Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/3RA-TBwiCG2fM1O3_dYbQwJI2L0.roa
File: 3RA-TBwiCG2fM1O3_dYbQwJI2L0.roa (raw, json)
Hash identifier: qhZfn4kbwoJKpCFRpVxRrbZlxbuZNj7qZhcYT5Ri1Qc=
Subject key identifier: DD:10:3E:4C:1C:22:08:6D:9F:33:53:B7:FD:D6:1B:43:02:48:D8:BD
Certificate issuer: /CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Certificate serial: 0190BB288952418EDAAE521A642509E492FA
Authority key identifier: 7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/3RA-TBwiCG2fM1O3_dYbQwJI2L0.roa
Signing time: Tue 16 Jul 2024 10:48:34 +0000
ROA not before: Tue 16 Jul 2024 10:48:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211381
IP address blocks: 5.8.248.0/24 maxlen: 24
62.233.53.0/24 maxlen: 24
77.220.212.0/24 maxlen: 24
77.220.213.0/24 maxlen: 24
109.107.157.0/24 maxlen: 24
178.159.43.0/24 maxlen: 24
185.93.6.0/24 maxlen: 24
185.201.252.0/24 maxlen: 24
185.229.251.0/24 maxlen: 24
185.235.128.0/24 maxlen: 24
185.237.165.0/24 maxlen: 24
185.241.61.0/24 maxlen: 24
185.244.218.0/24 maxlen: 24
185.244.219.0/24 maxlen: 24
185.250.207.0/24 maxlen: 24
185.251.25.0/24 maxlen: 24
193.3.168.0/24 maxlen: 24
193.169.105.0/24 maxlen: 24
194.15.46.0/24 maxlen: 24
194.26.232.0/24 maxlen: 24
194.62.105.0/24 maxlen: 24
212.86.114.0/24 maxlen: 24
212.86.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 19:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:28:89:52:41:8e:da:ae:52:1a:64:25:09:e4:92:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fcad89df1bf99a36f290cc3ef0f1e7b4d027533
Validity
Not Before: Jul 16 10:48:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd103e4c1c22086d9f3353b7fdd61b430248d8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:af:a6:41:7e:c4:b2:44:3d:8e:fd:57:b5:54:
db:69:6e:68:e5:0b:be:51:69:37:04:08:fd:0f:8b:
74:94:1d:29:49:21:56:8b:3f:81:32:48:81:03:f4:
41:ea:28:10:51:68:e6:25:c3:57:f0:9a:56:b1:59:
f7:5d:41:42:d3:41:eb:cc:18:72:f8:ec:39:cd:97:
07:98:8b:07:be:e7:bb:f4:d0:f3:53:6e:c8:8a:5f:
b1:a7:2d:f0:ae:68:e3:4c:2e:15:77:f2:ff:99:de:
cc:d2:e6:fa:6e:25:b4:d7:b3:8a:f9:db:45:c6:95:
b5:44:70:80:76:f8:b0:6c:d9:a1:2b:aa:ac:c7:c5:
1d:8d:71:51:0e:f0:35:c0:c7:f5:bc:d3:7e:cf:78:
98:09:56:1f:32:e3:9a:6a:d7:ad:b9:3a:fa:f5:c9:
f4:db:aa:f9:aa:86:bd:1d:08:5f:39:a4:7b:5f:e0:
a7:17:af:d1:e2:c2:0b:61:82:d3:cc:2c:75:4e:b1:
6f:7d:83:03:56:c8:4a:e4:8f:13:6c:84:90:bc:86:
be:fe:a2:6e:ed:12:af:ae:07:e6:b0:cc:e7:30:aa:
e7:02:74:b6:9b:0f:02:19:f9:05:dc:9d:04:2f:af:
f1:0d:27:b2:72:04:e4:b7:62:31:15:f5:c1:89:5d:
ee:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:10:3E:4C:1C:22:08:6D:9F:33:53:B7:FD:D6:1B:43:02:48:D8:BD
X509v3 Authority Key Identifier:
keyid:7F:CA:D8:9D:F1:BF:99:A3:6F:29:0C:C3:EF:0F:1E:7B:4D:02:75:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8rYnfG_maNvKQzD7w8ee00CdTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/3RA-TBwiCG2fM1O3_dYbQwJI2L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/9f8b16-284f-4512-b3dc-015d9f1b4b50/1/f8rYnfG_maNvKQzD7w8ee00CdTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.248.0/24
62.233.53.0/24
77.220.212.0/23
109.107.157.0/24
178.159.43.0/24
185.93.6.0/24
185.201.252.0/24
185.229.251.0/24
185.235.128.0/24
185.237.165.0/24
185.241.61.0/24
185.244.218.0/23
185.250.207.0/24
185.251.25.0/24
193.3.168.0/24
193.169.105.0/24
194.15.46.0/24
194.26.232.0/24
194.62.105.0/24
212.86.114.0/23
Signature Algorithm: sha256WithRSAEncryption
52:bf:d4:89:84:6e:3b:86:17:04:21:a7:77:44:fc:0e:9a:70:
17:e9:36:da:0b:f0:1b:03:f9:32:30:ff:ac:ff:e3:84:ad:79:
8a:7e:a4:88:1a:b8:89:14:e9:e2:57:d5:39:43:a5:4d:b7:b4:
51:1b:da:6c:b7:66:92:fc:85:94:c7:d9:30:bb:bc:f8:ba:02:
df:a4:f3:c8:f7:9f:f4:27:ed:8c:3d:2b:e5:3d:52:de:2f:9c:
81:3e:91:83:72:aa:be:3d:0c:50:93:f3:b2:9e:1e:62:63:ab:
5a:a8:c8:a2:cc:e2:90:18:c7:a0:8c:f4:f2:c7:46:af:93:39:
e3:52:68:a9:87:81:42:d8:30:c1:7f:3e:e1:3e:91:41:38:4f:
9b:85:8f:99:95:2b:4d:1f:5c:d8:8f:a9:9c:8a:1c:b3:b0:1a:
8e:8c:ca:af:7f:3b:d2:a4:64:49:e4:69:75:af:b3:dc:f5:52:
1f:61:d7:d5:51:b4:a3:49:24:a5:15:94:0a:b1:9e:c1:d5:a0:
88:98:62:ad:a1:d3:41:b6:07:88:3b:50:02:6b:79:76:4c:62:
66:37:64:8f:97:9a:cb:d1:8d:91:74:98:4c:9f:24:66:cd:39:
98:df:8e:59:d5:5f:2a:15:5e:9f:a8:3b:56:2f:2e:15:1a:f2:
76:91:36:95
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZC7KIlSQY7arlIaZCUJ5JL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmY2FkODlkZjFiZjk5YTM2ZjI5MGNjM2VmMGYxZTdiNGQw
Mjc1MzMwHhcNMjQwNzE2MTA0ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDEwM2U0YzFjMjIwODZkOWYzMzUzYjdmZGQ2MWI0MzAyNDhkOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK+mQX7EskQ9jv1XtVTbaW5o5Qu+
UWk3BAj9D4t0lB0pSSFWiz+BMkiBA/RB6igQUWjmJcNX8JpWsVn3XUFC00HrzBhy
+Ow5zZcHmIsHvue79NDzU27Iil+xpy3wrmjjTC4Vd/L/md7M0ub6biW017OK+dtF
xpW1RHCAdviwbNmhK6qsx8UdjXFRDvA1wMf1vNN+z3iYCVYfMuOaatetuTr69cn0
26r5qoa9HQhfOaR7X+CnF6/R4sILYYLTzCx1TrFvfYMDVshK5I8TbISQvIa+/qJu
7RKvrgfmsMznMKrnAnS2mw8CGfkF3J0EL6/xDSeycgTkt2IxFfXBiV3uPQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFN0QPkwcIghtnzNTt/3WG0MCSNi9MB8GA1UdIwQY
MBaAFH/K2J3xv5mjbykMw+8PHntNAnUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMt
MDE1ZDlmMWI0YjUwLzEvM1JBLVRCd2lDRzJmTTFPM19kWWJRd0pJMkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85ZjhiMTYtMjg0Zi00NTEyLWIzZGMtMDE1ZDlmMWI0YjUw
LzEvZjhyWW5mR19tYU52S1F6RDd3OGVlMDBDZFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQABQj4
AwQAPuk1AwQBTdzUAwQAbWudAwQAsp8rAwQAuV0GAwQAucn8AwQAueX7AwQAueuA
AwQAue2lAwQAufE9AwQBufTaAwQAufrPAwQAufsZAwQAwQOoAwQAwalpAwQAwg8u
AwQAwhroAwQAwj5pAwQB1FZyMA0GCSqGSIb3DQEBCwUAA4IBAQBSv9SJhG47hhcE
Iad3RPwOmnAX6TbaC/AbA/kyMP+s/+OErXmKfqSIGriJFOniV9U5Q6VNt7RRG9ps
t2aS/IWUx9kwu7z4ugLfpPPI95/0J+2MPSvlPVLeL5yBPpGDcqq+PQxQk/Oynh5i
Y6taqMiizOKQGMegjPTyx0avkznjUmiph4FC2DDBfz7hPpFBOE+bhY+ZlStNH1zY
j6mcihyzsBqOjMqvfzvSpGRJ5Gl1r7Pc9VIfYdfVUbSjSSSlFZQKsZ7B1aCImGKt
odNBtgeIO1ACa3l2TGJmN2SPl5rL0Y2RdJhMnyRmzTmY345Z1V8qFV6fqDtWLy4V
GvJ2kTaV
-----END CERTIFICATE-----
Generated at Fri Sep 27 23:50:12 2024 by rpki-client on console-ams.rpki-client.org