Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/3TJqI4oDyJHNMiCuW6J1wjUsQ4o.roa
File: 3TJqI4oDyJHNMiCuW6J1wjUsQ4o.roa (raw, json)
Hash identifier: rq4la79IT12Xu2XmaqvYbl9UH4wem1ByWBvHSNF5ZlE=
Subject key identifier: DD:32:6A:23:8A:03:C8:91:CD:32:20:AE:5B:A2:75:C2:35:2C:43:8A
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56E0AB7B73C897D53EB6299661A985F
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/3TJqI4oDyJHNMiCuW6J1wjUsQ4o.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56534
IP address blocks: 37.139.44.0/22 maxlen: 22
37.139.44.0/24 maxlen: 24
37.139.39.0/24 maxlen: 24
37.139.45.0/24 maxlen: 24
37.139.46.0/24 maxlen: 24
37.139.36.0/22 maxlen: 22
37.139.36.0/24 maxlen: 24
37.139.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0a:b7:b7:3c:89:7d:53:eb:62:99:66:1a:98:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd326a238a03c891cd3220ae5ba275c2352c438a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:89:7f:1b:12:89:35:8f:94:73:4a:00:3a:2c:
92:b8:6e:4d:14:6b:2c:db:7e:f2:e7:1a:2e:bc:0e:
e0:b6:53:b0:ab:ab:5b:8e:73:31:23:24:8d:9a:23:
08:39:c1:16:e2:55:7b:27:ff:f2:38:e8:50:31:f2:
4f:03:bf:fe:08:47:7a:d6:37:3f:7d:2c:43:04:79:
61:cb:e8:05:f1:b1:51:5d:bb:0c:f4:ed:74:c7:fb:
f8:ea:d4:3d:db:c5:bb:a2:e1:91:c7:2d:39:e8:70:
6b:3b:01:a8:bb:62:b7:66:c5:68:38:33:63:af:03:
d7:e2:f0:3a:04:4f:ea:77:23:1a:25:82:0f:bb:5c:
45:c3:d1:b1:a2:5b:1f:4c:db:a7:d9:20:98:34:e2:
e7:b4:78:f0:46:96:29:4b:26:2c:27:4c:1b:bd:ef:
85:fb:bf:e8:32:07:fd:c9:53:18:57:7a:d1:88:df:
64:48:b5:a0:30:13:ae:e1:58:b6:65:45:5a:4e:22:
e9:1c:85:72:03:f7:9e:f1:29:03:9a:42:bf:fd:03:
41:e9:7e:d5:0b:16:e4:0f:8a:92:22:ee:54:45:2d:
a1:7d:07:de:dd:5c:94:f6:d6:cd:59:4c:f0:11:02:
0e:10:11:6f:a3:13:2b:ad:b9:03:85:1d:bf:a9:6d:
10:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:32:6A:23:8A:03:C8:91:CD:32:20:AE:5B:A2:75:C2:35:2C:43:8A
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/3TJqI4oDyJHNMiCuW6J1wjUsQ4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.36.0/22
37.139.44.0/22
Signature Algorithm: sha256WithRSAEncryption
79:be:31:57:42:ce:b7:59:fb:f3:ef:c1:ac:0c:be:d2:d0:33:
cd:c6:16:24:10:cf:30:2d:78:8e:2a:b1:b9:83:dd:ac:38:6b:
57:8c:fc:20:4a:b6:16:d3:93:14:ec:86:7f:9d:c5:ce:11:40:
87:d3:a3:ee:83:8c:6e:dd:9d:f0:95:ec:f8:a7:99:40:a2:69:
2e:1f:ed:65:ba:29:ba:c3:a9:a2:d6:81:7b:2c:6e:9d:8e:97:
5e:fa:14:2a:89:28:8c:59:d9:c0:a0:43:9b:9d:81:0f:ec:d8:
90:80:2d:5d:40:74:04:ac:71:6c:16:1d:73:6a:1e:ef:20:5c:
a4:01:9f:53:ba:18:f7:7d:63:d5:5f:64:55:d4:22:ba:b8:29:
1a:e4:ce:36:21:2e:df:70:04:f2:4d:b7:b7:dd:d1:0d:ff:ad:
7b:2f:0f:1c:fa:3f:71:56:17:0b:1c:ad:4c:ae:b1:cd:f7:34:
0c:33:45:61:44:2b:28:bf:a2:7e:ef:c0:c1:8f:bd:40:c7:7d:
25:42:97:43:dd:be:df:a1:96:23:3b:09:0f:d0:3b:78:89:40:
31:82:92:91:77:aa:59:c2:13:86:35:7a:24:a0:5b:68:d0:83:
93:c5:48:e4:a5:85:ec:4c:ec:d8:2d:4d:ef:70:79:ce:2a:43:
8d:9f:3d:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbgq3tzyJfVPrYplmGphfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDMyNmEyMzhhMDNjODkxY2QzMjIwYWU1YmEyNzVjMjM1MmM0MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYl/GxKJNY+Uc0oAOiySuG5NFGss
237y5xouvA7gtlOwq6tbjnMxIySNmiMIOcEW4lV7J//yOOhQMfJPA7/+CEd61jc/
fSxDBHlhy+gF8bFRXbsM9O10x/v46tQ928W7ouGRxy056HBrOwGou2K3ZsVoODNj
rwPX4vA6BE/qdyMaJYIPu1xFw9GxolsfTNun2SCYNOLntHjwRpYpSyYsJ0wbve+F
+7/oMgf9yVMYV3rRiN9kSLWgMBOu4Vi2ZUVaTiLpHIVyA/ee8SkDmkK//QNB6X7V
CxbkD4qSIu5URS2hfQfe3VyU9tbNWUzwEQIOEBFvoxMrrbkDhR2/qW0QLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN0yaiOKA8iRzTIgrluidcI1LEOKMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvM1RKcUk0b0R5SkhOTWlDdVc2SjF3alVzUTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJYskAwQC
JYssMA0GCSqGSIb3DQEBCwUAA4IBAQB5vjFXQs63Wfvz78GsDL7S0DPNxhYkEM8w
LXiOKrG5g92sOGtXjPwgSrYW05MU7IZ/ncXOEUCH06Pug4xu3Z3wlez4p5lAomku
H+1luim6w6mi1oF7LG6djpde+hQqiSiMWdnAoEObnYEP7NiQgC1dQHQErHFsFh1z
ah7vIFykAZ9Tuhj3fWPVX2RV1CK6uCka5M42IS7fcATyTbe33dEN/617Lw8c+j9x
VhcLHK1MrrHN9zQMM0VhRCsov6J+78DBj71Ax30lQpdD3b7foZYjOwkP0Dt4iUAx
gpKRd6pZwhOGNXokoFto0IOTxUjkpYXsTOzYLU3vcHnOKkONnz1D
-----END CERTIFICATE-----
Generated at Sun May 12 20:13:25 2024 by rpki-client on console-fra.rpki-client.org