Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PBh9QNTuP1OinPdyjATSe-CCpvg.roa
File: PBh9QNTuP1OinPdyjATSe-CCpvg.roa (raw, json)
Hash identifier: fDdXktFGJWKtilGzYNpbaYmJ4JLahbRQd64WWtCjqeQ=
Subject key identifier: 3C:18:7D:40:D4:EE:3F:53:A2:9C:F7:72:8C:04:D2:7B:E0:82:A6:F8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192DF122A825F013E2A027C112BBDA7053A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PBh9QNTuP1OinPdyjATSe-CCpvg.roa
Signing time: Wed 30 Oct 2024 20:16:02 +0000
ROA not before: Wed 30 Oct 2024 20:16:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36666
IP address blocks: 83.143.115.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:df:12:2a:82:5f:01:3e:2a:02:7c:11:2b:bd:a7:05:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 30 20:16:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c187d40d4ee3f53a29cf7728c04d27be082a6f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:be:e4:ec:32:e6:e7:83:82:cc:8c:59:03:0f:
96:84:72:5c:75:3a:6f:2d:88:2f:b4:9a:2a:8c:0d:
51:53:b2:fc:57:69:ff:a6:aa:76:bd:17:e4:e1:d0:
e8:81:0e:c9:e5:6c:ef:29:ba:d8:b1:ad:1f:df:61:
e5:98:84:a5:03:8a:2e:b8:e6:53:8a:f8:9e:23:08:
4b:ba:b3:d7:d3:1a:0a:20:b6:73:cf:4b:d9:04:54:
1f:28:9b:f0:c1:49:7d:62:fa:bb:67:c6:d1:dd:42:
c1:e6:24:33:c3:23:2a:78:3c:71:c8:96:c1:7e:35:
5d:24:a2:cc:7f:28:77:bd:d4:dd:55:0d:3e:fc:49:
21:9b:52:e7:a0:ca:d0:7f:fc:95:ff:ba:34:ca:5d:
90:ef:c8:5a:3e:bb:b4:09:e3:9f:8e:29:6e:3d:e5:
51:04:9f:66:ec:05:b2:bf:ac:7f:62:80:9a:8f:a9:
7e:9f:be:4c:03:ff:78:b1:64:55:5e:5b:30:fa:fd:
46:26:35:e7:67:21:f8:92:76:97:71:75:f1:78:cc:
c7:a2:c4:ed:bd:2f:39:16:15:55:7d:c5:04:8b:42:
de:13:71:bb:90:ec:1c:e5:e9:cd:2a:28:71:7a:6c:
b9:4a:2d:10:80:16:19:2e:1a:2f:d8:6e:aa:0f:42:
0b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:18:7D:40:D4:EE:3F:53:A2:9C:F7:72:8C:04:D2:7B:E0:82:A6:F8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PBh9QNTuP1OinPdyjATSe-CCpvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.115.0/24
94.156.8.0/24
Signature Algorithm: sha256WithRSAEncryption
22:c9:94:c2:c6:25:0f:b0:0f:bf:5b:9c:5c:6c:d2:11:d1:02:
c6:ab:3f:46:df:05:00:34:7d:7d:a1:5a:5f:26:2b:3f:7c:9c:
70:3f:55:6e:4c:08:97:8d:e6:cf:15:13:de:47:f4:f2:c9:fb:
31:ec:5e:2d:97:bb:5d:34:24:36:9b:64:43:13:95:e8:76:2d:
32:f7:30:a7:9f:1d:d1:63:d8:03:7b:ee:2c:ea:eb:c7:b6:44:
cf:39:c4:2e:42:8e:c5:55:ee:23:e5:3e:4c:e5:72:db:cd:22:
c6:59:30:c4:b3:31:3d:99:19:2f:75:69:9c:0d:97:30:f4:37:
4a:32:eb:d3:63:a7:4d:02:1c:43:68:93:a4:ca:3b:72:ce:13:
74:9b:b2:96:fe:9e:41:ce:cb:c9:da:0f:1c:0f:d9:80:26:17:
f2:80:51:63:a9:06:f3:10:18:02:a7:bc:80:05:43:de:dd:2f:
bb:60:5a:64:b2:2b:5f:80:41:d4:8a:8a:dc:e3:72:1f:e0:e7:
83:fb:84:35:85:dc:bb:39:93:77:52:36:59:8a:e8:4a:7d:86:
5e:8a:9a:cf:20:79:68:14:ba:2a:15:9d:9c:fd:16:70:c8:5a:
e9:0c:60:79:1a:32:69:b2:a1:36:de:ac:19:d2:cd:13:cb:78:
65:b6:82:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLfEiqCXwE+KgJ8ESu9pwU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDMwMjAxNjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzE4N2Q0MGQ0ZWUzZjUzYTI5Y2Y3NzI4YzA0ZDI3YmUwODJhNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA177k7DLm54OCzIxZAw+WhHJcdTpv
LYgvtJoqjA1RU7L8V2n/pqp2vRfk4dDogQ7J5WzvKbrYsa0f32HlmISlA4ouuOZT
ivieIwhLurPX0xoKILZzz0vZBFQfKJvwwUl9Yvq7Z8bR3ULB5iQzwyMqeDxxyJbB
fjVdJKLMfyh3vdTdVQ0+/Ekhm1LnoMrQf/yV/7o0yl2Q78haPru0CeOfjiluPeVR
BJ9m7AWyv6x/YoCaj6l+n75MA/94sWRVXlsw+v1GJjXnZyH4knaXcXXxeMzHosTt
vS85FhVVfcUEi0LeE3G7kOwc5enNKihxemy5Si0QgBYZLhov2G6qD0IL6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDwYfUDU7j9Topz3cowE0nvggqb4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUEJoOVFOVHVQMU9pblBkeWpBVFNlLUNDcHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU49zAwQA
XpwIMA0GCSqGSIb3DQEBCwUAA4IBAQAiyZTCxiUPsA+/W5xcbNIR0QLGqz9G3wUA
NH19oVpfJis/fJxwP1VuTAiXjebPFRPeR/Tyyfsx7F4tl7tdNCQ2m2RDE5Xodi0y
9zCnnx3RY9gDe+4s6uvHtkTPOcQuQo7FVe4j5T5M5XLbzSLGWTDEszE9mRkvdWmc
DZcw9DdKMuvTY6dNAhxDaJOkyjtyzhN0m7KW/p5BzsvJ2g8cD9mAJhfygFFjqQbz
EBgCp7yABUPe3S+7YFpksitfgEHUiorc43If4OeD+4Q1hdy7OZN3UjZZiuhKfYZe
iprPIHloFLoqFZ2c/RZwyFrpDGB5GjJpsqE23qwZ0s0Ty3hltoJU
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:05 2024 by rpki-client on console-fra.rpki-client.org