Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3HayOT_40Ws8VX7J4R1syetYxyE.roa
File: 3HayOT_40Ws8VX7J4R1syetYxyE.roa (raw, json)
Hash identifier: oODrFrGhJym38QEAo8/TnVcoG9grTw5y0FafkI8g//k=
Subject key identifier: DC:76:B2:39:3F:F8:D1:6B:3C:55:7E:C9:E1:1D:6C:C9:EB:58:C7:21
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802EC18F95B70E26A82C32C7B43D6CE
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3HayOT_40Ws8VX7J4R1syetYxyE.roa
Signing time: Tue 02 Jan 2024 02:31:23 +0000
ROA not before: Tue 02 Jan 2024 02:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42708
IP address blocks: 192.165.76.0/24 maxlen: 24
194.68.37.0/24 maxlen: 24
192.121.153.0/24 maxlen: 24
194.68.38.0/24 maxlen: 24
194.14.177.0/24 maxlen: 24
193.180.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:ec:18:f9:5b:70:e2:6a:82:c3:2c:7b:43:d6:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc76b2393ff8d16b3c557ec9e11d6cc9eb58c721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:38:2d:35:85:b3:e4:c8:f6:4f:6c:ea:56:28:
fb:d9:16:ae:85:8b:77:90:06:71:37:94:5e:4f:8f:
5f:42:a3:de:13:cd:58:3f:56:61:72:1c:72:2b:6e:
94:3f:be:a0:97:2a:f8:3e:3c:57:08:42:69:d6:58:
e2:d1:12:87:7a:ad:1f:a1:4e:5f:44:45:b6:c6:17:
3c:e0:fd:70:f4:55:1f:22:9d:d4:d7:1a:70:cb:c6:
8e:2d:72:8b:b5:8f:7d:cf:31:3a:0c:de:93:5c:de:
ca:97:c8:bf:48:13:0d:39:8e:6a:a1:d8:76:ed:2f:
3b:b7:d5:e8:c5:77:a4:3c:8e:6e:ba:76:13:e2:a2:
81:1d:05:e4:6c:7f:29:8c:d0:5a:2d:54:a0:d4:98:
b6:78:34:48:21:fd:ee:c5:90:20:c1:22:3e:f4:6d:
4d:57:aa:e8:85:29:76:2f:d4:58:bf:aa:c2:7f:01:
9d:11:09:54:ef:02:c9:c7:68:0a:a0:02:cd:1c:51:
12:37:36:17:56:64:5a:2c:62:d3:72:39:89:e4:6e:
bb:a3:d2:61:ef:80:cf:3f:25:cf:56:9f:94:fb:5a:
92:fc:a2:29:63:c3:e7:62:90:13:29:70:47:bc:ac:
2f:a5:44:bc:29:41:aa:5c:97:5e:45:95:54:07:95:
26:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:76:B2:39:3F:F8:D1:6B:3C:55:7E:C9:E1:1D:6C:C9:EB:58:C7:21
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3HayOT_40Ws8VX7J4R1syetYxyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.153.0/24
192.165.76.0/24
193.180.200.0/24
194.14.177.0/24
194.68.37.0-194.68.38.255
Signature Algorithm: sha256WithRSAEncryption
94:57:02:fd:92:cd:61:72:86:92:dc:6a:c6:23:6b:cc:98:85:
bf:05:55:47:3e:c3:5d:7e:21:b3:7f:7f:95:61:96:bd:d2:25:
64:62:a7:80:ee:b8:4a:df:99:7c:c7:66:c4:57:15:7d:5e:40:
67:c0:a1:84:93:ce:2e:b0:b5:c2:80:b2:66:6c:b9:40:a6:e7:
d8:ce:14:b1:17:86:0d:d2:d0:af:3c:cf:c3:87:06:bb:ac:f3:
e9:34:a4:5a:d7:30:16:e0:55:10:cf:69:79:07:0e:9f:db:cb:
28:eb:25:e4:aa:ec:11:1b:60:66:ec:d1:d7:d2:b4:46:f7:e6:
63:94:e2:5e:26:75:b9:41:4d:84:25:a7:8b:f1:cb:f6:46:48:
74:c4:ce:16:26:be:9e:ea:93:d7:a6:f6:6d:f4:0b:7e:64:7f:
66:35:78:0b:4f:9a:a9:dc:fb:f3:c1:3e:83:30:e1:82:bc:0f:
81:42:ba:cc:c6:1d:54:ea:f7:d6:03:29:eb:be:09:53:7b:59:
a3:d1:e4:6d:4d:aa:85:e2:93:99:80:fd:cb:01:5d:1d:29:85:
4f:d9:f2:e0:f9:48:4b:b4:16:56:ea:08:46:13:b3:f5:9c:7e:
f9:2b:89:85:cc:c7:df:bb:ae:18:58:ad:1a:c4:4e:6a:ec:f2:
aa:f6:b0:d6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzIAuwY+Vtw4mqCwyx7Q9bOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzc2YjIzOTNmZjhkMTZiM2M1NTdlYzllMTFkNmNjOWViNThjNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jgtNYWz5Mj2T2zqVij72RauhYt3
kAZxN5ReT49fQqPeE81YP1ZhchxyK26UP76glyr4PjxXCEJp1lji0RKHeq0foU5f
REW2xhc84P1w9FUfIp3U1xpwy8aOLXKLtY99zzE6DN6TXN7Kl8i/SBMNOY5qodh2
7S87t9XoxXekPI5uunYT4qKBHQXkbH8pjNBaLVSg1Ji2eDRIIf3uxZAgwSI+9G1N
V6rohSl2L9RYv6rCfwGdEQlU7wLJx2gKoALNHFESNzYXVmRaLGLTcjmJ5G67o9Jh
74DPPyXPVp+U+1qS/KIpY8PnYpATKXBHvKwvpUS8KUGqXJdeRZVUB5UmYQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNx2sjk/+NFrPFV+yeEdbMnrWMchMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvM0hheU9UXzQwV3M4Vlg3SjRSMXN5ZXRZeHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAwHmZAwQA
wKVMAwQAwbTIAwQAwg6xMAwDBADCRCUDBADCRCYwDQYJKoZIhvcNAQELBQADggEB
AJRXAv2SzWFyhpLcasYja8yYhb8FVUc+w11+IbN/f5Vhlr3SJWRip4DuuErfmXzH
ZsRXFX1eQGfAoYSTzi6wtcKAsmZsuUCm59jOFLEXhg3S0K88z8OHBrus8+k0pFrX
MBbgVRDPaXkHDp/byyjrJeSq7BEbYGbs0dfStEb35mOU4l4mdblBTYQlp4vxy/ZG
SHTEzhYmvp7qk9em9m30C35kf2Y1eAtPmqnc+/PBPoMw4YK8D4FCuszGHVTq99YD
Keu+CVN7WaPR5G1NqoXik5mA/csBXR0phU/Z8uD5SEu0FlbqCEYTs/WcfvkriYXM
x9+7rhhYrRrETmrs8qr2sNY=
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:42:48 2024 by rpki-client on console-fra.rpki-client.org