Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/c3VOwD6TDbaj574snTwBH94FLCg.roa
File: c3VOwD6TDbaj574snTwBH94FLCg.roa (raw, json)
Hash identifier: PgdAt9iQ3ciD/wIYkczHYPPVSlX/buwIkIFxWJvRoA0=
Subject key identifier: 73:75:4E:C0:3E:93:0D:B6:A3:E7:BE:2C:9D:3C:01:1F:DE:05:2C:28
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC80125E5FB2D65E880202A141F3E2F8C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/c3VOwD6TDbaj574snTwBH94FLCg.roa
Signing time: Tue 02 Jan 2024 02:29:27 +0000
ROA not before: Tue 02 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28699
IP address blocks: 185.27.92.0/22 maxlen: 22
109.205.120.0/21 maxlen: 21
109.205.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:25:e5:fb:2d:65:e8:80:20:2a:14:1f:3e:2f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73754ec03e930db6a3e7be2c9d3c011fde052c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ea:cb:0d:b6:2b:4f:35:75:0d:44:24:e3:a0:
a3:60:cc:04:9b:09:df:60:79:0c:4c:ba:d8:11:66:
06:80:98:5b:d8:fb:12:8a:4c:70:95:96:ab:3f:d9:
75:a3:2a:73:c0:0d:20:6c:46:a8:fc:94:a3:b5:cb:
02:de:d3:f3:3d:9d:19:4b:70:7f:58:7f:fb:3e:03:
30:a0:8c:56:35:e0:5e:3f:3a:5e:b3:30:34:b5:8b:
03:37:0f:c2:09:26:2b:cb:f1:f2:08:0d:e8:94:a2:
4b:ce:ed:45:4d:bf:e8:89:53:5d:37:49:5d:fe:d3:
e5:d7:69:06:1a:52:20:26:e9:99:aa:2c:d9:7d:48:
ac:b1:dd:b5:a7:54:f1:9f:50:a8:bb:64:61:ea:68:
94:fe:38:0a:b9:d9:fc:05:92:c0:82:9d:d0:e2:c0:
2f:5d:7d:35:75:d1:41:7e:14:50:49:ca:a4:48:99:
94:64:0f:a2:48:dd:0c:ee:81:bd:3e:6e:a4:60:ff:
00:ae:5f:a4:64:9d:4d:04:94:a4:d7:04:95:37:11:
3d:c9:3b:fb:59:00:50:42:18:33:0f:96:3a:14:39:
bc:6d:ea:f7:ee:d3:9a:86:b4:7c:12:dd:03:8a:e8:
77:01:b8:93:35:2b:3e:7d:ad:fd:ef:c3:6d:9c:5e:
db:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:75:4E:C0:3E:93:0D:B6:A3:E7:BE:2C:9D:3C:01:1F:DE:05:2C:28
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/c3VOwD6TDbaj574snTwBH94FLCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.120.0/21
185.27.92.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:4c:37:47:a3:3c:59:81:05:c3:65:e4:ec:7d:d8:39:39:c8:
41:3f:03:d8:cd:bf:f6:f0:74:c1:77:47:5a:42:d8:e4:bb:f2:
a7:35:80:e7:d7:f6:d0:de:af:75:2d:36:ab:48:94:38:22:4f:
60:8d:d1:a3:a0:76:1c:92:47:b8:8c:08:f4:7a:74:64:8e:0e:
90:7e:92:6c:33:a2:32:ee:ee:40:98:f7:1f:2b:85:ad:f8:e5:
24:3e:39:9f:cc:01:58:be:e6:be:6d:68:07:10:dd:e6:32:24:
ee:72:e3:80:7f:69:47:b2:7e:41:6f:2d:e0:ab:ed:5e:af:5e:
f5:db:a0:a8:b3:af:7f:03:86:4b:c1:a4:40:69:b6:e0:a6:a5:
c7:14:55:9f:4f:33:41:17:14:55:bb:a3:24:0a:39:8d:49:6e:
26:46:f8:6e:32:e5:69:c5:96:f7:8c:e8:25:65:bc:45:e6:ac:
e7:42:4c:c7:bd:f1:e8:45:91:50:63:92:ef:bc:ad:9e:87:f1:
b4:42:fe:83:f1:51:81:cd:67:38:27:6d:da:ff:8a:0e:ac:37:
fc:8a:45:a1:32:94:4a:a8:64:82:b7:18:92:28:e6:0b:fd:b9:
ff:31:e1:97:12:bf:16:3e:a9:3c:49:88:f1:dd:7f:e6:5b:e3:
6b:bc:5a:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIASXl+y1l6IAgKhQfPi+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzc1NGVjMDNlOTMwZGI2YTNlN2JlMmM5ZDNjMDExZmRlMDUyYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsurLDbYrTzV1DUQk46CjYMwEmwnf
YHkMTLrYEWYGgJhb2PsSikxwlZarP9l1oypzwA0gbEao/JSjtcsC3tPzPZ0ZS3B/
WH/7PgMwoIxWNeBePzpeszA0tYsDNw/CCSYry/HyCA3olKJLzu1FTb/oiVNdN0ld
/tPl12kGGlIgJumZqizZfUissd21p1Txn1Cou2Rh6miU/jgKudn8BZLAgp3Q4sAv
XX01ddFBfhRQScqkSJmUZA+iSN0M7oG9Pm6kYP8Arl+kZJ1NBJSk1wSVNxE9yTv7
WQBQQhgzD5Y6FDm8ber37tOahrR8Et0Diuh3AbiTNSs+fa3978NtnF7bvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHN1TsA+kw22o+e+LJ08AR/eBSwoMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvYzNWT3dENlREYmFqNTc0c25Ud0JIOTRGTENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbc14AwQC
uRtcMA0GCSqGSIb3DQEBCwUAA4IBAQCeTDdHozxZgQXDZeTsfdg5OchBPwPYzb/2
8HTBd0daQtjku/KnNYDn1/bQ3q91LTarSJQ4Ik9gjdGjoHYckke4jAj0enRkjg6Q
fpJsM6Iy7u5AmPcfK4Wt+OUkPjmfzAFYvua+bWgHEN3mMiTucuOAf2lHsn5Bby3g
q+1er17126Cos69/A4ZLwaRAabbgpqXHFFWfTzNBFxRVu6MkCjmNSW4mRvhuMuVp
xZb3jOglZbxF5qznQkzHvfHoRZFQY5LvvK2eh/G0Qv6D8VGBzWc4J23a/4oOrDf8
ikWhMpRKqGSCtxiSKOYL/bn/MeGXEr8WPqk8SYjx3X/mW+NrvFqt
-----END CERTIFICATE-----
Generated at Wed May 1 20:55:51 2024 by rpki-client on console-ams.rpki-client.org