Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/c50251-a4e1-424d-9e92-ac6781e23e87/1/3uN5k20XTx7LUb1AuH16KbJ-4u0.roa
File: 3uN5k20XTx7LUb1AuH16KbJ-4u0.roa (raw, json)
Hash identifier: 6KUWgldQF01kEvi260TVOF+9T+I0yU3wccRc08Iqs5Q=
Subject key identifier: DE:E3:79:93:6D:17:4F:1E:CB:51:BD:40:B8:7D:7A:29:B2:7E:E2:ED
Certificate issuer: /CN=7703fd03a5f34d8d56e994c2b7f10ca49a0e0154
Certificate serial: 018CCA2BD581DAEE22DB6A6368A786720985
Authority key identifier: 77:03:FD:03:A5:F3:4D:8D:56:E9:94:C2:B7:F1:0C:A4:9A:0E:01:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dwP9A6XzTY1W6ZTCt_EMpJoOAVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/c50251-a4e1-424d-9e92-ac6781e23e87/1/3uN5k20XTx7LUb1AuH16KbJ-4u0.roa
Signing time: Tue 02 Jan 2024 12:35:19 +0000
ROA not before: Tue 02 Jan 2024 12:35:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210080
IP address blocks: 185.221.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/c50251-a4e1-424d-9e92-ac6781e23e87/1/dwP9A6XzTY1W6ZTCt_EMpJoOAVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/c50251-a4e1-424d-9e92-ac6781e23e87/1/dwP9A6XzTY1W6ZTCt_EMpJoOAVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/dwP9A6XzTY1W6ZTCt_EMpJoOAVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:d5:81:da:ee:22:db:6a:63:68:a7:86:72:09:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7703fd03a5f34d8d56e994c2b7f10ca49a0e0154
Validity
Not Before: Jan 2 12:35:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dee379936d174f1ecb51bd40b87d7a29b27ee2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d8:8f:e7:a2:2e:52:88:69:b5:01:84:11:20:
7d:c5:ed:d2:7e:20:d9:d8:89:a2:ad:85:de:68:80:
cf:2e:d9:33:08:da:79:68:bf:97:62:6e:67:c7:c4:
51:9b:f9:71:e1:70:6f:05:dd:ef:c3:ca:de:8f:d6:
33:2c:ec:55:d7:8d:85:d4:4a:98:d2:5d:71:6c:aa:
fd:77:08:85:42:d6:fd:5f:0c:32:c2:76:23:d2:ff:
cf:ed:fd:f2:1d:76:aa:41:35:0b:22:f6:3c:0b:61:
15:f7:cf:60:35:16:8a:c6:d0:3d:5e:f4:71:21:11:
01:79:31:35:46:ae:96:28:92:fd:b7:22:c3:a4:30:
ac:53:7d:bb:1a:62:0e:50:1e:56:7c:de:e1:40:ef:
01:c0:80:2d:56:3f:49:89:ce:5b:4d:c5:cb:e0:f3:
c5:70:9f:cc:06:aa:ce:f3:98:0e:6e:66:98:ce:16:
8a:c5:a3:46:fd:a5:71:36:93:16:24:e2:e9:09:22:
2e:7c:9b:06:87:1e:ab:4b:03:0c:d5:56:25:7a:63:
d7:14:5a:f9:7b:78:87:ef:43:a8:33:ab:3b:b9:c7:
e4:55:86:e1:21:6a:92:c6:14:7d:87:7d:b6:42:9a:
61:be:bc:fb:79:89:74:d1:9e:b6:8d:85:76:40:f2:
55:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E3:79:93:6D:17:4F:1E:CB:51:BD:40:B8:7D:7A:29:B2:7E:E2:ED
X509v3 Authority Key Identifier:
keyid:77:03:FD:03:A5:F3:4D:8D:56:E9:94:C2:B7:F1:0C:A4:9A:0E:01:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dwP9A6XzTY1W6ZTCt_EMpJoOAVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c50251-a4e1-424d-9e92-ac6781e23e87/1/3uN5k20XTx7LUb1AuH16KbJ-4u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c50251-a4e1-424d-9e92-ac6781e23e87/1/dwP9A6XzTY1W6ZTCt_EMpJoOAVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.176.0/22
Signature Algorithm: sha256WithRSAEncryption
34:74:4e:5d:57:46:36:91:f0:10:f6:fd:7f:c1:3e:6d:ab:5d:
86:77:4c:8d:64:97:51:40:75:25:ac:97:71:e6:a2:1b:c4:e5:
c1:39:2a:47:03:fb:e0:b0:a8:58:c8:62:e7:4c:de:24:4f:95:
c2:6c:9f:81:0f:d2:88:6c:5e:9e:5b:b8:c0:a9:79:ae:1b:be:
eb:c0:51:0b:55:ce:04:e0:de:a6:af:02:46:1a:12:cf:ec:ea:
0a:1b:f9:09:d1:10:c3:6e:33:24:db:2f:85:ba:e6:b0:83:34:
6c:e5:3d:c9:63:46:40:2d:73:88:46:19:51:8b:ee:4c:9a:9f:
d8:6a:fe:5f:55:e7:a1:d7:a2:29:f8:1a:42:7f:59:85:4b:bc:
cd:30:4b:01:f9:e2:49:c8:21:c7:06:37:40:75:d5:fb:bb:b4:
63:29:4b:f7:be:89:bb:c2:2f:e0:35:dd:54:8b:8e:ca:16:5c:
39:fe:df:0c:19:66:7b:9f:d0:82:c1:f1:47:de:75:c9:d4:2f:
d3:4d:8b:2d:c1:47:16:34:6a:32:ee:e2:2a:f6:ec:4c:78:60:
bf:63:b4:2b:0d:6f:d0:e1:33:1a:c2:b4:51:fe:c0:aa:6c:f7:
20:5f:a0:ab:c4:63:ab:95:6d:8e:f2:f1:de:8e:c5:06:93:7f:
b6:12:aa:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK9WB2u4i22pjaKeGcgmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MDNmZDAzYTVmMzRkOGQ1NmU5OTRjMmI3ZjEwY2E0OWEw
ZTAxNTQwHhcNMjQwMTAyMTIzNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWUzNzk5MzZkMTc0ZjFlY2I1MWJkNDBiODdkN2EyOWIyN2VlMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NiP56IuUohptQGEESB9xe3SfiDZ
2ImirYXeaIDPLtkzCNp5aL+XYm5nx8RRm/lx4XBvBd3vw8rej9YzLOxV142F1EqY
0l1xbKr9dwiFQtb9XwwywnYj0v/P7f3yHXaqQTULIvY8C2EV989gNRaKxtA9XvRx
IREBeTE1Rq6WKJL9tyLDpDCsU327GmIOUB5WfN7hQO8BwIAtVj9Jic5bTcXL4PPF
cJ/MBqrO85gObmaYzhaKxaNG/aVxNpMWJOLpCSIufJsGhx6rSwMM1VYlemPXFFr5
e3iH70OoM6s7ucfkVYbhIWqSxhR9h322Qpphvrz7eYl00Z62jYV2QPJVJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7jeZNtF08ey1G9QLh9eimyfuLtMB8GA1UdIwQY
MBaAFHcD/QOl802NVumUwrfxDKSaDgFUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHdQOUE2WHpUWTFXNlpUQ3RfRU1wSm9PQVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jNTAyNTEtYTRlMS00MjRkLTllOTIt
YWM2NzgxZTIzZTg3LzEvM3VONWsyMFhUeDdMVWIxQXVIMTZLYkotNHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jNTAyNTEtYTRlMS00MjRkLTllOTItYWM2NzgxZTIzZTg3
LzEvZHdQOUE2WHpUWTFXNlpUQ3RfRU1wSm9PQVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud2wMA0G
CSqGSIb3DQEBCwUAA4IBAQA0dE5dV0Y2kfAQ9v1/wT5tq12Gd0yNZJdRQHUlrJdx
5qIbxOXBOSpHA/vgsKhYyGLnTN4kT5XCbJ+BD9KIbF6eW7jAqXmuG77rwFELVc4E
4N6mrwJGGhLP7OoKG/kJ0RDDbjMk2y+FuuawgzRs5T3JY0ZALXOIRhlRi+5Mmp/Y
av5fVeeh16Ip+BpCf1mFS7zNMEsB+eJJyCHHBjdAddX7u7RjKUv3vom7wi/gNd1U
i47KFlw5/t8MGWZ7n9CCwfFH3nXJ1C/TTYstwUcWNGoy7uIq9uxMeGC/Y7QrDW/Q
4TMawrRR/sCqbPcgX6CrxGOrlW2O8vHejsUGk3+2Eqoz
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:23 2024 by rpki-client on console-fra.rpki-client.org