Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cnLtAC82qMnDZZGz-VRA9gWv5XM.roa
File: cnLtAC82qMnDZZGz-VRA9gWv5XM.roa (raw, json)
Hash identifier: BIKpuK6s+7bYURYGzcQGfztYZKUA47Jl6bcExcFs4Y8=
Subject key identifier: 72:72:ED:00:2F:36:A8:C9:C3:65:91:B3:F9:54:40:F6:05:AF:E5:73
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0192AF2DA59B28EAE049E95FD023635776D3
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cnLtAC82qMnDZZGz-VRA9gWv5XM.roa
Signing time: Mon 21 Oct 2024 13:04:17 +0000
ROA not before: Mon 21 Oct 2024 13:04:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214036
IP address blocks: 31.210.50.0/24 maxlen: 24
77.92.145.0/24 maxlen: 24
188.132.129.0/24 maxlen: 24
188.132.153.0/24 maxlen: 24
188.132.183.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:2d:a5:9b:28:ea:e0:49:e9:5f:d0:23:63:57:76:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Oct 21 13:04:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7272ed002f36a8c9c36591b3f95440f605afe573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:59:48:0a:c3:7b:72:f3:e6:d9:9c:15:77:6d:
63:71:ce:71:8f:c7:56:9b:f4:a8:3d:40:9c:dd:4f:
26:97:ab:28:ee:4b:d8:e4:ef:f7:90:53:6d:1b:c6:
70:ac:16:78:af:fc:e0:79:5d:12:10:e1:1c:7b:d9:
5c:65:e9:06:30:68:01:54:dd:b5:88:b5:20:65:cf:
83:7f:da:4c:a2:ef:95:fe:c1:14:93:51:d9:6a:3b:
21:e7:2b:37:9d:06:16:33:ef:f6:c8:d9:bf:c1:ff:
d4:61:44:e5:fb:a0:ec:2c:1e:35:59:b5:d1:77:11:
b6:0b:8d:59:f7:d2:d5:37:92:0f:33:97:98:eb:47:
2e:80:22:0e:e7:f9:30:84:81:b2:95:7d:0f:fe:b7:
dc:4d:84:ea:03:cb:8b:14:2f:cb:5d:a8:1a:94:db:
b4:32:65:95:69:b8:f4:c5:5a:97:a6:d1:85:15:f1:
df:1e:9f:d6:bc:be:b3:b3:a0:85:38:a6:5e:c5:59:
e3:a1:42:11:12:c3:d7:2e:98:72:86:d7:03:08:16:
99:67:77:e1:e0:8c:fb:3d:0e:d1:a5:56:17:3e:c6:
90:38:cc:0b:ff:8e:b4:75:3b:0c:f3:41:0a:ac:a5:
16:f6:d1:0a:6c:8e:d7:cb:e0:33:92:41:fa:6f:dd:
8f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:72:ED:00:2F:36:A8:C9:C3:65:91:B3:F9:54:40:F6:05:AF:E5:73
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cnLtAC82qMnDZZGz-VRA9gWv5XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.50.0/24
77.92.145.0/24
188.132.129.0/24
188.132.153.0/24
188.132.183.0-188.132.184.255
188.132.206.0/23
Signature Algorithm: sha256WithRSAEncryption
79:1e:96:a1:2b:30:7f:d3:23:57:53:4f:2e:52:c3:df:5c:89:
97:c0:a4:a2:b4:91:73:76:59:fb:08:19:fe:b4:79:30:3c:31:
77:ba:52:d4:8d:97:05:36:1f:67:30:76:c9:8d:9d:d8:e0:a5:
69:52:00:2a:57:8a:75:8e:f1:90:bc:88:fb:a0:5e:65:66:cf:
52:07:dc:ba:c6:cc:0b:9f:ee:e4:4e:d6:19:be:16:b2:43:96:
12:45:80:b6:a6:85:60:5b:78:1e:ce:ce:2f:ce:d2:91:09:99:
a3:de:3c:51:0b:a9:10:3c:b3:ce:eb:e6:28:7c:ef:f2:72:1a:
98:1c:9a:a3:70:5e:45:1c:c6:02:b4:d6:bb:38:54:20:ce:36:
1e:60:4a:b2:f1:23:38:9f:46:f0:bd:cf:05:6c:d9:48:45:20:
e1:f3:ef:95:e0:a6:a2:43:99:9c:94:ea:6d:7f:2b:62:cc:4f:
57:0b:d5:51:9d:e8:8f:ca:9c:66:63:c2:96:3e:a2:9e:38:65:
d2:e5:ca:66:cc:bd:c8:43:0c:b4:55:65:3f:43:4b:1b:09:d8:
ed:34:e3:00:28:64:fa:6e:53:42:16:39:ea:9e:13:14:47:5f:
66:18:96:54:fe:09:65:db:26:a6:ed:ba:96:9e:b8:1b:90:fe:
e7:5c:29:0e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZKvLaWbKOrgSelf0CNjV3bTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMDIxMTMwNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjcyZWQwMDJmMzZhOGM5YzM2NTkxYjNmOTU0NDBmNjA1YWZlNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11lICsN7cvPm2ZwVd21jcc5xj8dW
m/SoPUCc3U8ml6so7kvY5O/3kFNtG8ZwrBZ4r/zgeV0SEOEce9lcZekGMGgBVN21
iLUgZc+Df9pMou+V/sEUk1HZajsh5ys3nQYWM+/2yNm/wf/UYUTl+6DsLB41WbXR
dxG2C41Z99LVN5IPM5eY60cugCIO5/kwhIGylX0P/rfcTYTqA8uLFC/LXagalNu0
MmWVabj0xVqXptGFFfHfHp/WvL6zs6CFOKZexVnjoUIREsPXLphyhtcDCBaZZ3fh
4Iz7PQ7RpVYXPsaQOMwL/460dTsM80EKrKUW9tEKbI7Xy+AzkkH6b92P7wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHJy7QAvNqjJw2WRs/lUQPYFr+VzMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvY25MdEFDODJxTW5EWlpHei1WUkE5Z1d2NVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAH9IyAwQA
TVyRAwQAvISBAwQAvISZMAwDBAC8hLcDBAC8hLgDBAG8hM4wDQYJKoZIhvcNAQEL
BQADggEBAHkelqErMH/TI1dTTy5Sw99ciZfApKK0kXN2WfsIGf60eTA8MXe6UtSN
lwU2H2cwdsmNndjgpWlSACpXinWO8ZC8iPugXmVmz1IH3LrGzAuf7uRO1hm+FrJD
lhJFgLamhWBbeB7Ozi/O0pEJmaPePFELqRA8s87r5ih87/JyGpgcmqNwXkUcxgK0
1rs4VCDONh5gSrLxIzifRvC9zwVs2UhFIOHz75XgpqJDmZyU6m1/K2LMT1cL1VGd
6I/KnGZjwpY+op44ZdLlymbMvchDDLRVZT9DSxsJ2O004wAoZPpuU0IWOeqeExRH
X2YYllT+CWXbJqbtupaeuBuQ/udcKQ4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:39:12 2024 by rpki-client on console-ams.rpki-client.org