Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/Q0k9l6dXg0MeFgl4W3FUl7TOhNI.roa
File: Q0k9l6dXg0MeFgl4W3FUl7TOhNI.roa (raw, json)
Hash identifier: 2Varc+3wrLVnqAQNAvybG+orOi0Yh3c7542V112XG7s=
Subject key identifier: 43:49:3D:97:A7:57:83:43:1E:16:09:78:5B:71:54:97:B4:CE:84:D2
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 018DE5EA3886CAA03BA789886A33AF16EF69
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/Q0k9l6dXg0MeFgl4W3FUl7TOhNI.roa
Signing time: Mon 26 Feb 2024 14:55:48 +0000
ROA not before: Mon 26 Feb 2024 14:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 31.220.14.0/24 maxlen: 24
45.12.52.0/23 maxlen: 23
185.238.249.0/24 maxlen: 24
185.238.251.0/24 maxlen: 24
193.9.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:ea:38:86:ca:a0:3b:a7:89:88:6a:33:af:16:ef:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Feb 26 14:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43493d97a75783431e1609785b715497b4ce84d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:98:81:b3:87:c1:e5:3f:34:b3:58:ee:36:93:
64:62:dd:b8:06:03:07:ab:c4:bd:d5:a6:eb:7f:dc:
2c:4a:d1:61:a3:c8:12:6b:90:be:a3:95:37:89:5f:
3e:98:58:91:7b:8f:8c:76:16:5b:a4:b9:47:7e:92:
2a:ec:bc:c6:16:22:d4:02:ae:17:12:4a:b1:00:c5:
1f:4f:04:56:81:59:05:7f:cc:12:f2:5d:37:f1:f9:
32:a1:85:ab:c6:80:45:7c:a3:65:52:dc:14:af:24:
06:81:22:16:f5:27:7d:60:49:fe:9a:1b:2c:e4:51:
4d:5c:b4:fa:b4:2e:1f:8a:29:56:79:9e:1a:42:06:
f1:20:c7:46:1d:43:31:b5:d0:bc:3f:6f:96:3a:a7:
33:b7:57:52:17:05:9c:fc:06:85:e9:b2:54:c8:20:
15:74:96:c8:eb:39:89:39:9c:6d:f9:25:48:a8:8c:
27:28:9b:2a:bc:7e:f2:b4:9e:06:2f:f2:b8:94:d8:
bf:79:64:4e:33:eb:c0:02:5f:39:84:e8:ca:0e:34:
5e:60:6a:01:c5:24:23:a9:30:83:0d:ac:b7:6f:6e:
24:03:dc:98:f0:de:49:7c:26:6d:9f:09:ae:e9:79:
fa:de:7d:e7:64:d0:1d:db:54:26:13:33:6f:2d:ff:
a0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:49:3D:97:A7:57:83:43:1E:16:09:78:5B:71:54:97:B4:CE:84:D2
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/Q0k9l6dXg0MeFgl4W3FUl7TOhNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.14.0/24
45.12.52.0/23
185.238.249.0/24
185.238.251.0/24
193.9.45.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:28:fb:13:2f:4c:af:3c:3d:49:45:30:19:a2:7d:22:e2:ec:
3c:0f:7d:30:57:cf:e4:e4:86:ba:3a:17:fc:4e:3c:7f:45:f8:
fe:f5:7c:62:8c:f9:fb:d9:11:eb:6b:2d:e6:95:f1:78:30:78:
03:dd:f8:ab:53:2c:34:ba:d5:64:67:ca:a8:05:d7:e4:56:23:
02:89:c3:a4:f9:ba:6d:ea:9a:e4:d6:ab:8f:c2:74:ff:44:70:
17:f7:7d:04:38:bd:18:70:aa:65:63:7e:7f:8a:a1:7b:42:04:
11:84:b8:5b:c5:6a:cf:df:6f:0b:62:9f:c1:8b:25:cb:96:eb:
71:5f:d7:60:44:30:fb:a5:a8:b3:df:9a:89:38:33:fe:15:b3:
4a:21:7f:37:4f:2d:5a:f4:bb:7f:07:d0:40:90:84:d3:86:26:
3f:e2:2e:c3:d0:38:9a:28:2c:59:fc:9f:18:70:54:ac:e8:e2:
78:f4:44:2f:bc:a8:79:e4:3a:18:45:d8:4b:fd:ed:16:34:55:
0a:44:59:a2:79:41:6a:64:02:f4:f1:e1:76:04:ee:e4:df:c3:
e3:7a:af:44:9f:55:d5:c8:19:ec:75:cb:f8:41:03:4a:b8:fd:
44:6d:0e:ff:92:0d:26:bf:84:35:8d:34:9f:13:04:97:6b:4f:
06:75:ea:4b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3l6jiGyqA7p4mIajOvFu9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjQwMjI2MTQ1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzQ5M2Q5N2E3NTc4MzQzMWUxNjA5Nzg1YjcxNTQ5N2I0Y2U4NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JiBs4fB5T80s1juNpNkYt24BgMH
q8S91abrf9wsStFho8gSa5C+o5U3iV8+mFiRe4+MdhZbpLlHfpIq7LzGFiLUAq4X
EkqxAMUfTwRWgVkFf8wS8l038fkyoYWrxoBFfKNlUtwUryQGgSIW9Sd9YEn+mhss
5FFNXLT6tC4fiilWeZ4aQgbxIMdGHUMxtdC8P2+WOqczt1dSFwWc/AaF6bJUyCAV
dJbI6zmJOZxt+SVIqIwnKJsqvH7ytJ4GL/K4lNi/eWROM+vAAl85hOjKDjReYGoB
xSQjqTCDDay3b24kA9yY8N5JfCZtnwmu6Xn63n3nZNAd21QmEzNvLf+g4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFENJPZenV4NDHhYJeFtxVJe0zoTSMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvUTBrOWw2ZFhnME1lRmdsNFczRlVsN1RPaE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH9wOAwQB
LQw0AwQAue75AwQAue77AwQAwQktMA0GCSqGSIb3DQEBCwUAA4IBAQBtKPsTL0yv
PD1JRTAZon0i4uw8D30wV8/k5Ia6Ohf8Tjx/Rfj+9XxijPn72RHray3mlfF4MHgD
3firUyw0utVkZ8qoBdfkViMCicOk+bpt6prk1quPwnT/RHAX930EOL0YcKplY35/
iqF7QgQRhLhbxWrP328LYp/BiyXLlutxX9dgRDD7paiz35qJODP+FbNKIX83Ty1a
9Lt/B9BAkITThiY/4i7D0DiaKCxZ/J8YcFSs6OJ49EQvvKh55DoYRdhL/e0WNFUK
RFmieUFqZAL08eF2BO7k38Pjeq9En1XVyBnsdcv4QQNKuP1EbQ7/kg0mv4Q1jTSf
EwSXa08GdepL
-----END CERTIFICATE-----
Generated at Thu May 2 22:39:32 2024 by rpki-client on console-ams.rpki-client.org