Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/IXRPJL2zJxM0-Jr1AyiPD2G8daM.roa
File: IXRPJL2zJxM0-Jr1AyiPD2G8daM.roa (raw, json)
Hash identifier: P0seQGptt8nEDeCdypIKXkEQiTP6IC86clxT2ASBN6M=
Subject key identifier: 21:74:4F:24:BD:B3:27:13:34:F8:9A:F5:03:28:8F:0F:61:BC:75:A3
Certificate issuer: /CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
Certificate serial: 018CCA296E5B9C7CCAF4D7C691B614B43D63
Authority key identifier: 9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/IXRPJL2zJxM0-Jr1AyiPD2G8daM.roa
Signing time: Tue 02 Jan 2024 12:32:42 +0000
ROA not before: Tue 02 Jan 2024 12:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62462
IP address blocks: 185.35.40.0/22 maxlen: 24
31.216.176.0/22 maxlen: 24
31.216.180.0/22 maxlen: 24
188.95.184.0/22 maxlen: 24
188.95.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:6e:5b:9c:7c:ca:f4:d7:c6:91:b6:14:b4:3d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
Validity
Not Before: Jan 2 12:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21744f24bdb3271334f89af503288f0f61bc75a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e4:2c:7a:ab:28:16:50:db:9d:2b:05:15:2d:
7c:fd:97:83:66:cb:ad:4c:26:d7:e6:f1:d5:ac:ff:
61:b5:ac:6a:48:a5:a1:98:2f:00:b4:ed:d6:48:8d:
f0:93:6f:eb:d4:59:2e:06:bf:3a:df:fa:a2:ed:9e:
08:f5:8b:e3:4d:4c:ed:75:7b:ea:ca:a2:fd:02:9b:
98:b3:d3:c0:12:3d:d7:60:b9:56:2d:4d:1f:6b:8e:
2a:c1:88:d1:16:18:27:75:b0:c3:c4:04:12:c9:36:
22:c3:ab:77:59:f7:11:80:e4:be:36:75:a2:3e:6e:
b0:88:03:5f:84:ac:0e:8a:00:22:5a:08:36:c5:d5:
49:39:8a:e8:a4:b7:13:20:25:88:c6:ee:4f:59:69:
73:02:43:a4:52:b8:e8:a3:d2:2c:d7:aa:fa:16:46:
ae:a4:00:fb:5f:7d:ff:cb:ba:cb:3c:6c:2b:19:10:
1d:c8:5d:3c:49:25:ec:ed:fc:77:76:b1:05:b1:ac:
ff:ba:29:09:5f:97:0d:6a:fd:57:8c:de:7b:aa:fc:
8a:c3:f1:39:03:46:80:7e:78:02:70:09:ee:d6:91:
ba:8a:78:2e:77:75:05:08:ca:90:2c:02:af:67:b3:
1a:52:0d:61:18:8e:93:27:4f:c9:6d:b7:fc:0c:d2:
1d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:74:4F:24:BD:B3:27:13:34:F8:9A:F5:03:28:8F:0F:61:BC:75:A3
X509v3 Authority Key Identifier:
keyid:9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/IXRPJL2zJxM0-Jr1AyiPD2G8daM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.176.0/21
185.35.40.0/22
188.95.184.0/21
Signature Algorithm: sha256WithRSAEncryption
74:32:7b:2b:fd:e7:30:cf:28:52:7b:6c:56:1f:9d:34:bb:44:
e9:3c:ee:aa:42:90:a1:f2:00:56:a7:da:8e:7c:d9:1e:21:7c:
6c:04:3b:fb:0e:71:09:e4:a0:57:f8:83:e8:f3:e1:ba:60:78:
c5:47:7d:71:32:e7:18:1c:76:96:65:b9:fb:61:ed:94:6a:00:
4f:65:91:20:72:86:56:c4:4b:a6:e2:a8:40:40:58:89:d5:45:
48:2c:e9:22:7e:ec:d6:c4:3e:d4:29:b9:0a:7f:75:26:6b:3c:
7d:51:84:bd:73:f2:e2:8e:76:76:4b:17:fb:36:17:06:ba:23:
c4:fc:54:aa:68:5d:2a:4e:7b:bd:1b:f3:38:cd:92:71:c8:e3:
d0:c5:c1:65:a5:6f:a8:c8:02:e4:9f:cf:44:27:b8:83:d2:12:
8f:90:46:62:80:fa:8a:ce:35:2a:08:d5:9d:2e:ed:01:bf:2e:
de:e0:f1:94:dd:45:59:84:61:99:41:57:61:d4:45:b8:fb:e8:
f9:7b:32:40:2e:40:d4:44:b7:7f:3d:d6:e3:8d:74:f7:ec:b8:
5c:5f:b3:87:c8:7d:c7:32:29:f9:a3:bf:75:b6:c4:ed:40:07:
8a:1f:82:43:26:8e:0d:30:96:3d:80:ed:d2:c2:fb:4a:b1:b8:
79:02:e3:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKW5bnHzK9NfGkbYUtD1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYmI3N2JhYjQzOGE5M2QzNGQ5ZDVjMGE4ZTBiOWVmMzJh
ZTVkYTAwHhcNMjQwMTAyMTIzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTc0NGYyNGJkYjMyNzEzMzRmODlhZjUwMzI4OGYwZjYxYmM3NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOQseqsoFlDbnSsFFS18/ZeDZsut
TCbX5vHVrP9htaxqSKWhmC8AtO3WSI3wk2/r1FkuBr863/qi7Z4I9YvjTUztdXvq
yqL9ApuYs9PAEj3XYLlWLU0fa44qwYjRFhgndbDDxAQSyTYiw6t3WfcRgOS+NnWi
Pm6wiANfhKwOigAiWgg2xdVJOYropLcTICWIxu5PWWlzAkOkUrjoo9Is16r6Fkau
pAD7X33/y7rLPGwrGRAdyF08SSXs7fx3drEFsaz/uikJX5cNav1XjN57qvyKw/E5
A0aAfngCcAnu1pG6ingud3UFCMqQLAKvZ7MaUg1hGI6TJ0/Jbbf8DNIdfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCF0TyS9sycTNPia9QMojw9hvHWjMB8GA1UdIwQY
MBaAFJy7d7q0OKk9NNnVwKjgue8yrl2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODkt
OTBkNThjNjAzMjU2LzEvSVhSUEpMMnpKeE0wLUpyMUF5aVBEMkc4ZGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODktOTBkNThjNjAzMjU2
LzEvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH9iwAwQC
uSMoAwQDvF+4MA0GCSqGSIb3DQEBCwUAA4IBAQB0Mnsr/ecwzyhSe2xWH500u0Tp
PO6qQpCh8gBWp9qOfNkeIXxsBDv7DnEJ5KBX+IPo8+G6YHjFR31xMucYHHaWZbn7
Ye2UagBPZZEgcoZWxEum4qhAQFiJ1UVILOkifuzWxD7UKbkKf3Umazx9UYS9c/Li
jnZ2Sxf7NhcGuiPE/FSqaF0qTnu9G/M4zZJxyOPQxcFlpW+oyALkn89EJ7iD0hKP
kEZigPqKzjUqCNWdLu0Bvy7e4PGU3UVZhGGZQVdh1EW4++j5ezJALkDURLd/Pdbj
jXT37LhcX7OHyH3HMin5o791tsTtQAeKH4JDJo4NMJY9gO3SwvtKsbh5AuPf
-----END CERTIFICATE-----
Generated at Sun Sep 29 01:41:26 2024 by rpki-client on console-ams.rpki-client.org