Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/a3PTZWyIzj420SIuJB-d_9jjGVE.roa
File: a3PTZWyIzj420SIuJB-d_9jjGVE.roa (raw, json)
Hash identifier: jU7GrJDIhtLXQ/fdF1KS3E8Bfc6iZQ1eFlZm18KUS3w=
Subject key identifier: 6B:73:D3:65:6C:88:CE:3E:36:D1:22:2E:24:1F:9D:FF:D8:E3:19:51
Certificate issuer: /CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Certificate serial: 0191D81D0F202ED171E3DC9F4BE15BF774C0
Authority key identifier: D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/a3PTZWyIzj420SIuJB-d_9jjGVE.roa
Signing time: Mon 09 Sep 2024 18:47:48 +0000
ROA not before: Mon 09 Sep 2024 18:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62020
IP address blocks: 185.9.0.0/24 maxlen: 24
185.9.2.0/24 maxlen: 24
2a03:4440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:1d:0f:20:2e:d1:71:e3:dc:9f:4b:e1:5b:f7:74:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Validity
Not Before: Sep 9 18:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b73d3656c88ce3e36d1222e241f9dffd8e31951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:84:2d:ce:3e:5e:21:a9:8d:0a:c1:b8:8b:51:
93:ba:8a:1a:c2:b8:c6:24:43:5e:47:21:db:bf:fc:
d6:a0:3f:41:cc:7e:a8:4e:ea:dd:39:64:1a:e2:47:
a4:66:df:de:d5:5d:5d:ce:de:16:bc:98:b5:6b:5f:
fd:bf:b4:90:20:1c:44:72:0a:e1:9b:16:e2:3d:34:
0c:40:bc:19:1d:1c:cf:d8:29:64:eb:d6:ce:e2:07:
6c:e2:fd:41:76:25:eb:e9:00:ac:f6:6d:a5:82:88:
dc:35:76:16:7a:59:57:25:47:82:b4:ee:bc:f3:c9:
04:2b:00:8d:93:fb:f8:ef:4f:32:2f:da:5e:8d:f2:
56:94:67:64:21:61:18:46:d0:c2:ad:63:82:3d:fc:
ed:72:c2:27:a7:0c:11:4f:f2:e9:a8:99:84:51:e5:
ce:1d:08:4a:4c:db:aa:22:48:e2:70:c5:6b:95:12:
6d:19:96:5b:37:83:c6:bd:a5:8a:e5:d8:bd:a6:44:
3b:df:9c:91:67:10:0e:82:7b:76:b9:9b:bc:fe:7c:
55:b3:c8:77:f5:3d:82:39:e6:b4:f6:50:41:ab:00:
35:b6:b1:b8:3c:83:37:81:52:f4:77:0d:13:d0:b0:
5e:7f:f6:a5:a9:02:06:31:ef:a4:ae:04:92:cb:7a:
81:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:73:D3:65:6C:88:CE:3E:36:D1:22:2E:24:1F:9D:FF:D8:E3:19:51
X509v3 Authority Key Identifier:
keyid:D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/a3PTZWyIzj420SIuJB-d_9jjGVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.0.0/24
185.9.2.0/24
IPv6:
2a03:4440::/32
Signature Algorithm: sha256WithRSAEncryption
a1:0e:a8:30:6a:a6:95:f3:0f:9f:b7:e8:aa:09:f2:a7:73:0b:
df:e5:7f:bb:63:76:96:66:0d:16:cd:18:c6:69:3a:e1:04:61:
eb:d7:06:aa:ba:1d:b9:be:12:8c:43:03:7c:7b:cc:6b:88:6f:
3d:ce:6b:c6:bc:ea:c3:33:0b:3e:87:da:3e:a1:b2:0b:e8:fc:
47:19:e8:28:ec:2e:a0:c2:a0:d7:b4:dd:c2:19:56:dd:76:26:
b4:f7:98:b4:fe:5c:29:fc:bc:7a:55:e5:3a:e3:0e:e5:3f:91:
7f:a2:80:90:b4:1b:80:07:31:56:14:e2:44:fe:44:00:63:d8:
aa:b5:df:cc:9f:9b:71:a9:bf:47:ab:44:0f:d7:a0:aa:18:b7:
7d:ae:7a:fe:8d:23:10:d9:19:9d:22:35:56:41:c7:98:1a:46:
80:90:2c:82:06:6e:e6:77:54:a3:2f:cf:c5:f6:e1:8d:50:8b:
b2:a8:be:de:3e:15:1b:a4:f4:2b:5d:14:30:f1:9c:8f:29:03:
32:cc:8e:97:0c:49:7a:5f:d8:57:7b:15:d9:0c:c6:02:b0:33:
96:73:e6:31:b2:cc:2e:7c:76:e2:08:f5:86:ff:0c:ec:66:00:
d1:bb:dd:66:26:ba:f6:6f:50:f9:3d:f1:96:94:a2:e0:69:0f:
63:05:d3:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZHYHQ8gLtFx49yfS+Fb93TAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzM1YmM5YjdmODU1MGJlM2U0NjdjNTRhOWQzYTY2ZTI0
NDNiZDQwHhcNMjQwOTA5MTg0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjczZDM2NTZjODhjZTNlMzZkMTIyMmUyNDFmOWRmZmQ4ZTMxOTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4Qtzj5eIamNCsG4i1GTuooawrjG
JENeRyHbv/zWoD9BzH6oTurdOWQa4kekZt/e1V1dzt4WvJi1a1/9v7SQIBxEcgrh
mxbiPTQMQLwZHRzP2Clk69bO4gds4v1BdiXr6QCs9m2lgojcNXYWellXJUeCtO68
88kEKwCNk/v4708yL9pejfJWlGdkIWEYRtDCrWOCPfztcsInpwwRT/LpqJmEUeXO
HQhKTNuqIkjicMVrlRJtGZZbN4PGvaWK5di9pkQ735yRZxAOgnt2uZu8/nxVs8h3
9T2COea09lBBqwA1trG4PIM3gVL0dw0T0LBef/alqQIGMe+krgSSy3qBPwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGtz02VsiM4+NtEiLiQfnf/Y4xlRMB8GA1UdIwQY
MBaAFNPDW8m3+FUL4+RnxUqdOmbiRDvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTct
Y2RhNWMzNzY2ZjAzLzEvYTNQVFpXeUl6ajQyMFNJdUpCLWRfOWpqR1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTctY2RhNWMzNzY2ZjAz
LzEvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQkAAwQA
uQkCMA0EAgACMAcDBQAqA0RAMA0GCSqGSIb3DQEBCwUAA4IBAQChDqgwaqaV8w+f
t+iqCfKncwvf5X+7Y3aWZg0WzRjGaTrhBGHr1waquh25vhKMQwN8e8xriG89zmvG
vOrDMws+h9o+obIL6PxHGego7C6gwqDXtN3CGVbddia095i0/lwp/Lx6VeU64w7l
P5F/ooCQtBuABzFWFOJE/kQAY9iqtd/Mn5txqb9Hq0QP16CqGLd9rnr+jSMQ2Rmd
IjVWQceYGkaAkCyCBm7md1SjL8/F9uGNUIuyqL7ePhUbpPQrXRQw8ZyPKQMyzI6X
DEl6X9hXexXZDMYCsDOWc+YxsswufHbiCPWG/wzsZgDRu91mJrr2b1D5PfGWlKLg
aQ9jBdN1
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:52:02 2024 by rpki-client on console-ams.rpki-client.org