Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/G9mljl3qx6HIjJQh98hrt6NzYsY.roa
File: G9mljl3qx6HIjJQh98hrt6NzYsY.roa (raw, json)
Hash identifier: OIUD0GkehrCUB2gh7jqggFzqrN0477CEXHi8HVWoCW8=
Subject key identifier: 1B:D9:A5:8E:5D:EA:C7:A1:C8:8C:94:21:F7:C8:6B:B7:A3:73:62:C6
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 0191FECD3C340377A250F1920DD9DDA6AC1D
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/G9mljl3qx6HIjJQh98hrt6NzYsY.roa
Signing time: Tue 17 Sep 2024 07:05:48 +0000
ROA not before: Tue 17 Sep 2024 07:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 31.25.92.0/22 maxlen: 22
31.25.92.0/24 maxlen: 24
31.25.93.0/24 maxlen: 24
31.25.94.0/24 maxlen: 24
31.25.95.0/24 maxlen: 24
178.236.32.0/22 maxlen: 22
185.118.13.0/24 maxlen: 24
185.118.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fe:cd:3c:34:03:77:a2:50:f1:92:0d:d9:dd:a6:ac:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Sep 17 07:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bd9a58e5deac7a1c88c9421f7c86bb7a37362c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7f:08:12:22:11:a8:38:96:db:29:a8:4a:f1:
7d:6f:cd:b9:15:41:83:ba:56:b4:e7:d5:dc:b5:d9:
fa:81:60:46:5b:44:bb:5d:e9:8e:bf:1a:5c:b4:6e:
e5:c1:4a:76:39:61:b3:54:6c:6b:43:75:36:10:2d:
31:99:5d:1e:80:b2:b5:ff:ae:a1:e2:e4:ff:df:e2:
e3:f0:b3:e1:6c:21:70:20:f7:b3:2b:fd:f5:3c:36:
c6:5b:6f:72:d1:b5:23:09:f0:c9:f6:3f:67:ef:02:
13:38:61:27:8a:ce:c2:82:9c:bd:4e:0d:95:83:5c:
79:ff:31:4b:2a:4d:d7:a9:ba:92:73:4d:25:04:15:
c0:74:d3:56:38:8d:a3:81:f7:fe:2c:bf:42:27:55:
3f:a1:b6:c0:98:99:0b:1f:85:ce:28:10:82:a7:df:
6a:a8:96:f1:4d:22:81:3f:2a:a6:e3:f0:0b:63:9c:
65:45:d5:be:70:02:eb:95:2a:8a:01:d9:9b:db:ff:
ce:e3:0d:f2:0c:7f:35:e1:87:cd:d5:b6:ea:a4:9b:
77:60:c8:21:d0:8b:ab:ac:1b:0b:b8:2b:32:38:05:
b3:18:d4:73:28:c4:bd:3f:6e:b7:29:ee:86:9a:3d:
54:3f:10:27:70:ad:20:fa:7e:a8:37:b8:22:ea:b9:
67:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D9:A5:8E:5D:EA:C7:A1:C8:8C:94:21:F7:C8:6B:B7:A3:73:62:C6
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/G9mljl3qx6HIjJQh98hrt6NzYsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.92.0/22
178.236.32.0/22
185.118.13.0-185.118.14.255
Signature Algorithm: sha256WithRSAEncryption
7f:e1:89:03:fc:32:73:d2:cc:5b:1a:c9:8b:f5:67:f3:8b:c7:
de:33:46:89:8c:21:e0:1e:d7:92:29:38:89:ab:77:4a:c0:b1:
01:12:8d:b7:4a:ad:cb:f6:bf:dc:f9:53:ad:95:d4:fa:31:3e:
19:d6:b0:d2:48:8b:67:38:c8:eb:c0:85:57:c8:d5:5b:cd:e7:
35:36:04:49:c2:f7:4f:9b:3f:06:05:1a:d1:6a:bb:06:35:4c:
40:95:56:2b:10:0e:84:0e:0e:f5:5c:77:92:fd:98:81:e6:c2:
fe:e7:68:cd:f6:fc:fa:be:27:e4:20:82:f0:83:26:b5:e0:bf:
04:2a:3e:32:3d:91:57:d0:90:f4:a9:d3:42:e3:87:aa:7b:a2:
0c:26:01:00:8d:76:28:b5:95:d7:7b:0c:33:02:16:39:78:c0:
ad:68:10:0e:81:be:c2:ce:01:a1:23:40:9c:a4:c0:62:de:1b:
ca:1c:4b:52:80:92:ff:ff:83:77:3c:ad:2a:1b:76:fe:09:4b:
38:54:df:4d:d7:f4:c5:ed:69:2b:ca:9c:dd:13:8a:8d:af:d2:
be:c4:59:74:8f:dd:b5:f4:59:77:71:5e:0c:75:f6:eb:2f:fb:
85:c7:d7:84:55:e3:78:19:56:60:b4:ff:9b:09:8d:5e:35:bf:
13:16:b3:aa
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZH+zTw0A3eiUPGSDdndpqwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjQwOTE3MDcwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQ5YTU4ZTVkZWFjN2ExYzg4Yzk0MjFmN2M4NmJiN2EzNzM2MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA238IEiIRqDiW2ymoSvF9b825FUGD
ula059Xctdn6gWBGW0S7XemOvxpctG7lwUp2OWGzVGxrQ3U2EC0xmV0egLK1/66h
4uT/3+Lj8LPhbCFwIPezK/31PDbGW29y0bUjCfDJ9j9n7wITOGEnis7Cgpy9Tg2V
g1x5/zFLKk3XqbqSc00lBBXAdNNWOI2jgff+LL9CJ1U/obbAmJkLH4XOKBCCp99q
qJbxTSKBPyqm4/ALY5xlRdW+cALrlSqKAdmb2//O4w3yDH814YfN1bbqpJt3YMgh
0IurrBsLuCsyOAWzGNRzKMS9P263Ke6Gmj1UPxAncK0g+n6oN7gi6rlnPwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBvZpY5d6sehyIyUIffIa7ejc2LGMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL0c5bWxqbDNxeDZISWpKUWg5OGhydDZOellzWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoDBAIfGVwD
BAKy7CAwDAMEALl2DQMEALl2DjANBgkqhkiG9w0BAQsFAAOCAQEAf+GJA/wyc9LM
WxrJi/Vn84vH3jNGiYwh4B7Xkik4iat3SsCxARKNt0qty/a/3PlTrZXU+jE+Gdaw
0kiLZzjI68CFV8jVW83nNTYEScL3T5s/BgUa0Wq7BjVMQJVWKxAOhA4O9Vx3kv2Y
gebC/udozfb8+r4n5CCC8IMmteC/BCo+Mj2RV9CQ9KnTQuOHqnuiDCYBAI12KLWV
13sMMwIWOXjArWgQDoG+ws4BoSNAnKTAYt4byhxLUoCS//+DdzytKht2/glLOFTf
Tdf0xe1pK8qc3ROKja/SvsRZdI/dtfRZd3FeDHX26y/7hcfXhFXjeBlWYLT/mwmN
XjW/Exazqg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:08:43 2024 by rpki-client on console-fra.rpki-client.org