Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/3Bg3PVo5TWcwPOtLlvv7PbmByOg.roa
File: 3Bg3PVo5TWcwPOtLlvv7PbmByOg.roa (raw, json)
Hash identifier: K3dfdrJYjGLFTEtllyvGsxdAZD6gD5zP69CH5tmr9Ic=
Subject key identifier: DC:18:37:3D:5A:39:4D:67:30:3C:EB:4B:96:FB:FB:3D:B9:81:C8:E8
Certificate issuer: /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial: 018CC64B72564C6AE2C81D2A88DB4BB800E6
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/3Bg3PVo5TWcwPOtLlvv7PbmByOg.roa
Signing time: Mon 01 Jan 2024 18:31:22 +0000
ROA not before: Mon 01 Jan 2024 18:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5630
IP address blocks: 89.106.184.0/21 maxlen: 24
2a01:20:4::/48 maxlen: 48
2a01:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:03:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:72:56:4c:6a:e2:c8:1d:2a:88:db:4b:b8:00:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Validity
Not Before: Jan 1 18:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc18373d5a394d67303ceb4b96fbfb3db981c8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f2:d3:93:7a:27:e4:1e:8b:68:7f:4e:6c:2e:
23:c0:90:df:93:78:8b:e6:32:a3:2f:d9:5e:6c:82:
53:51:41:f7:fc:47:7c:a9:e4:f9:64:3a:b5:2c:9a:
a9:52:a4:1e:bd:a8:18:61:24:69:e5:2a:f6:21:ec:
f1:7d:35:1a:e5:fa:b1:c0:0a:18:f6:22:46:98:0e:
46:f2:ab:4a:14:db:39:fd:71:8a:71:8c:3f:3b:ea:
37:ce:61:09:f6:39:a3:5a:bc:9c:7e:cf:92:ee:58:
00:a7:60:1d:93:d1:d3:2f:ce:9b:99:84:7d:62:e8:
0f:be:df:93:0a:27:85:4f:e7:9d:de:bf:50:66:22:
56:96:5e:28:5e:0a:9e:bc:6d:08:71:b4:52:d2:83:
10:7f:ca:31:f3:66:7e:93:55:f8:4d:54:e8:57:01:
9d:21:7a:1d:18:49:44:42:99:43:9f:b1:87:58:d3:
0b:97:4d:7c:ce:80:aa:b3:cd:29:20:c4:89:f8:26:
1d:ef:41:20:53:4a:b7:b1:91:0a:b4:68:e0:c3:c0:
8d:bf:bc:43:85:d4:93:0a:e9:6e:88:81:6b:3f:6e:
55:0f:21:2a:53:34:95:56:23:19:eb:3e:4d:1d:35:
0d:b4:69:83:b5:f6:29:cf:a9:c8:53:34:1d:82:4b:
dd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:18:37:3D:5A:39:4D:67:30:3C:EB:4B:96:FB:FB:3D:B9:81:C8:E8
X509v3 Authority Key Identifier:
keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/3Bg3PVo5TWcwPOtLlvv7PbmByOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.184.0/21
IPv6:
2a01:20::/48
2a01:20:4::/48
Signature Algorithm: sha256WithRSAEncryption
51:0b:6b:eb:dc:c1:5c:7b:5a:c2:35:0b:e3:0d:6b:c7:0e:1d:
24:39:51:a9:32:54:b6:02:16:0c:cd:a4:01:72:25:31:02:f4:
ac:d4:3c:95:08:5c:07:25:30:51:dc:3b:2a:47:13:4e:70:77:
db:95:7c:dd:a8:3b:e6:cb:24:be:65:81:bd:53:2e:13:72:f0:
03:47:4d:00:4f:cc:ff:d9:db:6e:be:c4:26:26:86:81:1c:c1:
8d:3c:b7:d4:7d:f5:08:0a:e5:bc:09:89:1f:86:19:2c:e2:5e:
a4:57:88:bf:67:c7:60:6b:f2:cc:75:9d:b0:1e:9a:33:61:f8:
23:e7:6d:9b:b4:5d:50:0f:0f:6a:08:27:69:2b:84:c2:49:5a:
b7:24:e0:8e:00:36:6c:82:2f:ad:1b:df:77:4e:7e:af:3d:c1:
d3:e4:8f:25:3b:59:13:6c:41:e7:e6:48:0d:6a:86:73:da:1c:
df:d3:e0:ba:da:52:f4:33:a6:ef:c6:51:47:ef:7b:29:ea:db:
df:c8:dc:eb:63:bd:4f:42:b4:93:25:cc:1b:6f:95:4e:2e:ac:
80:56:f2:63:ca:9e:51:14:0c:fa:d8:1d:e5:ad:37:b3:1a:8e:
2f:99:f4:a6:c5:cd:bc:1e:8b:4d:bf:f2:c6:c6:68:a5:a7:72:
83:61:a1:75
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzGS3JWTGriyB0qiNtLuADmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwN2U2YjVhYTQzN2QzNjkzMTUxNTAyYTIxMTQ5NmUzN2Q0
YWUyYzUwHhcNMjQwMTAxMTgzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzE4MzczZDVhMzk0ZDY3MzAzY2ViNGI5NmZiZmIzZGI5ODFjOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPLTk3on5B6LaH9ObC4jwJDfk3iL
5jKjL9lebIJTUUH3/Ed8qeT5ZDq1LJqpUqQevagYYSRp5Sr2IezxfTUa5fqxwAoY
9iJGmA5G8qtKFNs5/XGKcYw/O+o3zmEJ9jmjWrycfs+S7lgAp2Adk9HTL86bmYR9
YugPvt+TCieFT+ed3r9QZiJWll4oXgqevG0IcbRS0oMQf8ox82Z+k1X4TVToVwGd
IXodGElEQplDn7GHWNMLl018zoCqs80pIMSJ+CYd70EgU0q3sZEKtGjgw8CNv7xD
hdSTCuluiIFrP25VDyEqUzSVViMZ6z5NHTUNtGmDtfYpz6nIUzQdgkvd7QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNwYNz1aOU1nMDzrS5b7+z25gcjoMB8GA1UdIwQY
MBaAFAB+a1qkN9NpMVFQKiEUluN9SuLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYt
NWE4YzY3ODQyMzg5LzEvM0JnM1BWbzVUV2N3UE90TGx2djdQYm1CeU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYtNWE4YzY3ODQyMzg5
LzEvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQDWWq4MBgE
AgACMBIDBwAqAQAgAAADBwAqAQAgAAQwDQYJKoZIhvcNAQELBQADggEBAFELa+vc
wVx7WsI1C+MNa8cOHSQ5UakyVLYCFgzNpAFyJTEC9KzUPJUIXAclMFHcOypHE05w
d9uVfN2oO+bLJL5lgb1TLhNy8ANHTQBPzP/Z226+xCYmhoEcwY08t9R99QgK5bwJ
iR+GGSziXqRXiL9nx2Br8sx1nbAemjNh+CPnbZu0XVAPD2oIJ2krhMJJWrck4I4A
NmyCL60b33dOfq89wdPkjyU7WRNsQefmSA1qhnPaHN/T4LraUvQzpu/GUUfveynq
29/I3OtjvU9CtJMlzBtvlU4urIBW8mPKnlEUDPrYHeWtN7Maji+Z9KbFzbwei02/
8sbGaKWncoNhoXU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:24:39 2024 by rpki-client on console-fra.rpki-client.org