Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/64uuPQ-loz2eaW0dE2Z6XJCTqkY.roa
File: 64uuPQ-loz2eaW0dE2Z6XJCTqkY.roa (raw, json)
Hash identifier: +f/E3huVpeH+vOueI41BzoPe+ZaPEP7kMEyKU7loa2U=
Subject key identifier: EB:8B:AE:3D:0F:A5:A3:3D:9E:69:6D:1D:13:66:7A:5C:90:93:AA:46
Certificate issuer: /CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Certificate serial: 018CC2DAD6EF70731F2624513BF00316B69D
Authority key identifier: B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/64uuPQ-loz2eaW0dE2Z6XJCTqkY.roa
Signing time: Mon 01 Jan 2024 02:29:30 +0000
ROA not before: Mon 01 Jan 2024 02:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43139
IP address blocks: 185.199.96.0/22 maxlen: 22
91.196.148.0/22 maxlen: 22
94.158.80.0/20 maxlen: 20
178.158.192.0/18 maxlen: 24
109.207.192.0/20 maxlen: 20
2a0a:9b40::/29 maxlen: 29
2001:67c:738::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 22:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d6:ef:70:73:1f:26:24:51:3b:f0:03:16:b6:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Validity
Not Before: Jan 1 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb8bae3d0fa5a33d9e696d1d13667a5c9093aa46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:97:6b:4f:db:4f:95:b9:6a:10:c1:7f:5c:ae:
09:7c:11:06:2e:2d:e5:39:86:44:95:67:16:a7:04:
2b:a7:c2:5b:f6:38:2d:af:4f:eb:e0:1a:b4:ad:5f:
98:c2:c9:00:8e:16:1b:63:8d:07:80:fd:c1:39:0b:
99:d8:87:3c:ad:1e:71:ec:e1:82:65:89:bd:58:32:
c7:98:9c:c5:85:3f:9d:85:f4:69:ad:43:aa:fa:3e:
b9:d6:fe:56:0f:1f:7a:7a:95:f1:58:08:53:83:1c:
b1:00:59:f1:6a:08:19:09:3d:57:6c:96:de:81:88:
46:ea:2e:c3:f5:36:16:da:11:ef:fc:e8:d1:d6:d1:
61:01:b6:99:51:50:bc:0f:05:27:8d:f6:73:60:62:
22:1d:9b:3b:6b:ed:f8:89:f2:d5:79:28:5c:70:3b:
90:6e:eb:ad:38:37:78:9c:6d:d1:21:cd:32:43:39:
a0:5c:ec:81:af:77:89:e7:cb:9e:a2:d2:df:75:65:
3c:dd:15:ce:3c:68:85:3d:6b:6b:cf:be:5e:b8:be:
d0:b6:5e:66:7d:38:1f:ba:a8:f0:70:15:db:df:4b:
92:b1:87:e8:b1:f5:03:05:60:0e:cf:60:f1:4d:6c:
e7:6f:af:f1:43:81:25:80:e2:11:65:47:b8:3c:76:
01:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8B:AE:3D:0F:A5:A3:3D:9E:69:6D:1D:13:66:7A:5C:90:93:AA:46
X509v3 Authority Key Identifier:
keyid:B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/64uuPQ-loz2eaW0dE2Z6XJCTqkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.148.0/22
94.158.80.0/20
109.207.192.0/20
178.158.192.0/18
185.199.96.0/22
IPv6:
2001:67c:738::/48
2a0a:9b40::/29
Signature Algorithm: sha256WithRSAEncryption
52:d5:f4:23:5c:79:b2:8f:e4:9f:14:ac:c5:bd:f8:df:d8:b3:
2d:0e:2e:90:ca:3e:53:36:94:b5:b6:e8:48:32:a7:fb:82:46:
7c:4d:ec:30:24:37:b0:65:c6:df:e8:06:04:9f:a5:47:bc:9b:
6d:e3:60:f4:98:67:ef:ff:22:36:e1:a4:5d:a6:44:05:36:c5:
5b:39:f9:87:04:c5:a3:70:a8:90:ec:4c:c2:23:a4:c5:cd:f1:
26:5e:da:c0:03:7d:58:01:c1:94:a3:cc:f0:c2:52:50:4a:ed:
78:09:f7:a8:20:37:a6:6c:56:18:d8:13:8d:bd:4f:9c:27:1b:
42:27:cd:90:9a:e9:92:c7:ad:3a:e5:9e:fa:98:9b:26:78:e6:
20:7c:d8:65:3c:67:41:01:f3:9b:6b:5e:24:51:b3:3a:b7:ca:
04:ab:a9:ef:ec:01:b0:5f:29:2c:bf:d9:ea:3f:31:04:8e:9c:
a5:94:cf:1b:a4:0c:04:c4:d9:b2:d9:3d:17:32:23:12:8f:67:
40:e4:f4:a0:0e:e4:5a:be:dd:81:09:c9:be:e5:aa:22:5a:8b:
ec:eb:a6:39:36:38:0e:d9:91:5f:6a:77:be:37:cc:c3:f2:57:
32:b2:86:ff:19:92:41:81:b9:5c:96:b0:7a:0c:96:6a:88:48:
87:88:7d:27
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzC2tbvcHMfJiRRO/ADFradMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOTNkZjg3N2JmMmYwY2YwMWE5NzE4OTczZWFlZWU4N2Iw
Njk3ZDkwHhcNMjQwMTAxMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjhiYWUzZDBmYTVhMzNkOWU2OTZkMWQxMzY2N2E1YzkwOTNhYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpdrT9tPlblqEMF/XK4JfBEGLi3l
OYZElWcWpwQrp8Jb9jgtr0/r4Bq0rV+YwskAjhYbY40HgP3BOQuZ2Ic8rR5x7OGC
ZYm9WDLHmJzFhT+dhfRprUOq+j651v5WDx96epXxWAhTgxyxAFnxaggZCT1XbJbe
gYhG6i7D9TYW2hHv/OjR1tFhAbaZUVC8DwUnjfZzYGIiHZs7a+34ifLVeShccDuQ
buutODd4nG3RIc0yQzmgXOyBr3eJ58ueotLfdWU83RXOPGiFPWtrz75euL7Qtl5m
fTgfuqjwcBXb30uSsYfosfUDBWAOz2DxTWznb6/xQ4ElgOIRZUe4PHYB/wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOuLrj0PpaM9nmltHRNmelyQk6pGMB8GA1UdIwQY
MBaAFLOT34d78vDPAalxiXPq7uh7BpfZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYt
Mzk2YmM3MjBlMmI0LzEvNjR1dVBRLWxvejJlYVcwZEUyWjZYSkNUcWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYtMzk2YmM3MjBlMmI0
LzEvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQCW8SUAwQE
Xp5QAwQEbc/AAwQGsp7AAwQCucdgMBYEAgACMBADBwAgAQZ8BzgDBQMqCptAMA0G
CSqGSIb3DQEBCwUAA4IBAQBS1fQjXHmyj+SfFKzFvfjf2LMtDi6Qyj5TNpS1tuhI
Mqf7gkZ8TewwJDewZcbf6AYEn6VHvJtt42D0mGfv/yI24aRdpkQFNsVbOfmHBMWj
cKiQ7EzCI6TFzfEmXtrAA31YAcGUo8zwwlJQSu14CfeoIDembFYY2BONvU+cJxtC
J82QmumSx6065Z76mJsmeOYgfNhlPGdBAfOba14kUbM6t8oEq6nv7AGwXyksv9nq
PzEEjpyllM8bpAwExNmy2T0XMiMSj2dA5PSgDuRavt2BCcm+5aoiWovs66Y5NjgO
2ZFfane+N8zD8lcysob/GZJBgblclrB6DJZqiEiHiH0n
-----END CERTIFICATE-----
Generated at Tue Jun 25 04:59:55 2024 by rpki-client on console-ams.rpki-client.org