Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/n9GxiV-GozGmqC4P3JY20N1-jS8.roa
File: n9GxiV-GozGmqC4P3JY20N1-jS8.roa (raw, json)
Hash identifier: KuRvJ6t+7RhxKbGqWgmPx8sd1SEQ/Tf/uCdlKANKWqY=
Subject key identifier: 9F:D1:B1:89:5F:86:A3:31:A6:A8:2E:0F:DC:96:36:D0:DD:7E:8D:2F
Certificate issuer: /CN=c4eba1fdf6c4de192c1d3edf8a800ca597f97d68
Certificate serial: 018CC794B6122722DF16934D9BA8818A9C1F
Authority key identifier: C4:EB:A1:FD:F6:C4:DE:19:2C:1D:3E:DF:8A:80:0C:A5:97:F9:7D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xOuh_fbE3hksHT7fioAMpZf5fWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/n9GxiV-GozGmqC4P3JY20N1-jS8.roa
Signing time: Tue 02 Jan 2024 00:31:01 +0000
ROA not before: Tue 02 Jan 2024 00:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197692
IP address blocks: 185.131.0.0/22 maxlen: 24
31.22.120.0/21 maxlen: 24
2a02:6f00::/32 maxlen: 48
2a02:6f00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/xOuh_fbE3hksHT7fioAMpZf5fWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/xOuh_fbE3hksHT7fioAMpZf5fWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/xOuh_fbE3hksHT7fioAMpZf5fWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:b6:12:27:22:df:16:93:4d:9b:a8:81:8a:9c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4eba1fdf6c4de192c1d3edf8a800ca597f97d68
Validity
Not Before: Jan 2 00:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fd1b1895f86a331a6a82e0fdc9636d0dd7e8d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ec:db:e7:1d:dc:73:0c:2e:35:10:23:63:42:
f9:57:ff:e7:fb:5b:eb:9f:54:55:cb:ed:14:1e:d4:
12:7f:2d:5e:c4:a6:ad:8b:a3:e2:b8:89:64:ea:b1:
b9:51:df:93:79:fb:6d:fb:36:5e:c4:12:ea:b9:61:
b8:b2:4a:cc:6a:89:b2:6e:1f:9e:55:ab:bb:cf:a5:
9e:82:05:9c:a1:16:eb:2d:21:15:ff:3a:8e:7b:8d:
64:2e:87:a0:fc:42:d9:30:04:7c:d3:1a:31:3b:cc:
70:a9:0e:3e:60:19:ab:e4:44:71:f1:e1:3a:b8:e0:
92:bd:e6:f6:54:43:35:77:39:f0:ad:d2:df:db:7e:
f7:5a:9a:82:8c:30:3e:85:3c:dd:d9:35:95:d6:63:
68:f9:27:20:c2:ec:26:63:1b:46:bf:56:fb:1f:23:
b9:dc:ba:83:a9:f6:d9:f4:7e:2f:27:91:e4:b3:4e:
21:28:08:3c:e7:c1:7d:9e:3a:44:94:63:c1:db:0e:
b9:60:48:fd:91:cb:6c:5d:97:11:d3:dc:7c:57:9b:
03:91:29:51:5c:60:f7:07:22:a1:e7:b0:3d:7c:0e:
8a:44:c4:b2:47:b7:ce:a2:9e:a7:b8:e4:b7:f8:ac:
a7:8b:77:be:fd:83:ae:18:56:28:4d:5f:cf:4f:fd:
4a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D1:B1:89:5F:86:A3:31:A6:A8:2E:0F:DC:96:36:D0:DD:7E:8D:2F
X509v3 Authority Key Identifier:
keyid:C4:EB:A1:FD:F6:C4:DE:19:2C:1D:3E:DF:8A:80:0C:A5:97:F9:7D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xOuh_fbE3hksHT7fioAMpZf5fWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/n9GxiV-GozGmqC4P3JY20N1-jS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1a6159-1dc6-4a09-844f-5128560dbdfc/1/xOuh_fbE3hksHT7fioAMpZf5fWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.120.0/21
185.131.0.0/22
IPv6:
2a02:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
b8:4b:8f:0d:be:9b:81:01:b6:01:f6:57:7c:5f:66:9a:a1:82:
ff:c2:9f:d7:88:65:c5:e0:c4:e6:6d:6e:be:06:24:30:86:ae:
13:c4:50:f0:00:df:85:a7:ad:30:79:c9:c0:80:ed:e7:7e:af:
8d:fc:34:f4:14:37:4e:8b:3d:ee:7f:4e:da:73:05:10:0d:b4:
a9:ca:79:b3:15:6f:87:f8:bb:d3:b5:8c:b3:96:8b:68:5c:4c:
a0:2f:5f:b3:81:85:b7:b6:e1:69:04:98:d4:87:75:b5:d5:63:
8b:85:72:98:85:c4:89:d2:02:25:54:3e:14:70:f8:7a:28:7f:
6a:14:4c:2c:d9:19:05:4c:43:70:fd:25:fa:26:96:c5:5f:ef:
79:91:3e:f8:c6:42:d2:29:14:70:d0:0d:33:dd:3b:a6:91:5b:
16:7d:c4:0c:6f:89:c6:fb:f6:32:70:ed:c5:47:68:fd:bb:0c:
0b:07:84:4d:71:3b:18:2f:5b:01:08:98:35:29:5a:c2:d9:06:
0a:6f:92:10:99:2f:f0:da:b8:a4:26:2c:af:13:00:16:b9:78:
b9:4f:ec:9a:d4:fe:5b:19:4f:bd:01:48:e8:ad:e1:c7:16:7e:
11:73:2c:e0:96:bf:a5:3b:06:72:0d:2c:c8:73:75:31:0d:5f:
ce:1d:cd:91
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHlLYSJyLfFpNNm6iBipwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZWJhMWZkZjZjNGRlMTkyYzFkM2VkZjhhODAwY2E1OTdm
OTdkNjgwHhcNMjQwMTAyMDAzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQxYjE4OTVmODZhMzMxYTZhODJlMGZkYzk2MzZkMGRkN2U4ZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+zb5x3ccwwuNRAjY0L5V//n+1vr
n1RVy+0UHtQSfy1exKati6PiuIlk6rG5Ud+Teftt+zZexBLquWG4skrMaomybh+e
Vau7z6WeggWcoRbrLSEV/zqOe41kLoeg/ELZMAR80xoxO8xwqQ4+YBmr5ERx8eE6
uOCSveb2VEM1dznwrdLf2373WpqCjDA+hTzd2TWV1mNo+ScgwuwmYxtGv1b7HyO5
3LqDqfbZ9H4vJ5Hks04hKAg858F9njpElGPB2w65YEj9kctsXZcR09x8V5sDkSlR
XGD3ByKh57A9fA6KRMSyR7fOop6nuOS3+Kyni3e+/YOuGFYoTV/PT/1KVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ/RsYlfhqMxpqguD9yWNtDdfo0vMB8GA1UdIwQY
MBaAFMTrof32xN4ZLB0+34qADKWX+X1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE91aF9mYkUzaGtzSFQ3ZmlvQU1wWmY1ZldnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xYTYxNTktMWRjNi00YTA5LTg0NGYt
NTEyODU2MGRiZGZjLzEvbjlHeGlWLUdvekdtcUM0UDNKWTIwTjEtalM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xYTYxNTktMWRjNi00YTA5LTg0NGYtNTEyODU2MGRiZGZj
LzEveE91aF9mYkUzaGtzSFQ3ZmlvQU1wWmY1ZldnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHxZ4AwQC
uYMAMA0EAgACMAcDBQMqAm8AMA0GCSqGSIb3DQEBCwUAA4IBAQC4S48NvpuBAbYB
9ld8X2aaoYL/wp/XiGXF4MTmbW6+BiQwhq4TxFDwAN+Fp60wecnAgO3nfq+N/DT0
FDdOiz3uf07acwUQDbSpynmzFW+H+LvTtYyzlotoXEygL1+zgYW3tuFpBJjUh3W1
1WOLhXKYhcSJ0gIlVD4UcPh6KH9qFEws2RkFTENw/SX6JpbFX+95kT74xkLSKRRw
0A0z3TumkVsWfcQMb4nG+/YycO3FR2j9uwwLB4RNcTsYL1sBCJg1KVrC2QYKb5IQ
mS/w2rikJiyvEwAWuXi5T+ya1P5bGU+9AUjoreHHFn4Rcyzglr+lOwZyDSzIc3Ux
DV/OHc2R
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:49:37 2024 by rpki-client on console-fra.rpki-client.org