Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/3Ur-zE_chpcLANxBtH58wg48jzQ.roa
File: 3Ur-zE_chpcLANxBtH58wg48jzQ.roa (raw, json)
Hash identifier: cVH3RAvl7A+TC45Z5J2RgYcYoD7hVc5T+t3VUHIuqJY=
Subject key identifier: DD:4A:FE:CC:4F:DC:86:97:0B:00:DC:41:B4:7E:7C:C2:0E:3C:8F:34
Certificate issuer: /CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Certificate serial: 018CCA2995D15D59B8E9ECC61060C666E1C4
Authority key identifier: D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/3Ur-zE_chpcLANxBtH58wg48jzQ.roa
Signing time: Tue 02 Jan 2024 12:32:52 +0000
ROA not before: Tue 02 Jan 2024 12:32:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210838
IP address blocks: 109.234.78.0/24 maxlen: 24
2a11:9c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:95:d1:5d:59:b8:e9:ec:c6:10:60:c6:66:e1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Validity
Not Before: Jan 2 12:32:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd4afecc4fdc86970b00dc41b47e7cc20e3c8f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2b:25:0c:aa:23:44:bf:39:c6:ed:ee:ad:26:
93:45:2a:d6:7b:0d:29:7a:d8:54:ef:11:36:26:45:
9c:63:3c:b0:85:a7:6c:ac:28:8e:58:8c:b7:f1:50:
dc:77:b6:9f:a2:db:08:81:f3:1c:dd:a0:17:89:7c:
e6:7f:46:c6:5e:be:9d:ec:52:b1:4e:d2:71:f2:5f:
0d:59:40:6d:a3:03:a8:07:a0:62:10:64:c1:3c:c8:
7c:ee:16:c3:80:23:f5:dd:34:e8:74:70:4c:d3:ff:
b7:e5:b4:cc:95:68:a9:f9:44:6e:e4:b0:3b:09:b6:
82:5f:e5:77:fc:17:0a:21:17:97:34:05:9a:bf:cb:
36:65:c7:5d:a5:bb:92:d8:0a:19:ff:1e:96:19:cd:
18:33:53:09:d1:b9:be:c1:8c:07:9b:bd:72:a9:a2:
e9:52:4e:2d:0e:f6:cf:ce:88:0a:09:84:5e:09:3d:
26:e1:90:ae:c6:25:29:cc:13:bd:32:b5:a7:b6:8a:
d4:b4:42:99:89:f9:dd:6f:24:a7:b5:79:2b:ac:7a:
0c:41:33:5e:aa:62:64:0f:69:dc:ae:1a:ef:ab:90:
f5:25:4a:40:d6:d5:6f:1a:86:16:4e:1a:3e:72:47:
57:9b:c4:96:36:29:b3:fa:e9:c4:2b:31:ef:e0:29:
9e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4A:FE:CC:4F:DC:86:97:0B:00:DC:41:B4:7E:7C:C2:0E:3C:8F:34
X509v3 Authority Key Identifier:
keyid:D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/3Ur-zE_chpcLANxBtH58wg48jzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.78.0/24
IPv6:
2a11:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
50:8e:66:30:ac:c4:d5:38:09:c2:92:95:90:1a:78:c2:0b:07:
74:ab:4a:91:c6:ca:dd:17:08:8e:07:bb:17:0c:97:47:9f:d4:
c0:ec:e0:ae:53:17:84:e1:f1:b9:c3:57:bd:13:94:41:93:99:
42:b8:ca:49:fe:f3:de:35:2a:ad:93:00:08:4e:03:d6:2c:c6:
00:52:a0:e3:10:1a:bc:e8:de:90:2f:94:8e:5a:ca:92:a2:ca:
94:85:ea:20:20:57:82:c0:06:74:a5:cf:93:71:23:e9:44:20:
a0:ea:11:08:ee:a6:a3:8d:10:98:87:45:5d:ce:da:ce:11:26:
fa:63:17:c0:b5:08:64:20:ee:52:16:43:19:67:92:67:a2:89:
c6:00:0a:a5:c0:c3:b1:b1:24:66:c5:f8:7e:5c:2e:29:18:61:
be:98:85:00:55:cb:94:bf:bc:ac:af:e2:a8:2b:ef:c7:3f:7e:
d7:2d:c4:13:73:97:fc:79:a7:7e:30:f4:10:d7:a3:12:f2:5e:
f4:22:ec:0c:1f:76:e7:3e:a5:fc:3d:a6:32:ea:3b:d9:49:36:
01:1d:03:bd:93:24:46:d1:68:9b:5b:a8:ec:d9:94:64:88:e5:
23:38:0f:aa:07:ca:19:8a:98:bb:f9:90:1f:df:db:46:f6:82:
1e:ac:4f:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKZXRXVm46ezGEGDGZuHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGZhNmJlM2Y1YzM4ZjRiYjdlMDYyYjY3MDc3NDdmNDk2
MWEwNDgwHhcNMjQwMTAyMTIzMjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDRhZmVjYzRmZGM4Njk3MGIwMGRjNDFiNDdlN2NjMjBlM2M4ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCslDKojRL85xu3urSaTRSrWew0p
ethU7xE2JkWcYzywhadsrCiOWIy38VDcd7afotsIgfMc3aAXiXzmf0bGXr6d7FKx
TtJx8l8NWUBtowOoB6BiEGTBPMh87hbDgCP13TTodHBM0/+35bTMlWip+URu5LA7
CbaCX+V3/BcKIReXNAWav8s2ZcddpbuS2AoZ/x6WGc0YM1MJ0bm+wYwHm71yqaLp
Uk4tDvbPzogKCYReCT0m4ZCuxiUpzBO9MrWntorUtEKZifndbySntXkrrHoMQTNe
qmJkD2ncrhrvq5D1JUpA1tVvGoYWTho+ckdXm8SWNimz+unEKzHv4Cme3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN1K/sxP3IaXCwDcQbR+fMIOPI80MB8GA1UdIwQY
MBaAFNNPpr4/XDj0u34GK2cHdH9JYaBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEt
OTgxMTg0ZGVlMTMxLzEvM1VyLXpFX2NocGNMQU54QnRINTh3ZzQ4anpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEtOTgxMTg0ZGVlMTMx
LzEvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbepOMA0E
AgACMAcDBQMqEZyAMA0GCSqGSIb3DQEBCwUAA4IBAQBQjmYwrMTVOAnCkpWQGnjC
Cwd0q0qRxsrdFwiOB7sXDJdHn9TA7OCuUxeE4fG5w1e9E5RBk5lCuMpJ/vPeNSqt
kwAITgPWLMYAUqDjEBq86N6QL5SOWsqSosqUheogIFeCwAZ0pc+TcSPpRCCg6hEI
7qajjRCYh0VdztrOESb6YxfAtQhkIO5SFkMZZ5JnoonGAAqlwMOxsSRmxfh+XC4p
GGG+mIUAVcuUv7ysr+KoK+/HP37XLcQTc5f8ead+MPQQ16MS8l70IuwMH3bnPqX8
PaYy6jvZSTYBHQO9kyRG0WibW6js2ZRkiOUjOA+qB8oZipi7+ZAf39tG9oIerE8w
-----END CERTIFICATE-----
Generated at Tue May 28 23:03:14 2024 by rpki-client on console-ams.rpki-client.org