Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/c98fb5-dc94-4b7d-a989-6c2fab5a4085/1/3kGVyEHrO1uSD-MjFw05qLoyV3k.roa
File: 3kGVyEHrO1uSD-MjFw05qLoyV3k.roa (raw, json)
Hash identifier: HOT2C+5migcVJBRaoVvao0e15VbsEtVcDeBSKQeW2gw=
Subject key identifier: DE:41:95:C8:41:EB:3B:5B:92:0F:E3:23:17:0D:39:A8:BA:32:57:79
Certificate issuer: /CN=39a6f54d21f537a9de24787dd0e8fba406a9cadd
Certificate serial: 018CC42507BB3DFC2BF86A304100343993A6
Authority key identifier: 39:A6:F5:4D:21:F5:37:A9:DE:24:78:7D:D0:E8:FB:A4:06:A9:CA:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oab1TSH1N6neJHh90Oj7pAapyt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/c98fb5-dc94-4b7d-a989-6c2fab5a4085/1/3kGVyEHrO1uSD-MjFw05qLoyV3k.roa
Signing time: Mon 01 Jan 2024 08:30:10 +0000
ROA not before: Mon 01 Jan 2024 08:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56647
IP address blocks: 193.37.232.0/24 maxlen: 24
193.37.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/c98fb5-dc94-4b7d-a989-6c2fab5a4085/1/Oab1TSH1N6neJHh90Oj7pAapyt0.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/c98fb5-dc94-4b7d-a989-6c2fab5a4085/1/Oab1TSH1N6neJHh90Oj7pAapyt0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Oab1TSH1N6neJHh90Oj7pAapyt0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:07:bb:3d:fc:2b:f8:6a:30:41:00:34:39:93:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39a6f54d21f537a9de24787dd0e8fba406a9cadd
Validity
Not Before: Jan 1 08:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de4195c841eb3b5b920fe323170d39a8ba325779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:39:07:d3:e9:08:80:b7:44:1c:01:a1:b4:08:
3e:fd:8a:af:0e:b4:aa:2d:5f:74:ee:65:57:30:43:
4d:6c:a2:f6:0d:5f:3e:6e:75:b4:07:b3:8a:d9:d3:
c3:cf:14:c4:fa:68:40:6e:c5:7a:ff:af:8f:a8:16:
bc:b8:2c:42:66:32:05:7d:5a:8d:38:b8:f6:e7:b0:
c4:b4:be:41:16:f2:74:e3:28:9a:41:f5:af:92:da:
a9:86:87:51:43:37:2e:4e:46:83:6c:7a:f1:ab:1a:
70:20:a6:a9:52:a0:e3:61:21:52:98:9f:03:74:15:
44:e6:99:03:56:5a:18:14:22:7f:fe:dd:95:9a:58:
e3:0d:f8:48:fd:b3:12:ad:06:0a:bb:08:72:3f:06:
e3:91:6f:5a:57:c4:21:08:03:08:e1:10:16:37:15:
2d:10:81:00:67:cd:7f:d1:f6:92:3e:94:a1:f0:12:
2c:50:48:46:3d:16:70:79:52:e3:23:91:95:5f:c1:
55:e8:c5:a3:ea:55:bb:5a:e1:fe:2f:01:19:89:5e:
4b:d4:76:4a:50:1f:8c:a7:e9:2f:94:59:26:b4:58:
c3:2b:66:c5:a2:81:80:6d:ce:78:c2:f5:4f:7b:f8:
4b:6c:eb:77:cb:86:63:af:c6:11:36:bd:92:9e:6d:
5c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:41:95:C8:41:EB:3B:5B:92:0F:E3:23:17:0D:39:A8:BA:32:57:79
X509v3 Authority Key Identifier:
keyid:39:A6:F5:4D:21:F5:37:A9:DE:24:78:7D:D0:E8:FB:A4:06:A9:CA:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oab1TSH1N6neJHh90Oj7pAapyt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c98fb5-dc94-4b7d-a989-6c2fab5a4085/1/3kGVyEHrO1uSD-MjFw05qLoyV3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/c98fb5-dc94-4b7d-a989-6c2fab5a4085/1/Oab1TSH1N6neJHh90Oj7pAapyt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.232.0/24
193.37.235.0/24
Signature Algorithm: sha256WithRSAEncryption
93:f9:97:94:24:4d:36:b0:0f:fa:d3:d6:62:34:e6:70:d8:44:
49:2b:01:24:f1:df:2a:5a:57:2f:a9:5d:b4:65:39:b4:a1:dc:
57:ef:aa:bc:70:b8:86:4a:4c:b6:bb:8b:5f:23:e1:81:d5:5d:
d8:de:ac:7a:0d:8b:cf:57:f7:94:90:ab:03:b1:23:ee:ff:6e:
60:bb:25:55:23:2a:09:a5:a2:a1:a4:fd:9a:35:ee:6b:57:a4:
85:da:bd:01:58:80:18:6a:93:da:b1:a5:31:78:da:c6:fe:d4:
27:1c:5f:ef:d6:40:fa:e2:47:44:39:28:65:15:30:32:24:14:
c2:53:e8:4f:4b:dc:5e:de:84:31:28:e0:ee:ee:ce:51:01:d4:
2e:6a:ab:6b:07:31:f3:8c:85:20:60:9b:13:bc:37:33:dc:ea:
7c:d8:31:83:67:6e:73:ff:7e:5f:58:1f:55:bf:33:ae:b9:23:
ba:f7:25:32:52:a5:ca:f4:48:9c:8e:f1:6a:11:28:4e:6d:fc:
03:7e:47:7b:14:32:39:d1:ed:ca:4f:75:0e:a1:fa:fb:db:8c:
0d:2e:25:2f:71:32:39:69:80:68:62:de:a3:ba:f0:b5:3d:bf:
7c:50:a5:7f:4d:51:fb:72:72:77:02:e1:f9:ce:37:11:77:32:
ae:06:7e:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJQe7Pfwr+GowQQA0OZOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5YTZmNTRkMjFmNTM3YTlkZTI0Nzg3ZGQwZThmYmE0MDZh
OWNhZGQwHhcNMjQwMTAxMDgzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQxOTVjODQxZWIzYjViOTIwZmUzMjMxNzBkMzlhOGJhMzI1Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTkH0+kIgLdEHAGhtAg+/YqvDrSq
LV907mVXMENNbKL2DV8+bnW0B7OK2dPDzxTE+mhAbsV6/6+PqBa8uCxCZjIFfVqN
OLj257DEtL5BFvJ04yiaQfWvktqphodRQzcuTkaDbHrxqxpwIKapUqDjYSFSmJ8D
dBVE5pkDVloYFCJ//t2VmljjDfhI/bMSrQYKuwhyPwbjkW9aV8QhCAMI4RAWNxUt
EIEAZ81/0faSPpSh8BIsUEhGPRZweVLjI5GVX8FV6MWj6lW7WuH+LwEZiV5L1HZK
UB+Mp+kvlFkmtFjDK2bFooGAbc54wvVPe/hLbOt3y4Zjr8YRNr2Snm1cJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN5BlchB6ztbkg/jIxcNOai6Mld5MB8GA1UdIwQY
MBaAFDmm9U0h9Tep3iR4fdDo+6QGqcrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2FiMVRTSDFONm5lSkhoOTBPajdwQWFweXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9jOThmYjUtZGM5NC00YjdkLWE5ODkt
NmMyZmFiNWE0MDg1LzEvM2tHVnlFSHJPMXVTRC1NakZ3MDVxTG95VjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9jOThmYjUtZGM5NC00YjdkLWE5ODktNmMyZmFiNWE0MDg1
LzEvT2FiMVRTSDFONm5lSkhoOTBPajdwQWFweXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSXoAwQA
wSXrMA0GCSqGSIb3DQEBCwUAA4IBAQCT+ZeUJE02sA/609ZiNOZw2ERJKwEk8d8q
WlcvqV20ZTm0odxX76q8cLiGSky2u4tfI+GB1V3Y3qx6DYvPV/eUkKsDsSPu/25g
uyVVIyoJpaKhpP2aNe5rV6SF2r0BWIAYapPasaUxeNrG/tQnHF/v1kD64kdEOShl
FTAyJBTCU+hPS9xe3oQxKODu7s5RAdQuaqtrBzHzjIUgYJsTvDcz3Op82DGDZ25z
/35fWB9VvzOuuSO69yUyUqXK9EicjvFqEShObfwDfkd7FDI50e3KT3UOofr724wN
LiUvcTI5aYBoYt6juvC1Pb98UKV/TVH7cnJ3AuH5zjcRdzKuBn7b
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:43:31 2024 by rpki-client on console-fra.rpki-client.org