Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/3vnxHKodsciHfoiiWFwkLgJ9iJA.roa
File: 3vnxHKodsciHfoiiWFwkLgJ9iJA.roa (raw, json)
Hash identifier: 3PHs6rVYaIeONsQiyn7SvhjCo/lBCvpTwtWvSylD19Y=
Subject key identifier: DE:F9:F1:1C:AA:1D:B1:C8:87:7E:88:A2:58:5C:24:2E:02:7D:88:90
Certificate issuer: /CN=db282fd897317c2cadd7b13969f6f015c397e05d
Certificate serial: 018DF92D3F2BEC988BD62B1EC0268CBAB302
Authority key identifier: DB:28:2F:D8:97:31:7C:2C:AD:D7:B1:39:69:F6:F0:15:C3:97:E0:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/3vnxHKodsciHfoiiWFwkLgJ9iJA.roa
Signing time: Fri 01 Mar 2024 08:41:48 +0000
ROA not before: Fri 01 Mar 2024 08:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.9.36.0/24 maxlen: 24
185.9.37.0/24 maxlen: 24
185.9.38.0/24 maxlen: 24
185.9.39.0/24 maxlen: 24
185.244.144.0/24 maxlen: 24
185.244.145.0/24 maxlen: 24
185.244.146.0/24 maxlen: 24
185.244.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:2d:3f:2b:ec:98:8b:d6:2b:1e:c0:26:8c:ba:b3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db282fd897317c2cadd7b13969f6f015c397e05d
Validity
Not Before: Mar 1 08:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=def9f11caa1db1c8877e88a2585c242e027d8890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1b:7d:2b:c2:5b:d9:a2:4c:98:f1:b2:e9:bb:
0b:b0:92:73:8f:4b:1a:54:11:21:6d:c3:0a:b9:6e:
b8:a6:47:da:60:cb:33:34:63:5d:55:86:5d:a7:c2:
67:db:7a:46:88:da:38:1b:1e:50:31:85:73:44:4e:
67:ba:68:63:2f:98:c8:1f:30:f5:bb:d4:2d:f8:0e:
4f:07:9b:10:b0:a1:52:a9:49:14:82:41:00:25:06:
29:3d:10:4c:e7:9e:97:31:60:b2:63:c5:c6:62:9a:
d1:bd:39:8c:2a:e7:30:ac:c6:8f:65:5f:e3:82:6a:
12:d9:6f:df:71:67:7d:ec:9d:72:7d:2b:f0:5c:0d:
c2:30:ee:9b:47:82:d9:4d:7e:24:6c:2c:18:9b:8b:
1d:da:37:d4:26:52:16:29:e0:55:f3:ef:f3:79:c7:
49:c3:23:95:5a:43:81:bf:49:7b:2c:ff:75:7a:b6:
6e:9d:b4:38:80:6d:84:03:14:52:42:47:37:18:60:
ee:59:d5:0e:c6:92:fb:80:38:62:c6:d0:fd:65:16:
ec:c2:2f:ea:c1:b2:6a:cc:26:60:69:e1:f5:62:6f:
a0:8a:8b:b0:ff:32:20:91:48:27:44:f6:4d:b0:ae:
5d:f7:a1:fd:48:e5:57:9e:c2:10:8c:86:e0:f3:8a:
a9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F9:F1:1C:AA:1D:B1:C8:87:7E:88:A2:58:5C:24:2E:02:7D:88:90
X509v3 Authority Key Identifier:
keyid:DB:28:2F:D8:97:31:7C:2C:AD:D7:B1:39:69:F6:F0:15:C3:97:E0:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ygv2JcxfCyt17E5afbwFcOX4F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/3vnxHKodsciHfoiiWFwkLgJ9iJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b7ceb8-4856-4463-b7b8-353bc6266ee6/1/2ygv2JcxfCyt17E5afbwFcOX4F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.36.0/22
185.244.144.0/22
Signature Algorithm: sha256WithRSAEncryption
31:ea:6b:7d:6a:16:57:1c:d4:4a:f4:1a:2c:63:b4:3a:1c:ed:
d8:c8:a1:52:da:f6:01:0a:9a:77:6a:51:a6:5d:21:67:83:e0:
87:e6:67:c0:84:0b:77:00:5d:14:83:e3:5a:32:17:9c:39:c1:
ee:57:ee:ab:64:35:2c:d7:72:37:b9:cd:50:88:bb:ce:c7:aa:
11:8b:a3:53:7d:ab:16:c7:9a:d3:d5:6c:52:ef:49:6e:89:31:
c9:50:d7:47:be:99:cd:08:6d:0e:ea:c2:f8:9e:a7:b3:c7:52:
13:f7:99:2b:95:66:2c:39:d3:f2:65:9c:6f:e7:ca:1c:7f:4f:
0f:12:54:ca:fc:76:9b:a2:d2:e0:3a:67:76:3c:3d:58:04:71:
08:b4:36:fa:b0:2c:17:86:72:83:c0:08:e8:ae:86:9c:a9:56:
1a:30:fa:7c:1b:f0:7f:62:32:fd:95:90:80:ad:bd:24:ed:51:
b2:b1:68:47:98:40:5b:f3:72:9e:bf:37:92:a4:d0:c0:70:75:
52:bf:63:c0:b2:20:ad:d3:74:46:39:d1:08:50:62:0a:ec:91:
a1:f1:e6:11:37:ff:75:df:18:1d:1c:1f:62:69:8f:b3:e9:ee:
e6:b2:39:c0:4e:22:f5:ae:31:08:8f:74:41:bb:6f:56:d0:bd:
8e:4e:23:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY35LT8r7JiL1isewCaMurMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjgyZmQ4OTczMTdjMmNhZGQ3YjEzOTY5ZjZmMDE1YzM5
N2UwNWQwHhcNMjQwMzAxMDg0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY5ZjExY2FhMWRiMWM4ODc3ZTg4YTI1ODVjMjQyZTAyN2Q4ODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRt9K8Jb2aJMmPGy6bsLsJJzj0sa
VBEhbcMKuW64pkfaYMszNGNdVYZdp8Jn23pGiNo4Gx5QMYVzRE5numhjL5jIHzD1
u9Qt+A5PB5sQsKFSqUkUgkEAJQYpPRBM556XMWCyY8XGYprRvTmMKucwrMaPZV/j
gmoS2W/fcWd97J1yfSvwXA3CMO6bR4LZTX4kbCwYm4sd2jfUJlIWKeBV8+/zecdJ
wyOVWkOBv0l7LP91erZunbQ4gG2EAxRSQkc3GGDuWdUOxpL7gDhixtD9ZRbswi/q
wbJqzCZgaeH1Ym+giouw/zIgkUgnRPZNsK5d96H9SOVXnsIQjIbg84qpKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN758RyqHbHIh36IolhcJC4CfYiQMB8GA1UdIwQY
MBaAFNsoL9iXMXwsrdexOWn28BXDl+BdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlndjJKY3hmQ3l0MTdFNWFmYndGY09YNEYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iN2NlYjgtNDg1Ni00NDYzLWI3Yjgt
MzUzYmM2MjY2ZWU2LzEvM3ZueEhLb2RzY2lIZm9paVdGd2tMZ0o5aUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iN2NlYjgtNDg1Ni00NDYzLWI3YjgtMzUzYmM2MjY2ZWU2
LzEvMnlndjJKY3hmQ3l0MTdFNWFmYndGY09YNEYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQkkAwQC
ufSQMA0GCSqGSIb3DQEBCwUAA4IBAQAx6mt9ahZXHNRK9BosY7Q6HO3YyKFS2vYB
Cpp3alGmXSFng+CH5mfAhAt3AF0Ug+NaMhecOcHuV+6rZDUs13I3uc1QiLvOx6oR
i6NTfasWx5rT1WxS70luiTHJUNdHvpnNCG0O6sL4nqezx1IT95krlWYsOdPyZZxv
58ocf08PElTK/HabotLgOmd2PD1YBHEItDb6sCwXhnKDwAjoroacqVYaMPp8G/B/
YjL9lZCArb0k7VGysWhHmEBb83KevzeSpNDAcHVSv2PAsiCt03RGOdEIUGIK7JGh
8eYRN/913xgdHB9iaY+z6e7msjnATiL1rjEIj3RBu29W0L2OTiOL
-----END CERTIFICATE-----
Generated at Thu May 2 06:08:11 2024 by rpki-client on console-ams.rpki-client.org