Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/3uMPw4QzcsJnWnl7S7T4FI18XI4.roa
File: 3uMPw4QzcsJnWnl7S7T4FI18XI4.roa (raw, json)
Hash identifier: jUPZTGddgxdT5pxuaWIzMy/7LuJSPXtRCgLrJxcYVuA=
Subject key identifier: DE:E3:0F:C3:84:33:72:C2:67:5A:79:7B:4B:B4:F8:14:8D:7C:5C:8E
Certificate issuer: /CN=fb02bac7b79a3109e9be3dfe4f06d585bb9f9051
Certificate serial: 018CC801649BBCC97C438F28228B9CDE82BA
Authority key identifier: FB:02:BA:C7:B7:9A:31:09:E9:BE:3D:FE:4F:06:D5:85:BB:9F:90:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wK6x7eaMQnpvj3-TwbVhbufkFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/3uMPw4QzcsJnWnl7S7T4FI18XI4.roa
Signing time: Tue 02 Jan 2024 02:29:43 +0000
ROA not before: Tue 02 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212321
IP address blocks: 185.217.142.0/24 maxlen: 24
2a10:cd01::/32 maxlen: 32
2a10:cd02::/32 maxlen: 32
2a10:cd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/1-wK6x7eaMQnpvj3-TwbVhbufkFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/1-wK6x7eaMQnpvj3-TwbVhbufkFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-wK6x7eaMQnpvj3-TwbVhbufkFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:64:9b:bc:c9:7c:43:8f:28:22:8b:9c:de:82:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb02bac7b79a3109e9be3dfe4f06d585bb9f9051
Validity
Not Before: Jan 2 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dee30fc3843372c2675a797b4bb4f8148d7c5c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e6:13:75:42:cf:2e:4a:b1:7c:3a:22:b3:5c:
da:4a:1c:db:30:87:66:46:ce:13:33:10:c2:82:a6:
5a:18:68:f9:3d:cb:f1:4c:7c:64:51:2e:22:fb:d1:
99:99:4c:6b:be:e4:83:74:9f:d3:f9:51:c3:8b:46:
62:16:5d:09:8f:39:b6:77:27:2b:83:54:52:a6:11:
fa:4c:00:e4:ad:66:4c:01:11:d5:a1:5b:31:b8:10:
ad:30:34:bb:c0:d5:cb:df:dc:7e:85:e9:50:b3:c0:
52:2d:9e:c5:73:47:6f:75:a8:8d:1a:b2:07:0a:b1:
22:f7:ea:f7:aa:20:cd:3c:d2:40:29:ba:21:bc:d6:
28:d4:14:53:73:28:1f:02:d6:8c:95:85:db:3b:87:
7b:25:58:51:45:31:31:59:52:49:23:1e:83:99:cc:
6a:45:a8:9e:05:e0:b1:b4:85:fc:50:d6:64:0f:44:
a9:1e:55:3f:4e:40:39:20:ff:0a:c6:30:ca:b1:83:
98:9d:1a:47:54:fd:7a:19:0e:1c:49:c2:65:18:6d:
a4:3d:19:da:06:37:52:d6:de:a1:ad:07:f5:98:19:
12:81:3d:08:b9:07:bc:96:cc:7a:98:c0:8d:16:f0:
72:fc:75:97:36:7f:00:ac:53:8a:56:36:9c:56:b7:
f9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E3:0F:C3:84:33:72:C2:67:5A:79:7B:4B:B4:F8:14:8D:7C:5C:8E
X509v3 Authority Key Identifier:
keyid:FB:02:BA:C7:B7:9A:31:09:E9:BE:3D:FE:4F:06:D5:85:BB:9F:90:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wK6x7eaMQnpvj3-TwbVhbufkFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/3uMPw4QzcsJnWnl7S7T4FI18XI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/200e2b-d3a4-4557-9735-4950f86cbb5b/1/1-wK6x7eaMQnpvj3-TwbVhbufkFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.142.0/24
IPv6:
2a10:cd00::-2a10:cd02:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
33:0b:8c:01:02:e3:20:ee:45:97:15:4a:b5:34:71:19:de:c1:
7d:9d:10:c7:ca:e0:d4:3d:d9:5c:98:ee:d0:8c:c5:5b:67:de:
62:83:24:66:12:35:75:00:9c:ae:62:49:9d:6c:1c:fb:f3:99:
18:7d:20:7c:53:d6:b8:73:4e:f4:69:6a:7e:34:5e:6c:f1:10:
ed:5d:37:75:88:6d:1a:85:ce:c4:ea:97:99:dc:e0:ee:87:e5:
a7:19:0e:a8:5c:97:42:ce:b4:28:70:f5:9d:fd:cf:3e:6f:aa:
27:10:20:42:72:04:5f:62:5b:5a:aa:37:bc:ae:a3:02:1b:64:
c8:6a:c8:0b:24:14:76:85:06:c7:ce:1c:ea:b9:be:78:a0:66:
61:b8:5c:5a:0f:9f:49:f3:e2:e5:71:a1:de:23:67:e9:ba:51:
14:aa:7c:0a:27:3f:93:0f:13:18:a5:b3:a6:41:cc:f2:6e:d0:
f9:54:1d:59:43:2b:c5:7a:78:07:aa:e8:65:a0:70:4b:64:db:
9a:30:95:b5:81:0f:34:10:a5:5e:19:15:ee:f0:1a:c8:46:2b:
46:da:ce:6f:4e:43:b9:e0:24:eb:e8:ee:4a:22:e7:42:0e:92:
6b:45:0f:36:08:92:11:43:d7:34:28:cd:b1:68:0b:d4:8e:63:
56:7e:f9:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzIAWSbvMl8Q48oIouc3oK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDJiYWM3Yjc5YTMxMDllOWJlM2RmZTRmMDZkNTg1YmI5
ZjkwNTEwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWUzMGZjMzg0MzM3MmMyNjc1YTc5N2I0YmI0ZjgxNDhkN2M1YzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+YTdULPLkqxfDois1zaShzbMIdm
Rs4TMxDCgqZaGGj5PcvxTHxkUS4i+9GZmUxrvuSDdJ/T+VHDi0ZiFl0Jjzm2dycr
g1RSphH6TADkrWZMARHVoVsxuBCtMDS7wNXL39x+helQs8BSLZ7Fc0dvdaiNGrIH
CrEi9+r3qiDNPNJAKbohvNYo1BRTcygfAtaMlYXbO4d7JVhRRTExWVJJIx6Dmcxq
RaieBeCxtIX8UNZkD0SpHlU/TkA5IP8KxjDKsYOYnRpHVP16GQ4cScJlGG2kPRna
BjdS1t6hrQf1mBkSgT0IuQe8lsx6mMCNFvBy/HWXNn8ArFOKVjacVrf5LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN7jD8OEM3LCZ1p5e0u0+BSNfFyOMB8GA1UdIwQY
MBaAFPsCuse3mjEJ6b49/k8G1YW7n5BRMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13SzZ4N2VhTVFucHZqMy1Ud2JWaGJ1ZmtGRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQvMjAwZTJiLWQzYTQtNDU1Ny05NzM1
LTQ5NTBmODZjYmI1Yi8xLzN1TVB3NFF6Y3NKbldubDdTN1Q0RkkxOFhJNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWQvMjAwZTJiLWQzYTQtNDU1Ny05NzM1LTQ5NTBmODZjYmI1
Yi8xLzEtd0s2eDdlYU1RbnB2ajMtVHdiVmhidWZrRkUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMAwEAgABMAYDBAC52Y4w
FQQCAAIwDzANAwQAKhDNAwUAKhDNAjANBgkqhkiG9w0BAQsFAAOCAQEAMwuMAQLj
IO5FlxVKtTRxGd7BfZ0Qx8rg1D3ZXJju0IzFW2feYoMkZhI1dQCcrmJJnWwc+/OZ
GH0gfFPWuHNO9GlqfjRebPEQ7V03dYhtGoXOxOqXmdzg7oflpxkOqFyXQs60KHD1
nf3PPm+qJxAgQnIEX2JbWqo3vK6jAhtkyGrICyQUdoUGx84c6rm+eKBmYbhcWg+f
SfPi5XGh3iNn6bpRFKp8Cic/kw8TGKWzpkHM8m7Q+VQdWUMrxXp4B6roZaBwS2Tb
mjCVtYEPNBClXhkV7vAayEYrRtrOb05DueAk6+juSiLnQg6Sa0UPNgiSEUPXNCjN
sWgL1I5jVn75vg==
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:11:23 2024 by rpki-client on console-ams.rpki-client.org