Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/N3BSvwymwwAQikEYeLwRZ2gS90c.roa
File: N3BSvwymwwAQikEYeLwRZ2gS90c.roa (raw, json)
Hash identifier: qxO8VQNTFHjO2xAc9UrdJwyL3tSgO4M0Z0q+42HMBiM=
Subject key identifier: 37:70:52:BF:0C:A6:C3:00:10:8A:41:18:78:BC:11:67:68:12:F7:47
Certificate issuer: /CN=0acf3dccea317e35e70541a48b2586a4d32bd94c
Certificate serial: 018CC801C154318CEC156B772B399E9C2A18
Authority key identifier: 0A:CF:3D:CC:EA:31:7E:35:E7:05:41:A4:8B:25:86:A4:D3:2B:D9:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cs89zOoxfjXnBUGkiyWGpNMr2Uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/N3BSvwymwwAQikEYeLwRZ2gS90c.roa
Signing time: Tue 02 Jan 2024 02:30:07 +0000
ROA not before: Tue 02 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12759
IP address blocks: 188.126.160.0/19 maxlen: 19
78.153.64.0/20 maxlen: 20
185.128.216.0/22 maxlen: 22
212.16.224.0/19 maxlen: 19
78.153.80.0/20 maxlen: 20
2a01:3d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/Cs89zOoxfjXnBUGkiyWGpNMr2Uw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/Cs89zOoxfjXnBUGkiyWGpNMr2Uw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cs89zOoxfjXnBUGkiyWGpNMr2Uw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c1:54:31:8c:ec:15:6b:77:2b:39:9e:9c:2a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0acf3dccea317e35e70541a48b2586a4d32bd94c
Validity
Not Before: Jan 2 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=377052bf0ca6c300108a411878bc11676812f747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:40:5d:c2:0a:4f:6e:b3:8c:d4:24:bc:89:2e:
bf:44:fb:2d:0f:59:60:4e:25:8a:39:cd:f7:a7:d6:
87:28:6c:33:0e:7c:29:21:3e:39:8f:cd:43:77:e2:
9b:ef:2a:6d:e0:e2:cb:e4:e6:c6:44:78:3c:0b:ee:
b2:44:60:5c:d0:13:78:1f:67:19:90:14:1b:4b:4d:
c6:0f:01:f3:fd:e7:cd:5e:c9:7a:78:2a:2f:1b:29:
16:43:d9:75:f8:64:6a:11:72:f6:00:84:2b:5e:4a:
02:47:4a:e6:49:c0:82:00:31:9b:93:37:07:f6:d6:
e1:12:ec:fd:e9:33:68:8e:17:3c:60:5d:aa:b2:ec:
15:e0:cf:6d:39:c7:b0:1a:50:87:0c:bf:d5:84:6e:
34:45:f5:c7:99:16:e1:e8:cd:81:90:fd:cd:f1:cb:
0b:59:4e:00:18:5b:7f:55:2e:90:bd:1e:74:37:52:
53:67:4c:23:28:5c:22:bd:b3:fa:90:da:32:21:2f:
9b:1b:27:0d:b0:7f:97:8b:8f:38:39:b6:0e:6a:de:
8e:18:6a:23:e1:af:a4:29:3f:7d:76:dc:39:93:15:
2e:5c:4b:16:b5:78:ad:30:db:55:95:78:eb:95:22:
66:89:62:31:fb:f0:06:20:ce:90:26:a1:08:d9:d2:
3f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:70:52:BF:0C:A6:C3:00:10:8A:41:18:78:BC:11:67:68:12:F7:47
X509v3 Authority Key Identifier:
keyid:0A:CF:3D:CC:EA:31:7E:35:E7:05:41:A4:8B:25:86:A4:D3:2B:D9:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cs89zOoxfjXnBUGkiyWGpNMr2Uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/N3BSvwymwwAQikEYeLwRZ2gS90c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/21bbf7-cbf2-4198-afcc-4be4dd6cd2ec/1/Cs89zOoxfjXnBUGkiyWGpNMr2Uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.64.0/19
185.128.216.0/22
188.126.160.0/19
212.16.224.0/19
IPv6:
2a01:3d8::/32
Signature Algorithm: sha256WithRSAEncryption
6c:06:b8:8c:35:b7:25:9c:0b:2e:fb:eb:73:bd:34:81:b2:79:
10:ce:28:2f:f6:a3:e9:d2:83:3a:32:a8:ea:3a:ec:68:6d:77:
3e:d5:03:de:62:73:de:22:21:e0:ef:cf:f1:60:ae:99:a9:77:
c5:7d:dc:0b:e4:09:ae:52:10:a6:ee:9a:03:38:b2:97:67:6e:
70:72:53:48:04:ee:d7:9c:95:02:b9:e3:b8:b8:fc:99:40:5e:
79:bf:01:4b:36:60:fe:50:36:33:2d:4b:4c:85:74:32:46:2b:
7b:f2:b1:15:f0:29:ad:f6:ed:ca:aa:99:ae:9e:d2:b9:65:c7:
75:4d:bc:3c:7f:53:a7:06:e9:f5:b2:33:02:dd:26:55:7a:54:
71:d9:ba:bd:59:8b:85:cf:51:ef:21:e9:a3:6a:ea:7f:81:be:
04:f4:6c:76:60:67:23:d7:5e:1e:d9:3b:8b:c5:02:42:23:fb:
58:8f:b4:37:ce:59:33:e2:3b:1e:27:0e:df:b3:7e:3b:8e:91:
4e:95:7a:0d:26:31:c2:57:ac:89:1c:0d:68:f7:06:63:a3:48:
01:25:49:6e:1f:ee:87:45:e4:2f:3a:cd:82:54:11:88:82:b5:
f6:e5:2f:b1:24:d6:4d:97:f5:68:32:38:de:1b:e8:78:d5:ff:
96:3c:ec:38
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIAcFUMYzsFWt3KzmenCoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhY2YzZGNjZWEzMTdlMzVlNzA1NDFhNDhiMjU4NmE0ZDMy
YmQ5NGMwHhcNMjQwMTAyMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzcwNTJiZjBjYTZjMzAwMTA4YTQxMTg3OGJjMTE2NzY4MTJmNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEBdwgpPbrOM1CS8iS6/RPstD1lg
TiWKOc33p9aHKGwzDnwpIT45j81Dd+Kb7ypt4OLL5ObGRHg8C+6yRGBc0BN4H2cZ
kBQbS03GDwHz/efNXsl6eCovGykWQ9l1+GRqEXL2AIQrXkoCR0rmScCCADGbkzcH
9tbhEuz96TNojhc8YF2qsuwV4M9tOcewGlCHDL/VhG40RfXHmRbh6M2BkP3N8csL
WU4AGFt/VS6QvR50N1JTZ0wjKFwivbP6kNoyIS+bGycNsH+Xi484ObYOat6OGGoj
4a+kKT99dtw5kxUuXEsWtXitMNtVlXjrlSJmiWIx+/AGIM6QJqEI2dI/bQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDdwUr8MpsMAEIpBGHi8EWdoEvdHMB8GA1UdIwQY
MBaAFArPPczqMX415wVBpIslhqTTK9lMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3M4OXpPb3hmalhuQlVHa2l5V0dwTk1yMlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yMWJiZjctY2JmMi00MTk4LWFmY2Mt
NGJlNGRkNmNkMmVjLzEvTjNCU3Z3eW13d0FRaWtFWWVMd1JaMmdTOTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yMWJiZjctY2JmMi00MTk4LWFmY2MtNGJlNGRkNmNkMmVj
LzEvQ3M4OXpPb3hmalhuQlVHa2l5V0dwTk1yMlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFTplAAwQC
uYDYAwQFvH6gAwQF1BDgMA0EAgACMAcDBQAqAQPYMA0GCSqGSIb3DQEBCwUAA4IB
AQBsBriMNbclnAsu++tzvTSBsnkQzigv9qPp0oM6MqjqOuxobXc+1QPeYnPeIiHg
78/xYK6ZqXfFfdwL5AmuUhCm7poDOLKXZ25wclNIBO7XnJUCueO4uPyZQF55vwFL
NmD+UDYzLUtMhXQyRit78rEV8Cmt9u3KqpmuntK5Zcd1Tbw8f1OnBun1sjMC3SZV
elRx2bq9WYuFz1HvIemjaup/gb4E9Gx2YGcj114e2TuLxQJCI/tYj7Q3zlkz4jse
Jw7fs347jpFOlXoNJjHCV6yJHA1o9wZjo0gBJUluH+6HReQvOs2CVBGIgrX25S+x
JNZNl/VoMjjeG+h41f+WPOw4
-----END CERTIFICATE-----
Generated at Sun Jun 23 02:35:47 2024 by rpki-client on console-ams.rpki-client.org