Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/N3PjDdJrYM1FVFo04Ip1b5eQZW0.roa
File: N3PjDdJrYM1FVFo04Ip1b5eQZW0.roa (raw, json)
Hash identifier: FTVDxFm/f2bB9P32nRvrWrQgUauRWuZLwkfT6UFe2oM=
Subject key identifier: 37:73:E3:0D:D2:6B:60:CD:45:54:5A:34:E0:8A:75:6F:97:90:65:6D
Certificate issuer: /CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Certificate serial: 018CC3B6D7C3AE61FEB7FB8A0CB5549FE381
Authority key identifier: 32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/N3PjDdJrYM1FVFo04Ip1b5eQZW0.roa
Signing time: Mon 01 Jan 2024 06:29:49 +0000
ROA not before: Mon 01 Jan 2024 06:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 147.189.19.0/24 maxlen: 24
147.189.20.0/24 maxlen: 24
147.189.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d7:c3:ae:61:fe:b7:fb:8a:0c:b5:54:9f:e3:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Validity
Not Before: Jan 1 06:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3773e30dd26b60cd45545a34e08a756f9790656d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:59:9d:4f:0d:c9:d0:2d:d5:8d:56:2f:a9:5d:
6a:9b:95:70:c9:c6:38:c1:83:61:e8:8a:0e:d1:8f:
11:01:1f:98:40:2d:08:fc:3b:68:60:f9:5f:5a:57:
37:a2:d5:f0:db:a3:de:72:f4:01:1d:eb:f8:41:8c:
99:21:eb:2c:4b:f5:99:46:a8:15:f6:b8:0e:26:67:
05:b5:a3:1c:96:71:1b:aa:26:12:a7:9e:6c:a5:80:
d7:d7:e9:4a:b3:e8:59:8b:96:6b:7b:89:14:05:f1:
54:a0:ec:43:ff:71:9e:cc:d4:45:49:96:82:d8:d3:
7f:cf:e6:1f:0a:9d:1a:3a:59:66:83:81:44:96:68:
d0:3f:03:7b:49:c1:45:81:14:bc:f6:7e:bd:00:77:
ce:30:16:fc:56:6b:56:40:0e:0b:95:23:95:fb:f2:
e2:e5:81:0f:62:ae:94:60:6f:92:c8:00:aa:e1:09:
a4:fd:e3:cc:75:f7:56:2a:76:6c:7d:fc:de:a3:e8:
c9:b4:91:0d:a3:e8:86:03:ec:a4:2e:d2:e8:f9:28:
b3:66:bd:d6:4d:50:de:32:f0:91:2d:7b:a6:89:0a:
49:b5:5d:84:60:5c:89:44:61:b8:51:43:47:86:27:
c4:63:99:0b:8a:65:9c:e7:11:fc:ac:05:8a:48:c3:
9c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:73:E3:0D:D2:6B:60:CD:45:54:5A:34:E0:8A:75:6F:97:90:65:6D
X509v3 Authority Key Identifier:
keyid:32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/N3PjDdJrYM1FVFo04Ip1b5eQZW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.18.0-147.189.20.255
Signature Algorithm: sha256WithRSAEncryption
56:14:51:4c:1a:aa:54:98:94:e4:23:87:94:68:cc:13:4e:84:
63:d4:2b:6a:e6:52:c1:73:dd:91:39:51:cb:4f:0b:b9:71:03:
64:5b:4a:e1:67:e6:b5:be:b4:57:f1:b3:72:fe:f7:c1:dc:a2:
4a:01:e6:82:02:f0:1c:88:ac:a7:a8:de:c6:29:73:2b:c7:28:
14:b6:c0:08:58:8d:b0:8b:d0:7a:77:f5:be:b7:37:82:ab:f7:
af:a2:af:b7:82:ec:17:b0:64:d9:4f:b1:2b:20:3a:be:05:0e:
40:99:2a:a8:70:f0:69:12:cb:22:a2:3d:96:4a:e0:3e:d9:ce:
1c:2b:c0:50:62:9c:86:b5:52:8a:e4:2d:8e:9a:05:a3:a2:df:
33:a0:9b:b6:c3:e3:28:19:bb:b4:b0:94:f8:b4:5d:b7:6f:94:
32:4d:85:ea:db:23:e7:a8:5d:c2:d0:b0:32:e1:df:62:49:7c:
68:67:40:34:93:bd:78:2c:24:92:af:01:0e:7f:a6:b4:ae:7f:
14:de:d7:2f:4b:18:45:60:9a:79:f0:4c:1d:49:1c:be:73:84:
15:40:6a:80:c0:d0:c0:1f:88:4a:99:c5:61:12:6e:d5:50:6f:
2e:bf:03:ea:79:13:03:a8:2c:0e:7c:7f:b2:77:ce:dd:fa:27:
8f:dc:5b:ce
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDttfDrmH+t/uKDLVUn+OBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYWQ4MGQ0MTFhY2I5MzY4NWY1NThhYTdlMTJmNDZiZDE3
MGE3ZmIwHhcNMjQwMTAxMDYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzczZTMwZGQyNmI2MGNkNDU1NDVhMzRlMDhhNzU2Zjk3OTA2NTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1mdTw3J0C3VjVYvqV1qm5VwycY4
wYNh6IoO0Y8RAR+YQC0I/DtoYPlfWlc3otXw26PecvQBHev4QYyZIessS/WZRqgV
9rgOJmcFtaMclnEbqiYSp55spYDX1+lKs+hZi5Zre4kUBfFUoOxD/3GezNRFSZaC
2NN/z+YfCp0aOllmg4FElmjQPwN7ScFFgRS89n69AHfOMBb8VmtWQA4LlSOV+/Li
5YEPYq6UYG+SyACq4Qmk/ePMdfdWKnZsffzeo+jJtJENo+iGA+ykLtLo+SizZr3W
TVDeMvCRLXumiQpJtV2EYFyJRGG4UUNHhifEY5kLimWc5xH8rAWKSMOczwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDdz4w3Sa2DNRVRaNOCKdW+XkGVtMB8GA1UdIwQY
MBaAFDKtgNQRrLk2hfVYqn4S9GvRcKf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAt
ZGMwZTgxYTlkN2I0LzEvTjNQakRkSnJZTTFGVkZvMDRJcDFiNWVRWlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAtZGMwZTgxYTlkN2I0
LzEvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGTvRID
BACTvRQwDQYJKoZIhvcNAQELBQADggEBAFYUUUwaqlSYlOQjh5RozBNOhGPUK2rm
UsFz3ZE5UctPC7lxA2RbSuFn5rW+tFfxs3L+98HcokoB5oIC8ByIrKeo3sYpcyvH
KBS2wAhYjbCL0Hp39b63N4Kr96+ir7eC7BewZNlPsSsgOr4FDkCZKqhw8GkSyyKi
PZZK4D7ZzhwrwFBinIa1UorkLY6aBaOi3zOgm7bD4ygZu7SwlPi0XbdvlDJNherb
I+eoXcLQsDLh32JJfGhnQDSTvXgsJJKvAQ5/prSufxTe1y9LGEVgmnnwTB1JHL5z
hBVAaoDA0MAfiEqZxWESbtVQby6/A+p5EwOoLA58f7J3zt36J4/cW84=
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:12:42 2024 by rpki-client on console-ams.rpki-client.org