Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/3JXJlol2hWtZ67A4NiHo5T5scZk.roa
File: 3JXJlol2hWtZ67A4NiHo5T5scZk.roa (raw, json)
Hash identifier: IwJOyfnUZBTcel/a7NCndXyWpC0YPxZDaX21GFcW0t0=
Subject key identifier: DC:95:C9:96:89:76:85:6B:59:EB:B0:38:36:21:E8:E5:3E:6C:71:99
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 018CC26D2F3202AC37962DF1F443BBF87284
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/3JXJlol2hWtZ67A4NiHo5T5scZk.roa
Signing time: Mon 01 Jan 2024 00:29:44 +0000
ROA not before: Mon 01 Jan 2024 00:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50673
IP address blocks: 31.186.170.0/23 maxlen: 23
31.186.174.0/23 maxlen: 23
2a02:40c0:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2f:32:02:ac:37:96:2d:f1:f4:43:bb:f8:72:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 00:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc95c9968976856b59ebb0383621e8e53e6c7199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:83:8d:8e:fc:31:51:5c:73:32:51:4e:b9:6c:
cd:cf:aa:49:e4:08:80:4e:30:3a:54:e6:f2:3a:6e:
9f:d6:6e:8a:2e:9d:35:cc:ac:fc:7c:3e:68:71:51:
09:d3:2d:67:b4:68:4e:ab:d3:e4:87:64:6d:4a:b4:
08:47:32:a6:c3:ed:38:b7:3d:94:2d:40:13:f2:35:
a8:66:48:7b:64:9c:ad:f1:5e:34:11:f1:17:8f:02:
44:ef:16:1b:eb:67:d5:85:f8:c8:55:16:7c:50:4b:
f5:7c:52:4d:ca:3b:67:06:3b:17:99:91:a1:5f:42:
57:c6:2d:b5:42:58:15:33:e0:26:67:0c:22:cc:35:
86:20:c6:dc:55:e8:28:b5:73:39:53:43:20:31:97:
8e:05:73:d1:8f:79:78:c8:a8:39:6b:54:57:6b:73:
8c:b2:a0:ed:28:60:cf:73:93:9c:03:55:00:23:f5:
21:3b:33:8b:ce:2e:02:d5:21:c3:de:bf:99:0e:75:
6a:b7:5e:51:96:9e:33:69:c5:5d:97:8f:85:14:76:
a8:93:cd:b6:21:ee:f1:ee:4a:ec:08:64:0e:f1:32:
e4:74:31:d6:fe:a9:03:b8:8a:7e:cc:60:38:b6:83:
71:ab:e5:9e:76:47:16:f9:ba:0c:67:c7:d2:28:2d:
29:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:95:C9:96:89:76:85:6B:59:EB:B0:38:36:21:E8:E5:3E:6C:71:99
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/3JXJlol2hWtZ67A4NiHo5T5scZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.170.0/23
31.186.174.0/23
IPv6:
2a02:40c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
3c:c5:aa:02:30:28:6c:f2:59:2b:2f:0e:95:b0:2c:77:cf:7f:
74:c2:c1:c0:4e:b5:a5:6c:17:a6:4c:2f:1c:7b:c7:7f:9e:d9:
20:b3:fd:d8:35:0c:2a:36:19:47:b5:34:1c:78:1b:af:88:3a:
18:6f:97:21:90:8d:5b:76:74:98:a9:bf:a9:df:6b:b7:6c:d6:
d8:7a:af:2b:47:3c:39:3f:0b:00:5a:58:f5:4d:fe:b1:9e:aa:
cf:2d:d7:9b:26:33:93:4c:19:9b:15:5d:72:94:4d:30:5e:b1:
1e:e8:a7:2d:0c:14:e6:ea:fe:1a:9b:27:19:a1:78:19:15:44:
6c:84:ae:9b:22:58:57:8f:77:10:35:56:9f:ad:71:d9:c7:4b:
93:8f:fb:2f:58:d3:9b:bd:90:f2:64:15:cb:b4:42:35:72:7b:
81:96:2a:24:50:bc:3c:37:6e:44:6e:8c:43:75:b2:f2:88:0f:
18:b7:93:b4:84:f5:c0:b0:c4:00:19:4c:88:23:7b:57:e4:44:
06:c0:f1:67:cf:a4:9b:b7:2a:7a:b3:ab:c5:b3:b0:a0:27:ae:
ae:44:6a:1e:c9:99:d2:7f:58:00:38:a9:6b:ef:ac:0f:0f:6e:
a5:0c:67:15:bb:e0:d0:7d:60:58:c3:24:f7:51:28:70:ee:e5:
5d:32:8f:18
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzCbS8yAqw3li3x9EO7+HKEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjQwMTAxMDAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk1Yzk5Njg5NzY4NTZiNTllYmIwMzgzNjIxZThlNTNlNmM3MTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4ONjvwxUVxzMlFOuWzNz6pJ5AiA
TjA6VObyOm6f1m6KLp01zKz8fD5ocVEJ0y1ntGhOq9Pkh2RtSrQIRzKmw+04tz2U
LUAT8jWoZkh7ZJyt8V40EfEXjwJE7xYb62fVhfjIVRZ8UEv1fFJNyjtnBjsXmZGh
X0JXxi21QlgVM+AmZwwizDWGIMbcVegotXM5U0MgMZeOBXPRj3l4yKg5a1RXa3OM
sqDtKGDPc5OcA1UAI/UhOzOLzi4C1SHD3r+ZDnVqt15Rlp4zacVdl4+FFHaok822
Ie7x7krsCGQO8TLkdDHW/qkDuIp+zGA4toNxq+WedkcW+boMZ8fSKC0piwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNyVyZaJdoVrWeuwODYh6OU+bHGZMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvM0pYSmxvbDJoV3RaNjdBNE5pSG81VDVzY1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBH7qqAwQB
H7quMA8EAgACMAkDBwAqAkDAEAAwDQYJKoZIhvcNAQELBQADggEBADzFqgIwKGzy
WSsvDpWwLHfPf3TCwcBOtaVsF6ZMLxx7x3+e2SCz/dg1DCo2GUe1NBx4G6+IOhhv
lyGQjVt2dJipv6nfa7ds1th6rytHPDk/CwBaWPVN/rGeqs8t15smM5NMGZsVXXKU
TTBesR7opy0MFObq/hqbJxmheBkVRGyErpsiWFePdxA1Vp+tcdnHS5OP+y9Y05u9
kPJkFcu0QjVye4GWKiRQvDw3bkRujEN1svKIDxi3k7SE9cCwxAAZTIgje1fkRAbA
8WfPpJu3Knqzq8WzsKAnrq5Eah7JmdJ/WAA4qWvvrA8PbqUMZxW74NB9YFjDJPdR
KHDu5V0yjxg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:43 2024 by rpki-client on console-fra.rpki-client.org