Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/3Hfwcb6LFPRPa1zF8-NRKaFhG0k.roa
File: 3Hfwcb6LFPRPa1zF8-NRKaFhG0k.roa (raw, json)
Hash identifier: KYCB7OJFjqaWxwny8OXARun7ConMD0SQZhWmOiq5gf4=
Subject key identifier: DC:77:F0:71:BE:8B:14:F4:4F:6B:5C:C5:F3:E3:51:29:A1:61:1B:49
Certificate issuer: /CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Certificate serial: 018CC5DC53E784BAC2CAD1C594361CFD3E5C
Authority key identifier: AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/3Hfwcb6LFPRPa1zF8-NRKaFhG0k.roa
Signing time: Mon 01 Jan 2024 16:30:00 +0000
ROA not before: Mon 01 Jan 2024 16:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8879
IP address blocks: 91.216.108.0/24 maxlen: 24
195.66.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/rUyDCxEmFIOmK2aWpMNyDorYig0.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/rUyDCxEmFIOmK2aWpMNyDorYig0.mft
rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:53:e7:84:ba:c2:ca:d1:c5:94:36:1c:fd:3e:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad4c830b11261483a62b6696a4c3720e8ad88a0d
Validity
Not Before: Jan 1 16:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc77f071be8b14f44f6b5cc5f3e35129a1611b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6d:44:d6:da:6f:dc:aa:ba:e1:3b:1f:64:3a:
96:5e:59:28:14:aa:0a:59:ff:46:fb:a1:d3:60:af:
85:7d:8e:90:19:5e:d2:b9:1a:af:1f:af:5e:04:aa:
a9:c8:e8:22:91:fa:6d:6a:57:f3:ff:78:8f:e1:58:
73:3e:e7:7d:49:13:8b:e2:ba:b9:b8:af:b5:eb:da:
2a:86:aa:d8:6f:d4:5e:af:da:cf:59:16:23:6c:09:
48:ac:da:d5:1d:c5:1f:f0:60:6f:20:99:2e:ed:2e:
df:6e:04:6e:6a:0f:28:27:76:76:ad:ad:71:05:6b:
e1:88:8e:c2:12:04:9a:59:25:a2:35:db:bc:0d:77:
c6:ef:d9:82:83:ca:f9:83:16:58:65:93:d0:d4:5d:
0b:4c:db:69:ac:ee:d6:83:00:4c:b3:ac:7b:92:a5:
04:6b:cc:03:a9:1f:50:6b:a1:89:16:4f:7f:28:fa:
f5:ec:a6:1d:6c:ac:23:38:a0:7d:ef:f8:60:c0:2a:
b4:1f:1d:9b:a7:e0:8a:b0:bb:c9:66:ea:7a:3f:bc:
b6:13:00:50:12:2e:38:2b:a7:43:cc:1f:aa:d6:64:
da:75:1c:4e:65:18:ca:d3:53:07:5d:11:cf:77:46:
5f:c8:a1:6d:c8:68:eb:34:68:b6:69:62:5b:eb:ef:
29:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:77:F0:71:BE:8B:14:F4:4F:6B:5C:C5:F3:E3:51:29:A1:61:1B:49
X509v3 Authority Key Identifier:
keyid:AD:4C:83:0B:11:26:14:83:A6:2B:66:96:A4:C3:72:0E:8A:D8:8A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUyDCxEmFIOmK2aWpMNyDorYig0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/3Hfwcb6LFPRPa1zF8-NRKaFhG0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6a6ba-ae05-4524-84d1-222ceb6c344c/1/rUyDCxEmFIOmK2aWpMNyDorYig0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.108.0/24
195.66.76.0/24
Signature Algorithm: sha256WithRSAEncryption
84:00:a8:30:56:e4:f3:e9:69:e0:91:98:48:56:f8:21:64:d3:
9a:eb:ae:03:85:e2:ee:cb:97:63:43:cc:45:65:4a:a9:e4:1d:
ed:df:04:ef:51:7d:51:5e:69:22:84:15:70:cf:5c:9d:e8:0c:
94:96:77:e9:db:68:f5:07:b3:7e:f1:25:45:d8:6f:12:8f:39:
fd:14:53:88:c3:1e:34:43:b8:df:a9:ae:ff:a9:bb:b8:06:89:
91:0d:fc:66:d4:aa:52:ed:54:10:3c:7b:c5:85:42:f6:bc:1c:
a0:16:aa:b2:1b:9d:6c:56:d0:54:92:c0:67:45:b1:f7:87:3c:
b3:ab:fb:b0:9c:1a:f2:b5:9e:1d:44:b0:9b:b0:2a:06:3c:41:
44:c5:a4:e2:70:42:4d:81:25:d9:f3:f1:fe:cf:e3:0f:34:0d:
95:e0:06:3d:28:98:cd:11:a9:ea:6d:d7:b5:ff:08:83:d3:be:
26:08:3a:f1:ad:51:d6:37:69:38:71:02:6c:6e:47:03:c7:7f:
35:fd:a9:5e:84:6d:2a:ab:18:fe:ea:a4:54:e6:64:fc:7b:eb:
db:c7:cf:50:33:dc:61:ac:d1:fe:d9:9c:1f:de:30:62:02:29:
d4:5c:1e:a8:c0:45:e4:8e:14:90:7e:20:29:39:23:07:2b:4b:
8e:b5:78:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3FPnhLrCytHFlDYc/T5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNGM4MzBiMTEyNjE0ODNhNjJiNjY5NmE0YzM3MjBlOGFk
ODhhMGQwHhcNMjQwMTAxMTYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzc3ZjA3MWJlOGIxNGY0NGY2YjVjYzVmM2UzNTEyOWExNjExYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG1E1tpv3Kq64TsfZDqWXlkoFKoK
Wf9G+6HTYK+FfY6QGV7SuRqvH69eBKqpyOgikfptalfz/3iP4VhzPud9SROL4rq5
uK+169oqhqrYb9Rer9rPWRYjbAlIrNrVHcUf8GBvIJku7S7fbgRuag8oJ3Z2ra1x
BWvhiI7CEgSaWSWiNdu8DXfG79mCg8r5gxZYZZPQ1F0LTNtprO7WgwBMs6x7kqUE
a8wDqR9Qa6GJFk9/KPr17KYdbKwjOKB97/hgwCq0Hx2bp+CKsLvJZup6P7y2EwBQ
Ei44K6dDzB+q1mTadRxOZRjK01MHXRHPd0ZfyKFtyGjrNGi2aWJb6+8pDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNx38HG+ixT0T2tcxfPjUSmhYRtJMB8GA1UdIwQY
MBaAFK1MgwsRJhSDpitmlqTDcg6K2IoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEt
MjIyY2ViNmMzNDRjLzEvM0hmd2NiNkxGUFJQYTF6RjgtTlJLYUZoRzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNmE2YmEtYWUwNS00NTI0LTg0ZDEtMjIyY2ViNmMzNDRj
LzEvclV5REN4RW1GSU9tSzJhV3BNTnlEb3JZaWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9hsAwQA
w0JMMA0GCSqGSIb3DQEBCwUAA4IBAQCEAKgwVuTz6WngkZhIVvghZNOa664DheLu
y5djQ8xFZUqp5B3t3wTvUX1RXmkihBVwz1yd6AyUlnfp22j1B7N+8SVF2G8Sjzn9
FFOIwx40Q7jfqa7/qbu4BomRDfxm1KpS7VQQPHvFhUL2vBygFqqyG51sVtBUksBn
RbH3hzyzq/uwnBrytZ4dRLCbsCoGPEFExaTicEJNgSXZ8/H+z+MPNA2V4AY9KJjN
Eanqbde1/wiD074mCDrxrVHWN2k4cQJsbkcDx381/alehG0qqxj+6qRU5mT8e+vb
x89QM9xhrNH+2Zwf3jBiAinUXB6owEXkjhSQfiApOSMHK0uOtXh1
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:40:53 2024 by rpki-client on console-fra.rpki-client.org