Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/3OL__vUlRT3HIh3Z3sOaB7a8UyA.roa
File: 3OL__vUlRT3HIh3Z3sOaB7a8UyA.roa (raw, json)
Hash identifier: dPeDQsWdENzfbK9CX4/peLPi1FFliqTS5thzEiWy5Yg=
Subject key identifier: DC:E2:FF:FE:F5:25:45:3D:C7:22:1D:D9:DE:C3:9A:07:B6:BC:53:20
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018CC6B7AF37865D4658A2EEE1A679383EF7
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/3OL__vUlRT3HIh3Z3sOaB7a8UyA.roa
Signing time: Mon 01 Jan 2024 20:29:35 +0000
ROA not before: Mon 01 Jan 2024 20:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41957
IP address blocks: 185.191.213.0/24 maxlen: 24
194.147.89.0/24 maxlen: 24
185.21.141.0/24 maxlen: 24
194.93.59.0/24 maxlen: 24
85.209.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:af:37:86:5d:46:58:a2:ee:e1:a6:79:38:3e:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 20:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dce2fffef525453dc7221dd9dec39a07b6bc5320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:27:73:97:5c:71:0a:5a:d8:77:3a:c5:ea:7e:
8b:df:cf:42:b2:61:ad:8b:80:55:7a:27:20:57:6c:
c4:d7:51:2c:cb:62:1e:ac:48:64:06:09:5b:55:01:
45:da:8b:4b:54:77:d3:8a:e4:b9:e7:8c:b3:32:8f:
7a:a2:e6:de:ad:cb:65:a0:86:36:be:c6:88:87:aa:
54:ae:c8:7c:13:db:94:2d:44:4c:65:20:e2:70:09:
08:ac:97:e0:f0:ce:79:b9:e2:c5:39:ab:ff:90:48:
56:e0:9b:89:3a:e3:3c:1a:4e:6d:4a:9b:11:a8:1d:
f8:fd:99:6e:ae:21:9c:5c:30:b1:07:d8:65:10:dd:
1a:8b:ea:57:af:ac:d8:aa:87:ee:47:8e:92:9b:04:
ec:84:34:80:d1:d0:11:fb:66:2a:56:f6:80:57:66:
d2:32:04:2b:5f:41:d6:0b:8c:3d:d2:a5:fb:a8:ad:
0a:7c:62:9f:e5:37:50:e6:e8:9c:1d:7a:a6:34:62:
e2:01:95:19:67:31:f2:f9:c2:b9:ee:9d:55:d9:88:
53:a7:03:c8:d6:9f:fb:05:a5:94:d5:4c:cb:67:e7:
37:ac:0d:59:fc:1d:f1:5e:a2:83:01:2c:db:f2:87:
7c:86:73:d8:d0:05:14:67:0d:c5:68:7e:e0:52:ab:
f1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E2:FF:FE:F5:25:45:3D:C7:22:1D:D9:DE:C3:9A:07:B6:BC:53:20
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/3OL__vUlRT3HIh3Z3sOaB7a8UyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.10.0/24
185.21.141.0/24
185.191.213.0/24
194.93.59.0/24
194.147.89.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:10:cc:ba:d3:bc:f5:af:58:51:ec:95:e8:7a:ed:57:e4:56:
26:d6:3f:a4:e1:76:63:d8:3a:11:22:67:10:ab:25:96:81:ac:
67:94:94:51:da:cd:cc:31:c6:50:74:4c:1a:3d:3c:14:45:5c:
07:e6:9e:2a:90:f4:5b:64:b7:e6:50:89:2e:0a:cd:a7:3f:a3:
34:d9:c6:72:e3:0a:3b:83:76:5b:3d:c9:26:8c:cb:59:81:31:
28:86:e6:8e:64:f1:f6:16:2a:1e:9e:da:63:72:38:be:2a:d9:
4d:c2:fd:9e:01:73:f7:7e:90:47:41:3f:35:c4:0f:67:5d:ad:
4b:ef:61:bc:53:c4:b4:38:3e:05:3c:2b:86:60:34:ad:64:35:
de:8a:9b:2a:0c:40:7c:3f:77:e2:af:c5:d4:b8:c0:23:7c:a1:
39:d6:6e:44:56:2a:63:10:a3:85:2a:39:e4:3d:43:01:f2:63:
2b:8d:df:80:14:df:d4:b0:4e:bc:2d:b0:db:1b:2d:51:58:72:
fe:b1:da:22:5c:25:ba:ba:1e:0b:61:75:37:8e:e4:13:ff:2e:
1a:33:eb:8d:d9:67:d4:2c:7b:bc:68:67:b7:44:f9:ab:54:31:
e8:87:32:43:2e:98:6f:df:d7:34:28:38:97:f1:0c:c6:13:3a:
a5:5a:c5:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzGt683hl1GWKLu4aZ5OD73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2UyZmZmZWY1MjU0NTNkYzcyMjFkZDlkZWMzOWEwN2I2YmM1MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSdzl1xxClrYdzrF6n6L389CsmGt
i4BVeicgV2zE11Esy2IerEhkBglbVQFF2otLVHfTiuS554yzMo96ouberctloIY2
vsaIh6pUrsh8E9uULURMZSDicAkIrJfg8M55ueLFOav/kEhW4JuJOuM8Gk5tSpsR
qB34/ZluriGcXDCxB9hlEN0ai+pXr6zYqofuR46SmwTshDSA0dAR+2YqVvaAV2bS
MgQrX0HWC4w90qX7qK0KfGKf5TdQ5uicHXqmNGLiAZUZZzHy+cK57p1V2YhTpwPI
1p/7BaWU1UzLZ+c3rA1Z/B3xXqKDASzb8od8hnPY0AUUZw3FaH7gUqvxDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNzi//71JUU9xyId2d7Dmge2vFMgMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvM09MX192VWxSVDNISWgzWjNzT2FCN2E4VXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVdEKAwQA
uRWNAwQAub/VAwQAwl07AwQAwpNZMA0GCSqGSIb3DQEBCwUAA4IBAQAOEMy607z1
r1hR7JXoeu1X5FYm1j+k4XZj2DoRImcQqyWWgaxnlJRR2s3MMcZQdEwaPTwURVwH
5p4qkPRbZLfmUIkuCs2nP6M02cZy4wo7g3ZbPckmjMtZgTEohuaOZPH2Fioentpj
cji+KtlNwv2eAXP3fpBHQT81xA9nXa1L72G8U8S0OD4FPCuGYDStZDXeipsqDEB8
P3fir8XUuMAjfKE51m5EVipjEKOFKjnkPUMB8mMrjd+AFN/UsE68LbDbGy1RWHL+
sdoiXCW6uh4LYXU3juQT/y4aM+uN2WfULHu8aGe3RPmrVDHohzJDLphv39c0KDiX
8QzGEzqlWsWZ
-----END CERTIFICATE-----
Generated at Sat Jun 15 21:16:36 2024 by rpki-client on console-ams.rpki-client.org