Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/nIa9McGC-N5Rjvln1eHqzpTY-dY.roa
File: nIa9McGC-N5Rjvln1eHqzpTY-dY.roa (raw, json)
Hash identifier: bsR7EJhxaAHBRkiTG1Q0QksrrzOly476s0ApaqzhC2U=
Subject key identifier: 9C:86:BD:31:C1:82:F8:DE:51:8E:F9:67:D5:E1:EA:CE:94:D8:F9:D6
Certificate issuer: /CN=f18053ea7f3ab79a75e8f875386775551ef75739
Certificate serial: 018CC42561C23B78F71D3BA6CF6557658F6E
Authority key identifier: F1:80:53:EA:7F:3A:B7:9A:75:E8:F8:75:38:67:75:55:1E:F7:57:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8YBT6n86t5p16Ph1OGd1VR73Vzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/nIa9McGC-N5Rjvln1eHqzpTY-dY.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15401
IP address blocks: 185.3.64.0/22 maxlen: 24
178.237.96.0/20 maxlen: 24
31.193.48.0/21 maxlen: 24
2a00:4280::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/8YBT6n86t5p16Ph1OGd1VR73Vzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/8YBT6n86t5p16Ph1OGd1VR73Vzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/8YBT6n86t5p16Ph1OGd1VR73Vzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:61:c2:3b:78:f7:1d:3b:a6:cf:65:57:65:8f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f18053ea7f3ab79a75e8f875386775551ef75739
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c86bd31c182f8de518ef967d5e1eace94d8f9d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cb:30:f7:42:1d:8a:2d:97:af:1e:29:bc:a3:
e2:c0:66:5c:be:c1:4c:04:b4:24:8e:c9:bd:a2:fe:
c0:c7:a8:74:a4:52:4b:bd:c6:7b:76:ca:4f:db:f8:
e3:34:ed:d6:7b:bc:06:b3:6a:ea:29:0c:47:09:d8:
44:b9:61:4b:f0:ca:5b:fa:1c:a0:d1:d9:ad:97:e7:
73:ed:5d:bd:49:aa:32:59:be:b6:cc:0a:53:45:47:
04:e2:46:a6:b3:32:4c:e8:cd:15:6d:53:ed:b7:eb:
4d:0e:b0:58:30:12:6f:66:dd:50:0c:87:37:7d:ff:
e1:7b:f3:16:a0:a2:71:c0:a6:46:57:70:d1:81:1f:
0b:1d:88:54:fe:d9:ad:dc:5c:5c:a8:06:8f:12:75:
89:44:4b:31:77:50:82:84:a8:12:ff:f2:0a:b3:40:
2b:1a:a1:f2:4f:57:72:99:da:71:7c:43:d6:d6:36:
8f:a9:9c:28:1a:96:0f:6e:8e:11:f9:f1:cf:29:10:
9a:e7:6a:8b:e8:de:29:2f:a3:4d:f0:75:cf:2d:4a:
0c:29:a7:8c:97:99:98:46:30:a2:d0:47:3f:75:d0:
e9:b7:91:da:0d:21:63:97:b2:b3:f3:0d:71:17:89:
e6:b4:c2:93:7f:46:58:d9:d6:b6:0f:ea:cc:57:aa:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:86:BD:31:C1:82:F8:DE:51:8E:F9:67:D5:E1:EA:CE:94:D8:F9:D6
X509v3 Authority Key Identifier:
keyid:F1:80:53:EA:7F:3A:B7:9A:75:E8:F8:75:38:67:75:55:1E:F7:57:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8YBT6n86t5p16Ph1OGd1VR73Vzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/nIa9McGC-N5Rjvln1eHqzpTY-dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d4c0c-158f-4344-9641-747ced0b7486/1/8YBT6n86t5p16Ph1OGd1VR73Vzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.48.0/21
178.237.96.0/20
185.3.64.0/22
IPv6:
2a00:4280::/32
Signature Algorithm: sha256WithRSAEncryption
5a:19:1b:35:13:a4:b9:9d:d1:8d:61:fd:b2:fa:8d:55:f5:d0:
cc:81:dc:c6:bc:91:45:db:8d:43:90:6c:7b:38:dc:a4:9c:a8:
78:f2:5f:20:37:d1:89:66:1d:ce:cd:e4:7f:6e:7d:56:54:78:
04:3f:4f:07:13:20:d4:62:f9:31:32:97:c0:7c:7a:54:23:b4:
c1:35:da:1a:c4:84:e9:f8:a9:64:bb:66:39:f1:ba:6d:f5:68:
73:31:d8:08:7f:89:f4:dc:ed:da:18:15:8e:61:db:49:76:85:
76:41:d8:95:5f:37:8b:3f:f3:41:7d:b1:b3:e9:6b:d3:37:55:
cb:62:87:27:cc:ac:a2:64:c9:49:7a:2c:76:1f:44:46:a9:10:
ed:eb:c6:4e:58:73:0c:a8:ef:5e:cf:e1:fe:ed:cf:73:d4:e0:
a5:e4:7a:55:0a:80:43:e3:3d:fb:a5:d3:6e:a2:ec:aa:7f:05:
a7:5c:26:af:c8:4a:a2:e3:8a:f2:24:96:09:7c:9a:ce:e1:e2:
0b:45:23:ba:6f:9a:41:43:53:5d:b8:96:f4:d3:42:76:8b:d9:
e1:ae:66:e0:4d:f2:88:23:9f:b4:3b:13:72:1e:32:f0:c0:bd:
2d:b2:ab:1c:89:dc:7e:b0:54:52:29:80:a8:23:39:3d:1c:67:
93:5d:23:c8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEJWHCO3j3HTumz2VXZY9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxODA1M2VhN2YzYWI3OWE3NWU4Zjg3NTM4Njc3NTU1MWVm
NzU3MzkwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg2YmQzMWMxODJmOGRlNTE4ZWY5NjdkNWUxZWFjZTk0ZDhmOWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8sw90Idii2Xrx4pvKPiwGZcvsFM
BLQkjsm9ov7Ax6h0pFJLvcZ7dspP2/jjNO3We7wGs2rqKQxHCdhEuWFL8Mpb+hyg
0dmtl+dz7V29SaoyWb62zApTRUcE4kamszJM6M0VbVPtt+tNDrBYMBJvZt1QDIc3
ff/he/MWoKJxwKZGV3DRgR8LHYhU/tmt3FxcqAaPEnWJREsxd1CChKgS//IKs0Ar
GqHyT1dymdpxfEPW1jaPqZwoGpYPbo4R+fHPKRCa52qL6N4pL6NN8HXPLUoMKaeM
l5mYRjCi0Ec/ddDpt5HaDSFjl7Kz8w1xF4nmtMKTf0ZY2da2D+rMV6rlCQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJyGvTHBgvjeUY75Z9Xh6s6U2PnWMB8GA1UdIwQY
MBaAFPGAU+p/Oreadej4dThndVUe91c5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFlCVDZuODZ0NXAxNlBoMU9HZDFWUjczVnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZDRjMGMtMTU4Zi00MzQ0LTk2NDEt
NzQ3Y2VkMGI3NDg2LzEvbklhOU1jR0MtTjVSanZsbjFlSHF6cFRZLWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZDRjMGMtMTU4Zi00MzQ0LTk2NDEtNzQ3Y2VkMGI3NDg2
LzEvOFlCVDZuODZ0NXAxNlBoMU9HZDFWUjczVnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH8EwAwQE
su1gAwQCuQNAMA0EAgACMAcDBQAqAEKAMA0GCSqGSIb3DQEBCwUAA4IBAQBaGRs1
E6S5ndGNYf2y+o1V9dDMgdzGvJFF241DkGx7ONyknKh48l8gN9GJZh3OzeR/bn1W
VHgEP08HEyDUYvkxMpfAfHpUI7TBNdoaxITp+Klku2Y58bpt9WhzMdgIf4n03O3a
GBWOYdtJdoV2QdiVXzeLP/NBfbGz6WvTN1XLYocnzKyiZMlJeix2H0RGqRDt68ZO
WHMMqO9ez+H+7c9z1OCl5HpVCoBD4z37pdNuouyqfwWnXCavyEqi44ryJJYJfJrO
4eILRSO6b5pBQ1NduJb000J2i9nhrmbgTfKII5+0OxNyHjLwwL0tsqscidx+sFRS
KYCoIzk9HGeTXSPI
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:52 2024 by rpki-client on console-fra.rpki-client.org