Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/nxsdrB80Gh5yjfM0pW0x24np1RQ.roa
File: nxsdrB80Gh5yjfM0pW0x24np1RQ.roa (raw, json)
Hash identifier: C9aKIzqDTYjDuXzHQUAtGH8WExx5PY4j40BrkIc9IbA=
Subject key identifier: 9F:1B:1D:AC:1F:34:1A:1E:72:8D:F3:34:A5:6D:31:DB:89:E9:D5:14
Certificate issuer: /CN=72b88675247ce1865a353f4cef5b2ac288a39698
Certificate serial: 018EC3247E1A2CB72ED54867428B941EB5D0
Authority key identifier: 72:B8:86:75:24:7C:E1:86:5A:35:3F:4C:EF:5B:2A:C2:88:A3:96:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/criGdSR84YZaNT9M71sqwoijlpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/nxsdrB80Gh5yjfM0pW0x24np1RQ.roa
Signing time: Tue 09 Apr 2024 13:55:32 +0000
ROA not before: Tue 09 Apr 2024 13:55:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 31.42.191.0/24 maxlen: 24
194.61.54.0/24 maxlen: 24
194.61.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/criGdSR84YZaNT9M71sqwoijlpg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/criGdSR84YZaNT9M71sqwoijlpg.mft
rsync://rpki.ripe.net/repository/DEFAULT/criGdSR84YZaNT9M71sqwoijlpg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c3:24:7e:1a:2c:b7:2e:d5:48:67:42:8b:94:1e:b5:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b88675247ce1865a353f4cef5b2ac288a39698
Validity
Not Before: Apr 9 13:55:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f1b1dac1f341a1e728df334a56d31db89e9d514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a5:ef:97:3e:02:eb:0b:c7:cd:9b:e4:04:04:
54:be:57:60:eb:09:a9:1d:e6:ef:25:77:ee:4d:b6:
7b:a8:d3:70:82:66:88:a7:92:07:2c:83:96:7d:7a:
7b:9c:94:89:a4:9c:bb:0b:e8:c1:f4:65:c7:2f:13:
97:23:94:be:c4:5c:dc:22:71:d7:fa:e2:4e:3d:b4:
56:03:77:fd:29:ae:c8:8e:2c:86:d9:54:ab:4a:03:
9f:c3:f4:30:18:3f:17:0b:bc:84:67:70:b0:a4:c4:
2c:fc:71:d9:b4:53:8d:1a:a2:22:bf:95:9b:4a:f6:
11:5d:20:ff:ed:e3:6c:17:87:b0:42:50:f0:6a:97:
d4:2e:02:a8:b2:be:29:f3:66:ec:ad:31:6e:fa:2d:
ca:f1:4a:83:62:b6:fd:00:2d:a5:5b:d6:f5:97:9b:
5a:89:cb:c5:48:73:c6:fa:eb:b8:e3:58:33:36:56:
98:c6:26:94:ca:17:fb:4c:2e:00:f4:07:c2:fa:33:
d3:63:5f:0d:02:20:ac:6a:eb:1f:b5:4b:06:67:82:
de:24:6b:53:de:be:3a:55:e8:15:cb:90:90:8e:aa:
46:75:6d:2b:8d:50:fa:47:ec:71:a8:9c:23:9d:00:
ff:22:fb:4e:70:76:2f:f5:f7:cd:af:97:f2:bc:7a:
6d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1B:1D:AC:1F:34:1A:1E:72:8D:F3:34:A5:6D:31:DB:89:E9:D5:14
X509v3 Authority Key Identifier:
keyid:72:B8:86:75:24:7C:E1:86:5A:35:3F:4C:EF:5B:2A:C2:88:A3:96:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/criGdSR84YZaNT9M71sqwoijlpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/nxsdrB80Gh5yjfM0pW0x24np1RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/criGdSR84YZaNT9M71sqwoijlpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.191.0/24
194.61.54.0/23
Signature Algorithm: sha256WithRSAEncryption
76:b0:d7:c5:c9:74:d3:60:22:e5:8e:70:54:0a:00:30:80:3d:
0d:a5:f8:1a:e8:3a:d3:a0:1c:48:ca:7d:ca:fc:ef:ef:dd:40:
93:b8:ef:aa:b8:a0:0d:31:78:ae:62:b6:14:aa:04:f5:81:be:
05:b5:bb:5e:c4:8f:38:61:50:66:c6:13:21:67:e3:1b:a4:6b:
0c:6d:23:f3:01:5e:e7:8d:66:1c:44:dd:5d:71:ba:3b:94:d7:
41:b0:71:6a:4a:21:9e:39:52:1f:17:46:95:f0:2b:a5:e6:95:
bc:25:8c:f0:c0:06:ae:09:25:a2:db:a2:91:66:5e:52:d6:1d:
e5:32:0a:11:4b:4d:5e:7f:ba:c8:a0:31:3d:29:b6:04:98:f6:
4e:c9:b7:73:22:71:09:a8:89:bb:5a:29:b4:47:8f:47:8d:1f:
01:bf:e1:9d:c9:c4:a0:da:c0:a3:3e:00:0d:8c:c9:8b:e9:a4:
41:52:a6:b1:3f:35:c7:b4:da:41:55:65:e6:8f:9f:ed:3d:4e:
ea:ca:36:f6:06:b9:09:47:63:22:5b:15:78:96:b8:11:8d:c5:
22:d2:c3:e3:2e:f3:b4:55:c5:af:a0:27:ed:9d:ee:70:75:44:
78:9a:6a:b5:bd:f5:65:52:00:c2:80:19:77:94:90:82:6b:88:
f8:3a:ce:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7DJH4aLLcu1UhnQouUHrXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjg4Njc1MjQ3Y2UxODY1YTM1M2Y0Y2VmNWIyYWMyODhh
Mzk2OTgwHhcNMjQwNDA5MTM1NTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjFiMWRhYzFmMzQxYTFlNzI4ZGYzMzRhNTZkMzFkYjg5ZTlkNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqXvlz4C6wvHzZvkBARUvldg6wmp
HebvJXfuTbZ7qNNwgmaIp5IHLIOWfXp7nJSJpJy7C+jB9GXHLxOXI5S+xFzcInHX
+uJOPbRWA3f9Ka7IjiyG2VSrSgOfw/QwGD8XC7yEZ3CwpMQs/HHZtFONGqIiv5Wb
SvYRXSD/7eNsF4ewQlDwapfULgKosr4p82bsrTFu+i3K8UqDYrb9AC2lW9b1l5ta
icvFSHPG+uu441gzNlaYxiaUyhf7TC4A9AfC+jPTY18NAiCsausftUsGZ4LeJGtT
3r46VegVy5CQjqpGdW0rjVD6R+xxqJwjnQD/IvtOcHYv9ffNr5fyvHptywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ8bHawfNBoeco3zNKVtMduJ6dUUMB8GA1UdIwQY
MBaAFHK4hnUkfOGGWjU/TO9bKsKIo5aYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JpR2RTUjg0WVphTlQ5TTcxc3F3b2lqbHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xNGRkNmUtNjc3My00N2ZmLThlM2It
MTEzNzA3M2ZhOGY2LzEvbnhzZHJCODBHaDV5amZNMHBXMHgyNG5wMVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xNGRkNmUtNjc3My00N2ZmLThlM2ItMTEzNzA3M2ZhOGY2
LzEvY3JpR2RTUjg0WVphTlQ5TTcxc3F3b2lqbHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHyq/AwQB
wj02MA0GCSqGSIb3DQEBCwUAA4IBAQB2sNfFyXTTYCLljnBUCgAwgD0Npfga6DrT
oBxIyn3K/O/v3UCTuO+quKANMXiuYrYUqgT1gb4FtbtexI84YVBmxhMhZ+MbpGsM
bSPzAV7njWYcRN1dcbo7lNdBsHFqSiGeOVIfF0aV8Cul5pW8JYzwwAauCSWi26KR
Zl5S1h3lMgoRS01ef7rIoDE9KbYEmPZOybdzInEJqIm7Wim0R49HjR8Bv+GdycSg
2sCjPgANjMmL6aRBUqaxPzXHtNpBVWXmj5/tPU7qyjb2BrkJR2MiWxV4lrgRjcUi
0sPjLvO0VcWvoCftne5wdUR4mmq1vfVlUgDCgBl3lJCCa4j4Os42
-----END CERTIFICATE-----
Generated at Tue Nov 26 06:38:33 2024 by rpki-client on console-fra.rpki-client.org