Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/3R-lm5lhuiPbeCwLqsFM9qeTCTM.roa
File: 3R-lm5lhuiPbeCwLqsFM9qeTCTM.roa (raw, json)
Hash identifier: E1LyXkRAmF3nDR8bBXxYJB7oiojghx6Yhx/2QRC8pXU=
Subject key identifier: DD:1F:A5:9B:99:61:BA:23:DB:78:2C:0B:AA:C1:4C:F6:A7:93:09:33
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018F2F6745AD60B693749FE93353843F8550
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/3R-lm5lhuiPbeCwLqsFM9qeTCTM.roa
Signing time: Tue 30 Apr 2024 14:27:28 +0000
ROA not before: Tue 30 Apr 2024 14:27:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12663
IP address blocks: 37.25.128.0/17 maxlen: 24
46.108.0.0/16 maxlen: 24
46.190.128.0/17 maxlen: 24
62.213.128.0/19 maxlen: 19
85.205.0.0/16 maxlen: 24
86.104.216.0/22 maxlen: 22
89.32.48.0/21 maxlen: 21
92.114.8.0/21 maxlen: 21
108.179.64.0/18 maxlen: 19
130.195.32.0/20 maxlen: 20
130.195.64.0/19 maxlen: 19
130.195.96.0/19 maxlen: 19
130.195.128.0/18 maxlen: 24
130.195.200.0/21 maxlen: 21
139.47.160.0/19 maxlen: 24
139.47.192.0/18 maxlen: 24
145.230.0.0/16 maxlen: 24
176.125.0.0/19 maxlen: 24
188.240.84.0/22 maxlen: 22
192.125.128.0/17 maxlen: 24
195.232.128.0/17 maxlen: 24
195.233.0.0/16 maxlen: 24
208.53.128.0/18 maxlen: 18
2a01:818:1000::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 02:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:67:45:ad:60:b6:93:74:9f:e9:33:53:84:3f:85:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Apr 30 14:27:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd1fa59b9961ba23db782c0baac14cf6a7930933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c4:2d:59:74:f4:93:10:94:77:c7:23:41:14:
7b:08:be:91:6d:20:b1:a9:23:f8:e5:5c:ff:ef:90:
04:a5:aa:70:36:76:7f:e7:f5:a0:aa:23:ac:b0:50:
46:f9:30:f8:3d:1d:99:32:4c:d6:4e:02:5c:94:41:
54:73:d0:e2:80:5d:0b:eb:8c:a6:f9:2c:c5:0c:b8:
41:25:1c:d0:51:23:73:d4:c0:ff:78:a0:27:4c:1d:
44:3e:93:1b:2f:fa:b3:e7:a9:ef:6b:99:09:aa:4e:
0d:f8:17:53:4b:5a:09:08:8e:7e:cd:74:cf:6f:38:
4d:28:b8:d1:18:fd:44:81:53:1d:0d:8a:93:4a:24:
c5:97:60:e2:d8:bd:e7:33:e0:fd:b6:8a:74:f1:af:
6d:32:ee:97:8f:1c:f1:6a:4e:a9:78:c8:a7:e5:af:
76:cb:c2:62:15:aa:76:59:76:6e:2b:e0:07:ae:38:
f6:19:68:46:e3:62:9f:06:be:11:9f:2e:41:78:4a:
49:b0:3b:63:9e:db:ec:a4:dd:85:a3:0b:e6:d0:39:
b9:43:dc:d8:06:39:38:5f:fc:9f:b0:3d:f9:d5:13:
cd:df:c5:c1:0b:51:c0:ce:ed:d0:b5:b3:97:58:48:
c8:13:a4:d2:7b:07:69:02:6f:8b:39:d8:3e:37:41:
42:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1F:A5:9B:99:61:BA:23:DB:78:2C:0B:AA:C1:4C:F6:A7:93:09:33
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/3R-lm5lhuiPbeCwLqsFM9qeTCTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
62.213.128.0/19
85.205.0.0/16
86.104.216.0/22
89.32.48.0/21
92.114.8.0/21
108.179.64.0/18
130.195.32.0/20
130.195.64.0-130.195.191.255
130.195.200.0/21
139.47.160.0-139.47.255.255
145.230.0.0/16
176.125.0.0/19
188.240.84.0/22
192.125.128.0/17
195.232.128.0-195.233.255.255
208.53.128.0/18
IPv6:
2a01:818:1000::/44
Signature Algorithm: sha256WithRSAEncryption
2e:5e:4a:4d:06:73:f4:67:bb:6d:7c:03:ed:d3:cd:fa:e3:a0:
f8:e6:9a:bb:a2:a1:15:18:6a:0a:c4:93:74:b5:0e:48:04:ec:
11:1e:f7:43:91:82:46:04:21:34:94:39:fe:12:c6:e1:ad:cf:
3e:c5:cd:e4:ce:98:cb:29:57:0a:b4:a4:5c:11:06:d8:44:25:
4b:b4:ed:be:fa:c0:07:7f:53:7c:d6:c9:33:cb:fb:76:39:ec:
96:4e:19:26:5b:dc:08:2f:e4:f4:4e:0a:9c:ee:a6:fa:a5:df:
89:8d:69:fe:6c:ec:34:64:13:5c:6a:5c:c7:9c:44:f1:3c:a2:
30:63:60:db:b3:6a:7f:59:9f:09:3b:a1:3a:ae:ed:96:88:c8:
43:9c:45:d1:e8:0f:c4:c9:8d:f5:2d:76:21:bb:2a:07:90:09:
3b:df:2a:62:c7:d4:5f:37:63:89:35:fb:af:60:1d:6a:04:00:
04:74:e1:00:9d:f6:04:c0:20:56:94:a4:37:7a:16:d2:80:52:
d9:1c:ed:4d:f3:57:30:a1:ef:4d:85:e1:17:3b:13:97:60:07:
9a:c0:c3:ca:88:0c:43:f4:f8:bc:67:b3:56:e1:97:94:40:bb:
0b:bb:00:80:fd:4e:37:3a:68:4b:1b:a6:af:53:7b:b9:4f:e2:
fc:f7:18:5e
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAY8vZ0WtYLaTdJ/pM1OEP4VQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjQwNDMwMTQyNzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFmYTU5Yjk5NjFiYTIzZGI3ODJjMGJhYWMxNGNmNmE3OTMwOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMQtWXT0kxCUd8cjQRR7CL6RbSCx
qSP45Vz/75AEpapwNnZ/5/WgqiOssFBG+TD4PR2ZMkzWTgJclEFUc9DigF0L64ym
+SzFDLhBJRzQUSNz1MD/eKAnTB1EPpMbL/qz56nva5kJqk4N+BdTS1oJCI5+zXTP
bzhNKLjRGP1EgVMdDYqTSiTFl2Di2L3nM+D9top08a9tMu6Xjxzxak6peMin5a92
y8JiFap2WXZuK+AHrjj2GWhG42KfBr4Rny5BeEpJsDtjntvspN2Fowvm0Dm5Q9zY
Bjk4X/yfsD351RPN38XBC1HAzu3QtbOXWEjIE6TSewdpAm+LOdg+N0FCWwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFN0fpZuZYboj23gsC6rBTPankwkzMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvM1ItbG01bGh1aVBiZUN3THFzRk05cWVUQ1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBjAQCAAEwgYUDBAcl
GYADAwAubAMEBy6+gAMEBT7VgAMDAFXNAwQCVmjYAwQDWSAwAwQDXHIIAwQGbLNA
AwQEgsMgMAwDBAaCw0ADBAaCw4ADBAOCw8gwCwMEBYsvoAMDBIsgAwMAkeYDBAWw
fQADBAK88FQDBAfAfYAwCwMEB8PogAMDAcPoAwQG0DWAMA8EAgACMAkDBwQqAQgY
EAAwDQYJKoZIhvcNAQELBQADggEBAC5eSk0Gc/Rnu218A+3TzfrjoPjmmruioRUY
agrEk3S1DkgE7BEe90ORgkYEITSUOf4SxuGtzz7FzeTOmMspVwq0pFwRBthEJUu0
7b76wAd/U3zWyTPL+3Y57JZOGSZb3Agv5PROCpzupvql34mNaf5s7DRkE1xqXMec
RPE8ojBjYNuzan9Znwk7oTqu7ZaIyEOcRdHoD8TJjfUtdiG7KgeQCTvfKmLH1F83
Y4k1+69gHWoEAAR04QCd9gTAIFaUpDd6FtKAUtkc7U3zVzCh702F4Rc7E5dgB5rA
w8qIDEP0+Lxns1bhl5RAuwu7AID9Tjc6aEsbpq9Te7lP4vz3GF4=
-----END CERTIFICATE-----
Generated at Mon Jun 3 10:18:39 2024 by rpki-client on console-ams.rpki-client.org