Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/3-gUUhs043PndYYhjrlEp2Ow18c.roa
File: 3-gUUhs043PndYYhjrlEp2Ow18c.roa (raw, json)
Hash identifier: a0SBAr/YmywFQRVwimVni4Qs3Y9UXXQE7R16hJqWN6k=
Subject key identifier: DF:E8:14:52:1B:34:E3:73:E7:75:86:21:8E:B9:44:A7:63:B0:D7:C7
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 018CC79550CDB10249362E1EDF09393F73A7
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/3-gUUhs043PndYYhjrlEp2Ow18c.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 80.238.32.0/19 maxlen: 19
84.38.32.0/20 maxlen: 20
89.200.128.0/21 maxlen: 21
194.50.165.0/24 maxlen: 24
85.188.192.0/18 maxlen: 18
195.189.158.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.mft
rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:50:cd:b1:02:49:36:2e:1e:df:09:39:3f:73:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfe814521b34e373e77586218eb944a763b0d7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f9:af:90:eb:17:7d:e8:94:b2:30:4c:cf:4b:
0e:de:19:54:aa:ba:64:96:8a:b2:07:12:3b:24:5b:
af:f4:2b:6c:38:1d:19:53:47:73:30:a4:53:cb:a6:
70:04:68:af:34:19:f0:62:29:6c:fa:24:46:61:bf:
c1:b9:92:d8:f2:24:03:20:c6:d9:d5:37:a0:2c:ac:
42:ed:0b:4c:76:4d:6e:34:c6:e9:ea:43:d4:d1:06:
5a:61:af:d6:83:89:a9:f0:d5:da:e2:68:85:fe:61:
38:e1:de:d7:81:a8:50:2a:d9:48:fb:80:b8:84:d4:
66:43:44:45:d5:3d:33:f3:14:a4:77:17:2d:cd:37:
86:01:b5:79:79:9d:66:5f:21:10:73:09:8e:8e:c0:
de:ee:18:f7:5a:38:55:82:5c:ca:4e:ea:02:58:5e:
d6:10:eb:e7:64:17:92:67:1a:68:8b:40:b3:7d:31:
e9:3f:13:d1:be:9c:fa:f4:b7:64:ad:fb:b3:19:0a:
6f:2c:af:98:9d:c7:84:ea:53:41:fd:89:99:e6:ed:
6c:c6:25:4e:3d:36:59:95:96:dc:82:9e:6d:fe:b6:
2f:10:2a:78:4c:2f:6d:3f:63:58:16:c4:52:8a:d0:
81:fc:b7:ab:40:39:de:01:90:84:56:38:b7:d2:70:
82:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E8:14:52:1B:34:E3:73:E7:75:86:21:8E:B9:44:A7:63:B0:D7:C7
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/3-gUUhs043PndYYhjrlEp2Ow18c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.238.32.0/19
84.38.32.0/20
85.188.192.0/18
89.200.128.0/21
194.50.165.0/24
195.189.158.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:be:d7:ca:ec:90:8d:59:f0:19:05:9a:1c:44:37:ec:55:ab:
93:6c:2a:a4:c6:99:48:1c:ff:3c:e7:ff:89:59:ea:68:4f:3a:
e6:9e:e5:15:5d:82:3c:0d:9b:29:34:6e:16:33:05:dd:07:b9:
a3:d9:e2:94:ec:18:c4:26:f8:1e:f0:b1:ee:53:63:4d:e5:02:
10:ca:e2:99:a0:53:56:b3:ae:0d:7d:81:bc:0c:66:5e:d6:2f:
eb:6e:b2:02:f1:ed:82:ca:17:e7:b5:44:fe:75:2b:82:ab:24:
95:83:1c:e1:60:85:24:03:40:ef:1e:84:ff:42:cc:a1:c1:c2:
48:c9:ed:dc:7e:a3:12:22:bd:76:24:9a:bc:71:95:50:87:7e:
90:66:de:e5:e2:f9:57:4a:de:cc:dd:f7:c2:4c:a1:58:a0:1c:
32:ce:cc:b2:b6:46:e1:4e:58:8f:42:5c:ce:c8:f1:52:64:fe:
42:67:a2:97:e8:b6:d0:92:00:59:4b:b6:aa:3d:23:b7:fb:86:
68:6b:db:e9:5f:ee:ca:77:ec:c4:62:40:af:30:7f:4f:19:03:
61:6d:9e:75:87:40:c3:63:92:61:2e:35:72:d6:3c:94:26:cd:
7f:4a:46:8c:65:56:7c:c9:08:b8:45:d9:da:08:aa:7f:bf:71:
6b:b3:1c:b1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHlVDNsQJJNi4e3wk5P3OnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmU4MTQ1MjFiMzRlMzczZTc3NTg2MjE4ZWI5NDRhNzYzYjBkN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvmvkOsXfeiUsjBMz0sO3hlUqrpk
loqyBxI7JFuv9CtsOB0ZU0dzMKRTy6ZwBGivNBnwYils+iRGYb/BuZLY8iQDIMbZ
1TegLKxC7QtMdk1uNMbp6kPU0QZaYa/Wg4mp8NXa4miF/mE44d7XgahQKtlI+4C4
hNRmQ0RF1T0z8xSkdxctzTeGAbV5eZ1mXyEQcwmOjsDe7hj3WjhVglzKTuoCWF7W
EOvnZBeSZxpoi0CzfTHpPxPRvpz69LdkrfuzGQpvLK+YnceE6lNB/YmZ5u1sxiVO
PTZZlZbcgp5t/rYvECp4TC9tP2NYFsRSitCB/LerQDneAZCEVji30nCCMQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN/oFFIbNONz53WGIY65RKdjsNfHMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvMy1nVVVoczA0M1BuZFlZaGpybEVwMk93MThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFUO4gAwQE
VCYgAwQGVbzAAwQDWciAAwQAwjKlAwQBw72eMA0GCSqGSIb3DQEBCwUAA4IBAQCu
vtfK7JCNWfAZBZocRDfsVauTbCqkxplIHP885/+JWepoTzrmnuUVXYI8DZspNG4W
MwXdB7mj2eKU7BjEJvge8LHuU2NN5QIQyuKZoFNWs64NfYG8DGZe1i/rbrIC8e2C
yhfntUT+dSuCqySVgxzhYIUkA0DvHoT/QsyhwcJIye3cfqMSIr12JJq8cZVQh36Q
Zt7l4vlXSt7M3ffCTKFYoBwyzsyytkbhTliPQlzOyPFSZP5CZ6KX6LbQkgBZS7aq
PSO3+4Zoa9vpX+7Kd+zEYkCvMH9PGQNhbZ51h0DDY5JhLjVy1jyUJs1/SkaMZVZ8
yQi4RdnaCKp/v3Frsxyx
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:45:04 2024 by rpki-client on console-ams.rpki-client.org