Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/3L-V_GFGtL0UX4BYXDi1kwK8aGU.roa
File: 3L-V_GFGtL0UX4BYXDi1kwK8aGU.roa (raw, json)
Hash identifier: IuPWV2FaEm/5M1sZ/jWcTTLMWlgnCZ/prDohPoCcjcQ=
Subject key identifier: DC:BF:95:FC:61:46:B4:BD:14:5F:80:58:5C:38:B5:93:02:BC:68:65
Certificate issuer: /CN=df3b82005fdbe961020f740ab43c554e5a38451f
Certificate serial: 018CCA2B97D22819469F81A357191F631D5A
Authority key identifier: DF:3B:82:00:5F:DB:E9:61:02:0F:74:0A:B4:3C:55:4E:5A:38:45:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zuCAF_b6WECD3QKtDxVTlo4RR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/3L-V_GFGtL0UX4BYXDi1kwK8aGU.roa
Signing time: Tue 02 Jan 2024 12:35:03 +0000
ROA not before: Tue 02 Jan 2024 12:35:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34265
IP address blocks: 193.138.187.0/24 maxlen: 24
176.106.1.0/24 maxlen: 24
176.106.0.0/21 maxlen: 21
176.106.0.0/24 maxlen: 24
176.112.120.0/24 maxlen: 24
176.112.121.0/24 maxlen: 24
176.112.120.0/21 maxlen: 21
176.112.127.0/24 maxlen: 24
213.108.72.0/21 maxlen: 21
213.108.78.0/24 maxlen: 24
213.108.75.0/24 maxlen: 24
193.138.184.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/3zuCAF_b6WECD3QKtDxVTlo4RR8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/3zuCAF_b6WECD3QKtDxVTlo4RR8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3zuCAF_b6WECD3QKtDxVTlo4RR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:97:d2:28:19:46:9f:81:a3:57:19:1f:63:1d:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3b82005fdbe961020f740ab43c554e5a38451f
Validity
Not Before: Jan 2 12:35:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcbf95fc6146b4bd145f80585c38b59302bc6865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:eb:1b:37:0c:fd:73:dd:41:c5:bc:2e:03:33:
d1:b0:53:fc:de:aa:97:05:d3:60:64:8a:dd:e3:73:
31:c5:6f:e9:c9:f0:ae:ba:a0:5c:6b:12:8e:48:9f:
a0:70:04:4a:9f:05:c7:ec:d4:90:50:11:48:72:c1:
3b:03:b6:2d:f5:dc:87:6a:67:af:70:a7:91:30:81:
56:e8:98:bc:2e:f0:69:9d:8a:ab:6d:79:4c:22:26:
85:f7:bb:3d:eb:76:25:92:3e:aa:23:c0:1f:22:4d:
83:cf:e1:38:c4:0a:dc:e3:62:9a:a6:03:ab:22:01:
e4:e5:aa:68:a4:67:a4:46:62:01:4e:c5:76:ff:d7:
c5:1a:7d:60:94:5c:f7:1f:db:3e:af:f6:0b:cb:a7:
13:62:37:68:64:cb:2f:15:a2:2e:94:ba:bc:e9:e1:
af:fb:f1:52:b4:fc:e1:8c:f4:d9:20:c5:87:46:15:
78:9f:17:7a:a3:3b:02:99:6a:37:0e:1e:3a:58:c8:
3b:02:b1:b9:bc:5c:fc:cd:06:7f:63:b5:3b:fc:83:
7e:50:ea:68:0b:05:ab:c0:1d:a2:99:7a:3d:40:35:
44:24:f5:e0:89:ca:a8:93:c8:53:25:28:34:16:92:
50:fd:47:bc:fc:dd:d9:7c:73:f5:0d:f0:ea:1c:7d:
0c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:BF:95:FC:61:46:B4:BD:14:5F:80:58:5C:38:B5:93:02:BC:68:65
X509v3 Authority Key Identifier:
keyid:DF:3B:82:00:5F:DB:E9:61:02:0F:74:0A:B4:3C:55:4E:5A:38:45:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zuCAF_b6WECD3QKtDxVTlo4RR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/3L-V_GFGtL0UX4BYXDi1kwK8aGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/38ff36-7d73-485c-8910-37c14092eb27/1/3zuCAF_b6WECD3QKtDxVTlo4RR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.106.0.0/21
176.112.120.0/21
193.138.184.0/22
213.108.72.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:ed:7a:71:ce:f6:da:92:c2:27:4b:5a:9c:3e:53:04:57:c1:
27:50:52:b6:1b:da:0a:e2:4d:91:1e:95:5e:e1:40:f5:9f:3a:
54:fc:cf:85:f4:21:50:b9:df:25:6a:1a:3e:a6:c6:e6:f6:29:
7a:9d:0c:1d:cd:6a:85:de:d7:64:93:05:7c:12:93:22:88:33:
37:f9:c2:a0:fb:6e:5c:9e:55:a9:3c:ea:a3:d9:ee:c1:2c:0a:
aa:eb:f5:45:81:43:e5:d7:40:ba:04:30:b5:65:94:29:07:50:
01:71:74:d5:d8:7f:61:7e:f7:3a:09:c4:2f:a7:c2:c5:56:12:
98:a4:b9:db:ab:b5:ec:bc:6f:83:45:1c:63:50:45:fa:77:47:
4e:14:52:d2:bf:f1:bb:fa:7c:44:6a:35:c6:3f:65:5d:34:cc:
e6:a6:ba:2a:8b:36:d8:c9:1c:7c:11:66:87:b4:65:e5:50:39:
08:06:bd:9d:fe:22:77:17:ca:f5:f8:a4:e7:d0:e1:9c:63:3b:
f2:80:e8:8f:ae:ba:f3:d4:cf:15:d4:33:67:3b:91:fe:5d:d8:
c6:b3:ad:b8:35:ed:de:af:87:31:b6:4a:65:9a:11:a8:2a:ab:
73:d3:08:85:6f:24:22:3a:a7:2d:eb:e3:7b:ab:2d:6d:c1:1d:
e5:6a:3a:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKK5fSKBlGn4GjVxkfYx1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2I4MjAwNWZkYmU5NjEwMjBmNzQwYWI0M2M1NTRlNWEz
ODQ1MWYwHhcNMjQwMTAyMTIzNTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2JmOTVmYzYxNDZiNGJkMTQ1ZjgwNTg1YzM4YjU5MzAyYmM2ODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiesbNwz9c91BxbwuAzPRsFP83qqX
BdNgZIrd43MxxW/pyfCuuqBcaxKOSJ+gcARKnwXH7NSQUBFIcsE7A7Yt9dyHamev
cKeRMIFW6Ji8LvBpnYqrbXlMIiaF97s963Ylkj6qI8AfIk2Dz+E4xArc42KapgOr
IgHk5apopGekRmIBTsV2/9fFGn1glFz3H9s+r/YLy6cTYjdoZMsvFaIulLq86eGv
+/FStPzhjPTZIMWHRhV4nxd6ozsCmWo3Dh46WMg7ArG5vFz8zQZ/Y7U7/IN+UOpo
CwWrwB2imXo9QDVEJPXgicqok8hTJSg0FpJQ/Ue8/N3ZfHP1DfDqHH0MJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNy/lfxhRrS9FF+AWFw4tZMCvGhlMB8GA1UdIwQY
MBaAFN87ggBf2+lhAg90CrQ8VU5aOEUfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3p1Q0FGX2I2V0VDRDNRS3REeFZUbG80UlI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8zOGZmMzYtN2Q3My00ODVjLTg5MTAt
MzdjMTQwOTJlYjI3LzEvM0wtVl9HRkd0TDBVWDRCWVhEaTFrd0s4YUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8zOGZmMzYtN2Q3My00ODVjLTg5MTAtMzdjMTQwOTJlYjI3
LzEvM3p1Q0FGX2I2V0VDRDNRS3REeFZUbG80UlI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDsGoAAwQD
sHB4AwQCwYq4AwQD1WxIMA0GCSqGSIb3DQEBCwUAA4IBAQCO7XpxzvbaksInS1qc
PlMEV8EnUFK2G9oK4k2RHpVe4UD1nzpU/M+F9CFQud8laho+psbm9il6nQwdzWqF
3tdkkwV8EpMiiDM3+cKg+25cnlWpPOqj2e7BLAqq6/VFgUPl10C6BDC1ZZQpB1AB
cXTV2H9hfvc6CcQvp8LFVhKYpLnbq7XsvG+DRRxjUEX6d0dOFFLSv/G7+nxEajXG
P2VdNMzmproqizbYyRx8EWaHtGXlUDkIBr2d/iJ3F8r1+KTn0OGcYzvygOiPrrrz
1M8V1DNnO5H+XdjGs624Ne3er4cxtkplmhGoKqtz0wiFbyQiOqct6+N7qy1twR3l
ajr7
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:54:54 2024 by rpki-client on console-ams.rpki-client.org