Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/48898b-f9b4-45b4-993f-e8a1dc8e3ffc/1/PM3kCLD-I1cgObmr7LfZjxo0Yr0.roa
File: PM3kCLD-I1cgObmr7LfZjxo0Yr0.roa (raw, json)
Hash identifier: YmaiiOZvPTihMjGCi2y1UvALmNJa0g07UuPvSjAOwIA=
Subject key identifier: 3C:CD:E4:08:B0:FE:23:57:20:39:B9:AB:EC:B7:D9:8F:1A:34:62:BD
Certificate issuer: /CN=597582bc3f0badb661a69fb9a483b37ec905827e
Certificate serial: 018CC5009BC21C357F16BF7D4007ADCDE1B2
Authority key identifier: 59:75:82:BC:3F:0B:AD:B6:61:A6:9F:B9:A4:83:B3:7E:C9:05:82:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXWCvD8LrbZhpp-5pIOzfskFgn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/48898b-f9b4-45b4-993f-e8a1dc8e3ffc/1/PM3kCLD-I1cgObmr7LfZjxo0Yr0.roa
Signing time: Mon 01 Jan 2024 12:30:00 +0000
ROA not before: Mon 01 Jan 2024 12:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62244
IP address blocks: 185.43.96.0/22 maxlen: 22
2a01:65e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/48898b-f9b4-45b4-993f-e8a1dc8e3ffc/1/WXWCvD8LrbZhpp-5pIOzfskFgn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/48898b-f9b4-45b4-993f-e8a1dc8e3ffc/1/WXWCvD8LrbZhpp-5pIOzfskFgn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXWCvD8LrbZhpp-5pIOzfskFgn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:9b:c2:1c:35:7f:16:bf:7d:40:07:ad:cd:e1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597582bc3f0badb661a69fb9a483b37ec905827e
Validity
Not Before: Jan 1 12:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ccde408b0fe23572039b9abecb7d98f1a3462bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:97:fe:e7:50:74:0a:89:d4:01:99:8f:8c:8a:
cd:4b:a6:6c:93:d7:39:52:01:af:43:ab:b1:a4:3c:
e6:a3:15:15:37:91:ef:6d:90:ee:58:b3:4b:dd:f7:
52:7f:ae:49:a8:a2:af:d0:44:58:6c:6d:a2:be:b4:
58:b5:f7:50:18:08:6f:31:e1:50:89:93:39:3d:30:
a8:da:17:06:b8:e6:20:83:b4:87:a0:78:7c:3e:b1:
4b:eb:18:cc:77:63:06:39:20:f2:b0:f8:a3:02:db:
aa:39:b1:a8:a6:0c:aa:f1:3b:21:97:7b:81:69:4f:
63:14:c3:fe:c8:31:f8:94:72:b6:76:10:3a:5d:0b:
98:51:fc:bc:88:78:6f:f0:59:2b:67:27:61:03:a8:
82:08:ec:78:a4:39:61:48:3e:7d:ba:a7:4a:8b:21:
c8:b7:29:12:96:21:b0:96:72:cc:f4:b1:bf:6e:f2:
eb:b3:19:9e:cd:d1:67:9c:57:84:cf:15:96:5a:72:
38:6d:d7:81:01:c4:fc:54:30:77:f8:9f:f9:9f:1e:
df:20:fa:54:0b:57:2b:c7:51:81:75:20:fe:1d:cb:
15:2c:31:5c:75:c6:f7:2b:36:75:6a:3b:4b:32:83:
a5:55:ed:22:4e:02:51:1d:e0:5e:a6:1e:e5:1c:bb:
cb:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CD:E4:08:B0:FE:23:57:20:39:B9:AB:EC:B7:D9:8F:1A:34:62:BD
X509v3 Authority Key Identifier:
keyid:59:75:82:BC:3F:0B:AD:B6:61:A6:9F:B9:A4:83:B3:7E:C9:05:82:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXWCvD8LrbZhpp-5pIOzfskFgn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/48898b-f9b4-45b4-993f-e8a1dc8e3ffc/1/PM3kCLD-I1cgObmr7LfZjxo0Yr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/48898b-f9b4-45b4-993f-e8a1dc8e3ffc/1/WXWCvD8LrbZhpp-5pIOzfskFgn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.96.0/22
IPv6:
2a01:65e0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:43:bf:e7:d0:56:f2:c0:52:62:a4:0d:70:e9:59:b5:21:73:
c4:fe:24:fe:c6:5e:fc:dd:b4:45:f4:df:16:a2:f2:34:7d:78:
42:11:ce:cf:ac:60:58:4a:de:a4:6e:bb:36:f9:6c:b5:55:da:
0c:c4:89:10:a0:b4:f1:2e:e5:b2:4d:95:44:9a:cf:e2:cc:38:
5f:bd:b4:6a:fa:09:56:0b:56:12:dd:f2:0e:cd:10:c5:6e:00:
da:22:85:38:6a:ce:f7:16:13:b9:6d:e0:d6:f5:66:4a:78:3c:
e1:0f:27:2c:07:59:47:93:76:0e:1b:30:68:58:30:97:b8:ec:
c2:53:64:66:ac:4f:b6:ca:e6:5a:16:a1:1f:68:29:19:04:eb:
3e:8d:26:b2:91:58:a4:21:aa:9e:e1:2f:12:d9:c1:ca:1c:1d:
cd:8b:96:10:c2:3f:ca:9c:56:6b:55:14:fc:3e:7e:29:15:8c:
ae:cf:f5:3c:20:8f:c4:fa:a9:5b:07:ce:13:63:4e:f9:59:26:
09:71:26:1e:06:04:ce:03:ab:3e:66:2b:ad:e1:d5:ff:99:76:
88:66:87:ef:1a:91:94:4a:4e:b7:2d:51:c3:27:32:09:51:1c:
e2:99:10:ad:b8:7e:37:54:a9:0b:85:d1:b4:d7:2f:58:7b:45:
23:d5:37:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAJvCHDV/Fr99QAetzeGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzU4MmJjM2YwYmFkYjY2MWE2OWZiOWE0ODNiMzdlYzkw
NTgyN2UwHhcNMjQwMTAxMTIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NkZTQwOGIwZmUyMzU3MjAzOWI5YWJlY2I3ZDk4ZjFhMzQ2MmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpf+51B0ConUAZmPjIrNS6Zsk9c5
UgGvQ6uxpDzmoxUVN5HvbZDuWLNL3fdSf65JqKKv0ERYbG2ivrRYtfdQGAhvMeFQ
iZM5PTCo2hcGuOYgg7SHoHh8PrFL6xjMd2MGOSDysPijAtuqObGopgyq8Tshl3uB
aU9jFMP+yDH4lHK2dhA6XQuYUfy8iHhv8FkrZydhA6iCCOx4pDlhSD59uqdKiyHI
tykSliGwlnLM9LG/bvLrsxmezdFnnFeEzxWWWnI4bdeBAcT8VDB3+J/5nx7fIPpU
C1crx1GBdSD+HcsVLDFcdcb3KzZ1ajtLMoOlVe0iTgJRHeBeph7lHLvLvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDzN5Aiw/iNXIDm5q+y32Y8aNGK9MB8GA1UdIwQY
MBaAFFl1grw/C622YaafuaSDs37JBYJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hXQ3ZEOExyYlpocHAtNXBJT3pmc2tGZ240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC80ODg5OGItZjliNC00NWI0LTk5M2Yt
ZThhMWRjOGUzZmZjLzEvUE0za0NMRC1JMWNnT2JtcjdMZlpqeG8wWXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC80ODg5OGItZjliNC00NWI0LTk5M2YtZThhMWRjOGUzZmZj
LzEvV1hXQ3ZEOExyYlpocHAtNXBJT3pmc2tGZ240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuStgMA0E
AgACMAcDBQAqAWXgMA0GCSqGSIb3DQEBCwUAA4IBAQCNQ7/n0FbywFJipA1w6Vm1
IXPE/iT+xl783bRF9N8WovI0fXhCEc7PrGBYSt6kbrs2+Wy1VdoMxIkQoLTxLuWy
TZVEms/izDhfvbRq+glWC1YS3fIOzRDFbgDaIoU4as73FhO5beDW9WZKeDzhDycs
B1lHk3YOGzBoWDCXuOzCU2RmrE+2yuZaFqEfaCkZBOs+jSaykVikIaqe4S8S2cHK
HB3Ni5YQwj/KnFZrVRT8Pn4pFYyuz/U8II/E+qlbB84TY075WSYJcSYeBgTOA6s+
Ziut4dX/mXaIZofvGpGUSk63LVHDJzIJURzimRCtuH43VKkLhdG01y9Ye0Uj1TdS
-----END CERTIFICATE-----
Generated at Tue Nov 26 05:15:46 2024 by rpki-client on console-fra.rpki-client.org