Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/3zGacXXj9sbOWIxn89EhG8JuFds.roa
File: 3zGacXXj9sbOWIxn89EhG8JuFds.roa (raw, json)
Hash identifier: UqeuHEQdjCrowhpfx/QNQaY3C6rs0hSajDFK093SWIw=
Subject key identifier: DF:31:9A:71:75:E3:F6:C6:CE:58:8C:67:F3:D1:21:1B:C2:6E:15:DB
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 018CC26D406D304F1D51FA39B6F9D50EA63B
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/3zGacXXj9sbOWIxn89EhG8JuFds.roa
Signing time: Mon 01 Jan 2024 00:29:48 +0000
ROA not before: Mon 01 Jan 2024 00:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35280
IP address blocks: 185.94.142.0/23 maxlen: 24
185.94.141.0/24 maxlen: 24
185.94.140.0/22 maxlen: 22
185.94.140.0/23 maxlen: 24
185.94.140.0/24 maxlen: 24
84.54.60.0/22 maxlen: 24
185.160.10.0/23 maxlen: 24
185.160.9.0/24 maxlen: 24
185.160.8.0/23 maxlen: 24
193.16.221.0/24 maxlen: 24
5.182.212.0/22 maxlen: 24
193.16.236.0/24 maxlen: 24
185.56.152.0/24 maxlen: 24
185.56.154.0/23 maxlen: 24
193.16.213.0/24 maxlen: 24
2a05:f440::/29 maxlen: 48
2a07:b7c0::/29 maxlen: 29
2a02:53a0::/32 maxlen: 32
2a09:4b00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:40:6d:30:4f:1d:51:fa:39:b6:f9:d5:0e:a6:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Jan 1 00:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df319a7175e3f6c6ce588c67f3d1211bc26e15db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:03:63:29:ad:75:63:77:6b:85:4a:ad:de:62:
da:4a:27:b4:05:5a:cd:36:30:0b:ba:a2:e2:6d:7b:
47:f3:17:ea:25:52:2b:2f:21:ff:2b:7c:14:9a:de:
96:c8:68:7f:ee:d7:5a:78:1c:46:03:6f:c9:6d:42:
22:ca:9b:75:6a:ee:4e:30:10:bb:07:7d:ba:00:b2:
91:45:52:1e:a3:6f:5d:91:90:3b:c7:e4:9b:e5:91:
13:1e:e9:2c:f9:c8:49:df:31:28:d1:f9:3b:c9:ac:
01:bb:f0:96:0e:52:97:0c:77:2d:11:b9:48:87:9b:
38:dd:8f:e1:c3:d2:02:00:b2:15:75:df:b3:77:1e:
11:32:0b:6e:4b:0c:24:03:84:be:25:c9:8d:d8:f5:
94:2d:a6:b7:2a:08:12:94:e7:77:c0:cf:3e:db:67:
0f:5c:ad:d5:ac:df:78:ef:91:2b:94:0b:f7:0b:d5:
35:41:9f:89:7d:d6:b2:8f:36:45:20:30:36:fa:10:
1d:25:bd:cf:df:0a:c6:1a:a5:ba:46:e3:b9:7f:5e:
19:e4:5f:22:a7:44:09:bb:c1:0d:29:f0:cc:ad:b4:
44:e4:c7:f5:91:3d:2d:f2:23:f0:1e:05:15:12:49:
11:05:9a:17:74:35:74:bf:53:c2:72:25:86:82:30:
e6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:31:9A:71:75:E3:F6:C6:CE:58:8C:67:F3:D1:21:1B:C2:6E:15:DB
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/3zGacXXj9sbOWIxn89EhG8JuFds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.212.0/22
84.54.60.0/22
185.56.152.0/24
185.56.154.0/23
185.94.140.0/22
185.160.8.0/22
193.16.213.0/24
193.16.221.0/24
193.16.236.0/24
IPv6:
2a02:53a0::/32
2a05:f440::/29
2a07:b7c0::/29
2a09:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
5d:7e:e5:9b:1b:c8:86:95:39:82:91:24:db:bb:30:0e:3a:a6:
99:09:d9:0b:19:ae:a7:c8:42:56:b2:a5:87:0a:c5:6a:47:50:
a7:e3:c1:71:21:af:2b:87:8d:cc:a5:76:c3:d2:cd:aa:0a:b4:
87:00:4a:8d:71:eb:f5:fc:1f:43:6a:75:ee:f6:2b:ae:08:21:
b9:41:37:22:15:c7:66:e5:57:4f:20:88:ce:87:39:b0:97:48:
37:d5:44:61:98:b5:c4:21:41:af:a6:b9:74:e2:7f:ce:91:66:
d6:4d:d9:26:bd:52:85:e6:d6:bf:69:97:9a:3a:1e:de:d4:84:
d8:fa:4e:33:a8:cd:a7:88:38:f7:6c:f3:fe:4b:df:80:36:1a:
fb:15:c2:e7:45:4d:1d:4b:a4:27:fa:32:40:7f:ab:a1:e2:8e:
56:73:1e:21:a9:43:81:5b:16:4b:6c:f0:96:c1:4f:dc:2d:c5:
73:3b:92:8b:76:e7:26:26:3e:ff:0a:ee:4e:d0:02:6b:69:f9:
b0:16:81:dc:43:76:7f:d9:e5:aa:44:da:fd:2f:f9:c9:17:28:
05:8b:ec:46:5a:c0:0a:d8:e6:a9:bc:70:98:28:fa:a7:a6:13:
5c:e6:c2:e1:bd:53:e0:4d:85:ec:97:89:f1:42:ff:1d:e4:1e:
82:89:e4:20
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzCbUBtME8dUfo5tvnVDqY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjQwMTAxMDAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjMxOWE3MTc1ZTNmNmM2Y2U1ODhjNjdmM2QxMjExYmMyNmUxNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQNjKa11Y3drhUqt3mLaSie0BVrN
NjALuqLibXtH8xfqJVIrLyH/K3wUmt6WyGh/7tdaeBxGA2/JbUIiypt1au5OMBC7
B326ALKRRVIeo29dkZA7x+Sb5ZETHuks+chJ3zEo0fk7yawBu/CWDlKXDHctEblI
h5s43Y/hw9ICALIVdd+zdx4RMgtuSwwkA4S+JcmN2PWULaa3KggSlOd3wM8+22cP
XK3VrN9475ErlAv3C9U1QZ+JfdayjzZFIDA2+hAdJb3P3wrGGqW6RuO5f14Z5F8i
p0QJu8ENKfDMrbRE5Mf1kT0t8iPwHgUVEkkRBZoXdDV0v1PCciWGgjDmIwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFN8xmnF14/bGzliMZ/PRIRvCbhXbMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvM3pHYWNYWGo5c2JPV0l4bjg5RWhHOEp1RmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQCBbbUAwQC
VDY8AwQAuTiYAwQBuTiaAwQCuV6MAwQCuaAIAwQAwRDVAwQAwRDdAwQAwRDsMCIE
AgACMBwDBQAqAlOgAwUDKgX0QAMFAyoHt8ADBQAqCUsAMA0GCSqGSIb3DQEBCwUA
A4IBAQBdfuWbG8iGlTmCkSTbuzAOOqaZCdkLGa6nyEJWsqWHCsVqR1Cn48FxIa8r
h43MpXbD0s2qCrSHAEqNcev1/B9DanXu9iuuCCG5QTciFcdm5VdPIIjOhzmwl0g3
1URhmLXEIUGvprl04n/OkWbWTdkmvVKF5ta/aZeaOh7e1ITY+k4zqM2niDj3bPP+
S9+ANhr7FcLnRU0dS6Qn+jJAf6uh4o5Wcx4hqUOBWxZLbPCWwU/cLcVzO5KLducm
Jj7/Cu5O0AJrafmwFoHcQ3Z/2eWqRNr9L/nJFygFi+xGWsAK2OapvHCYKPqnphNc
5sLhvVPgTYXsl4nxQv8d5B6CieQg
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:42:03 2024 by rpki-client on console-fra.rpki-client.org