:fc:84:d6:65:09:e4:80:58:86:3e:28:c0:64:
c1:f3:61:19:e9:96:30:c1:a9:99:14:c9:74:f2:f4:5b:79:41:
e4:ab:18:97:c9:7c:c7:0b:46:14:8d:f8:ac:c2:d5:fe:ca:96:
a7:27:a9:77:bc:e4:d8:e4:2b:3e:28:86:8c:d7:27:6f:f1:2a:
ec:1c:68:90:d1:31:67:7b:68:fb:00:f9:09:d4:12:b3:d9:13:
c1:f7:1f:0b:77:13:36:d6:17:04:7c:27:50:ef:85:b5:b4:a0:
ce:c8:72:76:70:7f:54:34:d2:86:68:1b:1c:11:23:0e:ad:59:
b6:0b:85:a0:51:7f:0b:50:05:e5:85:5d:13:2e:4a:d5:37:9f:
69:5b:f3:ec:95:59:eb:75:ec:16:a1:4f:cd:94:7c:d4:a1:3b:
61:6c:5c:2d:42:e9:79:c7:87:33:bd:c4:03:f8:b2:ab:36:57:
5f:fc:34:b3:c8:36:da:36:08:df:a9:dd:83:8e:d2:37:ab:bb:
f5:e8:9f:bd:da:12:aa:54:40:32:3f:ad:8c:bc:32:9a:81:98:
17:fb:60:ba:61:dd:b5:25:7d:c6:d1:cc:7b:1a:3a:6e:ff:6b:
4c:db:a2:f6
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZJ1bo8tQg4k7toEe60JghboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDEwMDc1NzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGRkZGE5YzkzODg0ZTdlOTM2ZDVmZDA0NTFhNjZjZjM5MThiNmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEYAJWjx/kiJfRnjFBf54ROxqSam
71E0X+xFymgpbWV4oVqFtuQhb+N6Deq5gRsL7GOW2C6jVX7bdiXLEpCOpv1OI8s/
Ob4z8mDKyDpDSuABQb5dYDBJ1G4ltlPkUKDhTEf1zO46aaFJPQ3/h5RwxCUAu6gI
Mj2DpAI/NN348QN8HMTYWsGb+RgkunshGO13C9WqDKUydbFXS1PA04AWd4r16RjG
nUCdm31vyRr3wRelA+2Wbijr2Vp+FEzD2kOzkwuq4luQnEYKB/G/QstCSp6xcwUl
nX1LtiMJSgkr7L/8H760hb81FJEBG/zl+/OwRljg+fVhx+qSwUCUb56rSQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPjd2pyTiE5+k21f0EUaZs85GLbeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1OM2FuSk9JVG42VGJWX1FSUnBtenprWXR0NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEAB8N1AME
AC1RJAMEAS1bwgMEAFd53AMEAF6cajAPBAIAAjAJAwcAKgAXKAAxMA0GCSqGSIb3
DQEBCwUAA4IBAQAs6tbvpR+wyz0zpsfRrCgovk3nvQJSNvyE1mUJ5IBYhj4owGTB
82EZ6ZYwwamZFMl08vRbeUHkqxiXyXzHC0YUjfiswtX+ypanJ6l3vOTY5Cs+KIaM
1ydv8SrsHGiQ0TFne2j7APkJ1BKz2RPB9x8LdxM21hcEfCdQ74W1tKDOyHJ2cH9U
NNKGaBscESMOrVm2C4WgUX8LUAXlhV0TLkrVN59pW/PslVnrdewWoU/NlHzUoTth
bFwtQul5x4czvcQD+LKrNldf/DSzyDbaNgjfqd2DjtI3q7v16J+92hKqVEAyP62M
vDKagZgX+2C6Yd21JX3G0cx7Gjpu/2tM26L2
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:05:55 2024 by rpki-client on console-fra.rpki-client.org