Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/b3UsCmXQ5pwPOOactdEo-6zojUI.roa
File: b3UsCmXQ5pwPOOactdEo-6zojUI.roa (raw, json)
Hash identifier: MM+5vgXjQtlDDQb0cuCZ+yuDblXz68p3MzbYE2fq7Cw=
Subject key identifier: 6F:75:2C:0A:65:D0:E6:9C:0F:38:E6:9C:B5:D1:28:FB:AC:E8:8D:42
Certificate issuer: /CN=5a1a31909780e81734af6607272d18525db7657d
Certificate serial: 018CCA29F0263730210FC4075AEF4A0BDC91
Authority key identifier: 5A:1A:31:90:97:80:E8:17:34:AF:66:07:27:2D:18:52:5D:B7:65:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/b3UsCmXQ5pwPOOactdEo-6zojUI.roa
Signing time: Tue 02 Jan 2024 12:33:15 +0000
ROA not before: Tue 02 Jan 2024 12:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39730
IP address blocks: 185.195.132.0/22 maxlen: 22
178.250.176.0/21 maxlen: 21
2a0a:23c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f0:26:37:30:21:0f:c4:07:5a:ef:4a:0b:dc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a1a31909780e81734af6607272d18525db7657d
Validity
Not Before: Jan 2 12:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f752c0a65d0e69c0f38e69cb5d128fbace88d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6f:31:55:78:2e:e6:e7:28:35:65:43:22:aa:
a8:3a:7a:b6:5c:1c:e7:3d:7c:c1:28:71:ad:44:2d:
d4:fe:02:98:11:52:d7:12:dd:27:b9:f5:75:b9:5e:
3c:2c:eb:86:6a:e3:01:7e:c4:db:06:66:1f:66:e4:
5b:b3:cf:86:01:01:0e:b6:c2:f2:f1:12:b7:2e:f1:
e7:e2:aa:f6:06:6a:fe:98:83:a9:0f:ba:42:bf:1a:
98:0f:bc:95:f1:cb:a5:59:f4:6f:0e:dc:a4:7c:4a:
8d:8f:76:7d:0a:1b:e1:6a:d5:1a:70:98:c7:64:7f:
31:fa:27:d5:09:14:02:ee:22:16:36:da:1f:34:31:
f1:82:f6:fa:52:62:4c:34:97:bc:2d:f6:66:97:32:
86:bd:af:a5:ff:d3:70:87:f3:7e:7a:09:61:7d:a1:
fa:2b:ee:ac:b3:c7:cf:3c:8c:14:d0:89:7a:f0:37:
de:bb:46:65:0f:5f:41:c1:92:7e:5c:1c:43:52:ff:
f1:91:a0:49:03:8a:3c:94:91:0d:c9:b0:75:db:1f:
df:88:05:ce:0e:15:32:47:be:79:90:37:c1:e3:16:
8d:ed:eb:b4:d5:a0:cf:63:70:c4:aa:ad:bc:1e:e3:
5b:11:8c:76:bf:f6:e7:66:36:fe:f2:f7:76:5c:a6:
68:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:75:2C:0A:65:D0:E6:9C:0F:38:E6:9C:B5:D1:28:FB:AC:E8:8D:42
X509v3 Authority Key Identifier:
keyid:5A:1A:31:90:97:80:E8:17:34:AF:66:07:27:2D:18:52:5D:B7:65:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/b3UsCmXQ5pwPOOactdEo-6zojUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e10057-99bb-44f9-9774-2752b3759066/1/WhoxkJeA6Bc0r2YHJy0YUl23ZX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.176.0/21
185.195.132.0/22
IPv6:
2a0a:23c0::/29
Signature Algorithm: sha256WithRSAEncryption
22:91:5e:c7:4d:0a:11:15:94:c4:d5:37:8d:ae:ca:92:2e:77:
1d:e7:36:4d:86:b7:7e:20:fd:0b:0e:7e:da:85:62:72:ff:39:
c3:3b:1e:73:55:b2:d5:7b:57:9a:3a:a1:2e:92:e1:4d:9b:1f:
e0:3f:8c:87:73:a8:dd:56:d9:9d:1a:8a:5b:24:ee:6f:11:2e:
78:f1:cd:1b:5d:4d:17:70:c8:6e:64:42:90:63:15:35:2d:ed:
c6:45:bd:49:40:14:75:41:d2:a6:5d:53:5c:cf:56:96:22:14:
24:c6:df:9c:0f:88:56:71:52:74:ae:34:ef:68:5b:93:4f:43:
12:6a:cc:f7:79:0c:d9:ae:db:52:bd:1b:9e:e2:99:8a:4e:33:
0a:4d:09:45:85:67:a3:8c:74:5b:12:d8:4a:89:dc:23:4f:37:
7e:d2:d0:29:7c:61:86:3d:17:2a:9c:6f:40:20:fa:70:85:3e:
8b:2e:ab:a6:e2:12:e6:9c:32:b7:78:04:95:ed:97:bc:8e:7d:
16:dd:09:40:8e:80:ce:bf:de:d3:04:8a:af:a1:2b:b0:85:a7:
5b:f3:36:27:e5:f8:42:c0:b5:45:8b:56:64:40:36:ad:79:19:
4d:6a:f9:15:35:73:c0:68:87:61:6a:07:9c:b4:5e:6c:67:6b:
8c:e9:2c:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKfAmNzAhD8QHWu9KC9yRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMWEzMTkwOTc4MGU4MTczNGFmNjYwNzI3MmQxODUyNWRi
NzY1N2QwHhcNMjQwMTAyMTIzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjc1MmMwYTY1ZDBlNjljMGYzOGU2OWNiNWQxMjhmYmFjZTg4ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG8xVXgu5ucoNWVDIqqoOnq2XBzn
PXzBKHGtRC3U/gKYEVLXEt0nufV1uV48LOuGauMBfsTbBmYfZuRbs8+GAQEOtsLy
8RK3LvHn4qr2Bmr+mIOpD7pCvxqYD7yV8culWfRvDtykfEqNj3Z9ChvhatUacJjH
ZH8x+ifVCRQC7iIWNtofNDHxgvb6UmJMNJe8LfZmlzKGva+l/9Nwh/N+eglhfaH6
K+6ss8fPPIwU0Il68Dfeu0ZlD19BwZJ+XBxDUv/xkaBJA4o8lJENybB12x/fiAXO
DhUyR755kDfB4xaN7eu01aDPY3DEqq28HuNbEYx2v/bnZjb+8vd2XKZojQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG91LApl0OacDzjmnLXRKPus6I1CMB8GA1UdIwQY
MBaAFFoaMZCXgOgXNK9mByctGFJdt2V9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hveGtKZUE2QmMwcjJZSEp5MFlVbDIzWlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMTAwNTctOTliYi00NGY5LTk3NzQt
Mjc1MmIzNzU5MDY2LzEvYjNVc0NtWFE1cHdQT09hY3RkRW8tNnpvalVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMTAwNTctOTliYi00NGY5LTk3NzQtMjc1MmIzNzU5MDY2
LzEvV2hveGtKZUE2QmMwcjJZSEp5MFlVbDIzWlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsvqwAwQC
ucOEMA0EAgACMAcDBQMqCiPAMA0GCSqGSIb3DQEBCwUAA4IBAQAikV7HTQoRFZTE
1TeNrsqSLncd5zZNhrd+IP0LDn7ahWJy/znDOx5zVbLVe1eaOqEukuFNmx/gP4yH
c6jdVtmdGopbJO5vES548c0bXU0XcMhuZEKQYxU1Le3GRb1JQBR1QdKmXVNcz1aW
IhQkxt+cD4hWcVJ0rjTvaFuTT0MSasz3eQzZrttSvRue4pmKTjMKTQlFhWejjHRb
EthKidwjTzd+0tApfGGGPRcqnG9AIPpwhT6LLqum4hLmnDK3eASV7Ze8jn0W3QlA
joDOv97TBIqvoSuwhadb8zYn5fhCwLVFi1ZkQDateRlNavkVNXPAaIdhagectF5s
Z2uM6Sxg
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:21 2024 by rpki-client on console-fra.rpki-client.org