Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/3pBzEtkhPjgOuqmCmpyDwAhrA8s.roa
File: 3pBzEtkhPjgOuqmCmpyDwAhrA8s.roa (raw, json)
Hash identifier: 16VeBAOm0Z1fFU+5Xbwna9E+PUJgYR4zbRz4eBS+vYg=
Subject key identifier: DE:90:73:12:D9:21:3E:38:0E:BA:A9:82:9A:9C:83:C0:08:6B:03:CB
Certificate issuer: /CN=7b88d4a4ab18a59b664dabafdb3880dc35b22b91
Certificate serial: 018CF9AD1BBAF956C7EA4153C5FA1F71E11B
Authority key identifier: 7B:88:D4:A4:AB:18:A5:9B:66:4D:AB:AF:DB:38:80:DC:35:B2:2B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4jUpKsYpZtmTauv2ziA3DWyK5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/3pBzEtkhPjgOuqmCmpyDwAhrA8s.roa
Signing time: Thu 11 Jan 2024 17:58:40 +0000
ROA not before: Thu 11 Jan 2024 17:58:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57204
IP address blocks: 195.80.233.0/24 maxlen: 24
185.83.108.0/23 maxlen: 23
2a05:9a80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/e4jUpKsYpZtmTauv2ziA3DWyK5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/e4jUpKsYpZtmTauv2ziA3DWyK5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/e4jUpKsYpZtmTauv2ziA3DWyK5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:ad:1b:ba:f9:56:c7:ea:41:53:c5:fa:1f:71:e1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b88d4a4ab18a59b664dabafdb3880dc35b22b91
Validity
Not Before: Jan 11 17:58:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de907312d9213e380ebaa9829a9c83c0086b03cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4c:5a:8d:60:7a:fa:a2:41:52:29:1d:df:11:
84:38:b7:92:cc:c7:b8:2f:98:f4:aa:6e:b6:88:be:
5c:a7:1a:f4:f2:d0:01:71:a8:23:68:45:19:d1:7e:
f0:ab:28:07:58:a4:62:9b:9e:53:6a:00:84:c5:e7:
b5:8e:ea:70:08:0d:05:e0:2e:e9:6b:ff:aa:a9:84:
63:bb:aa:6b:f9:5f:96:fa:a4:99:a6:01:05:47:72:
cd:8b:c6:4d:97:20:5b:fd:9c:51:fd:f1:3b:8f:21:
65:5f:a7:39:57:7b:82:6a:49:a2:7e:93:58:ed:6d:
55:a5:34:2a:7e:a6:39:41:0a:55:99:48:38:6f:3c:
a5:70:8f:2c:ec:d0:64:b1:69:5e:7c:b1:f2:82:e5:
bd:85:92:50:41:97:22:52:19:bb:9f:66:43:c7:6e:
37:75:64:8b:05:74:1b:e2:d8:bf:f2:e0:d9:91:cd:
0a:58:3b:50:4a:b5:7d:8d:4a:d5:dd:01:f1:9a:08:
80:c8:1e:45:82:06:9d:2f:46:28:36:d5:e4:12:43:
51:97:2f:09:7c:34:bd:90:c6:aa:ed:02:53:9d:f1:
3c:12:03:99:36:eb:26:e4:30:9a:3e:6d:06:4d:a0:
2f:3f:91:2c:5b:9b:d8:ad:90:8d:13:0a:81:57:22:
c8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:90:73:12:D9:21:3E:38:0E:BA:A9:82:9A:9C:83:C0:08:6B:03:CB
X509v3 Authority Key Identifier:
keyid:7B:88:D4:A4:AB:18:A5:9B:66:4D:AB:AF:DB:38:80:DC:35:B2:2B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4jUpKsYpZtmTauv2ziA3DWyK5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/3pBzEtkhPjgOuqmCmpyDwAhrA8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2048e4-818c-4601-b023-743765bd0f3e/1/e4jUpKsYpZtmTauv2ziA3DWyK5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.108.0/23
195.80.233.0/24
IPv6:
2a05:9a80::/29
Signature Algorithm: sha256WithRSAEncryption
aa:e7:59:b6:c4:20:bd:0a:22:cf:6e:e2:7b:df:5a:be:9a:40:
de:e8:bf:c0:9f:86:2a:a3:4f:d8:e9:47:70:d5:9b:f6:07:78:
2a:0d:13:0e:86:ce:97:7d:10:a7:73:b1:55:3a:8f:fc:a0:91:
fd:ed:05:02:94:fa:6f:97:db:3e:c8:8f:ef:cb:e6:88:76:3d:
b1:6b:1d:38:3e:36:33:db:44:c9:1c:d8:1e:c2:39:77:11:23:
21:cd:c5:43:01:19:bc:95:5d:ee:60:81:5e:fd:80:6d:30:dc:
92:e8:47:b3:35:16:e6:cf:44:74:34:85:36:7b:c6:6d:a9:cc:
36:08:bb:4c:32:33:7f:a5:b6:23:a9:9e:e4:bb:a2:6f:b5:28:
7d:85:41:dc:42:a9:42:e9:fe:7b:57:e4:8d:e8:af:21:02:0c:
4e:68:13:e7:77:03:c2:95:41:02:1e:be:9b:95:39:17:d2:f4:
cf:31:f6:20:f7:5d:77:fa:08:a7:56:5d:e1:9c:ae:2c:8b:9a:
1b:40:3f:47:e5:b6:29:09:29:05:c9:c0:74:35:57:fa:58:e8:
31:a0:8b:bf:4d:3a:e0:6f:63:ce:89:c0:be:f1:ad:e6:1c:82:
37:18:e8:5b:dd:00:9b:f2:7a:68:ff:0f:c0:72:de:88:be:4b:
7c:51:4f:cd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYz5rRu6+VbH6kFTxfofceEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODhkNGE0YWIxOGE1OWI2NjRkYWJhZmRiMzg4MGRjMzVi
MjJiOTEwHhcNMjQwMTExMTc1ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTkwNzMxMmQ5MjEzZTM4MGViYWE5ODI5YTljODNjMDA4NmIwM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0xajWB6+qJBUikd3xGEOLeSzMe4
L5j0qm62iL5cpxr08tABcagjaEUZ0X7wqygHWKRim55TagCExee1jupwCA0F4C7p
a/+qqYRju6pr+V+W+qSZpgEFR3LNi8ZNlyBb/ZxR/fE7jyFlX6c5V3uCakmifpNY
7W1VpTQqfqY5QQpVmUg4bzylcI8s7NBksWlefLHyguW9hZJQQZciUhm7n2ZDx243
dWSLBXQb4ti/8uDZkc0KWDtQSrV9jUrV3QHxmgiAyB5FggadL0YoNtXkEkNRly8J
fDS9kMaq7QJTnfE8EgOZNusm5DCaPm0GTaAvP5EsW5vYrZCNEwqBVyLIeQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN6QcxLZIT44Drqpgpqcg8AIawPLMB8GA1UdIwQY
MBaAFHuI1KSrGKWbZk2rr9s4gNw1siuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRqVXBLc1lwWnRtVGF1djJ6aUEzRFd5SzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yMDQ4ZTQtODE4Yy00NjAxLWIwMjMt
NzQzNzY1YmQwZjNlLzEvM3BCekV0a2hQamdPdXFtQ21weUR3QWhyQThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yMDQ4ZTQtODE4Yy00NjAxLWIwMjMtNzQzNzY1YmQwZjNl
LzEvZTRqVXBLc1lwWnRtVGF1djJ6aUEzRFd5SzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuVNsAwQA
w1DpMA0EAgACMAcDBQMqBZqAMA0GCSqGSIb3DQEBCwUAA4IBAQCq51m2xCC9CiLP
buJ731q+mkDe6L/An4Yqo0/Y6Udw1Zv2B3gqDRMOhs6XfRCnc7FVOo/8oJH97QUC
lPpvl9s+yI/vy+aIdj2xax04PjYz20TJHNgewjl3ESMhzcVDARm8lV3uYIFe/YBt
MNyS6EezNRbmz0R0NIU2e8Ztqcw2CLtMMjN/pbYjqZ7ku6JvtSh9hUHcQqlC6f57
V+SN6K8hAgxOaBPndwPClUECHr6blTkX0vTPMfYg9113+ginVl3hnK4si5obQD9H
5bYpCSkFycB0NVf6WOgxoIu/TTrgb2POicC+8a3mHII3GOhb3QCb8npo/w/Act6I
vkt8UU/N
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:01:38 2024 by rpki-client on console-fra.rpki-client.org