Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/3JcnwMUt_z8hfyh3FAl5KenEjjQ.roa
File: 3JcnwMUt_z8hfyh3FAl5KenEjjQ.roa (raw, json)
Hash identifier: buQsxzfWk6p3a4b2RgiIJW3DRvcYl/DQOCF6xW9RrN0=
Subject key identifier: DC:97:27:C0:C5:2D:FF:3F:21:7F:28:77:14:09:79:29:E9:C4:8E:34
Certificate issuer: /CN=0c2ce64c3e65a8202a7c1b1b20ca11e45ae6d58c
Certificate serial: 018CC64B89A3C82079BE029EE2BC2C8AB8D3
Authority key identifier: 0C:2C:E6:4C:3E:65:A8:20:2A:7C:1B:1B:20:CA:11:E4:5A:E6:D5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/3JcnwMUt_z8hfyh3FAl5KenEjjQ.roa
Signing time: Mon 01 Jan 2024 18:31:28 +0000
ROA not before: Mon 01 Jan 2024 18:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47505
IP address blocks: 89.36.8.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:89:a3:c8:20:79:be:02:9e:e2:bc:2c:8a:b8:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c2ce64c3e65a8202a7c1b1b20ca11e45ae6d58c
Validity
Not Before: Jan 1 18:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc9727c0c52dff3f217f287714097929e9c48e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:85:db:73:c5:28:a8:08:48:d6:8c:d8:ec:d7:
14:32:d8:3c:91:5f:24:f1:52:47:40:54:12:41:64:
47:d0:87:a0:22:2c:af:b7:48:7b:f5:04:09:b2:54:
2c:df:a3:c3:69:69:08:98:eb:df:c4:89:9b:94:ad:
a0:ad:57:07:85:1d:92:42:32:78:81:22:a4:24:4e:
3b:50:c8:1f:2f:a2:a0:68:d3:db:3c:6e:31:1c:01:
49:c5:22:78:9a:e2:30:69:9c:38:e9:9e:b3:7f:9d:
f4:26:51:ab:71:f7:7a:3d:41:4d:31:57:36:24:c8:
11:0b:7d:a7:57:74:91:9e:47:80:96:b0:48:e4:b8:
2f:66:43:cd:c4:7d:cf:80:f9:cb:57:df:93:f9:49:
18:8f:95:39:80:8b:ba:71:a1:af:bb:43:65:a6:13:
a8:b6:63:85:a8:ec:f3:cf:46:e1:9a:b7:3a:ec:cf:
bf:9e:92:cd:41:41:29:de:a3:44:04:0d:d9:fe:d9:
06:20:dd:2a:1b:33:7e:2e:e2:61:d3:2e:3c:2a:81:
c9:80:9b:c0:b8:f3:1c:ef:44:84:2e:48:98:ff:a5:
40:70:5c:6d:53:78:fb:ad:57:e3:29:9f:19:f6:48:
f7:a2:64:6a:31:88:6b:0d:85:17:54:c2:26:ef:48:
e3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:97:27:C0:C5:2D:FF:3F:21:7F:28:77:14:09:79:29:E9:C4:8E:34
X509v3 Authority Key Identifier:
keyid:0C:2C:E6:4C:3E:65:A8:20:2A:7C:1B:1B:20:CA:11:E4:5A:E6:D5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/3JcnwMUt_z8hfyh3FAl5KenEjjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.8.0/21
Signature Algorithm: sha256WithRSAEncryption
6a:42:4c:3f:9b:f2:a9:1b:55:27:77:cf:12:6f:40:08:32:7b:
24:95:9e:b9:b3:f9:f2:66:d2:81:05:97:64:63:74:8a:4c:b9:
bf:a6:d3:f7:e8:14:c3:bb:a1:b8:79:94:ce:0d:a1:b1:5b:5d:
a9:e6:78:6d:59:23:62:8a:2d:d6:ab:c6:fb:c5:9a:46:ca:a3:
30:e0:04:de:37:a5:88:fe:c8:f8:d4:39:13:b5:7a:fc:40:67:
7d:8f:4b:5a:4a:db:5c:12:fd:d5:f9:f8:0d:ab:80:7c:2b:57:
08:27:7b:23:c2:2d:eb:0e:35:e7:69:80:c6:10:64:d0:53:1d:
a2:dc:04:0d:76:9e:9b:b1:e3:14:ff:2c:65:31:fa:bb:5c:fe:
7a:fc:fb:50:31:7b:3d:86:c5:42:2e:68:cc:8a:f7:d7:26:85:
00:6d:20:25:7c:5d:da:84:a1:14:66:17:9f:e6:86:f7:b0:06:
a4:e5:35:f7:bf:0b:31:3d:4f:bb:1a:34:90:fb:06:98:f5:04:
62:22:8e:bd:4a:b6:c2:dd:ae:ef:02:98:0b:01:e2:87:f9:ba:
2b:b1:19:69:08:0e:38:fa:6f:df:ec:81:f9:a6:87:e6:79:f5:
08:fe:a1:6b:d9:90:c7:10:d2:22:29:d0:ec:c7:00:4d:53:f2:
bf:17:ac:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS4mjyCB5vgKe4rwsirjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMmNlNjRjM2U2NWE4MjAyYTdjMWIxYjIwY2ExMWU0NWFl
NmQ1OGMwHhcNMjQwMTAxMTgzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk3MjdjMGM1MmRmZjNmMjE3ZjI4NzcxNDA5NzkyOWU5YzQ4ZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYXbc8UoqAhI1ozY7NcUMtg8kV8k
8VJHQFQSQWRH0IegIiyvt0h79QQJslQs36PDaWkImOvfxImblK2grVcHhR2SQjJ4
gSKkJE47UMgfL6KgaNPbPG4xHAFJxSJ4muIwaZw46Z6zf530JlGrcfd6PUFNMVc2
JMgRC32nV3SRnkeAlrBI5LgvZkPNxH3PgPnLV9+T+UkYj5U5gIu6caGvu0NlphOo
tmOFqOzzz0bhmrc67M+/npLNQUEp3qNEBA3Z/tkGIN0qGzN+LuJh0y48KoHJgJvA
uPMc70SELkiY/6VAcFxtU3j7rVfjKZ8Z9kj3omRqMYhrDYUXVMIm70jjIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyXJ8DFLf8/IX8odxQJeSnpxI40MB8GA1UdIwQY
MBaAFAws5kw+ZaggKnwbGyDKEeRa5tWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREN6bVRENWxxQ0FxZkJzYklNb1I1RnJtMVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84YTAwYzItYmI4Ny00MGE3LWIxZTkt
NWM0Yjc2ZjQ4ZDUwLzEvM0pjbndNVXRfejhoZnloM0ZBbDVLZW5FampRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84YTAwYzItYmI4Ny00MGE3LWIxZTktNWM0Yjc2ZjQ4ZDUw
LzEvREN6bVRENWxxQ0FxZkJzYklNb1I1RnJtMVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWSQIMA0G
CSqGSIb3DQEBCwUAA4IBAQBqQkw/m/KpG1Und88Sb0AIMnsklZ65s/nyZtKBBZdk
Y3SKTLm/ptP36BTDu6G4eZTODaGxW12p5nhtWSNiii3Wq8b7xZpGyqMw4ATeN6WI
/sj41DkTtXr8QGd9j0taSttcEv3V+fgNq4B8K1cIJ3sjwi3rDjXnaYDGEGTQUx2i
3AQNdp6bseMU/yxlMfq7XP56/PtQMXs9hsVCLmjMivfXJoUAbSAlfF3ahKEUZhef
5ob3sAak5TX3vwsxPU+7GjSQ+waY9QRiIo69SrbC3a7vApgLAeKH+borsRlpCA44
+m/f7IH5pofmefUI/qFr2ZDHENIiKdDsxwBNU/K/F6wA
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:47:02 2024 by rpki-client on console-ams.rpki-client.org