Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IBNkZ4EMc2viDUo-HbGEavEfZnA.roa
File: IBNkZ4EMc2viDUo-HbGEavEfZnA.roa (raw, json)
Hash identifier: /NckOHBkrhTp5T9Sdk5fJJF7jbGrjtNX+tAnSTfvYRQ=
Subject key identifier: 20:13:64:67:81:0C:73:6B:E2:0D:4A:3E:1D:B1:84:6A:F1:1F:66:70
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 019320C1C4D2A6480E8439449502C0DDC249
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IBNkZ4EMc2viDUo-HbGEavEfZnA.roa
Signing time: Tue 12 Nov 2024 14:23:09 +0000
ROA not before: Tue 12 Nov 2024 14:23:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215066
IP address blocks: 31.222.220.0/24 maxlen: 24
31.222.221.0/24 maxlen: 24
31.222.222.0/24 maxlen: 24
31.222.223.0/24 maxlen: 24
188.64.36.0/22 maxlen: 24
194.164.226.0/24 maxlen: 24
194.164.227.0/24 maxlen: 24
194.164.228.0/24 maxlen: 24
194.164.229.0/24 maxlen: 24
195.144.8.0/24 maxlen: 24
2a07:244::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.mft
rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:20:c1:c4:d2:a6:48:0e:84:39:44:95:02:c0:dd:c2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Nov 12 14:23:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20136467810c736be20d4a3e1db1846af11f6670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7a:94:12:5f:95:b5:fa:8b:25:e2:dc:61:58:
29:a4:44:36:61:ff:03:30:53:cc:6d:35:39:37:37:
27:c2:16:c7:7b:11:04:62:f6:bc:9b:bf:17:22:db:
11:0b:04:92:98:9d:a6:b7:df:3d:75:09:a9:f0:48:
0d:35:c3:84:0e:c1:5f:85:1f:82:49:e9:d2:eb:42:
1a:10:74:0d:a1:c4:9c:6b:0e:e3:d5:77:07:c5:77:
1c:9e:0f:a7:4f:6e:76:f0:d7:46:81:e0:4b:49:4a:
54:7e:ab:46:39:3b:e5:99:39:4a:64:06:d7:07:16:
26:1d:bd:c0:00:fc:93:ae:a4:c2:37:2d:2a:98:e4:
6b:54:4e:60:0d:b1:c1:b8:4f:cc:40:28:cb:c3:aa:
f0:79:98:67:ea:2d:80:0a:ca:f9:34:fa:d1:91:17:
d4:c4:e3:d1:82:29:cc:77:6a:9d:2f:21:46:3c:47:
1f:38:b7:83:52:b7:e9:c4:ba:02:77:b4:6c:01:21:
d9:96:e7:25:c7:15:9e:36:e1:18:d3:c6:8c:57:37:
24:6e:d5:f5:fc:c1:2d:8a:ec:dc:a9:cf:41:24:b7:
19:61:ab:02:13:7e:f9:2d:68:fd:67:9e:5d:bc:d4:
44:eb:6c:02:89:cd:7c:95:39:e6:0c:ba:7d:30:59:
ff:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:13:64:67:81:0C:73:6B:E2:0D:4A:3E:1D:B1:84:6A:F1:1F:66:70
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IBNkZ4EMc2viDUo-HbGEavEfZnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.220.0/22
188.64.36.0/22
194.164.226.0-194.164.229.255
195.144.8.0/24
IPv6:
2a07:244::/32
Signature Algorithm: sha256WithRSAEncryption
7a:21:b2:9f:1f:4d:91:2d:26:57:a6:fa:a5:89:d3:ac:d1:0d:
d6:98:f7:7d:8b:35:0a:62:b2:99:9b:97:8e:4f:fd:de:09:28:
13:e2:56:0a:b5:a9:92:61:e3:41:48:f5:0a:60:7f:eb:c2:41:
d1:df:61:fe:f4:ea:4a:8e:58:a1:ba:c9:06:c8:3e:8e:bb:31:
bb:4e:ee:29:6c:49:92:31:06:91:ee:06:75:f4:7f:2d:ee:01:
df:18:bd:f8:fe:77:a9:d6:a5:dc:01:86:82:a2:6b:aa:11:34:
f8:fc:f5:db:39:1c:d0:0d:18:45:d6:f7:7e:c3:af:c7:50:95:
63:63:1c:8b:86:a2:8b:76:60:b5:02:c8:8d:77:98:a5:50:59:
52:37:88:e8:71:6a:01:56:43:e6:90:2f:13:86:78:c9:1a:42:
57:63:7c:4d:ae:b7:78:2e:f9:da:84:e8:7e:8e:05:2a:a0:60:
8c:42:bb:c7:e7:a3:00:31:e1:5b:9d:aa:84:96:90:6f:c5:4a:
59:9b:4c:3b:8a:4a:d5:81:79:c5:3a:b5:4b:dc:02:16:c7:bd:
2f:1d:83:70:f4:f1:23:07:83:bf:f8:5c:7e:18:97:ab:1e:47:
48:66:0b:27:46:19:60:4b:e6:8d:76:a4:56:2b:45:86:56:cc:
97:0a:b3:b0
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZMgwcTSpkgOhDlElQLA3cJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjQxMTEyMTQyMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDEzNjQ2NzgxMGM3MzZiZTIwZDRhM2UxZGIxODQ2YWYxMWY2NjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHqUEl+VtfqLJeLcYVgppEQ2Yf8D
MFPMbTU5NzcnwhbHexEEYva8m78XItsRCwSSmJ2mt989dQmp8EgNNcOEDsFfhR+C
SenS60IaEHQNocScaw7j1XcHxXccng+nT2528NdGgeBLSUpUfqtGOTvlmTlKZAbX
BxYmHb3AAPyTrqTCNy0qmORrVE5gDbHBuE/MQCjLw6rweZhn6i2ACsr5NPrRkRfU
xOPRginMd2qdLyFGPEcfOLeDUrfpxLoCd7RsASHZluclxxWeNuEY08aMVzckbtX1
/MEtiuzcqc9BJLcZYasCE375LWj9Z55dvNRE62wCic18lTnmDLp9MFn/6wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCATZGeBDHNr4g1KPh2xhGrxH2ZwMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvSUJOa1o0RU1jMnZpRFVvLUhiR0VhdkVmWm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCH97cAwQC
vEAkMAwDBAHCpOIDBAHCpOQDBADDkAgwDQQCAAIwBwMFACoHAkQwDQYJKoZIhvcN
AQELBQADggEBAHohsp8fTZEtJlem+qWJ06zRDdaY932LNQpispmbl45P/d4JKBPi
Vgq1qZJh40FI9Qpgf+vCQdHfYf706kqOWKG6yQbIPo67MbtO7ilsSZIxBpHuBnX0
fy3uAd8Yvfj+d6nWpdwBhoKia6oRNPj89ds5HNANGEXW937Dr8dQlWNjHIuGoot2
YLUCyI13mKVQWVI3iOhxagFWQ+aQLxOGeMkaQldjfE2ut3gu+dqE6H6OBSqgYIxC
u8fnowAx4VudqoSWkG/FSlmbTDuKStWBecU6tUvcAhbHvS8dg3D08SMHg7/4XH4Y
l6seR0hmCydGGWBL5o12pFYrRYZWzJcKs7A=
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:00:44 2024 by rpki-client on console-fra.rpki-client.org