Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/n-_jD0oUpUK3BHwMTqgxhDCfTxc.roa
File: n-_jD0oUpUK3BHwMTqgxhDCfTxc.roa (raw, json)
Hash identifier: t9TMr6gWmf8cnu4qqBMbjQzmZHYN0dgrfAKbTJi+OR4=
Subject key identifier: 9F:EF:E3:0F:4A:14:A5:42:B7:04:7C:0C:4E:A8:31:84:30:9F:4F:17
Certificate issuer: /CN=fa81dc46cce39c16c24396f55e6263a669c7e769
Certificate serial: 018CC49332133BB4A070A907714275A919A6
Authority key identifier: FA:81:DC:46:CC:E3:9C:16:C2:43:96:F5:5E:62:63:A6:69:C7:E7:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-oHcRszjnBbCQ5b1XmJjpmnH52k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/n-_jD0oUpUK3BHwMTqgxhDCfTxc.roa
Signing time: Mon 01 Jan 2024 10:30:30 +0000
ROA not before: Mon 01 Jan 2024 10:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47610
IP address blocks: 134.130.0.0/16 maxlen: 16
137.226.0.0/16 maxlen: 16
134.61.0.0/16 maxlen: 16
194.35.108.0/22 maxlen: 22
192.35.229.0/24 maxlen: 24
2a00:8a60::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/1-oHcRszjnBbCQ5b1XmJjpmnH52k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/1-oHcRszjnBbCQ5b1XmJjpmnH52k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-oHcRszjnBbCQ5b1XmJjpmnH52k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:32:13:3b:b4:a0:70:a9:07:71:42:75:a9:19:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa81dc46cce39c16c24396f55e6263a669c7e769
Validity
Not Before: Jan 1 10:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fefe30f4a14a542b7047c0c4ea83184309f4f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b2:31:b2:a9:79:38:33:14:80:98:b7:1a:f4:
47:77:d4:ae:84:bb:da:ae:98:a4:e8:5d:57:cc:3d:
ba:7f:07:e7:16:39:1e:a3:e4:5b:28:92:0f:44:94:
20:40:12:a6:79:18:2f:ad:7c:ec:ca:d2:b1:10:be:
07:ea:3b:2d:5d:89:10:4a:5c:35:0d:d4:f7:65:23:
fa:8b:64:4d:23:70:46:fc:a0:89:df:f0:65:2e:c0:
8b:c3:5d:87:32:43:24:41:65:5e:65:a4:41:e8:2b:
a6:7d:1f:0d:20:91:3c:64:d9:b1:8a:c5:78:cb:bf:
80:e3:de:4d:9f:a6:8f:b7:a9:78:1d:7b:15:c7:c9:
fd:ee:8b:e5:c2:42:0d:51:72:9e:b2:82:92:76:3d:
28:42:88:1a:df:7e:e1:4b:96:86:83:92:ae:d2:d6:
ea:72:55:67:42:bf:1b:d7:3b:91:00:be:10:50:6e:
58:5c:1d:75:af:b4:7e:77:66:2c:83:c9:d6:97:57:
cb:d7:fa:8b:e4:22:57:ea:8c:ce:13:24:44:30:7f:
61:40:f8:97:09:b7:f5:c5:cb:98:22:2a:f9:d0:d6:
b3:3b:df:dd:99:d5:c2:0a:5c:27:34:9e:28:f0:c4:
a0:a1:97:de:c4:01:53:55:1c:e7:71:fe:a9:97:bc:
c0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:EF:E3:0F:4A:14:A5:42:B7:04:7C:0C:4E:A8:31:84:30:9F:4F:17
X509v3 Authority Key Identifier:
keyid:FA:81:DC:46:CC:E3:9C:16:C2:43:96:F5:5E:62:63:A6:69:C7:E7:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-oHcRszjnBbCQ5b1XmJjpmnH52k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/n-_jD0oUpUK3BHwMTqgxhDCfTxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/8f0180-2b5b-4419-ad36-f4b8ca37a1fb/1/1-oHcRszjnBbCQ5b1XmJjpmnH52k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.61.0.0/16
134.130.0.0/16
137.226.0.0/16
192.35.229.0/24
194.35.108.0/22
IPv6:
2a00:8a60::/29
Signature Algorithm: sha256WithRSAEncryption
8f:70:ee:0a:37:5e:73:c8:3d:66:0b:30:70:f1:e2:4d:6e:77:
3a:f4:48:2e:c7:44:b0:93:1c:11:cc:cb:6e:cf:c3:b9:11:5e:
51:2d:5e:4e:75:a5:cb:f1:4f:97:47:2d:46:66:42:72:6f:8e:
98:36:e2:df:63:84:26:d3:c8:8c:d8:be:14:9d:65:f7:68:c8:
30:e8:fa:ac:7e:2f:2d:e9:ee:d6:9f:d3:d8:d4:04:f4:6c:af:
40:2f:85:d6:5f:c8:5f:b0:d2:54:3b:a5:35:df:71:42:03:02:
fa:d0:cd:44:23:91:2b:63:2c:ef:89:54:81:56:00:fc:f3:30:
87:99:e0:7a:e5:1b:a0:2d:31:58:b3:6a:b2:63:99:c3:23:9e:
94:25:fd:90:ca:aa:a4:86:c6:84:a9:27:25:f0:80:c2:e8:99:
01:83:50:a5:1a:bf:05:7b:51:da:47:5f:b1:a5:7a:0f:a8:fd:
3c:19:13:7b:f2:7e:8c:a7:27:01:cc:b0:96:84:78:ab:eb:54:
26:ef:09:30:66:52:09:db:e7:e2:6d:02:1d:52:0d:8c:95:1a:
0e:89:3b:d3:84:35:76:41:91:61:b4:41:ee:ae:6e:5c:81:bf:
a5:2a:29:60:5e:47:51:96:ca:1d:b2:67:2a:f4:41:fa:ab:49:
6b:2c:d3:a9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzEkzITO7SgcKkHcUJ1qRmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhODFkYzQ2Y2NlMzljMTZjMjQzOTZmNTVlNjI2M2E2Njlj
N2U3NjkwHhcNMjQwMTAxMTAzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmVmZTMwZjRhMTRhNTQyYjcwNDdjMGM0ZWE4MzE4NDMwOWY0ZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7Ixsql5ODMUgJi3GvRHd9SuhLva
rpik6F1XzD26fwfnFjkeo+RbKJIPRJQgQBKmeRgvrXzsytKxEL4H6jstXYkQSlw1
DdT3ZSP6i2RNI3BG/KCJ3/BlLsCLw12HMkMkQWVeZaRB6CumfR8NIJE8ZNmxisV4
y7+A495Nn6aPt6l4HXsVx8n97ovlwkINUXKesoKSdj0oQoga337hS5aGg5Ku0tbq
clVnQr8b1zuRAL4QUG5YXB11r7R+d2Ysg8nWl1fL1/qL5CJX6ozOEyREMH9hQPiX
Cbf1xcuYIir50NazO9/dmdXCClwnNJ4o8MSgoZfexAFTVRzncf6pl7zAgQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJ/v4w9KFKVCtwR8DE6oMYQwn08XMB8GA1UdIwQY
MBaAFPqB3EbM45wWwkOW9V5iY6Zpx+dpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1vSGNSc3pqbkJiQ1E1YjFYbUpqcG1uSDUyay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2MvOGYwMTgwLTJiNWItNDQxOS1hZDM2
LWY0YjhjYTM3YTFmYi8xL24tX2pEMG9VcFVLM0JId01UcWd4aERDZlR4Yy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2MvOGYwMTgwLTJiNWItNDQxOS1hZDM2LWY0YjhjYTM3YTFm
Yi8xLzEtb0hjUnN6am5CYkNRNWIxWG1KanBtbkg1MmsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMCEEAgABMBsDAwCGPQMD
AIaCAwMAieIDBADAI+UDBALCI2wwDQQCAAIwBwMFAyoAimAwDQYJKoZIhvcNAQEL
BQADggEBAI9w7go3XnPIPWYLMHDx4k1udzr0SC7HRLCTHBHMy27Pw7kRXlEtXk51
pcvxT5dHLUZmQnJvjpg24t9jhCbTyIzYvhSdZfdoyDDo+qx+Ly3p7taf09jUBPRs
r0AvhdZfyF+w0lQ7pTXfcUIDAvrQzUQjkStjLO+JVIFWAPzzMIeZ4HrlG6AtMViz
arJjmcMjnpQl/ZDKqqSGxoSpJyXwgMLomQGDUKUavwV7UdpHX7Gleg+o/TwZE3vy
foynJwHMsJaEeKvrVCbvCTBmUgnb5+JtAh1SDYyVGg6JO9OENXZBkWG0Qe6ublyB
v6UqKWBeR1GWyh2yZyr0QfqrSWss06k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:23 2024 by rpki-client on console-fra.rpki-client.org