Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/dweZDde6L7j7XqNwC6AvRhFjEoE.roa
File: dweZDde6L7j7XqNwC6AvRhFjEoE.roa (raw, json)
Hash identifier: XTRBzypaFb9R+2c/aGlzC5NMNHfSP/mHa6mwYkAPRXQ=
Subject key identifier: 77:07:99:0D:D7:BA:2F:B8:FB:5E:A3:70:0B:A0:2F:46:11:63:12:81
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 018CC348EBDD203F2474CCBE3C996D267201
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/dweZDde6L7j7XqNwC6AvRhFjEoE.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6810
IP address blocks: 85.130.192.0/19 maxlen: 24
85.130.192.0/18 maxlen: 24
85.130.128.0/18 maxlen: 24
31.168.36.0/23 maxlen: 24
109.67.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:eb:dd:20:3f:24:74:cc:be:3c:99:6d:26:72:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7707990dd7ba2fb8fb5ea3700ba02f4611631281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:63:f1:ad:57:5c:9b:61:b3:cd:10:b7:f9:df:
53:c5:69:d7:34:85:33:10:c8:80:f9:e6:34:de:41:
b8:03:75:e3:27:f8:19:6e:a7:a7:13:d7:1d:8a:59:
e2:57:34:28:63:ce:fa:ed:3f:dc:c6:fb:67:1c:79:
d6:6a:dd:80:1b:56:4e:f1:87:f2:26:cd:ca:43:6c:
b1:e2:a7:9d:8b:66:22:4b:b4:16:43:3f:0e:54:a7:
e1:0d:08:14:d1:e8:57:f4:f3:08:5f:8c:4b:fc:81:
19:a3:43:ec:02:d0:22:2a:29:ca:6f:a9:0f:28:7a:
28:e3:2c:40:28:8d:c3:ec:f9:97:0a:7a:19:af:70:
c6:ad:e8:71:4b:fe:a4:20:01:93:67:b6:c4:c6:49:
94:3a:50:bd:94:3a:da:8c:50:91:0c:d3:1c:ca:37:
22:29:bc:07:8d:67:8e:44:b5:78:ac:29:2e:a0:26:
cf:64:0f:1c:c1:bc:0e:56:04:f8:86:1f:72:62:5b:
03:8d:34:12:b7:a9:57:08:9d:03:e6:d0:e9:5a:1e:
e8:e5:27:b3:3d:79:6e:33:e2:38:aa:93:92:73:20:
41:da:b0:c2:5f:53:94:bd:63:75:9e:68:67:d2:61:
32:62:5c:8d:17:49:9b:ca:4a:55:16:89:e1:d0:b8:
63:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:07:99:0D:D7:BA:2F:B8:FB:5E:A3:70:0B:A0:2F:46:11:63:12:81
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/dweZDde6L7j7XqNwC6AvRhFjEoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.168.36.0/23
85.130.128.0/17
109.67.128.0/18
Signature Algorithm: sha256WithRSAEncryption
4f:8a:c3:d1:fa:f9:db:82:98:a6:02:ff:58:72:19:3e:08:c5:
f7:75:a2:ce:29:68:66:db:39:d9:83:0e:7d:32:8e:bb:2a:08:
c9:57:0f:e5:f9:d3:e5:a1:9b:ea:b6:0f:df:b5:90:3a:2a:01:
66:02:a2:ef:55:09:b0:75:92:0e:d5:ab:17:2e:9a:e0:4b:ff:
16:b9:28:29:af:f7:11:d7:40:12:ab:e1:b9:ee:5d:6c:bd:83:
43:70:bf:d7:54:53:85:f9:56:46:05:bb:84:6f:1c:29:9f:c1:
fd:a1:95:8e:06:5a:5e:b1:7d:55:f0:47:a0:cb:22:e3:ba:d6:
a3:c0:c1:9e:e0:a8:f2:48:20:75:b8:f7:2a:ae:01:9c:19:11:
eb:2c:1f:0f:6e:af:f8:24:ea:ba:bc:d4:ee:7d:61:b0:c6:4d:
1f:1d:67:67:de:5a:6e:68:84:55:13:3c:19:30:66:1a:78:d5:
b8:ee:1b:f6:8d:28:c8:a3:f8:a3:62:19:7a:3c:cf:9c:37:04:
f8:71:d4:e5:29:73:8a:32:95:bc:79:dc:1e:e1:b9:e2:4e:e4:
15:53:45:5d:4a:03:b2:eb:27:3f:d4:85:aa:fd:71:1a:ef:f9:
39:83:de:ac:2e:a2:c7:7c:09:ad:36:e4:aa:2a:07:d4:51:f3:
f4:80:50:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSOvdID8kdMy+PJltJnIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzA3OTkwZGQ3YmEyZmI4ZmI1ZWEzNzAwYmEwMmY0NjExNjMxMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimPxrVdcm2GzzRC3+d9TxWnXNIUz
EMiA+eY03kG4A3XjJ/gZbqenE9cdilniVzQoY8767T/cxvtnHHnWat2AG1ZO8Yfy
Js3KQ2yx4qedi2YiS7QWQz8OVKfhDQgU0ehX9PMIX4xL/IEZo0PsAtAiKinKb6kP
KHoo4yxAKI3D7PmXCnoZr3DGrehxS/6kIAGTZ7bExkmUOlC9lDrajFCRDNMcyjci
KbwHjWeORLV4rCkuoCbPZA8cwbwOVgT4hh9yYlsDjTQSt6lXCJ0D5tDpWh7o5Sez
PXluM+I4qpOScyBB2rDCX1OUvWN1nmhn0mEyYlyNF0mbykpVFonh0Lhj9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHcHmQ3Xui+4+16jcAugL0YRYxKBMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvZHdlWkRkZTZMN2o3WHFOd0M2QXZSaEZqRW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH6gkAwQH
VYKAAwQGbUOAMA0GCSqGSIb3DQEBCwUAA4IBAQBPisPR+vnbgpimAv9Ychk+CMX3
daLOKWhm2znZgw59Mo67KgjJVw/l+dPloZvqtg/ftZA6KgFmAqLvVQmwdZIO1asX
LprgS/8WuSgpr/cR10ASq+G57l1svYNDcL/XVFOF+VZGBbuEbxwpn8H9oZWOBlpe
sX1V8EegyyLjutajwMGe4KjySCB1uPcqrgGcGRHrLB8Pbq/4JOq6vNTufWGwxk0f
HWdn3lpuaIRVEzwZMGYaeNW47hv2jSjIo/ijYhl6PM+cNwT4cdTlKXOKMpW8edwe
4bniTuQVU0VdSgOy6yc/1IWq/XEa7/k5g96sLqLHfAmtNuSqKgfUUfP0gFC2
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:41:08 2024 by rpki-client on console-ams.rpki-client.org