Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/h3j_alK3Ck9Hj2VylF8168l44Vk.roa
File: h3j_alK3Ck9Hj2VylF8168l44Vk.roa (raw, json)
Hash identifier: 5bYjQk/9Ny1ng7ECcL12Ij1UfSznAh0pfrfG3V4QYW0=
Subject key identifier: 87:78:FF:6A:52:B7:0A:4F:47:8F:65:72:94:5F:35:EB:C9:78:E1:59
Certificate issuer: /CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Certificate serial: 018CC801B9B1B152DB0F1CC61CDDE7439C58
Authority key identifier: 3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/h3j_alK3Ck9Hj2VylF8168l44Vk.roa
Signing time: Tue 02 Jan 2024 02:30:05 +0000
ROA not before: Tue 02 Jan 2024 02:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29423
IP address blocks: 185.201.144.0/22 maxlen: 24
185.241.32.0/22 maxlen: 24
45.12.48.0/22 maxlen: 24
185.102.92.0/22 maxlen: 24
45.144.132.0/22 maxlen: 24
2a06:2380::/29 maxlen: 33
2a0a:c5c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/O_xkMfUzO23dMeg7aWgtjo7gb8E.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/O_xkMfUzO23dMeg7aWgtjo7gb8E.mft
rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b9:b1:b1:52:db:0f:1c:c6:1c:dd:e7:43:9c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Validity
Not Before: Jan 2 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8778ff6a52b70a4f478f6572945f35ebc978e159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:54:a3:54:18:11:2b:a5:a2:90:de:c5:e8:bc:
b5:88:73:7d:42:a5:62:27:e6:c6:30:87:e6:9d:63:
bd:33:3c:36:62:14:72:a5:34:48:c0:a2:19:3a:c6:
ed:50:1c:fb:7d:ce:6b:de:b8:6e:5c:8b:8a:cc:d9:
4d:ce:91:d9:15:15:bd:c4:f9:d5:c7:a8:78:37:07:
9d:24:06:31:f2:05:2e:2d:16:61:fc:5e:f0:79:63:
43:22:e9:bd:b6:79:92:1d:63:0a:93:a2:4e:60:88:
de:ab:7f:c5:4c:5b:9f:f8:95:0d:58:d9:c6:e2:cc:
e7:80:06:8b:49:85:16:b8:d0:5e:2c:b7:42:f7:17:
f7:d8:fa:ad:14:47:5a:d6:36:c5:d4:95:61:6c:e0:
95:28:c0:fb:e7:6e:2f:10:47:27:c2:0e:7c:c0:61:
93:73:cf:90:1a:26:d9:ba:c9:89:64:36:74:d1:b7:
51:23:22:6e:39:ad:71:c2:a8:f0:ef:d3:ab:31:20:
dc:84:2c:f2:c0:97:e7:10:4d:b7:25:12:00:8f:7e:
d3:17:c6:6a:5d:d7:6c:8a:fd:f6:6f:35:c2:54:6c:
37:3d:ff:e9:1e:78:a1:ea:dc:ab:6a:41:31:9e:03:
9e:87:7e:87:af:8e:b7:db:11:79:92:30:06:b9:9e:
fd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:78:FF:6A:52:B7:0A:4F:47:8F:65:72:94:5F:35:EB:C9:78:E1:59
X509v3 Authority Key Identifier:
keyid:3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/h3j_alK3Ck9Hj2VylF8168l44Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/O_xkMfUzO23dMeg7aWgtjo7gb8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.48.0/22
45.144.132.0/22
185.102.92.0/22
185.201.144.0/22
185.241.32.0/22
IPv6:
2a06:2380::/29
2a0a:c5c0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:2c:a8:45:bd:16:57:70:5e:30:b5:3f:68:dd:0c:58:fe:f6:
09:ac:e3:25:3a:40:bb:d7:35:79:61:44:68:d6:12:b8:d3:63:
2c:d4:32:17:55:5d:0f:08:76:47:74:21:e1:f8:cd:18:11:a5:
8b:8b:bf:38:8d:b5:86:ce:bf:5d:7d:5b:53:b8:a0:ca:77:75:
3a:ed:38:a2:17:32:47:3c:91:35:bf:61:d7:18:3a:75:c7:07:
50:5a:8c:7a:22:47:26:b5:02:b9:7a:fe:90:3d:78:59:bf:ff:
8e:de:0d:fa:7b:1e:4a:22:c6:35:c5:c1:bf:34:c5:9a:f4:ab:
af:1e:f4:f0:32:6b:62:33:30:e9:ab:9e:a0:52:7a:d1:40:24:
67:e5:81:d2:d9:02:80:ea:fe:05:58:7a:ed:d7:dd:97:b5:3b:
95:ed:31:59:f9:03:3b:a1:86:79:4e:f7:ad:d7:52:db:97:2b:
a1:a5:22:72:b6:94:e2:80:e0:45:20:86:e1:32:49:cc:41:a1:
50:e7:16:64:f1:9c:be:fa:82:1f:08:54:e8:e5:c9:c7:45:19:
50:c6:10:2e:83:05:e8:56:a3:bf:02:0f:cb:af:e3:36:0e:35:
9b:f1:79:02:f3:bf:8a:14:79:73:c7:fe:38:e4:8d:5d:87:ec:
86:5c:11:9d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzIAbmxsVLbDxzGHN3nQ5xYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmM2NDMxZjUzMzNiNmRkZDMxZTgzYjY5NjgyZDhlOGVl
MDZmYzEwHhcNMjQwMTAyMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzc4ZmY2YTUyYjcwYTRmNDc4ZjY1NzI5NDVmMzVlYmM5NzhlMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVSjVBgRK6WikN7F6Ly1iHN9QqVi
J+bGMIfmnWO9Mzw2YhRypTRIwKIZOsbtUBz7fc5r3rhuXIuKzNlNzpHZFRW9xPnV
x6h4NwedJAYx8gUuLRZh/F7weWNDIum9tnmSHWMKk6JOYIjeq3/FTFuf+JUNWNnG
4szngAaLSYUWuNBeLLdC9xf32PqtFEda1jbF1JVhbOCVKMD7524vEEcnwg58wGGT
c8+QGibZusmJZDZ00bdRIyJuOa1xwqjw79OrMSDchCzywJfnEE23JRIAj37TF8Zq
Xddsiv32bzXCVGw3Pf/pHnih6tyrakExngOeh36Hr4632xF5kjAGuZ79VwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFId4/2pStwpPR49lcpRfNevJeOFZMB8GA1UdIwQY
MBaAFDv8ZDH1Mztt3THoO2loLY6O4G/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGIt
ZmUwMWVlYzQwZWMxLzEvaDNqX2FsSzNDazlIajJWeWxGODE2OGw0NFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGItZmUwMWVlYzQwZWMx
LzEvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLQwwAwQC
LZCEAwQCuWZcAwQCucmQAwQCufEgMBQEAgACMA4DBQMqBiOAAwUDKgrFwDANBgkq
hkiG9w0BAQsFAAOCAQEADCyoRb0WV3BeMLU/aN0MWP72CazjJTpAu9c1eWFEaNYS
uNNjLNQyF1VdDwh2R3Qh4fjNGBGli4u/OI21hs6/XX1bU7igynd1Ou04ohcyRzyR
Nb9h1xg6dccHUFqMeiJHJrUCuXr+kD14Wb//jt4N+nseSiLGNcXBvzTFmvSrrx70
8DJrYjMw6aueoFJ60UAkZ+WB0tkCgOr+BVh67dfdl7U7le0xWfkDO6GGeU73rddS
25croaUicraU4oDgRSCG4TJJzEGhUOcWZPGcvvqCHwhU6OXJx0UZUMYQLoMF6Faj
vwIPy6/jNg41m/F5AvO/ihR5c8f+OOSNXYfshlwRnQ==
-----END CERTIFICATE-----
Generated at Sat Sep 28 14:40:20 2024 by rpki-client on console-ams.rpki-client.org