Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/3YD8U4G11kjGRymXgruouWlTGbI.roa
File: 3YD8U4G11kjGRymXgruouWlTGbI.roa (raw, json)
Hash identifier: b03f/Ro44Csw873wC8eG2sgUGwX21Rz9ddFChxKiTfA=
Subject key identifier: DD:80:FC:53:81:B5:D6:48:C6:47:29:97:82:BB:A8:B9:69:53:19:B2
Certificate issuer: /CN=9dfe30a014784625db2c9dc90ae3ce15e54a88ec
Certificate serial: 01922D9BA87C69139F3EAFB4BF91B079FEC9
Authority key identifier: 9D:FE:30:A0:14:78:46:25:DB:2C:9D:C9:0A:E3:CE:15:E5:4A:88:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/3YD8U4G11kjGRymXgruouWlTGbI.roa
Signing time: Thu 26 Sep 2024 09:13:48 +0000
ROA not before: Thu 26 Sep 2024 09:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56834
IP address blocks: 45.84.92.0/22 maxlen: 22
95.214.12.0/22 maxlen: 22
217.18.216.0/22 maxlen: 22
2a09:d280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:9b:a8:7c:69:13:9f:3e:af:b4:bf:91:b0:79:fe:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfe30a014784625db2c9dc90ae3ce15e54a88ec
Validity
Not Before: Sep 26 09:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd80fc5381b5d648c647299782bba8b9695319b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:93:e1:2e:09:ef:3d:b1:ed:9a:a5:c9:55:10:
05:1a:2b:3c:08:d7:b1:60:5f:27:e4:db:e5:f9:c7:
fa:0b:26:4f:a8:e2:51:75:59:9a:98:f0:0b:f7:74:
63:75:7e:d3:67:a0:9f:4f:68:3b:df:95:cf:8f:d8:
c7:a4:df:92:b2:e7:70:2f:1d:df:e5:99:b1:a5:66:
bf:5e:e8:3d:02:5d:00:3a:6c:62:1c:91:a5:83:6d:
e8:29:6a:41:29:0c:eb:82:7b:a4:c9:3c:cb:36:19:
96:c3:f2:57:66:9b:66:31:51:1f:b9:44:fa:b3:6a:
ea:49:8f:b3:0b:db:e5:f7:d8:49:b8:d2:bb:ff:4c:
67:4e:6e:e5:bb:5d:d7:8a:69:7b:5c:16:6a:d9:4d:
d7:5a:85:b5:5c:62:54:9b:99:6c:8e:25:06:d0:d0:
5d:6b:40:97:1e:f4:d0:bf:12:18:3e:d1:4d:a9:f1:
aa:16:5c:51:0d:c8:ea:54:bf:1e:dc:fd:8e:90:9f:
7e:ab:67:ce:50:b1:b8:45:df:b5:69:67:84:6f:5b:
2a:88:d1:d0:02:dc:fb:5e:9e:62:96:90:c3:0b:e5:
07:05:72:3a:65:5f:2b:cb:89:5e:52:ca:c6:71:a9:
e5:58:5c:fe:8d:48:34:28:67:4e:31:2a:a8:b1:5d:
c9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:80:FC:53:81:B5:D6:48:C6:47:29:97:82:BB:A8:B9:69:53:19:B2
X509v3 Authority Key Identifier:
keyid:9D:FE:30:A0:14:78:46:25:DB:2C:9D:C9:0A:E3:CE:15:E5:4A:88:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/3YD8U4G11kjGRymXgruouWlTGbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.92.0/22
95.214.12.0/22
217.18.216.0/22
IPv6:
2a09:d280::/29
Signature Algorithm: sha256WithRSAEncryption
53:7c:06:12:83:e4:33:0f:8a:de:14:74:63:1a:6a:57:b2:07:
98:ec:4a:40:8a:c1:f4:33:b9:c2:4a:82:9c:1e:50:62:65:f0:
75:82:2a:c2:85:63:1f:00:09:70:c5:94:58:4b:e3:e4:41:5f:
f4:54:27:78:ee:6a:48:a8:5f:42:19:fd:65:39:cc:c9:ba:12:
80:16:cb:75:f3:ee:34:8c:60:6b:e8:94:65:6a:7d:dd:14:15:
d0:22:ab:57:76:fb:54:dc:06:de:c2:fe:85:05:b8:ea:cf:9a:
fb:dc:ce:43:97:69:28:b7:95:2b:8a:54:de:e4:96:30:56:27:
a9:62:b9:73:20:3b:fd:47:62:da:21:6c:42:4e:0d:43:13:9f:
4f:0b:64:09:19:3a:e1:ea:df:5d:fd:5b:b8:e2:27:27:cb:e3:
1f:24:bb:74:d3:3b:aa:36:2d:cd:dd:43:20:3b:65:43:8f:e6:
9f:e3:fc:57:7d:d5:f5:8d:f9:f9:4e:a9:ae:3b:da:b5:ed:d7:
8c:59:8d:f3:4f:1d:b9:25:c0:54:9c:bf:9d:09:de:9c:92:e1:
ff:4a:e9:3a:b2:37:2c:48:74:4e:ec:4e:4f:b1:fd:bf:a8:35:
ce:52:02:52:42:d2:51:80:5e:b9:57:e5:79:f8:67:9a:0f:df:
87:81:d9:c7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZItm6h8aROfPq+0v5Gwef7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZmUzMGEwMTQ3ODQ2MjVkYjJjOWRjOTBhZTNjZTE1ZTU0
YTg4ZWMwHhcNMjQwOTI2MDkxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDgwZmM1MzgxYjVkNjQ4YzY0NzI5OTc4MmJiYThiOTY5NTMxOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJPhLgnvPbHtmqXJVRAFGis8CNex
YF8n5Nvl+cf6CyZPqOJRdVmamPAL93RjdX7TZ6CfT2g735XPj9jHpN+SsudwLx3f
5ZmxpWa/Xug9Al0AOmxiHJGlg23oKWpBKQzrgnukyTzLNhmWw/JXZptmMVEfuUT6
s2rqSY+zC9vl99hJuNK7/0xnTm7lu13Ximl7XBZq2U3XWoW1XGJUm5lsjiUG0NBd
a0CXHvTQvxIYPtFNqfGqFlxRDcjqVL8e3P2OkJ9+q2fOULG4Rd+1aWeEb1sqiNHQ
Atz7Xp5ilpDDC+UHBXI6ZV8ry4leUsrGcanlWFz+jUg0KGdOMSqosV3JdQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFN2A/FOBtdZIxkcpl4K7qLlpUxmyMB8GA1UdIwQY
MBaAFJ3+MKAUeEYl2yydyQrjzhXlSojsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zZDE0OTUtMGVmOC00OWIxLTk5ZTIt
NjA0ZTIzNzQ3NzY5LzEvM1lEOFU0RzExa2pHUnltWGdydW91V2xUR2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zZDE0OTUtMGVmOC00OWIxLTk5ZTItNjA0ZTIzNzQ3NzY5
LzEvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVRcAwQC
X9YMAwQC2RLYMA0EAgACMAcDBQMqCdKAMA0GCSqGSIb3DQEBCwUAA4IBAQBTfAYS
g+QzD4reFHRjGmpXsgeY7EpAisH0M7nCSoKcHlBiZfB1girChWMfAAlwxZRYS+Pk
QV/0VCd47mpIqF9CGf1lOczJuhKAFst18+40jGBr6JRlan3dFBXQIqtXdvtU3Abe
wv6FBbjqz5r73M5Dl2kot5UrilTe5JYwViepYrlzIDv9R2LaIWxCTg1DE59PC2QJ
GTrh6t9d/Vu44icny+MfJLt00zuqNi3N3UMgO2VDj+af4/xXfdX1jfn5TqmuO9q1
7deMWY3zTx25JcBUnL+dCd6ckuH/Suk6sjcsSHRO7E5Psf2/qDXOUgJSQtJRgF65
V+V5+GeaD9+HgdnH
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:26 2024 by rpki-client on console-fra.rpki-client.org