Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/3wA9fRjTvpg6K0GHnHH0vl6Yg3k.roa
File: 3wA9fRjTvpg6K0GHnHH0vl6Yg3k.roa (raw, json)
Hash identifier: +mo/3sZIQiXI7k94ySPBPZoF5QEDb0LyxQ3v82JCd6U=
Subject key identifier: DF:00:3D:7D:18:D3:BE:98:3A:2B:41:87:9C:71:F4:BE:5E:98:83:79
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 018CC94E48CEF7100D211237CCAD626FE133
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/3wA9fRjTvpg6K0GHnHH0vl6Yg3k.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29278
IP address blocks: 212.92.23.0/24 maxlen: 24
82.150.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:48:ce:f7:10:0d:21:12:37:cc:ad:62:6f:e1:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df003d7d18d3be983a2b41879c71f4be5e988379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1e:c3:5b:5f:7a:35:c6:d4:b6:c3:85:75:73:
90:51:14:2c:6a:79:e8:4a:ba:a6:d8:c1:d0:34:53:
54:bf:14:f4:13:cf:61:af:d9:8e:78:10:79:6a:53:
c6:14:14:e5:58:22:a0:79:ee:89:97:93:05:a5:1c:
5e:3f:18:f7:32:5d:27:ad:b7:58:9b:42:96:80:c9:
d8:ed:4b:70:63:15:13:a0:a2:61:f2:68:52:5e:1d:
cd:13:d1:d9:3c:da:83:bc:f4:f3:52:8a:0c:e8:6a:
c2:91:43:34:86:e1:0e:f0:31:af:59:12:23:e9:11:
a5:95:7e:ce:ac:f9:46:20:a3:67:84:96:42:5d:22:
94:07:7c:7c:db:77:de:f5:c0:af:e6:4d:ef:b6:34:
2d:7c:1f:ea:ce:6e:0d:b1:8c:4b:73:4e:08:85:21:
2e:b4:51:ea:1e:7b:55:69:73:4e:ce:6d:50:f5:ed:
d8:07:56:66:09:b4:30:de:21:03:6e:a9:19:cd:7b:
d3:f2:8e:72:20:fd:c5:3b:d9:f7:47:12:13:70:de:
86:86:59:99:6f:c3:28:0d:ba:0b:4f:b5:e7:ac:c0:
b0:fe:df:ca:1b:8d:01:a6:8e:59:9e:1d:b5:f8:dc:
1f:a8:be:9c:ce:9d:9e:e7:75:54:e7:a7:7c:b6:cd:
11:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:00:3D:7D:18:D3:BE:98:3A:2B:41:87:9C:71:F4:BE:5E:98:83:79
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/3wA9fRjTvpg6K0GHnHH0vl6Yg3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.63.0/24
212.92.23.0/24
Signature Algorithm: sha256WithRSAEncryption
84:0b:f1:c1:8d:b7:97:0f:5a:97:1e:fc:28:cf:dc:74:a1:e5:
1a:42:73:4d:cb:f8:a9:d1:30:59:c7:bd:99:55:9c:0c:15:2b:
90:40:64:14:cc:ef:d2:26:41:ec:ee:64:df:67:b9:ce:cb:59:
39:8a:3d:29:23:bc:c8:92:62:df:81:26:86:56:94:6f:cd:9a:
a8:30:07:88:c8:11:e3:cf:85:61:dd:a3:92:e1:7e:9a:63:71:
80:9c:70:4c:bd:a7:52:07:02:2d:80:82:ce:98:b7:be:a1:a5:
14:00:b9:d3:a0:99:9e:86:88:8d:27:e8:be:d5:9f:87:44:37:
3d:f0:ba:db:c3:b3:16:e1:dd:35:4b:aa:38:cc:74:3a:7f:63:
a3:28:64:8c:bc:2d:82:c5:09:76:70:98:13:33:f7:ca:9b:6f:
82:94:f5:8f:16:2f:38:0d:40:b5:4b:78:cc:92:6d:71:db:7c:
40:3a:a0:15:c5:23:56:b3:65:80:48:cb:0f:a0:aa:da:e6:9a:
30:0a:de:3d:fc:cd:e7:92:70:2d:ea:0b:53:30:2b:b9:d9:b9:
6d:3a:cb:40:dc:bb:d6:a0:90:f5:55:7b:71:07:b7:af:76:31:
5b:df:ec:92:38:20:8b:85:f2:25:1b:b7:fd:d0:83:1d:e7:64:
e7:2f:d9:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTkjO9xANIRI3zK1ib+EzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzYxMDMzNDRmY2QzYjU3NTlmMmRiM2YzYzcwNzEzNzZm
OWUyMzMwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjAwM2Q3ZDE4ZDNiZTk4M2EyYjQxODc5YzcxZjRiZTVlOTg4Mzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih7DW196NcbUtsOFdXOQURQsanno
Srqm2MHQNFNUvxT0E89hr9mOeBB5alPGFBTlWCKgee6Jl5MFpRxePxj3Ml0nrbdY
m0KWgMnY7UtwYxUToKJh8mhSXh3NE9HZPNqDvPTzUooM6GrCkUM0huEO8DGvWRIj
6RGllX7OrPlGIKNnhJZCXSKUB3x823fe9cCv5k3vtjQtfB/qzm4NsYxLc04IhSEu
tFHqHntVaXNOzm1Q9e3YB1ZmCbQw3iEDbqkZzXvT8o5yIP3FO9n3RxITcN6GhlmZ
b8MoDboLT7XnrMCw/t/KG40Bpo5Znh21+NwfqL6czp2e53VU56d8ts0R3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN8APX0Y076YOitBh5xx9L5emIN5MB8GA1UdIwQY
MBaAFE82EDNE/NO1dZ8ts/PHBxN2+eIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUt
MGFjYzg5MmIxMWQyLzEvM3dBOWZSalR2cGc2SzBHSG5ISDB2bDZZZzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUtMGFjYzg5MmIxMWQy
LzEvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpY/AwQA
1FwXMA0GCSqGSIb3DQEBCwUAA4IBAQCEC/HBjbeXD1qXHvwoz9x0oeUaQnNNy/ip
0TBZx72ZVZwMFSuQQGQUzO/SJkHs7mTfZ7nOy1k5ij0pI7zIkmLfgSaGVpRvzZqo
MAeIyBHjz4Vh3aOS4X6aY3GAnHBMvadSBwItgILOmLe+oaUUALnToJmehoiNJ+i+
1Z+HRDc98Lrbw7MW4d01S6o4zHQ6f2OjKGSMvC2CxQl2cJgTM/fKm2+ClPWPFi84
DUC1S3jMkm1x23xAOqAVxSNWs2WASMsPoKra5powCt49/M3nknAt6gtTMCu52blt
OstA3LvWoJD1VXtxB7evdjFb3+ySOCCLhfIlG7f90IMd52TnL9kK
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:06:30 2024 by rpki-client on console-ams.rpki-client.org