Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PzyWasGB3fgYPLnHKRED5BpExn4.roa
File: PzyWasGB3fgYPLnHKRED5BpExn4.roa (raw, json)
Hash identifier: podctX/ZUIGZQSvPPYrgnB6gyctDW96iMwwvCwHQNRE=
Subject key identifier: 3F:3C:96:6A:C1:81:DD:F8:18:3C:B9:C7:29:11:03:E4:1A:44:C6:7E
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 018CC3494101730362CACBDF5EA5FA0CBD44
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PzyWasGB3fgYPLnHKRED5BpExn4.roa
Signing time: Mon 01 Jan 2024 04:30:07 +0000
ROA not before: Mon 01 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36351
IP address blocks: 185.125.85.0/24 maxlen: 24
185.125.84.0/24 maxlen: 24
193.0.180.0/24 maxlen: 24
185.125.87.0/24 maxlen: 24
193.0.181.0/24 maxlen: 24
185.71.228.0/24 maxlen: 24
185.71.231.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
2a05:3343::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.mft
rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 01:57:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:41:01:73:03:62:ca:cb:df:5e:a5:fa:0c:bd:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jan 1 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f3c966ac181ddf8183cb9c7291103e41a44c67e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3b:ab:47:76:c6:8c:30:f5:e6:2a:3f:e7:25:
d0:c6:91:71:12:e6:fa:8e:11:b5:21:04:7c:1a:51:
4b:1a:58:9a:09:6a:75:b8:ac:13:70:f6:74:da:03:
cd:5d:df:28:f3:5c:fd:13:9d:6f:9e:e8:7d:6d:9a:
68:19:82:d3:f8:53:ad:f5:67:5a:41:6b:e8:df:1e:
85:db:99:a9:14:81:07:41:73:3a:78:74:de:f1:96:
e1:0c:53:29:21:18:da:b2:f7:3d:98:53:65:0e:5e:
6e:9d:19:e3:62:2f:09:96:5f:da:02:72:f7:29:40:
6f:bb:86:cc:f8:3b:0c:da:20:5c:e7:73:b6:d4:44:
fb:6c:14:5e:52:11:ce:ac:93:16:e7:9e:6f:51:79:
5a:05:35:f6:ce:d5:0d:ca:d8:b5:11:64:b6:e0:d6:
79:9c:23:8d:cc:5d:13:f8:cd:04:e9:b0:8b:42:ba:
fb:16:0b:82:85:3c:12:42:76:07:1f:5b:d8:b6:f9:
2d:fb:ee:76:05:9c:ac:95:21:ed:99:6b:3d:2e:87:
3f:4e:34:6b:8e:b8:c1:cf:03:ee:a8:40:ae:20:c8:
1e:fb:68:67:0f:7e:f0:75:81:84:e0:79:8b:fc:bb:
31:2f:4f:e1:7c:67:e8:74:19:19:49:ce:cf:49:4b:
d5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3C:96:6A:C1:81:DD:F8:18:3C:B9:C7:29:11:03:E4:1A:44:C6:7E
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PzyWasGB3fgYPLnHKRED5BpExn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/23
185.71.231.0/24
185.125.84.0/23
185.125.87.0/24
193.0.180.0/23
IPv6:
2a05:3343::/42
Signature Algorithm: sha256WithRSAEncryption
00:6f:fa:6c:df:03:4b:c4:ae:96:bb:bc:cf:aa:24:d6:e9:f0:
4a:23:42:38:ae:bf:8b:62:ba:16:76:ec:c2:3d:a6:8c:15:1e:
ed:1c:30:14:a5:e4:57:1d:97:1f:9a:3e:b5:4a:47:7d:ee:56:
8d:41:68:97:53:15:d3:b7:0e:c0:f6:e1:44:b5:a3:06:d6:70:
9c:5c:3a:5c:3b:31:1d:28:99:c6:7c:4b:ac:a3:3e:54:ad:62:
cc:a5:a6:2d:e5:a5:9b:be:f1:ad:d2:c0:94:6e:22:54:ab:33:
1e:6d:55:06:08:3a:7b:8b:20:0d:4b:90:72:af:20:a0:36:2a:
b9:cc:11:b5:91:f8:f2:ab:79:69:97:e1:0b:3b:40:42:2f:e0:
eb:ee:a7:2c:23:b0:8c:de:6a:77:14:4a:89:11:e9:73:3d:b0:
f9:14:76:4a:86:69:6c:f4:5b:42:1c:de:f7:13:b2:5e:26:a2:
87:2c:e9:cc:be:aa:0f:74:bd:10:8e:f7:c4:7b:08:85:16:2c:
4f:c6:0e:8f:ba:24:27:33:47:da:ce:21:4c:b3:27:1d:30:d4:
47:21:5e:10:b5:5d:bc:26:c3:53:19:e5:a9:b1:20:d6:30:3a:
44:f1:74:4c:ea:60:4c:c8:93:10:1f:b5:13:7d:fa:55:8c:47:
65:6a:c9:6a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzDSUEBcwNiysvfXqX6DL1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjQwMTAxMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNjOTY2YWMxODFkZGY4MTgzY2I5YzcyOTExMDNlNDFhNDRjNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjurR3bGjDD15io/5yXQxpFxEub6
jhG1IQR8GlFLGliaCWp1uKwTcPZ02gPNXd8o81z9E51vnuh9bZpoGYLT+FOt9Wda
QWvo3x6F25mpFIEHQXM6eHTe8ZbhDFMpIRjasvc9mFNlDl5unRnjYi8Jll/aAnL3
KUBvu4bM+DsM2iBc53O21ET7bBReUhHOrJMW555vUXlaBTX2ztUNyti1EWS24NZ5
nCONzF0T+M0E6bCLQrr7FguChTwSQnYHH1vYtvkt++52BZyslSHtmWs9Loc/TjRr
jrjBzwPuqECuIMge+2hnD37wdYGE4HmL/LsxL0/hfGfodBkZSc7PSUvVqwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFD88lmrBgd34GDy5xykRA+QaRMZ+MB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvUHp5V2FzR0IzZmdZUExuSEtSRUQ1QnBFeG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQBuUfkAwQA
uUfnAwQBuX1UAwQAuX1XAwQBwQC0MA8EAgACMAkDBwYqBTNDAAAwDQYJKoZIhvcN
AQELBQADggEBAABv+mzfA0vErpa7vM+qJNbp8EojQjiuv4tiuhZ27MI9powVHu0c
MBSl5Fcdlx+aPrVKR33uVo1BaJdTFdO3DsD24US1owbWcJxcOlw7MR0omcZ8S6yj
PlStYsylpi3lpZu+8a3SwJRuIlSrMx5tVQYIOnuLIA1LkHKvIKA2KrnMEbWR+PKr
eWmX4Qs7QEIv4OvupywjsIzeancUSokR6XM9sPkUdkqGaWz0W0Ic3vcTsl4moocs
6cy+qg90vRCO98R7CIUWLE/GDo+6JCczR9rOIUyzJx0w1EchXhC1Xbwmw1MZ5amx
INYwOkTxdEzqYEzIkxAftRN9+lWMR2VqyWo=
-----END CERTIFICATE-----
Generated at Sun Apr 28 06:36:46 2024 by rpki-client on console-ams.rpki-client.org