Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/3G8peIU3cjobtb7YxzSAmUA2pWM.roa
File: 3G8peIU3cjobtb7YxzSAmUA2pWM.roa (raw, json)
Hash identifier: eEHXHF4j2fjn7QGLzu1rtEHjDmcKZIyx3XQfGA5fNdI=
Subject key identifier: DC:6F:29:78:85:37:72:3A:1B:B5:BE:D8:C7:34:80:99:40:36:A5:63
Certificate issuer: /CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Certificate serial: 018CC6B901BEB6283DF484693E97D2CBB789
Authority key identifier: 3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/3G8peIU3cjobtb7YxzSAmUA2pWM.roa
Signing time: Mon 01 Jan 2024 20:31:02 +0000
ROA not before: Mon 01 Jan 2024 20:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43376
IP address blocks: 86.104.179.0/24 maxlen: 24
86.104.178.0/24 maxlen: 24
86.104.177.0/24 maxlen: 24
86.104.176.0/24 maxlen: 24
86.104.182.0/24 maxlen: 24
86.104.180.0/24 maxlen: 24
86.104.183.0/24 maxlen: 24
188.240.82.0/24 maxlen: 24
91.194.234.0/24 maxlen: 24
185.163.105.0/24 maxlen: 24
185.163.104.0/24 maxlen: 24
185.163.106.0/24 maxlen: 24
185.163.107.0/24 maxlen: 24
93.115.243.0/24 maxlen: 24
2a0b:8800:2::/48 maxlen: 48
2a0b:8800:3::/48 maxlen: 48
2a0b:8800:1::/48 maxlen: 48
2a0b:8800::/48 maxlen: 48
2001:67c:2170::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.mft
rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:01:be:b6:28:3d:f4:84:69:3e:97:d2:cb:b7:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Validity
Not Before: Jan 1 20:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc6f29788537723a1bb5bed8c73480994036a563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:94:94:37:6f:d3:4b:a3:4e:f1:32:c0:3a:c0:
7d:40:e4:7b:6f:c8:f1:40:7b:8c:66:4a:71:b8:ac:
a6:8f:15:08:45:06:5d:c6:26:4f:ce:9c:83:78:e0:
d9:67:e9:05:01:42:fd:32:e3:78:3f:f0:46:c9:dd:
05:a2:14:c7:7a:ce:01:c7:a0:bd:1d:e0:56:fd:90:
e7:70:56:c1:61:0a:49:13:03:ff:9d:30:31:f0:33:
1d:e5:c6:60:28:55:d8:34:45:da:42:4d:03:f2:99:
8c:18:59:9e:6c:87:47:11:1a:03:3a:23:64:8c:bf:
a5:94:78:86:4a:55:51:c7:9d:70:bc:d5:56:4a:1d:
27:99:7f:21:f6:43:18:f5:5d:e7:7f:c4:70:d8:62:
05:f5:3d:2b:7b:a1:5a:25:3e:c2:96:2e:ef:17:98:
f1:b2:98:9e:ec:96:fe:05:c6:34:b5:6e:1e:af:e9:
dd:2b:67:42:3c:2a:86:52:fc:5f:96:10:59:84:be:
ad:21:81:e1:be:07:b8:40:23:1c:98:e1:8e:b5:ae:
cf:bd:62:44:de:e9:8d:9a:70:3b:d1:37:00:39:29:
74:f8:a0:13:cd:69:2d:45:fa:0e:68:31:3a:03:fa:
78:13:98:c7:17:e6:41:0a:46:89:7a:92:ca:d0:84:
76:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:6F:29:78:85:37:72:3A:1B:B5:BE:D8:C7:34:80:99:40:36:A5:63
X509v3 Authority Key Identifier:
keyid:3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/3G8peIU3cjobtb7YxzSAmUA2pWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.176.0-86.104.180.255
86.104.182.0/23
91.194.234.0/24
93.115.243.0/24
185.163.104.0/22
188.240.82.0/24
IPv6:
2001:67c:2170::/48
2a0b:8800::/46
Signature Algorithm: sha256WithRSAEncryption
4f:1d:2b:64:c8:38:a0:5d:88:25:eb:6b:30:ce:2e:9c:6b:66:
c4:dd:81:d0:92:bc:da:d9:84:35:f9:ca:63:c6:fa:7b:10:a0:
7b:e6:30:40:91:09:4d:4f:2a:82:2e:1d:9c:86:e9:49:2c:47:
8b:7b:93:43:0e:9b:de:fe:75:dc:4f:59:6f:69:0e:23:1d:e3:
a3:06:cc:4c:c2:30:28:a5:6e:8f:a5:87:76:05:d3:12:01:69:
70:bb:ad:c8:c3:93:07:b6:58:34:76:99:73:da:3a:4b:1f:7e:
65:72:ba:87:93:fd:49:54:22:10:4e:2a:1b:f6:2f:f3:ac:85:
79:e0:be:60:8d:4d:c2:d3:f5:11:f4:58:ec:6b:5d:d4:f7:cf:
e1:ea:04:1f:58:02:06:95:f2:c5:68:e5:3d:a2:f6:bf:ac:35:
32:2e:0b:7f:89:49:99:f4:54:cc:a0:1e:6c:7a:d8:0a:50:4d:
ec:7c:c8:d0:67:21:0d:0d:2c:3e:36:7c:b9:36:6b:1e:a1:59:
1d:dd:47:e0:8a:86:ef:c5:b7:48:ff:cb:2a:02:91:10:77:9c:
98:2f:5f:5d:5b:82:95:5f:22:c6:f2:c5:79:7a:bf:13:c0:8b:
62:3e:73:45:d3:71:7b:2d:c7:9f:2d:08:3d:6a:75:12:f9:97:
b5:d8:bb:20
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYzGuQG+tig99IRpPpfSy7eJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNTBkMWRkMzFiYzc0NDliYWNjMTg2NGIwMWFmOTk0YzU0
N2VmZDMwHhcNMjQwMTAxMjAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzZmMjk3ODg1Mzc3MjNhMWJiNWJlZDhjNzM0ODA5OTQwMzZhNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZSUN2/TS6NO8TLAOsB9QOR7b8jx
QHuMZkpxuKymjxUIRQZdxiZPzpyDeODZZ+kFAUL9MuN4P/BGyd0FohTHes4Bx6C9
HeBW/ZDncFbBYQpJEwP/nTAx8DMd5cZgKFXYNEXaQk0D8pmMGFmebIdHERoDOiNk
jL+llHiGSlVRx51wvNVWSh0nmX8h9kMY9V3nf8Rw2GIF9T0re6FaJT7Cli7vF5jx
spie7Jb+BcY0tW4er+ndK2dCPCqGUvxflhBZhL6tIYHhvge4QCMcmOGOta7PvWJE
3umNmnA70TcAOSl0+KATzWktRfoOaDE6A/p4E5jHF+ZBCkaJepLK0IR25QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNxvKXiFN3I6G7W+2Mc0gJlANqVjMB8GA1UdIwQY
MBaAFD5Q0d0xvHRJuswYZLAa+ZTFR+/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGxEUjNURzhkRW02ekJoa3NCcjVsTVZINzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC82ZWMzOWMtYTlkNC00YTEyLTgxMGEt
NGYwNjUwZGE1NDViLzEvM0c4cGVJVTNjam9idGI3WXh6U0FtVUEycFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC82ZWMzOWMtYTlkNC00YTEyLTgxMGEtNGYwNjUwZGE1NDVi
LzEvUGxEUjNURzhkRW02ekJoa3NCcjVsTVZINzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsMAwDBARWaLAD
BABWaLQDBAFWaLYDBABbwuoDBABdc/MDBAK5o2gDBAC88FIwGAQCAAIwEgMHACAB
BnwhcAMHAioLiAAAADANBgkqhkiG9w0BAQsFAAOCAQEATx0rZMg4oF2IJetrMM4u
nGtmxN2B0JK82tmENfnKY8b6exCge+YwQJEJTU8qgi4dnIbpSSxHi3uTQw6b3v51
3E9Zb2kOIx3jowbMTMIwKKVuj6WHdgXTEgFpcLutyMOTB7ZYNHaZc9o6Sx9+ZXK6
h5P9SVQiEE4qG/Yv86yFeeC+YI1NwtP1EfRY7Gtd1PfP4eoEH1gCBpXyxWjlPaL2
v6w1Mi4Lf4lJmfRUzKAebHrYClBN7HzI0GchDQ0sPjZ8uTZrHqFZHd1H4IqG78W3
SP/LKgKREHecmC9fXVuClV8ixvLFeXq/E8CLYj5zRdNxey3Hny0IPWp1EvmXtdi7
IA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:24:00 2024 by rpki-client on console-ams.rpki-client.org