Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/3UbheFnxrMsjT9SKIIWl8Bz-JHk.roa
File: 3UbheFnxrMsjT9SKIIWl8Bz-JHk.roa (raw, json)
Hash identifier: wwEis2F7W2Rj6YesDfinq+/VzfZwWdhALeadw73ot8A=
Subject key identifier: DD:46:E1:78:59:F1:AC:CB:23:4F:D4:8A:20:85:A5:F0:1C:FE:24:79
Certificate issuer: /CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Certificate serial: 018CC801EC581C706A771BD6A1F95FF5EE4E
Authority key identifier: F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/3UbheFnxrMsjT9SKIIWl8Bz-JHk.roa
Signing time: Tue 02 Jan 2024 02:30:18 +0000
ROA not before: Tue 02 Jan 2024 02:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25394
IP address blocks: 91.196.140.0/22 maxlen: 24
212.90.128.0/19 maxlen: 24
109.75.16.0/20 maxlen: 24
217.199.192.0/20 maxlen: 24
153.94.128.0/17 maxlen: 24
153.94.32.0/20 maxlen: 24
178.210.96.0/19 maxlen: 24
153.94.48.0/21 maxlen: 24
85.220.128.0/17 maxlen: 24
93.93.248.0/21 maxlen: 24
82.100.192.0/18 maxlen: 24
213.172.96.0/19 maxlen: 24
31.209.112.0/20 maxlen: 24
2a00:4d80::/32 maxlen: 48
2001:1640::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ec:58:1c:70:6a:77:1b:d6:a1:f9:5f:f5:ee:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f222fbe85ae408d377b217d4eba7b38b24baf5dd
Validity
Not Before: Jan 2 02:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd46e17859f1accb234fd48a2085a5f01cfe2479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c3:9b:32:66:fe:4a:f8:f4:78:8f:0c:53:9a:
65:4a:e7:db:fd:56:c1:42:7f:1a:78:5e:7b:69:19:
5d:15:99:cc:e0:8e:af:36:d4:20:84:6a:01:f2:c3:
71:1e:e6:ce:bc:1d:74:c7:77:ae:1a:fb:ae:ea:b7:
7b:cb:61:41:0e:c2:b9:0f:f3:82:a4:bb:f3:da:4f:
7a:98:1b:67:4b:b0:cb:24:11:6b:27:54:68:c6:1b:
09:c4:4a:c3:e1:b7:fb:2a:78:82:10:21:e7:f3:ae:
55:38:7c:99:e8:17:d8:e2:ff:b4:21:f2:4b:44:8e:
49:4c:46:17:97:18:ac:76:66:18:88:c3:99:90:01:
0a:22:64:f5:7f:5f:9b:77:fe:77:45:2a:4b:38:0c:
e7:a4:01:3a:36:04:f8:e2:e7:f0:be:55:3f:7e:d5:
3d:e3:52:6e:7a:b6:37:ae:5f:5e:4b:c9:c4:ae:84:
fa:0a:d2:73:4f:46:8a:91:67:24:2c:71:2a:63:17:
bd:ce:78:52:bb:f6:fc:70:93:5d:11:a4:f0:60:e3:
70:07:8c:3e:3c:1a:5d:74:a0:8a:57:c9:a9:54:67:
fa:63:d9:ad:74:a5:92:14:6d:af:6a:f8:81:63:0f:
81:b3:4b:c2:ef:b7:2e:00:19:45:d5:21:5d:71:7a:
03:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:46:E1:78:59:F1:AC:CB:23:4F:D4:8A:20:85:A5:F0:1C:FE:24:79
X509v3 Authority Key Identifier:
keyid:F2:22:FB:E8:5A:E4:08:D3:77:B2:17:D4:EB:A7:B3:8B:24:BA:F5:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8iL76FrkCNN3shfU66eziyS69d0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/3UbheFnxrMsjT9SKIIWl8Bz-JHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1aa875-03b5-4c17-bb39-b0c1e3304e74/1/8iL76FrkCNN3shfU66eziyS69d0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.112.0/20
82.100.192.0/18
85.220.128.0/17
91.196.140.0/22
93.93.248.0/21
109.75.16.0/20
153.94.32.0-153.94.55.255
153.94.128.0/17
178.210.96.0/19
212.90.128.0/19
213.172.96.0/19
217.199.192.0/20
IPv6:
2001:1640::/32
2a00:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
2c:51:80:91:a7:8b:45:f0:5d:7d:69:53:7a:f7:a0:bb:7a:9f:
2b:38:e7:9f:35:db:15:b8:0d:b7:86:40:00:26:dc:31:86:19:
0b:6b:c7:9d:7a:e7:11:33:6f:20:be:49:e7:fc:ef:09:b9:f0:
9f:0f:32:ec:12:46:da:4e:7c:37:8b:f7:39:7c:c8:af:a3:8b:
8e:8d:fe:30:24:4e:77:33:ce:67:32:2a:25:c4:67:50:2d:52:
6b:9c:94:30:ba:0a:9d:38:f8:8b:ee:30:a4:b4:01:7f:8d:ee:
7b:a4:c4:a7:6c:86:5d:48:f3:49:ac:7a:5e:32:db:88:04:b0:
ba:e6:e8:1e:aa:39:b5:e0:7d:7e:86:98:36:7c:38:54:26:eb:
e4:08:0a:5e:f9:9e:bb:37:3e:fa:59:f4:61:f7:d8:80:87:d0:
d7:8d:9b:c0:aa:92:0f:76:cf:44:c2:c1:05:69:f6:3e:82:95:
bf:0a:ab:da:ee:c3:0b:b6:83:4b:2f:1c:63:91:3f:21:cf:40:
f4:b2:ea:a3:a9:10:40:df:af:25:7b:43:14:f6:03:71:ad:33:
4a:b6:c6:bd:4c:10:cd:cb:83:4f:64:3a:9b:03:2c:5c:21:68:
54:91:a6:2f:2d:0f:f2:d0:76:1e:7c:91:35:f7:75:99:7a:ef:
d4:76:c4:ac
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzIAexYHHBqdxvWoflf9e5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMjJmYmU4NWFlNDA4ZDM3N2IyMTdkNGViYTdiMzhiMjRi
YWY1ZGQwHhcNMjQwMTAyMDIzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ2ZTE3ODU5ZjFhY2NiMjM0ZmQ0OGEyMDg1YTVmMDFjZmUyNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncObMmb+Svj0eI8MU5plSufb/VbB
Qn8aeF57aRldFZnM4I6vNtQghGoB8sNxHubOvB10x3euGvuu6rd7y2FBDsK5D/OC
pLvz2k96mBtnS7DLJBFrJ1RoxhsJxErD4bf7KniCECHn865VOHyZ6BfY4v+0IfJL
RI5JTEYXlxisdmYYiMOZkAEKImT1f1+bd/53RSpLOAznpAE6NgT44ufwvlU/ftU9
41JuerY3rl9eS8nEroT6CtJzT0aKkWckLHEqYxe9znhSu/b8cJNdEaTwYONwB4w+
PBpddKCKV8mpVGf6Y9mtdKWSFG2vaviBYw+Bs0vC77cuABlF1SFdcXoDvwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFN1G4XhZ8azLI0/UiiCFpfAc/iR5MB8GA1UdIwQY
MBaAFPIi++ha5AjTd7IX1Ouns4skuvXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzkt
YjBjMWUzMzA0ZTc0LzEvM1ViaGVGbnhyTXNqVDlTS0lJV2w4QnotSkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xYWE4NzUtMDNiNS00YzE3LWJiMzktYjBjMWUzMzA0ZTc0
LzEvOGlMNzZGcmtDTk4zc2hmVTY2ZXppeVM2OWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQEH9FwAwQG
UmTAAwQHVdyAAwQCW8SMAwQDXV34AwQEbUsQMAwDBAWZXiADBAOZXjADBAeZXoAD
BAWy0mADBAXUWoADBAXVrGADBATZx8AwFAQCAAIwDgMFACABFkADBQAqAE2AMA0G
CSqGSIb3DQEBCwUAA4IBAQAsUYCRp4tF8F19aVN696C7ep8rOOefNdsVuA23hkAA
JtwxhhkLa8edeucRM28gvknn/O8JufCfDzLsEkbaTnw3i/c5fMivo4uOjf4wJE53
M85nMiolxGdQLVJrnJQwugqdOPiL7jCktAF/je57pMSnbIZdSPNJrHpeMtuIBLC6
5ugeqjm14H1+hpg2fDhUJuvkCApe+Z67Nz76WfRh99iAh9DXjZvAqpIPds9EwsEF
afY+gpW/Cqva7sMLtoNLLxxjkT8hz0D0suqjqRBA368le0MU9gNxrTNKtsa9TBDN
y4NPZDqbAyxcIWhUkaYvLQ/y0HYefJE193WZeu/UdsSs
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:03:36 2024 by rpki-client on console-fra.rpki-client.org