Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/PrZQBOqJFOH7HuNwGQE0APN-Pb0.roa
File: PrZQBOqJFOH7HuNwGQE0APN-Pb0.roa (raw, json)
Hash identifier: RF9Th5H55rxiulce6/jgYZ7AFqVDlcAj2r58+CeegA4=
Subject key identifier: 3E:B6:50:04:EA:89:14:E1:FB:1E:E3:70:19:01:34:00:F3:7E:3D:BD
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 019301D33F5E5105C476231E34C5314174E9
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/PrZQBOqJFOH7HuNwGQE0APN-Pb0.roa
Signing time: Wed 06 Nov 2024 14:14:01 +0000
ROA not before: Wed 06 Nov 2024 14:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29314
IP address blocks: 109.232.24.0/22 maxlen: 22
185.13.168.0/22 maxlen: 22
213.92.128.0/17 maxlen: 17
213.92.128.0/18 maxlen: 18
213.92.160.0/19 maxlen: 19
213.92.192.0/18 maxlen: 18
213.156.96.0/22 maxlen: 22
213.156.104.0/22 maxlen: 22
213.156.108.0/22 maxlen: 22
213.156.112.0/22 maxlen: 22
213.156.116.0/22 maxlen: 22
213.156.120.0/22 maxlen: 22
213.156.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 15 Nov 2024 00:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:d3:3f:5e:51:05:c4:76:23:1e:34:c5:31:41:74:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Nov 6 14:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3eb65004ea8914e1fb1ee37019013400f37e3dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:53:81:61:6e:58:3f:48:a0:09:b4:ee:cb:15:
57:94:e0:02:0d:8b:61:14:c0:de:64:7d:c4:ee:1a:
93:15:ea:d0:84:06:05:1b:c3:ee:48:b3:14:83:a3:
6b:0c:ce:88:e8:38:50:38:ce:30:f2:b3:c9:b0:e5:
02:10:3d:ec:22:81:b9:15:51:5f:49:0f:db:a6:59:
38:b3:2a:58:27:69:36:ac:45:57:17:06:c7:34:6d:
cf:b3:88:bf:27:b9:3d:5a:e3:af:8a:64:45:21:ca:
58:14:c6:fd:c6:ef:14:2e:bf:05:64:06:fa:ce:d4:
e4:12:f3:37:60:34:7f:6d:08:19:c5:69:0f:f6:39:
dd:75:de:41:18:4a:7d:28:9c:2b:56:9b:00:2c:83:
82:41:60:f0:b8:ce:41:12:a9:4a:4a:75:08:3e:a8:
2d:81:0a:16:40:f7:fa:99:ca:7c:0d:49:12:c9:0c:
7e:35:65:81:09:95:a6:6a:60:5d:c6:91:c4:59:63:
b5:bf:7c:47:4b:d4:8c:4f:c9:4a:86:c6:9a:43:44:
51:90:a5:41:df:43:20:e2:4c:2f:26:ec:f2:78:65:
1e:df:bc:98:09:63:1d:b9:ff:80:7b:6b:fa:b9:46:
8b:1c:33:36:a9:28:4f:7d:6e:4a:cf:eb:99:d1:96:
d5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:B6:50:04:EA:89:14:E1:FB:1E:E3:70:19:01:34:00:F3:7E:3D:BD
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/PrZQBOqJFOH7HuNwGQE0APN-Pb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.24.0/22
185.13.168.0/22
213.92.128.0/17
213.156.96.0/22
213.156.104.0-213.156.127.255
Signature Algorithm: sha256WithRSAEncryption
6e:46:71:3b:ab:6a:19:d9:38:f9:93:72:cf:98:a7:07:ed:d6:
7b:23:7e:96:f6:43:34:c4:d9:ba:46:e2:8f:69:d1:07:a4:4f:
be:dc:1e:47:25:64:41:50:8d:2f:f6:01:33:3b:8c:33:4d:b5:
82:84:a9:81:27:be:e7:9e:5a:b1:16:e0:24:82:06:eb:98:97:
b3:f9:4e:74:c1:0c:64:a2:03:f7:52:e4:f1:26:65:51:88:88:
30:b9:9f:b7:48:25:82:e3:d5:80:e4:b8:1f:97:7b:e6:81:82:
37:f8:ea:30:87:c8:16:b0:c1:37:34:cb:e0:9d:87:08:68:4a:
e4:7c:fe:92:28:fb:3d:5b:46:e0:95:30:64:62:65:7e:8c:ce:
c6:34:6b:ca:a8:05:1b:26:92:0d:90:49:87:25:b5:8b:13:d4:
9d:f6:6f:42:a5:57:1a:13:15:bc:e5:8b:fa:e5:6c:44:6c:c1:
07:30:fb:8e:1a:99:20:d8:2c:da:27:63:c8:3a:c7:42:11:92:
f9:ad:96:0f:94:a1:07:05:bb:e5:56:95:1e:17:1c:59:d6:05:
0f:47:89:19:1a:4b:5b:cf:63:65:36:9b:80:5d:db:1f:de:3b:
05:25:ed:26:43:7d:9f:30:51:cb:e0:53:a5:bd:40:f6:43:d8:
62:4a:db:3c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZMB0z9eUQXEdiMeNMUxQXTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjQxMTA2MTQxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWI2NTAwNGVhODkxNGUxZmIxZWUzNzAxOTAxMzQwMGYzN2UzZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1OBYW5YP0igCbTuyxVXlOACDYth
FMDeZH3E7hqTFerQhAYFG8PuSLMUg6NrDM6I6DhQOM4w8rPJsOUCED3sIoG5FVFf
SQ/bplk4sypYJ2k2rEVXFwbHNG3Ps4i/J7k9WuOvimRFIcpYFMb9xu8ULr8FZAb6
ztTkEvM3YDR/bQgZxWkP9jnddd5BGEp9KJwrVpsALIOCQWDwuM5BEqlKSnUIPqgt
gQoWQPf6mcp8DUkSyQx+NWWBCZWmamBdxpHEWWO1v3xHS9SMT8lKhsaaQ0RRkKVB
30Mg4kwvJuzyeGUe37yYCWMduf+Ae2v6uUaLHDM2qShPfW5Kz+uZ0ZbV4wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFD62UATqiRTh+x7jcBkBNADzfj29MB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvUHJaUUJPcUpGT0g3SHVOd0dRRTBBUE4tUGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCbegYAwQC
uQ2oAwQH1VyAAwQC1ZxgMAwDBAPVnGgDBAfVnAAwDQYJKoZIhvcNAQELBQADggEB
AG5GcTurahnZOPmTcs+Ypwft1nsjfpb2QzTE2bpG4o9p0QekT77cHkclZEFQjS/2
ATM7jDNNtYKEqYEnvueeWrEW4CSCBuuYl7P5TnTBDGSiA/dS5PEmZVGIiDC5n7dI
JYLj1YDkuB+Xe+aBgjf46jCHyBawwTc0y+CdhwhoSuR8/pIo+z1bRuCVMGRiZX6M
zsY0a8qoBRsmkg2QSYcltYsT1J32b0KlVxoTFbzli/rlbERswQcw+44amSDYLNon
Y8g6x0IRkvmtlg+UoQcFu+VWlR4XHFnWBQ9HiRkaS1vPY2U2m4Bd2x/eOwUl7SZD
fZ8wUcvgU6W9QPZD2GJK2zw=
-----END CERTIFICATE-----
Generated at Thu Nov 14 03:41:37 2024 by rpki-client on console-fra.rpki-client.org