Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/03B9dbQBVYvGpHF8rIvnLY6TKuA.roa
File: 03B9dbQBVYvGpHF8rIvnLY6TKuA.roa (raw, json)
Hash identifier: HBk67iI4scOjCP7pZcexc4BHBzP/FEa06rN6BtKcH1c=
Subject key identifier: D3:70:7D:75:B4:01:55:8B:C6:A4:71:7C:AC:8B:E7:2D:8E:93:2A:E0
Certificate issuer: /CN=c7a8246f70ae18e736e4e53981480d58616af2e8
Certificate serial: 018CC7257571738D20406901290913C52F46
Authority key identifier: C7:A8:24:6F:70:AE:18:E7:36:E4:E5:39:81:48:0D:58:61:6A:F2:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x6gkb3CuGOc25OU5gUgNWGFq8ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/03B9dbQBVYvGpHF8rIvnLY6TKuA.roa
Signing time: Mon 01 Jan 2024 22:29:30 +0000
ROA not before: Mon 01 Jan 2024 22:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41960
IP address blocks: 194.33.16.0/24 maxlen: 24
194.32.206.0/24 maxlen: 24
194.32.220.0/24 maxlen: 24
194.33.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/x6gkb3CuGOc25OU5gUgNWGFq8ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/x6gkb3CuGOc25OU5gUgNWGFq8ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/x6gkb3CuGOc25OU5gUgNWGFq8ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:75:71:73:8d:20:40:69:01:29:09:13:c5:2f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7a8246f70ae18e736e4e53981480d58616af2e8
Validity
Not Before: Jan 1 22:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3707d75b401558bc6a4717cac8be72d8e932ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bc:d7:0c:30:11:08:a8:3d:d8:92:98:8b:e7:
5b:ee:0c:a3:cd:d1:7c:43:66:da:4e:9b:bf:7e:a8:
88:79:49:5b:4c:bb:ef:d1:55:74:3a:6a:1a:7e:fb:
13:a0:9b:0e:f7:37:b1:ff:47:49:97:8f:cf:d9:39:
aa:1c:97:2e:5d:ed:4a:47:13:79:33:e9:04:cb:83:
83:ab:ad:31:7c:13:f9:8f:04:e9:8f:0c:f6:57:27:
30:4b:3c:db:63:e3:b5:fb:e8:b8:fa:de:e1:ae:b6:
6c:31:cb:e5:89:61:1f:45:03:0f:ee:99:60:ae:80:
a2:07:5b:86:6b:17:8d:74:3b:6b:a8:07:44:c4:67:
f4:2d:90:9c:ae:8a:dd:f2:41:a7:91:28:5a:5c:a2:
7f:6e:5e:ea:dc:33:79:45:36:c9:eb:22:57:b0:b9:
15:87:2f:18:ca:cb:27:be:d0:d7:fb:86:02:48:2b:
f4:8b:0c:cf:47:af:b4:a3:88:c6:6a:06:46:ff:45:
fb:ee:0c:10:85:ad:c8:20:b1:13:69:9b:67:37:a2:
57:a0:8b:a1:b2:d1:da:70:54:d5:2d:09:22:3d:81:
84:06:45:9d:95:76:31:33:8a:d3:4f:99:24:0c:87:
4d:9c:68:a4:dd:88:b5:9e:55:29:70:47:0b:9f:32:
f5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:70:7D:75:B4:01:55:8B:C6:A4:71:7C:AC:8B:E7:2D:8E:93:2A:E0
X509v3 Authority Key Identifier:
keyid:C7:A8:24:6F:70:AE:18:E7:36:E4:E5:39:81:48:0D:58:61:6A:F2:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6gkb3CuGOc25OU5gUgNWGFq8ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/03B9dbQBVYvGpHF8rIvnLY6TKuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ad563e-5cbe-4e15-824d-e3d286d20e52/1/x6gkb3CuGOc25OU5gUgNWGFq8ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.206.0/24
194.32.220.0/24
194.33.10.0/24
194.33.16.0/24
Signature Algorithm: sha256WithRSAEncryption
84:25:8e:d2:1d:09:3f:b5:e7:c0:be:c2:98:75:b2:47:e7:75:
07:91:f5:fb:80:25:d3:cc:1d:aa:04:70:55:91:8a:ca:de:14:
2c:56:16:ba:98:6e:42:77:26:36:88:6a:5b:08:37:d6:73:c3:
d3:91:cf:47:63:bd:70:3f:8c:19:d5:09:b0:b9:73:86:b0:ce:
8e:10:78:52:10:1b:45:9f:bb:b3:7f:82:2a:56:57:f6:e3:76:
cb:c9:9a:52:af:9b:aa:8b:fd:1c:cb:42:a8:39:c3:c2:f0:52:
68:5e:ac:83:3d:bc:36:0d:09:17:6d:05:6f:63:e1:0b:4c:21:
95:54:b5:19:81:83:e7:f0:46:8d:03:b9:a5:92:ec:55:89:c2:
65:8c:d6:d2:26:6f:f1:72:77:3d:ac:dc:99:7a:41:91:45:2e:
ea:a6:a7:c7:7f:fb:f8:2a:fa:07:04:32:ed:77:29:24:16:37:
94:69:ef:57:02:7d:b1:f7:b5:86:ab:8e:b1:3b:c0:03:ca:9c:
f2:83:b2:78:43:3a:b1:01:26:ce:5f:1c:a4:ab:d8:ef:09:56:
29:cc:29:e3:9b:5b:07:7d:13:1c:b1:e8:5b:a6:1e:24:da:79:
49:ad:2b:a2:73:04:49:0b:cc:18:b2:b1:5d:21:50:80:4a:7e:
19:e6:af:10
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJXVxc40gQGkBKQkTxS9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YTgyNDZmNzBhZTE4ZTczNmU0ZTUzOTgxNDgwZDU4NjE2
YWYyZTgwHhcNMjQwMTAxMjIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzcwN2Q3NWI0MDE1NThiYzZhNDcxN2NhYzhiZTcyZDhlOTMyYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7zXDDARCKg92JKYi+db7gyjzdF8
Q2baTpu/fqiIeUlbTLvv0VV0OmoafvsToJsO9zex/0dJl4/P2TmqHJcuXe1KRxN5
M+kEy4ODq60xfBP5jwTpjwz2VycwSzzbY+O1++i4+t7hrrZsMcvliWEfRQMP7plg
roCiB1uGaxeNdDtrqAdExGf0LZCcrord8kGnkShaXKJ/bl7q3DN5RTbJ6yJXsLkV
hy8YyssnvtDX+4YCSCv0iwzPR6+0o4jGagZG/0X77gwQha3IILETaZtnN6JXoIuh
stHacFTVLQkiPYGEBkWdlXYxM4rTT5kkDIdNnGik3Yi1nlUpcEcLnzL19wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNNwfXW0AVWLxqRxfKyL5y2OkyrgMB8GA1UdIwQY
MBaAFMeoJG9wrhjnNuTlOYFIDVhhavLoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDZna2IzQ3VHT2MyNU9VNWdVZ05XR0ZxOHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hZDU2M2UtNWNiZS00ZTE1LTgyNGQt
ZTNkMjg2ZDIwZTUyLzEvMDNCOWRiUUJWWXZHcEhGOHJJdm5MWTZUS3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hZDU2M2UtNWNiZS00ZTE1LTgyNGQtZTNkMjg2ZDIwZTUy
LzEveDZna2IzQ3VHT2MyNU9VNWdVZ05XR0ZxOHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwiDOAwQA
wiDcAwQAwiEKAwQAwiEQMA0GCSqGSIb3DQEBCwUAA4IBAQCEJY7SHQk/tefAvsKY
dbJH53UHkfX7gCXTzB2qBHBVkYrK3hQsVha6mG5CdyY2iGpbCDfWc8PTkc9HY71w
P4wZ1QmwuXOGsM6OEHhSEBtFn7uzf4IqVlf243bLyZpSr5uqi/0cy0KoOcPC8FJo
XqyDPbw2DQkXbQVvY+ELTCGVVLUZgYPn8EaNA7mlkuxVicJljNbSJm/xcnc9rNyZ
ekGRRS7qpqfHf/v4KvoHBDLtdykkFjeUae9XAn2x97WGq46xO8ADypzyg7J4Qzqx
ASbOXxykq9jvCVYpzCnjm1sHfRMcsehbph4k2nlJrSuicwRJC8wYsrFdIVCASn4Z
5q8Q
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:01 2024 by rpki-client on console-fra.rpki-client.org