Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/3oG6-cbrHjZ7t8EX9F84J7Fteeg.roa
File: 3oG6-cbrHjZ7t8EX9F84J7Fteeg.roa (raw, json)
Hash identifier: 1uanyM3IROEPqMnrktoJlVCWETy2nq0mbitq+qxl3HM=
Subject key identifier: DE:81:BA:F9:C6:EB:1E:36:7B:B7:C1:17:F4:5F:38:27:B1:6D:79:E8
Certificate issuer: /CN=2928db241541d6b6a6490004060aa71ad6ec189c
Certificate serial: 018CC349191BDBD9180A35730C02745A13EC
Authority key identifier: 29:28:DB:24:15:41:D6:B6:A6:49:00:04:06:0A:A7:1A:D6:EC:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KSjbJBVB1ramSQAEBgqnGtbsGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/3oG6-cbrHjZ7t8EX9F84J7Fteeg.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60283
IP address blocks: 185.243.84.0/22 maxlen: 22
185.243.84.0/23 maxlen: 23
185.243.86.0/23 maxlen: 23
185.243.86.0/24 maxlen: 24
185.243.87.0/24 maxlen: 24
193.200.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/KSjbJBVB1ramSQAEBgqnGtbsGJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/KSjbJBVB1ramSQAEBgqnGtbsGJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/KSjbJBVB1ramSQAEBgqnGtbsGJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:19:1b:db:d9:18:0a:35:73:0c:02:74:5a:13:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2928db241541d6b6a6490004060aa71ad6ec189c
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de81baf9c6eb1e367bb7c117f45f3827b16d79e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:80:07:45:8d:a3:ed:83:b9:cd:c6:82:34:58:
06:4f:2a:a5:19:85:31:c2:91:20:ae:36:32:28:97:
a3:2d:9b:34:48:ee:9e:db:57:08:96:82:e7:03:6a:
c8:4e:e7:8f:d8:38:95:f9:c1:5e:da:f3:5c:73:f0:
6f:44:7f:28:d7:09:e0:83:ab:1a:9c:da:32:91:ee:
58:26:6b:5d:68:10:90:3c:f3:98:8f:59:ab:ab:b1:
52:24:36:f9:76:b4:4d:07:da:05:95:69:6e:55:90:
9c:c5:82:85:bb:cd:dd:4d:00:03:2e:a1:03:76:21:
4a:ac:72:c2:ab:d8:85:ad:88:30:01:a5:0f:45:b3:
d1:9f:43:89:d8:8b:a5:c0:32:72:84:4e:bb:25:23:
1a:dd:0d:7e:cb:85:5e:63:cf:de:b7:56:1e:1b:d3:
19:cc:ae:50:06:18:1f:23:11:77:ee:6c:52:66:30:
d7:63:8a:73:ea:cd:30:74:a0:d9:57:8a:e4:f0:ca:
4a:d4:fe:56:30:21:f3:14:b4:63:c7:f0:22:b5:d7:
f3:64:37:c6:40:19:f0:a5:ae:b0:81:f5:33:32:3b:
18:9d:e1:e5:21:9d:5a:bc:53:c6:04:65:28:d7:cd:
b2:c4:24:a9:27:10:0a:aa:84:dc:b3:9f:55:c1:9f:
8f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:81:BA:F9:C6:EB:1E:36:7B:B7:C1:17:F4:5F:38:27:B1:6D:79:E8
X509v3 Authority Key Identifier:
keyid:29:28:DB:24:15:41:D6:B6:A6:49:00:04:06:0A:A7:1A:D6:EC:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KSjbJBVB1ramSQAEBgqnGtbsGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/3oG6-cbrHjZ7t8EX9F84J7Fteeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/KSjbJBVB1ramSQAEBgqnGtbsGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.84.0/22
193.200.250.0/24
Signature Algorithm: sha256WithRSAEncryption
18:42:cd:7d:f5:44:9c:38:8b:1d:b5:5d:cf:a9:94:7c:c0:84:
4a:1c:9c:2e:5c:a9:4c:c1:bc:6c:3f:b1:50:95:e5:57:4a:43:
3f:7c:7a:88:c7:ad:d3:e7:2d:eb:33:4a:40:2d:8b:e4:ce:64:
1f:f3:97:cc:a1:63:79:10:62:ae:2c:e3:79:76:87:73:18:f0:
24:fe:06:e1:15:83:e9:84:07:36:52:19:38:27:9a:56:76:50:
29:e6:f4:83:6e:0f:0a:33:73:17:c4:ad:bd:a4:4f:3b:53:6b:
8b:71:51:35:d8:53:b3:ba:63:21:8a:12:e0:9b:5f:30:0d:69:
18:20:3a:f6:48:f3:b1:43:f4:07:15:43:33:c0:8a:62:c3:24:
31:0c:cc:84:fd:af:c5:8d:82:49:84:98:9d:77:5d:c8:92:78:
fd:b0:aa:b9:b0:99:a7:bd:43:1f:b1:ec:47:29:11:9b:28:89:
8f:2c:57:24:61:e1:76:88:e8:81:16:ad:d7:f7:83:cc:77:14:
c4:57:fd:95:29:ab:a7:cd:c4:f3:35:ca:09:f8:31:6a:25:35:
85:d4:89:0a:6f:ad:0d:32:46:90:52:05:ef:fd:3e:aa:6b:f3:
59:37:08:71:d8:00:a5:8f:33:47:23:99:cd:2b:83:2f:fe:14:
b0:a5:d4:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSRkb29kYCjVzDAJ0WhPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MjhkYjI0MTU0MWQ2YjZhNjQ5MDAwNDA2MGFhNzFhZDZl
YzE4OWMwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTgxYmFmOWM2ZWIxZTM2N2JiN2MxMTdmNDVmMzgyN2IxNmQ3OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4AHRY2j7YO5zcaCNFgGTyqlGYUx
wpEgrjYyKJejLZs0SO6e21cIloLnA2rITueP2DiV+cFe2vNcc/BvRH8o1wngg6sa
nNoyke5YJmtdaBCQPPOYj1mrq7FSJDb5drRNB9oFlWluVZCcxYKFu83dTQADLqED
diFKrHLCq9iFrYgwAaUPRbPRn0OJ2IulwDJyhE67JSMa3Q1+y4VeY8/et1YeG9MZ
zK5QBhgfIxF37mxSZjDXY4pz6s0wdKDZV4rk8MpK1P5WMCHzFLRjx/AitdfzZDfG
QBnwpa6wgfUzMjsYneHlIZ1avFPGBGUo182yxCSpJxAKqoTcs59VwZ+PyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6BuvnG6x42e7fBF/RfOCexbXnoMB8GA1UdIwQY
MBaAFCko2yQVQda2pkkABAYKpxrW7BicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1NqYkpCVkIxcmFtU1FBRUJncW5HdGJzR0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hNDc0NzUtMTc5Yi00NzdmLWI1NTQt
MjkzNTYzNDFjNWZkLzEvM29HNi1jYnJIalo3dDhFWDlGODRKN0Z0ZWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9hNDc0NzUtMTc5Yi00NzdmLWI1NTQtMjkzNTYzNDFjNWZk
LzEvS1NqYkpCVkIxcmFtU1FBRUJncW5HdGJzR0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufNUAwQA
wcj6MA0GCSqGSIb3DQEBCwUAA4IBAQAYQs199UScOIsdtV3PqZR8wIRKHJwuXKlM
wbxsP7FQleVXSkM/fHqIx63T5y3rM0pALYvkzmQf85fMoWN5EGKuLON5dodzGPAk
/gbhFYPphAc2Uhk4J5pWdlAp5vSDbg8KM3MXxK29pE87U2uLcVE12FOzumMhihLg
m18wDWkYIDr2SPOxQ/QHFUMzwIpiwyQxDMyE/a/FjYJJhJidd13Iknj9sKq5sJmn
vUMfsexHKRGbKImPLFckYeF2iOiBFq3X94PMdxTEV/2VKaunzcTzNcoJ+DFqJTWF
1IkKb60NMkaQUgXv/T6qa/NZNwhx2ACljzNHI5nNK4Mv/hSwpdQ6
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:51:18 2024 by rpki-client on console-ams.rpki-client.org