Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/nJXFiiqN7ZN-iaGei3t3BRkEX1g.roa
File: nJXFiiqN7ZN-iaGei3t3BRkEX1g.roa (raw, json)
Hash identifier: 5syaLytkmOM+ErnKOWrYb6aAkdqomYHVBCSN221ZCmw=
Subject key identifier: 9C:95:C5:8A:2A:8D:ED:93:7E:89:A1:9E:8B:7B:77:05:19:04:5F:58
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 018F294F21D6F8B23D066076845D62093624
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/nJXFiiqN7ZN-iaGei3t3BRkEX1g.roa
Signing time: Mon 29 Apr 2024 10:03:22 +0000
ROA not before: Mon 29 Apr 2024 10:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 31.25.92.0/22 maxlen: 22
31.25.92.0/24 maxlen: 24
31.25.93.0/24 maxlen: 24
31.25.94.0/24 maxlen: 24
31.25.95.0/24 maxlen: 24
178.236.32.0/22 maxlen: 22
178.236.32.0/24 maxlen: 24
178.236.33.0/24 maxlen: 24
178.236.34.0/24 maxlen: 24
178.236.35.0/24 maxlen: 24
185.118.12.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 04:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:4f:21:d6:f8:b2:3d:06:60:76:84:5d:62:09:36:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Apr 29 10:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c95c58a2a8ded937e89a19e8b7b770519045f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d7:68:37:5e:50:0a:29:3e:85:16:e3:54:91:
9a:50:b4:b6:66:bc:3c:34:98:18:f4:28:b0:bf:07:
19:45:68:71:2f:d5:1f:3d:46:f0:75:37:fc:cd:29:
39:b4:ee:e8:03:54:24:2f:bb:ab:f3:5f:e1:ba:3a:
af:fb:2b:a9:a1:21:85:a9:f6:bb:7c:c8:97:c7:19:
16:8d:9d:d5:0b:b9:ab:93:4e:92:df:ce:c8:b5:e4:
8f:ce:e7:54:53:08:e0:09:5d:aa:c7:86:fc:4c:2b:
e1:da:ee:75:88:4c:07:13:84:54:fb:bb:07:a6:e8:
15:ce:b9:85:07:ca:ed:eb:c7:f8:5a:fa:f4:d5:39:
f2:da:73:63:84:3d:a0:95:fb:14:30:13:e1:42:c3:
93:71:01:ce:b5:c0:ae:15:d7:d5:9d:58:35:8c:73:
cd:0a:d3:d6:ff:82:f8:67:f3:d7:51:f1:f8:25:dd:
47:ee:7e:e5:82:a7:28:2d:e8:0a:9a:00:d9:33:08:
f7:ea:88:16:70:6a:ff:9e:a9:98:ad:6c:82:83:42:
cf:53:4c:48:5f:fb:8b:42:7f:98:af:14:18:38:74:
c3:f8:aa:0c:62:72:75:0e:1f:22:f3:dd:4d:32:f5:
fd:40:99:77:2f:99:9f:ea:24:01:f1:f0:89:7b:68:
b0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:95:C5:8A:2A:8D:ED:93:7E:89:A1:9E:8B:7B:77:05:19:04:5F:58
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/nJXFiiqN7ZN-iaGei3t3BRkEX1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.92.0/22
178.236.32.0/22
185.118.12.0/22
Signature Algorithm: sha256WithRSAEncryption
54:02:c8:f5:a6:ab:ea:55:46:37:88:09:7f:26:41:1a:4e:a8:
e9:f4:18:9e:c6:cc:59:cc:fa:b1:ba:28:9d:95:d6:8c:a1:72:
f7:be:7f:16:86:05:d8:b2:45:25:8c:98:af:00:70:56:50:64:
af:66:fc:68:75:88:31:f4:38:ec:a6:75:ba:06:d1:e6:54:86:
aa:4f:08:12:d3:20:73:42:5d:00:3b:22:68:09:c4:eb:5b:ad:
df:58:d2:20:d7:49:d5:03:05:de:de:0c:67:a0:7c:45:c7:e9:
ef:d1:37:db:ef:71:83:fb:e0:6a:ff:6c:c3:23:f3:a0:29:75:
1f:98:18:f0:81:1e:71:64:e8:67:0c:3c:9a:0e:fb:63:e5:5b:
95:2c:ae:80:64:86:1c:61:98:35:d7:76:3d:50:b2:fc:2a:06:
84:de:09:b6:2f:b3:df:47:a2:67:5a:5e:0c:0f:48:04:67:09:
c9:78:5c:38:42:80:63:f1:57:fd:54:a2:8b:ea:82:a6:e4:c5:
e1:5d:7f:92:76:42:d5:34:4b:36:c0:4a:de:65:83:78:6f:c8:
aa:05:85:55:8f:29:0b:5f:5d:7c:bd:1b:ab:cb:85:48:cd:1b:
dd:42:a2:c6:7a:10:57:5e:2b:99:b9:60:a6:af:7e:91:6e:56:
6c:d0:bc:f9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY8pTyHW+LI9BmB2hF1iCTYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjQwNDI5MTAwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzk1YzU4YTJhOGRlZDkzN2U4OWExOWU4YjdiNzcwNTE5MDQ1ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tdoN15QCik+hRbjVJGaULS2Zrw8
NJgY9CiwvwcZRWhxL9UfPUbwdTf8zSk5tO7oA1QkL7ur81/hujqv+yupoSGFqfa7
fMiXxxkWjZ3VC7mrk06S387IteSPzudUUwjgCV2qx4b8TCvh2u51iEwHE4RU+7sH
pugVzrmFB8rt68f4Wvr01Tny2nNjhD2glfsUMBPhQsOTcQHOtcCuFdfVnVg1jHPN
CtPW/4L4Z/PXUfH4Jd1H7n7lgqcoLegKmgDZMwj36ogWcGr/nqmYrWyCg0LPU0xI
X/uLQn+YrxQYOHTD+KoMYnJ1Dh8i891NMvX9QJl3L5mf6iQB8fCJe2iwVQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJyVxYoqje2Tfomhnot7dwUZBF9YMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL25KWEZpaXFON1pOLWlhR2VpM3QzQlJrRVgxZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAIfGVwD
BAKy7CADBAK5dgwwDQYJKoZIhvcNAQELBQADggEBAFQCyPWmq+pVRjeICX8mQRpO
qOn0GJ7GzFnM+rG6KJ2V1oyhcve+fxaGBdiyRSWMmK8AcFZQZK9m/Gh1iDH0OOym
dboG0eZUhqpPCBLTIHNCXQA7ImgJxOtbrd9Y0iDXSdUDBd7eDGegfEXH6e/RN9vv
cYP74Gr/bMMj86ApdR+YGPCBHnFk6GcMPJoO+2PlW5UsroBkhhxhmDXXdj1Qsvwq
BoTeCbYvs99HomdaXgwPSARnCcl4XDhCgGPxV/1UoovqgqbkxeFdf5J2QtU0SzbA
St5lg3hvyKoFhVWPKQtfXXy9G6vLhUjNG91CosZ6EFdeK5m5YKavfpFuVmzQvPk=
-----END CERTIFICATE-----
Generated at Mon May 27 13:41:03 2024 by rpki-client on console-fra.rpki-client.org