Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/3T-ZRU0AMikMWEVGsjSjDEd8xGU.roa
File: 3T-ZRU0AMikMWEVGsjSjDEd8xGU.roa (raw, json)
Hash identifier: xMjx0hRaBMuwme96cyhUCpcow4ecea4GuK4h/BZBnNc=
Subject key identifier: DD:3F:99:45:4D:00:32:29:0C:58:45:46:B2:34:A3:0C:47:7C:C4:65
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 018D646501C988CE47BCDF7DF89CC1BB5FED
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/3T-ZRU0AMikMWEVGsjSjDEd8xGU.roa
Signing time: Thu 01 Feb 2024 11:19:17 +0000
ROA not before: Thu 01 Feb 2024 11:19:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61423
IP address blocks: 185.161.120.0/24 maxlen: 24
185.202.132.0/24 maxlen: 24
2a0a:d6c0::/48 maxlen: 48
2a0a:d6c0:2::/48 maxlen: 48
2a0a:d6c0:3::/48 maxlen: 48
2a0a:d6c0:4::/48 maxlen: 48
2a0a:d6c0:5::/48 maxlen: 48
2a0a:d6c0:6::/48 maxlen: 48
2a0a:d6c0:7::/48 maxlen: 48
2a0a:d6c0:8::/48 maxlen: 48
2a0a:d6c0:9::/48 maxlen: 48
2a0a:d6c0:10::/48 maxlen: 48
2a0a:d6c0:11::/48 maxlen: 48
2a0a:d6c0:13::/48 maxlen: 48
2a0a:d6c0:208::/45 maxlen: 45
2a0a:d6c0:208::/48 maxlen: 48
2a0a:d6c0:efef::/48 maxlen: 48
2a0a:d6c0:eff0::/48 maxlen: 48
2a0a:d6c0:eff1::/48 maxlen: 48
2a0a:d6c0:eff2::/48 maxlen: 48
2a0a:d6c0:eff3::/48 maxlen: 48
2a0a:d6c0:efff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jul 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:65:01:c9:88:ce:47:bc:df:7d:f8:9c:c1:bb:5f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Feb 1 11:19:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd3f99454d0032290c584546b234a30c477cc465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5a:2c:06:16:2e:56:d8:df:52:ed:9e:27:cc:
8c:da:7d:c1:ea:d3:05:b3:11:e2:3d:36:1b:56:b3:
85:2f:48:94:06:3d:f9:37:c1:f7:38:a1:c7:04:d8:
f8:94:c6:cb:11:97:4f:00:fb:f7:88:14:3c:8e:b1:
fd:8f:29:a9:54:f9:d1:c9:2a:62:60:65:bf:58:f2:
c0:bd:8d:93:8c:65:46:4f:45:a2:76:bb:43:ab:e5:
be:c9:f9:cc:e5:66:0c:1c:37:f1:5e:5c:8d:50:da:
1d:c2:ef:16:3f:23:0c:5d:90:fa:73:85:4e:e9:e8:
e2:7f:16:be:66:9e:c6:03:a8:53:a1:08:3c:d0:91:
03:76:f2:a4:c4:4b:e3:33:ef:b3:c5:72:5a:b4:e5:
f7:64:ad:2c:5c:9d:ec:67:a4:94:c3:48:35:47:16:
8b:a5:56:03:04:2f:44:ce:56:ed:a7:77:93:1f:90:
c2:5c:8b:78:14:c4:58:27:37:5d:18:6e:5b:28:c3:
7b:07:4a:1c:85:74:b0:36:af:5f:07:5b:9c:a4:23:
f5:89:ff:39:52:87:75:03:0d:bb:ab:ff:bb:05:51:
58:27:1b:75:fe:27:c6:2a:47:e3:4d:35:2a:22:99:
c1:0a:3d:7b:bc:34:d4:44:80:48:f5:b8:ec:e8:5d:
61:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3F:99:45:4D:00:32:29:0C:58:45:46:B2:34:A3:0C:47:7C:C4:65
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/3T-ZRU0AMikMWEVGsjSjDEd8xGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.120.0/24
185.202.132.0/24
IPv6:
2a0a:d6c0::/48
2a0a:d6c0:2::-2a0a:d6c0:9:ffff:ffff:ffff:ffff:ffff
2a0a:d6c0:10::/47
2a0a:d6c0:13::/48
2a0a:d6c0:208::/45
2a0a:d6c0:efef::-2a0a:d6c0:eff3:ffff:ffff:ffff:ffff:ffff
2a0a:d6c0:efff::/48
Signature Algorithm: sha256WithRSAEncryption
b0:47:01:b3:b5:3c:a5:5d:be:29:31:39:9a:86:0a:97:01:0d:
98:b0:b8:2a:f5:68:4e:7e:16:44:66:e2:88:7d:fc:4f:c2:f8:
e3:b6:d4:8a:c9:48:5a:07:9e:cf:cb:9f:f2:de:27:df:ea:40:
18:36:86:2b:97:87:e9:47:e7:7e:be:e2:73:64:95:35:b2:1b:
34:61:e8:df:3e:be:8d:90:3e:77:0d:8b:de:88:01:a8:82:55:
be:8a:c3:51:ed:23:cc:4b:e9:db:b4:b4:b2:7b:1e:9a:ad:7d:
1a:f9:5f:40:2f:4b:21:fe:87:17:71:b9:83:5c:ed:d5:1a:a4:
83:39:19:09:8f:82:f4:a0:bc:1d:d3:e1:32:21:fa:23:ea:ea:
46:5e:b1:1a:53:0a:5c:69:3b:53:6f:35:09:86:7b:69:fe:f0:
fe:78:a1:c4:9b:19:7c:01:7b:b7:e9:37:73:56:f2:06:79:c5:
91:31:3e:5b:9a:7e:e9:56:00:b7:8c:36:89:fc:ad:7e:f6:5d:
7a:6b:53:80:8a:44:f0:14:54:e7:d7:ea:4f:e0:7c:07:c6:c4:
03:1e:c5:07:42:a0:ca:47:73:28:f8:6b:7c:95:92:f1:25:14:
ae:0d:60:80:73:7d:cb:ca:34:76:e7:92:c0:dd:d3:a3:1e:df:
07:5c:47:28
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAY1kZQHJiM5HvN99+JzBu1/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjQwMjAxMTExOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNmOTk0NTRkMDAzMjI5MGM1ODQ1NDZiMjM0YTMwYzQ3N2NjNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVosBhYuVtjfUu2eJ8yM2n3B6tMF
sxHiPTYbVrOFL0iUBj35N8H3OKHHBNj4lMbLEZdPAPv3iBQ8jrH9jympVPnRySpi
YGW/WPLAvY2TjGVGT0WidrtDq+W+yfnM5WYMHDfxXlyNUNodwu8WPyMMXZD6c4VO
6ejifxa+Zp7GA6hToQg80JEDdvKkxEvjM++zxXJatOX3ZK0sXJ3sZ6SUw0g1RxaL
pVYDBC9Ezlbtp3eTH5DCXIt4FMRYJzddGG5bKMN7B0ochXSwNq9fB1ucpCP1if85
Uod1Aw27q/+7BVFYJxt1/ifGKkfjTTUqIpnBCj17vDTURIBI9bjs6F1h3wIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFN0/mUVNADIpDFhFRrI0owxHfMRlMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvM1QtWlJVMEFNaWtNV0VWR3NqU2pERWQ4eEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwEgQCAAEwDAMEALmheAME
ALnKhDBbBAIAAjBVAwcAKgrWwAAAMBIDBwEqCtbAAAIDBwEqCtbAAAgDBwEqCtbA
ABADBwAqCtbAABMDBwMqCtbAAggwEgMHACoK1sDv7wMHAioK1sDv8AMHACoK1sDv
/zANBgkqhkiG9w0BAQsFAAOCAQEAsEcBs7U8pV2+KTE5moYKlwENmLC4KvVoTn4W
RGbiiH38T8L447bUislIWgeez8uf8t4n3+pAGDaGK5eH6Ufnfr7ic2SVNbIbNGHo
3z6+jZA+dw2L3ogBqIJVvorDUe0jzEvp27S0snsemq19GvlfQC9LIf6HF3G5g1zt
1RqkgzkZCY+C9KC8HdPhMiH6I+rqRl6xGlMKXGk7U281CYZ7af7w/nihxJsZfAF7
t+k3c1byBnnFkTE+W5p+6VYAt4w2ifytfvZdemtTgIpE8BRU59fqT+B8B8bEAx7F
B0KgykdzKPhrfJWS8SUUrg1ggHN9y8o0dueSwN3Tox7fB1xHKA==
-----END CERTIFICATE-----
Generated at Thu Jul 4 13:41:17 2024 by rpki-client on console-fra.rpki-client.org