Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/34qmFjo-dEDHLvIbaPrveI9CjUM.roa
File: 34qmFjo-dEDHLvIbaPrveI9CjUM.roa (raw, json)
Hash identifier: PT5S+lVb9nVJ3OSp/1GZF7ZS5OhFGMOpjxSRt5RLFvY=
Subject key identifier: DF:8A:A6:16:3A:3E:74:40:C7:2E:F2:1B:68:FA:EF:78:8F:42:8D:43
Certificate issuer: /CN=dc8a3a43301cd2c8047eb8544f80ab4ffcfe9acf
Certificate serial: 018CC424E679A8249E3FA4A31677DE2FDF66
Authority key identifier: DC:8A:3A:43:30:1C:D2:C8:04:7E:B8:54:4F:80:AB:4F:FC:FE:9A:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Io6QzAc0sgEfrhUT4CrT_z-ms8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/34qmFjo-dEDHLvIbaPrveI9CjUM.roa
Signing time: Mon 01 Jan 2024 08:30:01 +0000
ROA not before: Mon 01 Jan 2024 08:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207572
IP address blocks: 193.17.15.0/24 maxlen: 24
193.17.23.0/24 maxlen: 24
193.17.20.0/24 maxlen: 24
193.17.3.0/24 maxlen: 24
2a0f:74c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/3Io6QzAc0sgEfrhUT4CrT_z-ms8.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/3Io6QzAc0sgEfrhUT4CrT_z-ms8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Io6QzAc0sgEfrhUT4CrT_z-ms8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:e6:79:a8:24:9e:3f:a4:a3:16:77:de:2f:df:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc8a3a43301cd2c8047eb8544f80ab4ffcfe9acf
Validity
Not Before: Jan 1 08:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df8aa6163a3e7440c72ef21b68faef788f428d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b2:e3:76:09:90:62:79:a9:36:7a:84:69:75:
05:99:9d:90:dd:9a:99:57:44:45:89:39:19:2e:10:
d3:59:f8:75:fb:ed:78:2c:dc:8b:ff:2a:08:f8:6c:
1c:55:9a:28:da:4c:40:1d:8b:af:2b:36:89:bc:93:
8c:78:46:c5:ff:a0:c2:e0:16:84:df:0f:68:bb:70:
9a:b3:e7:92:da:1c:98:37:c6:67:2b:06:9e:16:e6:
af:93:61:d2:4a:56:a0:b3:a0:7c:3c:41:90:74:75:
26:71:a7:03:3e:05:3c:02:8a:85:e4:af:01:ee:d5:
64:0d:4e:51:15:86:6d:f7:a1:38:15:0a:de:78:08:
93:f2:e6:ae:0f:80:ff:f2:16:c1:b3:60:46:d3:02:
37:df:97:69:46:ea:b5:1e:bc:1c:89:f9:06:96:83:
7e:34:d8:3c:2c:86:a6:51:22:3e:49:e4:08:eb:ad:
04:25:f5:70:73:63:b8:02:6e:ab:63:ea:ac:0f:54:
25:9c:2c:30:66:2c:d5:41:26:83:f7:84:74:00:5e:
3d:43:b2:ee:3e:0c:68:3b:28:23:84:2b:05:7d:8c:
5a:8d:29:bd:51:06:75:38:c6:61:a7:2d:48:48:7b:
b1:0c:6a:d8:31:ba:75:d0:e8:9b:4b:1a:bb:3d:d2:
c1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:8A:A6:16:3A:3E:74:40:C7:2E:F2:1B:68:FA:EF:78:8F:42:8D:43
X509v3 Authority Key Identifier:
keyid:DC:8A:3A:43:30:1C:D2:C8:04:7E:B8:54:4F:80:AB:4F:FC:FE:9A:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Io6QzAc0sgEfrhUT4CrT_z-ms8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/34qmFjo-dEDHLvIbaPrveI9CjUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/3Io6QzAc0sgEfrhUT4CrT_z-ms8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.3.0/24
193.17.15.0/24
193.17.20.0/24
193.17.23.0/24
IPv6:
2a0f:74c0::/29
Signature Algorithm: sha256WithRSAEncryption
f8:61:cd:07:78:4e:32:6f:bb:81:8b:3b:3a:e9:29:cb:30:9b:
5f:1a:26:0c:2b:00:ea:ad:94:11:ff:ab:21:cd:8c:90:b6:21:
d0:67:08:d8:f9:ea:f8:f9:45:59:c7:cb:4f:a6:f6:b6:40:a3:
4a:ae:e2:aa:87:8f:ff:83:d7:4c:ce:67:ab:a3:41:8f:3e:09:
9f:12:4b:bd:39:20:42:04:ad:db:44:01:a2:1d:ec:32:f1:5f:
30:a3:52:8a:67:23:c9:d7:9c:59:4d:ee:54:4a:a4:d8:f5:97:
29:18:ee:d4:10:43:29:06:00:36:1f:f5:8d:1f:3a:dd:83:12:
b2:16:d4:07:d5:9a:dc:e4:3a:70:e5:14:dd:56:b4:67:96:62:
0d:c9:8a:67:4d:8c:06:ba:b2:74:58:e2:0f:cb:10:c9:aa:a3:
a4:01:db:1f:be:b1:c9:4c:bd:04:39:fe:ef:d2:1a:79:13:f9:
65:7f:53:e5:cb:89:c1:b2:16:70:d4:f6:f0:e4:44:fd:61:5f:
c5:6b:8f:aa:f6:ac:13:89:08:5c:b4:3f:60:a8:95:3e:04:2d:
53:1a:e8:0e:80:5a:89:61:36:5b:e3:81:d3:cf:29:2f:7b:2d:
b5:26:2a:3c:3e:19:f2:76:de:a5:d4:7b:c7:63:2c:d6:9a:61:
4b:ec:bc:ff
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEJOZ5qCSeP6SjFnfeL99mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOGEzYTQzMzAxY2QyYzgwNDdlYjg1NDRmODBhYjRmZmNm
ZTlhY2YwHhcNMjQwMTAxMDgzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjhhYTYxNjNhM2U3NDQwYzcyZWYyMWI2OGZhZWY3ODhmNDI4ZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibLjdgmQYnmpNnqEaXUFmZ2Q3ZqZ
V0RFiTkZLhDTWfh1++14LNyL/yoI+GwcVZoo2kxAHYuvKzaJvJOMeEbF/6DC4BaE
3w9ou3Cas+eS2hyYN8ZnKwaeFuavk2HSSlags6B8PEGQdHUmcacDPgU8AoqF5K8B
7tVkDU5RFYZt96E4FQreeAiT8uauD4D/8hbBs2BG0wI335dpRuq1HrwcifkGloN+
NNg8LIamUSI+SeQI660EJfVwc2O4Am6rY+qsD1QlnCwwZizVQSaD94R0AF49Q7Lu
PgxoOygjhCsFfYxajSm9UQZ1OMZhpy1ISHuxDGrYMbp10OibSxq7PdLBUwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFN+KphY6PnRAxy7yG2j673iPQo1DMB8GA1UdIwQY
MBaAFNyKOkMwHNLIBH64VE+Aq0/8/prPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lvNlF6QWMwc2dFZnJoVVQ0Q3JUX3otbXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9kZjBmZjMtNTYxZS00Zjc3LWE3ZGQt
ZmU4NDQwNjBhNDZkLzEvMzRxbUZqby1kRURITHZJYmFQcnZlSTlDalVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9kZjBmZjMtNTYxZS00Zjc3LWE3ZGQtZmU4NDQwNjBhNDZk
LzEvM0lvNlF6QWMwc2dFZnJoVVQ0Q3JUX3otbXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwREDAwQA
wREPAwQAwREUAwQAwREXMA0EAgACMAcDBQMqD3TAMA0GCSqGSIb3DQEBCwUAA4IB
AQD4Yc0HeE4yb7uBizs66SnLMJtfGiYMKwDqrZQR/6shzYyQtiHQZwjY+er4+UVZ
x8tPpva2QKNKruKqh4//g9dMzmero0GPPgmfEku9OSBCBK3bRAGiHewy8V8wo1KK
ZyPJ15xZTe5USqTY9ZcpGO7UEEMpBgA2H/WNHzrdgxKyFtQH1Zrc5Dpw5RTdVrRn
lmINyYpnTYwGurJ0WOIPyxDJqqOkAdsfvrHJTL0EOf7v0hp5E/llf1Ply4nBshZw
1Pbw5ET9YV/Fa4+q9qwTiQhctD9gqJU+BC1TGugOgFqJYTZb44HTzykvey21Jio8
Phnydt6l1HvHYyzWmmFL7Lz/
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:20 2024 by rpki-client on console-fra.rpki-client.org