Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/3BNH5IEXaq9-7zGNXK2rPTQGPNE.roa
File: 3BNH5IEXaq9-7zGNXK2rPTQGPNE.roa (raw, json)
Hash identifier: OTIkEQu5REolNTG2Ilw35d28N7J3Lnf9Un8dFroargA=
Subject key identifier: DC:13:47:E4:81:17:6A:AF:7E:EF:31:8D:5C:AD:AB:3D:34:06:3C:D1
Certificate issuer: /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial: 018CC64B732A79101D050F5F18ACDAE35387
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/3BNH5IEXaq9-7zGNXK2rPTQGPNE.roa
Signing time: Mon 01 Jan 2024 18:31:22 +0000
ROA not before: Mon 01 Jan 2024 18:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 193.58.80.0/21 maxlen: 24
160.92.0.0/16 maxlen: 24
193.16.186.0/23 maxlen: 24
193.16.188.0/22 maxlen: 24
193.201.76.0/23 maxlen: 24
192.136.30.0/24 maxlen: 24
89.106.184.0/21 maxlen: 24
193.56.46.0/24 maxlen: 24
2a01:20:6::/48 maxlen: 48
2a01:20:4::/48 maxlen: 48
2a01:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:04:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:73:2a:79:10:1d:05:0f:5f:18:ac:da:e3:53:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Validity
Not Before: Jan 1 18:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc1347e481176aaf7eef318d5cadab3d34063cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ea:40:b3:ac:65:d2:13:14:f9:7e:4b:0a:ef:
04:bf:b9:26:8c:79:d7:ea:6f:8f:d0:ce:3c:29:05:
ec:8a:39:a1:df:83:55:9e:c6:8a:aa:22:2a:18:e2:
b4:26:74:29:79:6b:9d:7e:b3:ca:17:e1:b0:1d:a3:
cf:df:b4:dc:a2:81:db:d7:42:eb:67:24:7b:73:05:
e3:c2:3a:80:07:c2:86:e4:68:f0:de:4c:1c:34:aa:
23:df:b7:3b:1d:d7:d8:aa:8c:42:a5:77:12:9a:83:
60:a8:0a:1e:18:5f:eb:5a:ea:53:e2:42:ab:4f:86:
a8:2e:0a:83:fd:8f:c8:0e:68:5a:e1:a9:3e:79:c2:
69:06:4c:99:ec:fe:f9:30:19:3d:68:b0:76:d7:bf:
78:e1:4a:2d:c7:aa:42:7b:23:c8:47:e3:aa:88:0d:
fd:05:90:fa:0c:d4:40:ed:cc:81:ce:81:2b:d8:1e:
51:06:58:0f:de:1c:51:22:20:58:bd:6e:82:6e:48:
ed:9c:1b:bc:ae:5d:dd:90:e7:64:c3:e9:06:31:44:
b5:d7:df:53:62:04:65:a0:c8:71:bd:4d:05:51:d0:
86:66:ac:ce:47:55:5d:e4:52:2c:9c:c8:5c:3c:c3:
bb:ae:76:df:0b:b7:d3:84:ec:b5:18:6a:d9:1f:c5:
63:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:13:47:E4:81:17:6A:AF:7E:EF:31:8D:5C:AD:AB:3D:34:06:3C:D1
X509v3 Authority Key Identifier:
keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/3BNH5IEXaq9-7zGNXK2rPTQGPNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.184.0/21
160.92.0.0/16
192.136.30.0/24
193.16.186.0-193.16.191.255
193.56.46.0/24
193.58.80.0/21
193.201.76.0/23
IPv6:
2a01:20::/48
2a01:20:4::/48
2a01:20:6::/48
Signature Algorithm: sha256WithRSAEncryption
8c:d3:f5:e8:e3:93:e4:c6:c3:6a:30:e0:6c:2a:9d:f6:76:e5:
8b:16:39:eb:6a:c5:85:95:67:9d:4b:05:86:9e:36:b4:87:92:
78:09:2e:9b:73:10:4b:13:51:fe:24:c8:f6:17:c1:73:32:22:
1c:f9:7e:be:4c:12:b0:bf:cb:d1:3b:c9:25:18:ef:d0:63:6e:
1b:f7:42:ae:fd:bb:06:f6:04:6c:09:f8:45:ad:77:ed:3f:3b:
5a:e4:10:8a:72:69:44:9e:6b:34:02:d6:fa:f0:1e:d2:b0:c6:
52:94:5e:c4:df:7c:df:b8:92:e6:ba:93:90:40:98:ce:2f:19:
c3:ee:c5:e4:98:1e:ae:8b:6d:9e:3e:92:51:47:41:fc:30:c3:
97:2f:13:b6:76:29:97:d9:5d:70:82:ff:a1:3a:2d:4f:b1:a6:
fc:ab:ee:9b:95:2c:12:6a:b5:c4:c5:2d:18:02:e0:92:d9:06:
73:74:5e:f1:c7:66:97:27:0e:fc:06:4c:be:df:83:be:98:6a:
6b:07:15:2e:2a:2a:24:b9:30:5c:78:9f:1e:b4:72:c1:9a:e1:
cb:c3:b2:ef:d4:8f:30:77:70:02:e4:61:64:4e:9a:b1:1f:fb:
00:41:3e:c3:83:98:10:d0:d5:4d:fe:a9:5e:95:ee:7b:38:48:
0d:37:df:89
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzGS3MqeRAdBQ9fGKza41OHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwN2U2YjVhYTQzN2QzNjkzMTUxNTAyYTIxMTQ5NmUzN2Q0
YWUyYzUwHhcNMjQwMTAxMTgzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzEzNDdlNDgxMTc2YWFmN2VlZjMxOGQ1Y2FkYWIzZDM0MDYzY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjupAs6xl0hMU+X5LCu8Ev7kmjHnX
6m+P0M48KQXsijmh34NVnsaKqiIqGOK0JnQpeWudfrPKF+GwHaPP37TcooHb10Lr
ZyR7cwXjwjqAB8KG5Gjw3kwcNKoj37c7HdfYqoxCpXcSmoNgqAoeGF/rWupT4kKr
T4aoLgqD/Y/IDmha4ak+ecJpBkyZ7P75MBk9aLB217944Uotx6pCeyPIR+OqiA39
BZD6DNRA7cyBzoEr2B5RBlgP3hxRIiBYvW6CbkjtnBu8rl3dkOdkw+kGMUS1199T
YgRloMhxvU0FUdCGZqzOR1Vd5FIsnMhcPMO7rnbfC7fThOy1GGrZH8VjwwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNwTR+SBF2qvfu8xjVytqz00BjzRMB8GA1UdIwQY
MBaAFAB+a1qkN9NpMVFQKiEUluN9SuLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYt
NWE4YzY3ODQyMzg5LzEvM0JOSDVJRVhhcTktN3pHTlhLMnJQVFFHUE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYtNWE4YzY3ODQyMzg5
LzEvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA3BAIAATAxAwQDWWq4AwMA
oFwDBADAiB4wDAMEAcEQugMEBsEQgAMEAME4LgMEA8E6UAMEAcHJTDAhBAIAAjAb
AwcAKgEAIAAAAwcAKgEAIAAEAwcAKgEAIAAGMA0GCSqGSIb3DQEBCwUAA4IBAQCM
0/Xo45PkxsNqMOBsKp32duWLFjnrasWFlWedSwWGnja0h5J4CS6bcxBLE1H+JMj2
F8FzMiIc+X6+TBKwv8vRO8klGO/QY24b90Ku/bsG9gRsCfhFrXftPzta5BCKcmlE
nms0Atb68B7SsMZSlF7E33zfuJLmupOQQJjOLxnD7sXkmB6ui22ePpJRR0H8MMOX
LxO2dimX2V1wgv+hOi1Psab8q+6blSwSarXExS0YAuCS2QZzdF7xx2aXJw78Bky+
34O+mGprBxUuKiokuTBceJ8etHLBmuHLw7Lv1I8wd3AC5GFkTpqxH/sAQT7Dg5gQ
0NVN/qlele57OEgNN9+J
-----END CERTIFICATE-----
Generated at Thu May 2 18:21:40 2024 by rpki-client on console-fra.rpki-client.org