Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PlHKJQCN07LGYlwJOBe3lAJEibA.roa
File: PlHKJQCN07LGYlwJOBe3lAJEibA.roa (raw, json)
Hash identifier: 828Mkc3OIFLeaqWKi1eBGrtjn3V3tEuTeEWHclyozgw=
Subject key identifier: 3E:51:CA:25:00:8D:D3:B2:C6:62:5C:09:38:17:B7:94:02:44:89:B0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191976C9B3334AA0DAC76F8D298E54B3256
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PlHKJQCN07LGYlwJOBe3lAJEibA.roa
Signing time: Wed 28 Aug 2024 05:19:22 +0000
ROA not before: Wed 28 Aug 2024 05:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 401115
IP address blocks: 87.120.112.0/22 maxlen: 24
87.120.116.0/23 maxlen: 24
87.120.125.0/24 maxlen: 24
87.120.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:97:6c:9b:33:34:aa:0d:ac:76:f8:d2:98:e5:4b:32:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 28 05:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e51ca25008dd3b2c6625c093817b794024489b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:94:be:83:73:10:b1:66:12:c6:fa:e7:59:49:
6b:55:c4:4a:cf:b0:b7:ce:24:5f:f1:e7:10:23:05:
08:a2:41:6e:a3:a7:e8:8e:3d:75:91:7a:f7:d7:37:
51:b4:fa:3f:3f:3f:34:c9:e9:d9:be:ed:8f:cc:44:
d4:88:d8:3e:39:83:fb:1b:a8:36:9c:c1:ff:8c:f5:
ea:de:b2:62:01:ca:09:22:2c:91:af:73:4a:f3:16:
84:10:22:71:f9:77:18:01:9d:80:5f:f9:38:c4:c0:
1f:1f:fc:b6:e0:c2:e8:a8:83:ff:f4:0c:7b:a9:1f:
c8:f4:0f:ab:e3:3f:c5:70:fa:2f:66:ec:b4:35:9e:
af:73:ea:83:47:16:53:e9:ed:05:45:29:38:f1:59:
a3:dd:ca:da:93:a4:a0:f5:2f:8e:39:68:82:8a:42:
fc:81:64:68:b3:98:32:1a:fb:05:f1:0d:f0:c8:4e:
81:8c:eb:a7:f3:90:45:0d:36:be:2e:a1:ac:ab:8e:
da:00:c4:bd:38:cb:e1:0a:1e:6b:ed:76:12:6b:cd:
09:1a:15:e2:79:66:81:54:10:51:d7:08:bc:08:20:
d0:70:ae:3c:ed:2b:e6:58:60:23:23:91:c2:91:33:
05:ae:5a:89:ec:94:80:ca:b9:ca:2c:1a:f8:07:9e:
cc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:51:CA:25:00:8D:D3:B2:C6:62:5C:09:38:17:B7:94:02:44:89:B0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/PlHKJQCN07LGYlwJOBe3lAJEibA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.112.0-87.120.117.255
87.120.125.0-87.120.127.255
Signature Algorithm: sha256WithRSAEncryption
21:49:dd:79:61:bc:c2:53:13:f4:58:fa:ca:5b:51:af:64:0c:
92:16:59:ee:ee:ce:11:0f:11:e2:e1:d0:e2:92:36:81:3b:28:
18:50:91:fb:e0:00:52:d6:ca:6c:86:f3:6b:fd:c7:dd:67:3d:
cd:f3:1b:1d:10:41:a4:50:c5:ce:f0:2a:6e:6d:fe:7a:e6:d6:
f2:0f:35:a1:1e:ce:61:38:50:fc:12:34:ed:49:c1:40:32:a1:
c1:b2:fe:9d:0a:41:f7:ec:56:d8:e5:a4:a1:84:d1:7f:64:3e:
b6:47:00:e2:a4:13:5b:bc:ca:69:71:82:68:7a:8d:c7:a4:1e:
85:d1:31:e2:43:d2:ad:b8:e3:8c:ca:0c:3b:84:68:7f:fb:0e:
45:c5:23:ef:69:a9:b3:69:d1:fc:66:68:7b:4d:14:92:31:9f:
1e:e3:f2:53:40:c6:65:99:f2:02:dc:7f:46:26:00:01:87:f8:
03:db:47:d3:bf:c5:56:28:d9:44:94:35:97:f9:95:11:1f:3c:
6d:b5:57:6b:01:31:ca:0b:a6:07:c3:42:04:36:b1:ed:8e:7c:
c0:6f:46:9f:ec:d8:1a:f1:ce:ee:17:0e:36:31:71:30:d7:8e:
9f:97:d5:be:5a:0b:10:4c:aa:bb:9d:1b:90:53:8d:92:cc:56:
68:37:7f:e2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZGXbJszNKoNrHb40pjlSzJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODI4MDUxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTUxY2EyNTAwOGRkM2IyYzY2MjVjMDkzODE3Yjc5NDAyNDQ4OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25S+g3MQsWYSxvrnWUlrVcRKz7C3
ziRf8ecQIwUIokFuo6fojj11kXr31zdRtPo/Pz80yenZvu2PzETUiNg+OYP7G6g2
nMH/jPXq3rJiAcoJIiyRr3NK8xaEECJx+XcYAZ2AX/k4xMAfH/y24MLoqIP/9Ax7
qR/I9A+r4z/FcPovZuy0NZ6vc+qDRxZT6e0FRSk48Vmj3crak6Sg9S+OOWiCikL8
gWRos5gyGvsF8Q3wyE6BjOun85BFDTa+LqGsq47aAMS9OMvhCh5r7XYSa80JGhXi
eWaBVBBR1wi8CCDQcK487SvmWGAjI5HCkTMFrlqJ7JSAyrnKLBr4B57MfwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFD5RyiUAjdOyxmJcCTgXt5QCRImwMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUGxIS0pRQ04wN0xHWWx3Sk9CZTNsQUpFaWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBARXeHAD
BAFXeHQwDAMEAFd4fQMEB1d4ADANBgkqhkiG9w0BAQsFAAOCAQEAIUndeWG8wlMT
9Fj6yltRr2QMkhZZ7u7OEQ8R4uHQ4pI2gTsoGFCR++AAUtbKbIbza/3H3Wc9zfMb
HRBBpFDFzvAqbm3+eubW8g81oR7OYThQ/BI07UnBQDKhwbL+nQpB9+xW2OWkoYTR
f2Q+tkcA4qQTW7zKaXGCaHqNx6QehdEx4kPSrbjjjMoMO4Rof/sORcUj72mps2nR
/GZoe00UkjGfHuPyU0DGZZnyAtx/RiYAAYf4A9tH07/FVijZRJQ1l/mVER88bbVX
awExygumB8NCBDax7Y58wG9Gn+zYGvHO7hcONjFxMNeOn5fVvloLEEyqu50bkFON
ksxWaDd/4g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:05 2024 by rpki-client on console-fra.rpki-client.org