Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/nAKkOJV8KpSgUDm86HgDTj2mNpI.roa
File: nAKkOJV8KpSgUDm86HgDTj2mNpI.roa (raw, json)
Hash identifier: NjLvmCClAanmzKzy9oGn0CO3IWQWHwi4lmVdvZ1D5rc=
Subject key identifier: 9C:02:A4:38:95:7C:2A:94:A0:50:39:BC:E8:78:03:4E:3D:A6:36:92
Certificate issuer: /CN=7fe0e759354e83cc19320381109de22da0f1a700
Certificate serial: 018CC801803CC1B330C436E027FB89CB3926
Authority key identifier: 7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/nAKkOJV8KpSgUDm86HgDTj2mNpI.roa
Signing time: Tue 02 Jan 2024 02:29:50 +0000
ROA not before: Tue 02 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49814
IP address blocks: 176.65.32.0/19 maxlen: 19
31.24.24.0/21 maxlen: 21
91.226.73.0/24 maxlen: 24
2a00:9700::/32 maxlen: 32
2a00:9700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.mft
rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:80:3c:c1:b3:30:c4:36:e0:27:fb:89:cb:39:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fe0e759354e83cc19320381109de22da0f1a700
Validity
Not Before: Jan 2 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c02a438957c2a94a05039bce878034e3da63692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8e:3b:68:3c:00:76:c1:cb:64:a5:0e:b3:0b:
85:d6:11:de:18:bb:a1:a4:3c:3d:35:10:60:a6:a6:
7a:30:57:5c:f7:16:b6:46:8c:8a:cb:96:f0:01:b1:
68:48:81:fb:d7:16:98:d8:7b:16:a9:fa:ed:e3:ed:
25:e5:a0:f1:46:2f:63:56:ed:6a:4a:cd:a1:8a:13:
63:13:74:0c:a6:de:a7:cd:a1:c2:e3:3d:86:14:76:
b9:0e:76:5d:a8:4d:d0:85:ec:5b:8f:71:a1:20:a9:
a2:01:64:96:3a:4f:a5:e1:c6:0c:8e:ec:f3:4d:da:
e2:9f:85:b7:6f:13:90:94:ae:cf:b9:88:c8:6b:6a:
7f:4a:9e:06:e2:82:63:f2:b0:99:9e:17:d6:a9:12:
1c:2e:21:35:58:24:95:de:1e:03:0b:b7:e9:6a:94:
f7:38:29:4d:4e:ff:31:c3:34:6c:83:22:a6:c1:41:
be:47:ed:73:df:56:3f:57:00:54:d6:32:8b:7e:fc:
78:3e:f8:8f:d6:44:48:ad:3a:aa:16:27:15:a4:09:
ba:c5:fc:7e:ca:2f:19:d0:ff:73:1a:db:cf:98:35:
41:09:a4:4a:7d:6c:f6:0c:ae:72:4c:fc:07:86:6a:
45:85:89:3a:3e:2c:f3:97:45:41:3a:d3:12:77:41:
22:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:02:A4:38:95:7C:2A:94:A0:50:39:BC:E8:78:03:4E:3D:A6:36:92
X509v3 Authority Key Identifier:
keyid:7F:E0:E7:59:35:4E:83:CC:19:32:03:81:10:9D:E2:2D:A0:F1:A7:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/nAKkOJV8KpSgUDm86HgDTj2mNpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/0c7243-1ffb-49d2-b5c1-b402e8a1d934/1/f-DnWTVOg8wZMgOBEJ3iLaDxpwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.24.0/21
91.226.73.0/24
176.65.32.0/19
IPv6:
2a00:9700::/32
Signature Algorithm: sha256WithRSAEncryption
78:fd:8b:5c:55:c2:61:78:9a:72:65:7b:65:64:38:1e:1e:58:
3f:f1:c5:c1:9c:1f:a9:d8:b8:b4:f2:1d:b4:58:ed:be:d8:18:
dc:23:ef:84:62:4c:9a:41:5f:0d:78:99:28:3b:fe:f4:d8:4d:
f7:ab:9c:ca:a1:df:73:11:c8:b5:62:04:e8:38:bd:4c:8b:ac:
5e:1e:45:b5:ac:cf:de:78:92:54:76:1f:db:50:46:db:e1:7f:
b2:bb:7f:5e:7b:04:1b:96:b3:d9:b4:e4:f4:b1:9e:cc:f2:5c:
34:55:87:2d:f3:d7:d2:96:50:6d:39:4f:0b:65:2e:2d:6e:ec:
6a:b4:06:4e:16:23:19:bd:41:a5:9b:67:b7:21:0f:bf:c2:5b:
13:3e:f4:56:87:ee:76:23:46:43:32:7b:97:4e:70:f1:5d:89:
1b:e1:4f:b8:1c:7a:b0:3f:4e:e3:1e:d8:09:7a:eb:4e:c5:da:
2c:69:f2:f1:2d:f6:98:c6:c9:2a:53:7b:4d:1b:1a:6a:3d:07:
5d:19:d5:ee:9e:70:87:98:09:4c:92:58:92:a6:f5:e7:e4:4d:
f1:df:7c:45:7a:2c:da:85:bb:e0:6f:47:28:3c:dc:4b:7b:51:
63:02:97:11:41:ba:58:90:b2:ad:a5:2f:69:b3:1e:12:00:71:
76:01:10:72
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAYA8wbMwxDbgJ/uJyzkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmZTBlNzU5MzU0ZTgzY2MxOTMyMDM4MTEwOWRlMjJkYTBm
MWE3MDAwHhcNMjQwMTAyMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzAyYTQzODk1N2MyYTk0YTA1MDM5YmNlODc4MDM0ZTNkYTYzNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI47aDwAdsHLZKUOswuF1hHeGLuh
pDw9NRBgpqZ6MFdc9xa2RoyKy5bwAbFoSIH71xaY2HsWqfrt4+0l5aDxRi9jVu1q
Ss2hihNjE3QMpt6nzaHC4z2GFHa5DnZdqE3Qhexbj3GhIKmiAWSWOk+l4cYMjuzz
Tdrin4W3bxOQlK7PuYjIa2p/Sp4G4oJj8rCZnhfWqRIcLiE1WCSV3h4DC7fpapT3
OClNTv8xwzRsgyKmwUG+R+1z31Y/VwBU1jKLfvx4PviP1kRIrTqqFicVpAm6xfx+
yi8Z0P9zGtvPmDVBCaRKfWz2DK5yTPwHhmpFhYk6Pizzl0VBOtMSd0EiRwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJwCpDiVfCqUoFA5vOh4A049pjaSMB8GA1UdIwQY
MBaAFH/g51k1ToPMGTIDgRCd4i2g8acAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEt
YjQwMmU4YTFkOTM0LzEvbkFLa09KVjhLcFNnVURtODZIZ0RUajJtTnBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8wYzcyNDMtMWZmYi00OWQyLWI1YzEtYjQwMmU4YTFkOTM0
LzEvZi1EbldUVk9nOHdaTWdPQkVKM2lMYUR4cHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHxgYAwQA
W+JJAwQFsEEgMA0EAgACMAcDBQAqAJcAMA0GCSqGSIb3DQEBCwUAA4IBAQB4/Ytc
VcJheJpyZXtlZDgeHlg/8cXBnB+p2Li08h20WO2+2BjcI++EYkyaQV8NeJkoO/70
2E33q5zKod9zEci1YgToOL1Mi6xeHkW1rM/eeJJUdh/bUEbb4X+yu39eewQblrPZ
tOT0sZ7M8lw0VYct89fSllBtOU8LZS4tbuxqtAZOFiMZvUGlm2e3IQ+/wlsTPvRW
h+52I0ZDMnuXTnDxXYkb4U+4HHqwP07jHtgJeutOxdosafLxLfaYxskqU3tNGxpq
PQddGdXunnCHmAlMkliSpvXn5E3x33xFeizahbvgb0coPNxLe1FjApcRQbpYkLKt
pS9psx4SAHF2ARBy
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:24 2024 by rpki-client on console-fra.rpki-client.org