Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/3U8VXDdEd137KQANTBo1_xG99c0.roa
File: 3U8VXDdEd137KQANTBo1_xG99c0.roa (raw, json)
Hash identifier: HaUMsyvvTOIpT/pC78Y0BvEzNosgpHm4AwEVghsL8do=
Subject key identifier: DD:4F:15:5C:37:44:77:5D:FB:29:00:0D:4C:1A:35:FF:11:BD:F5:CD
Certificate issuer: /CN=a38b176a7d92e501eedaef6c60e8ce3a68d75224
Certificate serial: 018CC801C54C00E1AEDA32B6F148D930593B
Authority key identifier: A3:8B:17:6A:7D:92:E5:01:EE:DA:EF:6C:60:E8:CE:3A:68:D7:52:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4sXan2S5QHu2u9sYOjOOmjXUiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/3U8VXDdEd137KQANTBo1_xG99c0.roa
Signing time: Tue 02 Jan 2024 02:30:08 +0000
ROA not before: Tue 02 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57450
IP address blocks: 2a13:1500:3b0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/o4sXan2S5QHu2u9sYOjOOmjXUiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/o4sXan2S5QHu2u9sYOjOOmjXUiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/o4sXan2S5QHu2u9sYOjOOmjXUiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c5:4c:00:e1:ae:da:32:b6:f1:48:d9:30:59:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a38b176a7d92e501eedaef6c60e8ce3a68d75224
Validity
Not Before: Jan 2 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd4f155c3744775dfb29000d4c1a35ff11bdf5cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:50:10:34:8b:34:70:a8:a4:28:21:f1:72:4e:
92:a5:40:a4:ff:d9:9b:65:c3:76:76:b3:6a:c4:97:
59:fc:59:d8:f8:ab:fd:06:71:af:ca:a5:53:c9:92:
dd:24:a3:a4:30:7f:87:45:40:7e:d6:8a:fc:ac:53:
86:b9:60:a8:f3:bf:0a:90:81:93:a1:ac:0b:b7:79:
91:b2:36:a6:2d:fa:55:30:91:76:86:49:c4:5b:ca:
8a:7f:1a:04:a6:6b:7d:90:19:0e:47:7d:92:97:67:
8a:0f:e3:c0:eb:2d:d6:6b:89:17:17:5c:1b:83:cb:
6d:c2:25:e4:65:34:9a:1d:65:f6:25:d1:81:96:a5:
d7:a4:06:97:ae:72:b8:85:0c:f9:48:59:62:2f:ef:
b4:c0:af:4f:69:e2:28:26:42:73:97:a8:ec:f9:c0:
b7:bd:9b:bd:ea:b9:07:76:45:23:ab:d4:64:15:53:
ab:22:d9:66:f7:15:70:aa:34:6b:95:f4:96:7c:26:
48:c7:fe:4e:34:a9:06:57:7b:4f:30:94:21:4e:d6:
46:9f:d9:99:08:0c:ab:18:96:51:24:df:d8:84:1a:
98:a6:75:50:8b:01:e4:6e:21:62:25:86:65:6e:a8:
fd:92:ec:76:1e:0c:f0:2a:dc:e1:11:2f:d3:92:47:
d8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4F:15:5C:37:44:77:5D:FB:29:00:0D:4C:1A:35:FF:11:BD:F5:CD
X509v3 Authority Key Identifier:
keyid:A3:8B:17:6A:7D:92:E5:01:EE:DA:EF:6C:60:E8:CE:3A:68:D7:52:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4sXan2S5QHu2u9sYOjOOmjXUiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/3U8VXDdEd137KQANTBo1_xG99c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/8100db-443a-4c7e-bbe2-efe79c254e25/1/o4sXan2S5QHu2u9sYOjOOmjXUiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:1500:3b0::/44
Signature Algorithm: sha256WithRSAEncryption
aa:20:2d:e2:8b:1a:e3:8b:be:51:30:f6:24:1b:e1:0b:94:32:
aa:48:a9:f9:71:3e:ef:b8:92:7b:0e:54:34:c4:43:71:da:20:
04:75:40:e0:fc:55:89:4f:77:b7:46:0f:33:92:06:4b:5f:47:
98:f0:a1:37:3b:03:56:80:5e:4f:36:84:4c:0b:03:02:6c:fa:
c4:0b:40:f9:11:ff:3c:0b:73:a8:f0:a8:f7:9b:f4:09:3c:1a:
4a:47:df:ac:14:94:12:70:a8:ab:26:c1:05:3b:3e:55:76:11:
6e:2d:09:fd:2d:72:4a:a1:f1:e7:4c:15:39:fb:a0:c3:66:ca:
4e:08:b8:b9:ce:79:5e:52:9c:a9:a9:cd:57:0b:d5:0d:19:f5:
e8:70:f3:ac:e5:19:6a:a4:40:7d:ed:52:5d:4d:de:cf:3b:9c:
d1:45:e1:95:56:9b:b8:92:90:26:d5:1f:a0:0e:7e:bd:18:58:
0e:be:11:fc:41:b9:ad:17:49:54:23:4a:e6:7f:7c:04:59:fc:
bc:6a:cd:37:69:c2:1a:1a:b6:82:c7:89:4d:4b:d0:be:51:3a:
a6:0b:17:f6:93:63:44:ae:56:69:71:fa:11:78:28:95:e6:65:
ea:e2:67:40:5c:a1:6c:9a:4b:a8:2f:7c:e5:31:89:2c:41:1b:
f3:cf:23:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAcVMAOGu2jK28UjZMFk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzOGIxNzZhN2Q5MmU1MDFlZWRhZWY2YzYwZThjZTNhNjhk
NzUyMjQwHhcNMjQwMTAyMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDRmMTU1YzM3NDQ3NzVkZmIyOTAwMGQ0YzFhMzVmZjExYmRmNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VAQNIs0cKikKCHxck6SpUCk/9mb
ZcN2drNqxJdZ/FnY+Kv9BnGvyqVTyZLdJKOkMH+HRUB+1or8rFOGuWCo878KkIGT
oawLt3mRsjamLfpVMJF2hknEW8qKfxoEpmt9kBkOR32Sl2eKD+PA6y3Wa4kXF1wb
g8ttwiXkZTSaHWX2JdGBlqXXpAaXrnK4hQz5SFliL++0wK9PaeIoJkJzl6js+cC3
vZu96rkHdkUjq9RkFVOrItlm9xVwqjRrlfSWfCZIx/5ONKkGV3tPMJQhTtZGn9mZ
CAyrGJZRJN/YhBqYpnVQiwHkbiFiJYZlbqj9kux2HgzwKtzhES/TkkfYVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN1PFVw3RHdd+ykADUwaNf8RvfXNMB8GA1UdIwQY
MBaAFKOLF2p9kuUB7trvbGDozjpo11IkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRzWGFuMlM1UUh1MnU5c1lPak9PbWpYVWlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi84MTAwZGItNDQzYS00YzdlLWJiZTIt
ZWZlNzljMjU0ZTI1LzEvM1U4VlhEZEVkMTM3S1FBTlRCbzFfeEc5OWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi84MTAwZGItNDQzYS00YzdlLWJiZTItZWZlNzljMjU0ZTI1
LzEvbzRzWGFuMlM1UUh1MnU5c1lPak9PbWpYVWlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhMVAAOw
MA0GCSqGSIb3DQEBCwUAA4IBAQCqIC3iixrji75RMPYkG+ELlDKqSKn5cT7vuJJ7
DlQ0xENx2iAEdUDg/FWJT3e3Rg8zkgZLX0eY8KE3OwNWgF5PNoRMCwMCbPrEC0D5
Ef88C3Oo8Kj3m/QJPBpKR9+sFJQScKirJsEFOz5VdhFuLQn9LXJKofHnTBU5+6DD
ZspOCLi5znleUpypqc1XC9UNGfXocPOs5RlqpEB97VJdTd7PO5zRReGVVpu4kpAm
1R+gDn69GFgOvhH8QbmtF0lUI0rmf3wEWfy8as03acIaGraCx4lNS9C+UTqmCxf2
k2NErlZpcfoReCiV5mXq4mdAXKFsmkuoL3zlMYksQRvzzyPe
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:44:00 2024 by rpki-client on console-fra.rpki-client.org