Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o3G1jDpHw_-m_QCYPwkWXb9SEKU.roa
File: o3G1jDpHw_-m_QCYPwkWXb9SEKU.roa (raw, json)
Hash identifier: xgzxHHVgqS+w7uC16Hukt8kuBSPXOntRNaeQgErC0og=
Subject key identifier: A3:71:B5:8C:3A:47:C3:FF:A6:FD:00:98:3F:09:16:5D:BF:52:10:A5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01933EA12E10A67BF4BABB895C4A3402C03A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o3G1jDpHw_-m_QCYPwkWXb9SEKU.roa
Signing time: Mon 18 Nov 2024 09:36:10 +0000
ROA not before: Mon 18 Nov 2024 09:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 37.139.130.0/24 maxlen: 24
45.149.243.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
85.217.144.0/23 maxlen: 24
147.78.102.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.225.74.0/23 maxlen: 24
193.35.18.0/24 maxlen: 24
193.149.28.0/22 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:a1:2e:10:a6:7b:f4:ba:bb:89:5c:4a:34:02:c0:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 18 09:36:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a371b58c3a47c3ffa6fd00983f09165dbf5210a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2b:af:fa:e8:a7:49:78:18:54:ed:97:1c:b9:
3f:be:e9:c1:5f:e0:8d:00:92:ee:b3:c9:80:1b:5c:
18:82:d5:5d:ce:a9:e7:14:e2:29:c6:e5:1b:31:9a:
56:fa:ae:68:23:38:a2:5f:96:c0:25:d0:79:bf:f8:
c8:a3:28:a4:47:65:38:54:2e:22:67:59:55:1c:88:
3a:a4:fa:a0:a0:28:21:fa:22:51:23:d3:86:35:b2:
fd:fd:30:e3:e8:c4:35:f3:b0:9b:82:37:c8:9a:53:
3f:8f:ce:01:ff:58:d5:e6:44:b6:08:0e:64:ac:b7:
a6:29:d8:83:2c:a6:a9:c8:9c:79:6a:1f:26:55:90:
27:50:16:77:3d:45:53:72:23:4d:78:29:77:b3:a8:
b0:a3:0d:36:dd:78:2c:7e:98:a6:4e:ad:aa:58:83:
2f:4e:59:92:65:13:b0:e2:10:5e:30:5e:8d:65:a9:
f9:0e:89:d9:ab:c5:5b:da:2c:ae:9a:14:b1:0b:89:
55:ae:ae:92:06:ab:29:fc:91:80:cb:1c:e1:ab:d3:
66:b7:ec:10:3c:c3:35:0d:33:4e:60:40:0c:3d:29:
d1:10:2a:02:a5:15:2c:70:77:db:20:f7:d3:f2:bc:
ad:e8:74:1e:d0:64:3d:89:dd:34:41:ec:ba:f4:78:
09:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:71:B5:8C:3A:47:C3:FF:A6:FD:00:98:3F:09:16:5D:BF:52:10:A5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o3G1jDpHw_-m_QCYPwkWXb9SEKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.149.243.0/24
79.110.48.0/24
79.110.61.0/24
85.217.144.0/23
147.78.102.0/24
178.215.227.0/24
185.225.74.0/23
193.35.18.0/24
193.149.28.0/22
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:3a:8d:bb:61:09:6d:1c:9b:ea:e9:c2:4c:27:07:4d:4d:7d:
7f:62:ee:5a:fc:69:8a:13:b3:8f:79:01:f1:0b:29:bf:04:de:
6c:cf:59:c5:c0:f4:d4:d6:df:fa:94:36:3f:f7:6f:ba:21:72:
4f:ef:be:01:da:37:9f:c8:ac:b9:ef:52:36:87:c3:6c:79:08:
91:d2:80:6a:52:f2:98:0b:cd:84:a1:a6:81:fc:fe:bd:9e:aa:
f6:d8:c1:50:1d:77:72:00:3d:05:8b:2c:f0:a1:f1:1b:5e:ca:
d9:a3:17:03:6f:7a:99:e2:5c:d1:a8:aa:29:58:04:48:81:ec:
7a:27:99:4b:7b:fe:72:e3:fb:bb:76:56:6a:f0:31:09:2e:04:
03:02:d1:54:93:8d:76:c2:a2:ec:e3:8d:a1:b4:95:86:6a:f7:
f5:b1:b6:84:9c:88:2d:8b:d8:5e:3e:d5:0a:7e:7c:c0:19:c2:
14:a2:4e:0c:5b:73:0d:73:cf:d7:24:73:c5:e8:c9:0a:22:16:
60:ce:bb:2e:16:31:22:92:6d:51:0f:60:f5:76:68:0b:38:fe:
f3:60:dc:79:4b:ae:a7:4a:3c:e3:e9:47:d9:e6:0f:6e:b4:55:
f4:67:2e:ec:9f:dc:ed:dd:d7:0f:db:8f:e1:8d:71:c0:90:18:
69:c5:5e:99
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZM+oS4Qpnv0uruJXEo0AsA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTE4MDkzNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzcxYjU4YzNhNDdjM2ZmYTZmZDAwOTgzZjA5MTY1ZGJmNTIxMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSuv+uinSXgYVO2XHLk/vunBX+CN
AJLus8mAG1wYgtVdzqnnFOIpxuUbMZpW+q5oIziiX5bAJdB5v/jIoyikR2U4VC4i
Z1lVHIg6pPqgoCgh+iJRI9OGNbL9/TDj6MQ187CbgjfImlM/j84B/1jV5kS2CA5k
rLemKdiDLKapyJx5ah8mVZAnUBZ3PUVTciNNeCl3s6iwow023XgsfpimTq2qWIMv
TlmSZROw4hBeMF6NZan5DonZq8Vb2iyumhSxC4lVrq6SBqsp/JGAyxzhq9Nmt+wQ
PMM1DTNOYEAMPSnRECoCpRUscHfbIPfT8ryt6HQe0GQ9id00Qey69HgJ5wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKNxtYw6R8P/pv0AmD8JFl2/UhClMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbzNHMWpEcEh3Xy1tX1FDWVB3a1dYYjlTRUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAJYuCAwQA
LZXzAwQAT24wAwQAT249AwQBVdmQAwQAk05mAwQAstfjAwQBueFKAwQAwSMSAwQC
wZUcAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQBOOo27YQltHJvq6cJMJwdNTX1/
Yu5a/GmKE7OPeQHxCym/BN5sz1nFwPTU1t/6lDY/92+6IXJP774B2jefyKy571I2
h8NseQiR0oBqUvKYC82EoaaB/P69nqr22MFQHXdyAD0FiyzwofEbXsrZoxcDb3qZ
4lzRqKopWARIgex6J5lLe/5y4/u7dlZq8DEJLgQDAtFUk412wqLs442htJWGavf1
sbaEnIgti9hePtUKfnzAGcIUok4MW3MNc8/XJHPF6MkKIhZgzrsuFjEikm1RD2D1
dmgLOP7zYNx5S66nSjzj6UfZ5g9utFX0Zy7sn9zt3dcP24/hjXHAkBhpxV6Z
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:33:11 2024 by rpki-client on console-fra.rpki-client.org