Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/3CvCe0AZDnlUUuV71Oh5mDkHyZE.roa
File: 3CvCe0AZDnlUUuV71Oh5mDkHyZE.roa (raw, json)
Hash identifier: ss5JMLiPa0Qa5B/PM/BeUTpZ7wVdHzyrTWlUDuPKKNA=
Subject key identifier: DC:2B:C2:7B:40:19:0E:79:54:52:E5:7B:D4:E8:79:98:39:07:C9:91
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018CC2DB32F3912316CD907ED344604B0785
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/3CvCe0AZDnlUUuV71Oh5mDkHyZE.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41378
IP address blocks: 185.83.202.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:32:f3:91:23:16:cd:90:7e:d3:44:60:4b:07:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc2bc27b40190e795452e57bd4e879983907c991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4c:98:bd:bd:3b:6c:f4:7c:9c:8c:99:40:9c:
46:d8:e4:f9:fa:c4:02:f0:8a:70:c2:3e:0d:c6:09:
8f:e1:0c:f4:88:95:6a:e2:b0:1a:89:f3:57:f9:df:
40:e2:5c:89:fd:00:1b:94:25:cb:0c:4d:75:8f:6b:
a6:41:59:1c:2a:50:65:0d:81:71:f2:13:b1:f2:11:
47:f2:20:4e:f8:31:18:cf:0f:81:fd:c4:8b:d7:7e:
25:ad:f5:f7:5c:3f:3a:a4:a8:41:e1:73:15:70:af:
71:c7:1b:4a:d8:94:9f:99:f0:4e:ef:f6:db:c5:0c:
e2:89:58:53:c3:a6:ff:e9:3f:d4:86:1b:80:50:c6:
c5:37:3b:80:7f:c8:68:0c:0e:a2:b2:bd:8c:dd:3e:
20:65:35:9f:e7:e2:6e:23:c2:01:0a:1a:dd:de:47:
b5:57:aa:07:60:32:12:86:a4:aa:0b:e9:93:2f:95:
f0:1a:b9:1e:81:55:c0:59:18:70:4c:68:40:6b:6e:
c1:9e:c9:4c:21:02:45:ad:a3:01:b4:f1:4b:46:b0:
dc:bf:84:b8:c9:03:ab:21:8a:5f:0f:7d:65:9a:e3:
16:58:11:42:3e:bb:86:14:a2:0c:23:76:ee:c9:5b:
2c:bb:91:f2:8a:2e:e4:44:81:4b:b0:5f:5d:ca:ba:
c9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2B:C2:7B:40:19:0E:79:54:52:E5:7B:D4:E8:79:98:39:07:C9:91
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/3CvCe0AZDnlUUuV71Oh5mDkHyZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.202.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:7a:7e:9a:8e:c1:84:94:ac:06:60:4c:32:5e:9e:32:88:97:
bb:61:14:1c:7d:5b:bd:e0:e9:33:c8:84:cd:1d:89:24:4c:01:
25:1f:75:a1:09:ed:9c:48:bf:53:7c:4f:27:24:ae:f2:f2:df:
cc:7c:f0:84:d6:5d:b5:38:fd:3f:ae:42:c0:f5:b4:ec:2f:87:
2c:2a:42:6b:98:ae:7f:c3:5c:99:e8:ea:74:04:a1:71:32:21:
43:f8:c1:4a:aa:65:cc:23:03:a9:88:e8:30:8b:a7:c6:c2:de:
b1:d1:df:b4:82:bc:63:c5:78:a3:80:38:8a:73:3b:f6:ba:46:
f3:ce:05:92:20:3e:cf:71:9b:b4:aa:5d:87:92:3a:fb:7b:60:
81:85:ab:10:06:ee:b2:f7:4c:8b:31:b5:69:f4:3e:e7:06:0f:
1f:3b:95:d7:9a:6c:a1:70:51:c8:62:80:99:36:8d:75:75:f3:
2a:d1:46:e2:f5:86:09:ae:b2:f6:cc:c7:a7:a6:9c:97:55:b3:
db:dd:83:85:1d:1f:4e:98:18:ff:e0:2c:65:1d:4f:17:57:1d:
58:83:1f:9f:0e:4e:20:3a:81:db:41:01:75:a7:a7:e0:25:2b:
db:e4:a1:0e:e8:e3:4a:73:06:69:5e:03:bf:c4:2e:f6:91:e4:
ed:8f:a1:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zLzkSMWzZB+00RgSweFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzJiYzI3YjQwMTkwZTc5NTQ1MmU1N2JkNGU4Nzk5ODM5MDdjOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkyYvb07bPR8nIyZQJxG2OT5+sQC
8Ipwwj4NxgmP4Qz0iJVq4rAaifNX+d9A4lyJ/QAblCXLDE11j2umQVkcKlBlDYFx
8hOx8hFH8iBO+DEYzw+B/cSL134lrfX3XD86pKhB4XMVcK9xxxtK2JSfmfBO7/bb
xQziiVhTw6b/6T/UhhuAUMbFNzuAf8hoDA6isr2M3T4gZTWf5+JuI8IBChrd3ke1
V6oHYDIShqSqC+mTL5XwGrkegVXAWRhwTGhAa27BnslMIQJFraMBtPFLRrDcv4S4
yQOrIYpfD31lmuMWWBFCPruGFKIMI3buyVssu5Hyii7kRIFLsF9dyrrJ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwrwntAGQ55VFLle9ToeZg5B8mRMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvM0N2Q2UwQVpEbmxVVXVWNzFPaDVtRGtIeVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVPKMA0G
CSqGSIb3DQEBCwUAA4IBAQA9en6ajsGElKwGYEwyXp4yiJe7YRQcfVu94OkzyITN
HYkkTAElH3WhCe2cSL9TfE8nJK7y8t/MfPCE1l21OP0/rkLA9bTsL4csKkJrmK5/
w1yZ6Op0BKFxMiFD+MFKqmXMIwOpiOgwi6fGwt6x0d+0grxjxXijgDiKczv2ukbz
zgWSID7PcZu0ql2Hkjr7e2CBhasQBu6y90yLMbVp9D7nBg8fO5XXmmyhcFHIYoCZ
No11dfMq0Ubi9YYJrrL2zMenppyXVbPb3YOFHR9OmBj/4CxlHU8XVx1Ygx+fDk4g
OoHbQQF1p6fgJSvb5KEO6ONKcwZpXgO/xC72keTtj6El
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:37:26 2024 by rpki-client on console-fra.rpki-client.org