Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3gxLc-JXDOolgl3-vrz4tPzTwJ0.roa
File: 3gxLc-JXDOolgl3-vrz4tPzTwJ0.roa (raw, json)
Hash identifier: JBZ1ki4/wKYLZMKsj4tmUHaxZioWdg/m2wqA5xS+Lmw=
Subject key identifier: DE:0C:4B:73:E2:57:0C:EA:25:82:5D:FE:BE:BC:F8:B4:FC:D3:C0:9D
Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial: 018CC50027EE403401CDB57B83DEC804A629
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3gxLc-JXDOolgl3-vrz4tPzTwJ0.roa
Signing time: Mon 01 Jan 2024 12:29:30 +0000
ROA not before: Mon 01 Jan 2024 12:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198605
IP address blocks: 159.242.227.0/24 maxlen: 24
159.242.239.0/24 maxlen: 24
159.242.234.0/24 maxlen: 24
95.142.112.0/24 maxlen: 24
95.142.118.0/24 maxlen: 24
95.142.115.0/24 maxlen: 24
95.142.124.0/24 maxlen: 24
185.54.230.0/24 maxlen: 24
95.142.121.0/24 maxlen: 24
194.99.28.0/22 maxlen: 22
95.142.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:27:ee:40:34:01:cd:b5:7b:83:de:c8:04:a6:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Validity
Not Before: Jan 1 12:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de0c4b73e2570cea25825dfebebcf8b4fcd3c09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b5:2b:a3:4e:b5:33:94:04:44:a3:9a:58:e1:
7d:1b:34:a4:f9:59:e3:7d:cf:22:62:37:e8:a9:2b:
86:1c:36:86:b4:a9:62:04:38:6c:4e:df:91:ec:c3:
41:48:65:37:26:8c:d3:93:97:53:0e:46:3d:fc:ae:
b3:9f:fa:66:fb:00:39:66:2a:81:65:1c:75:0d:f9:
4b:56:61:ff:b7:fa:7d:9b:73:bc:e8:ca:5a:59:46:
95:6a:9d:10:44:41:0f:94:06:d5:4f:e6:12:e9:7f:
df:fc:2a:63:aa:ba:6d:0b:54:03:d7:93:6e:12:9a:
cf:0c:67:43:cf:4c:35:67:d8:af:52:a1:cf:3c:00:
3b:06:84:7e:6d:ab:7f:6a:27:05:61:e6:bf:19:34:
08:57:48:c2:bf:03:ad:74:85:21:d4:4f:16:51:7b:
38:46:33:36:64:ee:e1:58:55:84:5f:8d:bc:a7:00:
76:26:39:02:f9:f7:73:89:5d:0c:9d:bd:6f:a0:9b:
74:df:bb:f7:e2:c7:17:66:e3:1a:35:03:db:6e:67:
7c:67:52:3d:28:59:51:77:6c:1a:c7:20:36:81:e2:
e5:1a:fc:5c:55:ad:51:a8:b5:39:0d:57:0b:f5:e2:
9f:c5:c7:b3:c4:00:ff:7f:85:b8:04:68:fc:c4:28:
9a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:0C:4B:73:E2:57:0C:EA:25:82:5D:FE:BE:BC:F8:B4:FC:D3:C0:9D
X509v3 Authority Key Identifier:
keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3gxLc-JXDOolgl3-vrz4tPzTwJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.112.0/24
95.142.115.0/24
95.142.118.0/24
95.142.121.0/24
95.142.124.0/24
95.142.127.0/24
159.242.227.0/24
159.242.234.0/24
159.242.239.0/24
185.54.230.0/24
194.99.28.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:ce:df:19:0f:da:48:41:20:aa:8f:69:b4:42:b0:c6:1f:da:
c5:ea:42:32:8b:ad:a1:ad:bd:30:95:3a:4c:3a:27:ee:02:e1:
bb:d6:5e:a9:8f:2a:3c:d0:92:c8:be:cc:e5:06:01:e1:8b:05:
0d:28:70:ff:46:dd:36:d2:5d:f2:5e:fd:f0:f4:6a:57:78:7e:
da:c0:e4:57:52:5f:6d:0f:6f:f1:e1:86:07:09:c9:ca:d3:38:
d1:ff:b9:c7:26:0a:1e:75:a8:e5:56:f3:f1:64:98:9d:29:aa:
f3:22:7d:96:57:68:fb:ec:82:76:85:9b:62:d0:3f:d7:f0:81:
3e:2e:03:28:12:07:e0:d0:8d:5d:f4:95:ad:e4:8b:d9:0f:8c:
05:55:97:08:0d:da:cc:b9:93:14:36:c1:91:a1:82:3c:ab:c8:
c7:a3:f7:09:eb:d7:3d:c1:81:3e:f4:4f:ae:96:9b:ba:7a:04:
3d:87:3d:42:1d:0c:ac:d1:fd:f5:ba:3f:b4:35:39:11:9a:8a:
18:2b:3d:26:77:1d:6d:e6:d0:37:75:96:97:81:d2:96:db:7b:
c1:a1:6a:3b:79:57:02:61:40:5c:3f:1c:8a:9c:ac:a8:c9:e4:
0b:57:dd:e8:56:01:24:3b:57:13:96:11:91:d6:eb:22:0f:ac:
a3:ba:fd:db
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzFACfuQDQBzbV7g97IBKYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjQwMTAxMTIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTBjNGI3M2UyNTcwY2VhMjU4MjVkZmViZWJjZjhiNGZjZDNjMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLUro061M5QERKOaWOF9GzSk+Vnj
fc8iYjfoqSuGHDaGtKliBDhsTt+R7MNBSGU3JozTk5dTDkY9/K6zn/pm+wA5ZiqB
ZRx1DflLVmH/t/p9m3O86MpaWUaVap0QREEPlAbVT+YS6X/f/CpjqrptC1QD15Nu
EprPDGdDz0w1Z9ivUqHPPAA7BoR+bat/aicFYea/GTQIV0jCvwOtdIUh1E8WUXs4
RjM2ZO7hWFWEX428pwB2JjkC+fdziV0Mnb1voJt037v34scXZuMaNQPbbmd8Z1I9
KFlRd2waxyA2geLlGvxcVa1RqLU5DVcL9eKfxcezxAD/f4W4BGj8xCiaoQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFN4MS3PiVwzqJYJd/r68+LT808CdMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvM2d4TGMtSlhET29sZ2wzLXZyejR0UHpUd0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAX45wAwQA
X45zAwQAX452AwQAX455AwQAX458AwQAX45/AwQAn/LjAwQAn/LqAwQAn/LvAwQA
uTbmAwQCwmMcMA0GCSqGSIb3DQEBCwUAA4IBAQA/zt8ZD9pIQSCqj2m0QrDGH9rF
6kIyi62hrb0wlTpMOifuAuG71l6pjyo80JLIvszlBgHhiwUNKHD/Rt020l3yXv3w
9GpXeH7awORXUl9tD2/x4YYHCcnK0zjR/7nHJgoedajlVvPxZJidKarzIn2WV2j7
7IJ2hZti0D/X8IE+LgMoEgfg0I1d9JWt5IvZD4wFVZcIDdrMuZMUNsGRoYI8q8jH
o/cJ69c9wYE+9E+ulpu6egQ9hz1CHQys0f31uj+0NTkRmooYKz0mdx1t5tA3dZaX
gdKW23vBoWo7eVcCYUBcPxyKnKyoyeQLV93oVgEkO1cTlhGR1usiD6yjuv3b
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:36:34 2024 by rpki-client on console-ams.rpki-client.org