Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/9XfFT0b5w-J-QKyIIs7ahQsLB2w.roa
File: 9XfFT0b5w-J-QKyIIs7ahQsLB2w.roa (raw, json)
Hash identifier: /Dc8JWM/+qDi7rE+BZb+kJASUM4lRw1m9RM8M4v+1VY=
Subject key identifier: F5:77:C5:4F:46:F9:C3:E2:7E:40:AC:88:22:CE:DA:85:0B:0B:07:6C
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 0191C1CD99BA27178BF093CA2A27BA9FDC05
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/9XfFT0b5w-J-QKyIIs7ahQsLB2w.roa
Signing time: Thu 05 Sep 2024 10:49:22 +0000
ROA not before: Thu 05 Sep 2024 10:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16205
IP address blocks: 31.210.160.0/21 maxlen: 21
81.201.144.0/20 maxlen: 20
176.52.200.0/21 maxlen: 21
178.249.24.0/21 maxlen: 21
185.75.184.0/22 maxlen: 22
217.18.176.0/20 maxlen: 20
2a00:8180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.mft
rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:cd:99:ba:27:17:8b:f0:93:ca:2a:27:ba:9f:dc:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: Sep 5 10:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f577c54f46f9c3e27e40ac8822ceda850b0b076c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9d:e7:c4:78:53:65:af:6e:cc:13:85:d4:e9:
eb:9a:b8:e9:6e:88:17:f3:bd:bf:88:7d:26:f4:3e:
89:05:ee:d4:46:a3:59:9a:d9:83:91:a1:5d:ad:c5:
d4:b4:fe:a1:72:7d:97:4b:ba:9e:7f:9a:15:bf:16:
e2:a0:ef:d0:35:69:a9:c8:5b:45:d0:81:e1:77:8f:
04:c2:25:4d:71:3e:f3:b7:f3:93:e7:02:29:78:ff:
85:6f:4f:58:25:41:b9:a6:2f:bc:d0:39:2e:51:c0:
75:08:40:04:e9:23:49:94:e5:3f:bf:d8:cb:0f:9d:
d3:a2:a7:f6:db:aa:4f:6a:9d:54:b2:b6:1e:ae:59:
0a:90:64:10:88:83:22:44:59:b5:90:19:f5:c5:3b:
07:2a:6d:19:c4:38:12:50:43:57:e1:4f:f4:0b:5a:
8c:b5:99:87:7c:76:ee:ca:69:4e:72:2b:2c:a2:a8:
13:7a:8e:e6:cf:c1:80:93:91:6e:dd:62:f9:cf:da:
82:3f:3b:95:11:13:78:9f:7f:a6:75:8f:9a:3b:b0:
e7:e7:03:77:73:43:74:9f:fa:66:5a:a0:2b:b6:5b:
ea:34:85:6a:5d:e3:44:29:72:55:e8:67:d6:c1:e9:
6e:81:1a:35:fd:d4:ed:34:78:c9:73:42:40:0c:9e:
e5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:77:C5:4F:46:F9:C3:E2:7E:40:AC:88:22:CE:DA:85:0B:0B:07:6C
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/9XfFT0b5w-J-QKyIIs7ahQsLB2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.160.0/21
81.201.144.0/20
176.52.200.0/21
178.249.24.0/21
185.75.184.0/22
217.18.176.0/20
IPv6:
2a00:8180::/32
Signature Algorithm: sha256WithRSAEncryption
33:1a:d2:84:73:d7:cc:df:32:16:e4:d4:78:10:ec:7e:98:54:
fc:62:9b:7a:36:9e:fc:e2:ef:05:06:5c:3f:33:75:bd:40:bf:
0f:f5:4b:d4:f1:3d:49:13:59:58:fd:51:f3:1e:32:a9:81:66:
25:5c:44:ee:7b:97:17:55:20:02:b4:cf:09:28:02:48:a3:f7:
84:91:fd:68:a4:e9:55:5c:ed:45:d7:82:88:de:b8:13:a2:43:
f1:7c:93:f6:29:78:1d:d1:a2:28:c5:b4:0e:8b:b5:55:3f:e7:
67:d4:51:3f:9b:f9:fa:3e:c7:03:b6:6a:a4:6b:54:02:7e:3c:
a2:5c:8a:de:ff:2e:cd:c1:93:b0:a1:a8:17:f5:13:8e:35:10:
ee:03:0d:de:70:06:52:f3:77:1e:f6:b5:e9:b5:17:7e:b3:e0:
c4:8e:f8:c0:5c:45:ff:af:c7:b8:e9:98:57:5f:a5:b0:66:98:
10:96:05:27:f4:66:76:07:cc:53:c5:fc:4b:aa:39:8a:c6:85:
6e:86:e8:d6:ca:72:67:cf:82:f3:a7:d5:d5:2d:25:84:5e:fb:
d8:a9:8f:1e:68:23:4a:f6:b6:b2:26:c4:36:ca:22:04:a4:d7:
3a:0d:00:e1:d3:5e:1a:86:f4:cc:03:87:13:e7:e4:e8:8d:af:
88:6d:45:33
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZHBzZm6JxeL8JPKKie6n9wFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjQwOTA1MTA0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTc3YzU0ZjQ2ZjljM2UyN2U0MGFjODgyMmNlZGE4NTBiMGIwNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ3nxHhTZa9uzBOF1OnrmrjpbogX
872/iH0m9D6JBe7URqNZmtmDkaFdrcXUtP6hcn2XS7qef5oVvxbioO/QNWmpyFtF
0IHhd48EwiVNcT7zt/OT5wIpeP+Fb09YJUG5pi+80DkuUcB1CEAE6SNJlOU/v9jL
D53Toqf226pPap1UsrYerlkKkGQQiIMiRFm1kBn1xTsHKm0ZxDgSUENX4U/0C1qM
tZmHfHbuymlOcissoqgTeo7mz8GAk5Fu3WL5z9qCPzuVERN4n3+mdY+aO7Dn5wN3
c0N0n/pmWqArtlvqNIVqXeNEKXJV6GfWwelugRo1/dTtNHjJc0JADJ7laQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPV3xU9G+cPifkCsiCLO2oULCwdsMB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvOVhmRlQwYjV3LUotUUt5SUlzN2FoUXNMQjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDH9KgAwQE
UcmQAwQDsDTIAwQDsvkYAwQCuUu4AwQE2RKwMA0EAgACMAcDBQAqAIGAMA0GCSqG
SIb3DQEBCwUAA4IBAQAzGtKEc9fM3zIW5NR4EOx+mFT8Ypt6Np784u8FBlw/M3W9
QL8P9UvU8T1JE1lY/VHzHjKpgWYlXETue5cXVSACtM8JKAJIo/eEkf1opOlVXO1F
14KI3rgTokPxfJP2KXgd0aIoxbQOi7VVP+dn1FE/m/n6PscDtmqka1QCfjyiXIre
/y7NwZOwoagX9ROONRDuAw3ecAZS83ce9rXptRd+s+DEjvjAXEX/r8e46ZhXX6Ww
ZpgQlgUn9GZ2B8xTxfxLqjmKxoVuhujWynJnz4Lzp9XVLSWEXvvYqY8eaCNK9ray
JsQ2yiIEpNc6DQDh014ahvTMA4cT5+Toja+IbUUz
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:23:50 2024 by rpki-client on console-ams.rpki-client.org