Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3V1fu4E0H6JpgOTtYbXvT6iv4dE.roa
File: 3V1fu4E0H6JpgOTtYbXvT6iv4dE.roa (raw, json)
Hash identifier: 48IZrB5MuxhZQmZN3iyzIh9R9fxYxYmLyFnwgHh5lU0=
Subject key identifier: DD:5D:5F:BB:81:34:1F:A2:69:80:E4:ED:61:B5:EF:4F:A8:AF:E1:D1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192D783E1C908B13C44956BAECAC56F6981
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3V1fu4E0H6JpgOTtYbXvT6iv4dE.roa
Signing time: Tue 29 Oct 2024 09:03:17 +0000
ROA not before: Tue 29 Oct 2024 09:03:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214943
IP address blocks: 87.120.84.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
94.156.227.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:83:e1:c9:08:b1:3c:44:95:6b:ae:ca:c5:6f:69:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 29 09:03:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd5d5fbb81341fa26980e4ed61b5ef4fa8afe1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:89:43:3d:e1:dd:03:de:44:b0:fa:30:b8:50:
9f:27:70:63:18:76:65:19:66:0a:f3:3b:be:81:ab:
16:48:e6:37:e4:69:40:78:af:ab:61:de:d9:5a:ba:
6e:19:ca:7a:a2:ff:5b:d5:ed:0d:1c:89:a9:66:fd:
a0:59:64:c0:b4:fa:45:f8:63:1f:36:ac:5c:c0:1c:
41:87:90:94:92:e8:2a:a0:6a:a2:7c:44:8d:ae:c2:
b5:29:bf:6a:3c:4e:56:d8:db:b9:db:6e:a8:fb:3a:
a6:21:b7:a6:df:52:c1:02:93:f1:7c:52:27:c4:3c:
38:78:72:00:cc:bd:92:03:87:f1:43:3c:6c:a6:83:
19:6d:3b:64:3e:08:11:00:ab:33:89:1c:3e:0a:0e:
f1:1b:e4:8e:a4:5b:1b:3a:48:2e:42:fa:9b:05:df:
33:90:e3:66:c3:64:90:5a:fc:c4:49:1c:65:ca:92:
f9:e7:75:50:8b:54:7e:28:c6:da:73:46:06:a2:90:
6e:bf:6d:6b:74:c2:86:49:94:39:94:6c:61:c8:67:
bb:c4:45:27:93:04:06:51:0b:b1:20:51:a2:f0:63:
01:88:4c:85:83:1d:f6:75:3c:68:75:0a:77:f4:af:
f4:ed:3c:1a:35:df:99:11:c6:57:c2:e0:b1:8b:06:
f7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:5D:5F:BB:81:34:1F:A2:69:80:E4:ED:61:B5:EF:4F:A8:AF:E1:D1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3V1fu4E0H6JpgOTtYbXvT6iv4dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.84.0/24
94.156.177.0/24
94.156.227.0/24
178.215.236.0/24
185.216.71.0/24
Signature Algorithm: sha256WithRSAEncryption
31:4e:f2:55:32:54:a5:69:7c:d0:9d:05:c7:fb:27:7a:cd:73:
88:0f:60:c1:29:a6:da:30:fb:90:4a:72:f0:50:e8:99:ee:1e:
d5:1d:f2:fc:4b:aa:4d:a4:d8:5f:3f:97:a3:f9:69:2d:00:7f:
f2:ac:77:b8:9a:35:f0:68:52:33:23:07:42:ce:a8:07:ae:de:
1c:10:6f:45:67:6a:7b:10:c8:63:8b:1d:c4:22:46:94:c2:0b:
60:df:ff:9b:41:b9:5b:c3:51:e0:a5:2f:3d:c6:10:c3:5c:b8:
12:0a:ab:77:de:2f:ba:fc:f0:46:78:14:b3:61:8a:f9:d5:24:
f2:78:fe:fd:f9:1f:28:fc:d9:29:2f:8a:99:f7:6e:6a:97:b4:
44:c5:b6:1d:42:a8:1a:29:a2:8d:7f:fe:60:b8:a2:49:a2:fb:
14:16:ca:f1:6b:db:60:c3:ee:a6:ac:c5:30:7d:6f:0f:8c:d7:
0b:f0:4a:ad:44:58:c6:f4:04:2c:7d:72:32:e4:66:a6:c9:57:
8f:40:86:da:46:7d:23:96:f3:6d:4a:42:7c:b7:ab:b0:c8:b5:
fa:b9:bc:d9:11:dd:ba:fa:48:41:83:05:b6:c8:0e:4a:1c:fe:
43:5a:5e:82:a6:b7:53:c4:de:19:87:85:a7:82:af:8d:29:9d:
53:c0:bf:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLXg+HJCLE8RJVrrsrFb2mBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI5MDkwMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDVkNWZiYjgxMzQxZmEyNjk4MGU0ZWQ2MWI1ZWY0ZmE4YWZlMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYlDPeHdA95EsPowuFCfJ3BjGHZl
GWYK8zu+gasWSOY35GlAeK+rYd7ZWrpuGcp6ov9b1e0NHImpZv2gWWTAtPpF+GMf
NqxcwBxBh5CUkugqoGqifESNrsK1Kb9qPE5W2Nu5226o+zqmIbem31LBApPxfFIn
xDw4eHIAzL2SA4fxQzxspoMZbTtkPggRAKsziRw+Cg7xG+SOpFsbOkguQvqbBd8z
kONmw2SQWvzESRxlypL553VQi1R+KMbac0YGopBuv21rdMKGSZQ5lGxhyGe7xEUn
kwQGUQuxIFGi8GMBiEyFgx32dTxodQp39K/07TwaNd+ZEcZXwuCxiwb3LQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN1dX7uBNB+iaYDk7WG170+or+HRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM1YxZnU0RTBINkpwZ09UdFliWHZUNml2NGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAV3hUAwQA
XpyxAwQAXpzjAwQAstfsAwQAudhHMA0GCSqGSIb3DQEBCwUAA4IBAQAxTvJVMlSl
aXzQnQXH+yd6zXOID2DBKabaMPuQSnLwUOiZ7h7VHfL8S6pNpNhfP5ej+WktAH/y
rHe4mjXwaFIzIwdCzqgHrt4cEG9FZ2p7EMhjix3EIkaUwgtg3/+bQblbw1HgpS89
xhDDXLgSCqt33i+6/PBGeBSzYYr51STyeP79+R8o/NkpL4qZ925ql7RExbYdQqga
KaKNf/5guKJJovsUFsrxa9tgw+6mrMUwfW8PjNcL8EqtRFjG9AQsfXIy5GamyVeP
QIbaRn0jlvNtSkJ8t6uwyLX6ubzZEd26+khBgwW2yA5KHP5DWl6CprdTxN4Zh4Wn
gq+NKZ1TwL8t
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:02 2024 by rpki-client on console-fra.rpki-client.org