Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/80b8cf-576d-4044-a624-ae72bfd3f782/1/3D9zEF1GX888S29Z2IZyFuTinNY.roa
File: 3D9zEF1GX888S29Z2IZyFuTinNY.roa (raw, json)
Hash identifier: iQPT1xe9LnA1oqg3Q8kQQhy1YxZxcxS+xOQM+SgslQ8=
Subject key identifier: DC:3F:73:10:5D:46:5F:CF:3C:4B:6F:59:D8:86:72:16:E4:E2:9C:D6
Certificate issuer: /CN=186590ee4a796301c422e033f944d263d6adeebc
Certificate serial: 018CCA2A1521F04B9BB9F553F91CA4C2945B
Authority key identifier: 18:65:90:EE:4A:79:63:01:C4:22:E0:33:F9:44:D2:63:D6:AD:EE:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GGWQ7kp5YwHEIuAz-UTSY9at7rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/80b8cf-576d-4044-a624-ae72bfd3f782/1/3D9zEF1GX888S29Z2IZyFuTinNY.roa
Signing time: Tue 02 Jan 2024 12:33:24 +0000
ROA not before: Tue 02 Jan 2024 12:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212536
IP address blocks: 194.8.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/80b8cf-576d-4044-a624-ae72bfd3f782/1/GGWQ7kp5YwHEIuAz-UTSY9at7rw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/80b8cf-576d-4044-a624-ae72bfd3f782/1/GGWQ7kp5YwHEIuAz-UTSY9at7rw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GGWQ7kp5YwHEIuAz-UTSY9at7rw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:15:21:f0:4b:9b:b9:f5:53:f9:1c:a4:c2:94:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=186590ee4a796301c422e033f944d263d6adeebc
Validity
Not Before: Jan 2 12:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc3f73105d465fcf3c4b6f59d8867216e4e29cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1b:d8:14:df:52:4f:f7:68:2b:e1:21:96:1d:
d8:30:f2:29:94:f0:49:aa:a3:c1:ce:fa:42:c8:dd:
eb:7f:94:f9:19:5d:bf:15:07:9b:1c:4d:c0:ce:9d:
6d:b2:35:13:0b:a7:83:6b:e2:f1:af:b6:67:db:dd:
8c:fc:d9:8d:9f:ff:52:c0:0a:e7:74:00:40:55:93:
12:60:5a:c1:c1:ff:17:4c:0c:0a:9c:fa:5d:31:63:
41:46:b6:d2:81:c4:a8:92:f7:d6:b9:c5:69:20:cd:
1e:7a:b9:88:c0:eb:e5:df:d1:68:90:00:31:83:cf:
7f:74:ef:84:dc:04:50:bc:ff:7b:43:88:c8:be:71:
14:0c:5c:aa:4a:36:64:b6:f3:6d:2a:19:fe:18:e8:
cf:cc:47:ec:cd:49:e2:35:26:dc:14:69:9e:6a:a2:
25:bb:70:f7:6d:67:3e:97:5a:91:79:cd:b6:b6:f8:
a4:08:2b:ae:ed:92:8f:e6:b1:88:53:ad:1c:59:94:
7e:8b:e9:e2:46:0b:8c:8c:02:72:cb:4e:d3:ff:46:
bd:e9:ef:ff:a2:02:2d:bb:7b:8c:1f:dd:4e:16:92:
1b:d1:d5:27:b5:cd:85:b7:c5:e5:43:a9:0d:5c:ef:
2e:8a:20:13:10:ec:76:52:22:c2:ce:f8:ff:bc:49:
3a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3F:73:10:5D:46:5F:CF:3C:4B:6F:59:D8:86:72:16:E4:E2:9C:D6
X509v3 Authority Key Identifier:
keyid:18:65:90:EE:4A:79:63:01:C4:22:E0:33:F9:44:D2:63:D6:AD:EE:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GGWQ7kp5YwHEIuAz-UTSY9at7rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/80b8cf-576d-4044-a624-ae72bfd3f782/1/3D9zEF1GX888S29Z2IZyFuTinNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/80b8cf-576d-4044-a624-ae72bfd3f782/1/GGWQ7kp5YwHEIuAz-UTSY9at7rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.74.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:a2:43:fa:6f:db:14:69:5a:4f:65:80:8a:ed:b4:e0:cd:cc:
2b:c0:88:94:76:7a:84:f7:d3:dd:18:de:3e:a2:91:af:7d:6b:
7c:8f:8e:fb:2c:bf:ee:fd:fd:be:92:53:4b:ba:c3:2a:52:6c:
b2:d4:90:74:60:9c:06:21:cf:16:c8:0e:e7:16:84:bb:56:68:
d5:d1:d3:2e:bf:0f:49:ce:04:7b:cd:e8:64:54:dc:69:21:b0:
17:20:fd:ea:33:05:3c:e9:29:b9:0c:61:26:69:a2:80:25:0b:
ff:ea:40:75:13:5c:e3:11:fd:05:dc:ee:b2:74:b9:9a:c5:a9:
ce:17:94:7a:b0:c8:b2:e9:01:8c:0b:8f:ce:e4:52:2f:8b:cc:
e6:27:1f:30:20:31:31:4f:0e:8c:c5:c8:d3:a8:b1:22:85:db:
0f:0a:75:84:b0:53:1b:2f:26:b9:80:03:4a:e3:83:99:71:86:
df:09:7e:4a:18:32:b9:92:27:aa:0d:0c:02:92:d8:53:cd:f7:
2b:2d:d5:53:69:f9:fe:50:04:6b:2c:57:26:20:ab:d9:29:45:
3e:d6:47:ab:a7:58:68:19:88:a5:dc:89:b3:77:5d:a8:1b:cd:
c8:f8:94:0d:61:94:a4:7b:a0:2a:9a:01:84:0a:48:f7:41:e9:
3e:d1:02:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKhUh8EubufVT+RykwpRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NjU5MGVlNGE3OTYzMDFjNDIyZTAzM2Y5NDRkMjYzZDZh
ZGVlYmMwHhcNMjQwMTAyMTIzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzNmNzMxMDVkNDY1ZmNmM2M0YjZmNTlkODg2NzIxNmU0ZTI5Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhvYFN9ST/doK+Ehlh3YMPIplPBJ
qqPBzvpCyN3rf5T5GV2/FQebHE3Azp1tsjUTC6eDa+Lxr7Zn292M/NmNn/9SwArn
dABAVZMSYFrBwf8XTAwKnPpdMWNBRrbSgcSokvfWucVpIM0eermIwOvl39FokAAx
g89/dO+E3ARQvP97Q4jIvnEUDFyqSjZktvNtKhn+GOjPzEfszUniNSbcFGmeaqIl
u3D3bWc+l1qRec22tvikCCuu7ZKP5rGIU60cWZR+i+niRguMjAJyy07T/0a96e//
ogItu3uMH91OFpIb0dUntc2Ft8XlQ6kNXO8uiiATEOx2UiLCzvj/vEk6OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNw/cxBdRl/PPEtvWdiGchbk4pzWMB8GA1UdIwQY
MBaAFBhlkO5KeWMBxCLgM/lE0mPWre68MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0dXUTdrcDVZd0hFSXVBei1VVFNZOWF0N3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84MGI4Y2YtNTc2ZC00MDQ0LWE2MjQt
YWU3MmJmZDNmNzgyLzEvM0Q5ekVGMUdYODg4UzI5WjJJWnlGdVRpbk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84MGI4Y2YtNTc2ZC00MDQ0LWE2MjQtYWU3MmJmZDNmNzgy
LzEvR0dXUTdrcDVZd0hFSXVBei1VVFNZOWF0N3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwghKMA0G
CSqGSIb3DQEBCwUAA4IBAQCookP6b9sUaVpPZYCK7bTgzcwrwIiUdnqE99PdGN4+
opGvfWt8j477LL/u/f2+klNLusMqUmyy1JB0YJwGIc8WyA7nFoS7VmjV0dMuvw9J
zgR7zehkVNxpIbAXIP3qMwU86Sm5DGEmaaKAJQv/6kB1E1zjEf0F3O6ydLmaxanO
F5R6sMiy6QGMC4/O5FIvi8zmJx8wIDExTw6MxcjTqLEihdsPCnWEsFMbLya5gANK
44OZcYbfCX5KGDK5kieqDQwCkthTzfcrLdVTafn+UARrLFcmIKvZKUU+1kerp1ho
GYil3Imzd12oG83I+JQNYZSke6AqmgGECkj3Qek+0QJ7
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:09 2024 by rpki-client on console-fra.rpki-client.org