Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/3DkjtZvGHqa1v_cj9eia45Rs-84.roa
File: 3DkjtZvGHqa1v_cj9eia45Rs-84.roa (raw, json)
Hash identifier: yD01z94X848TTIQw6anOHXTb1z+50fYKxlDSep2uNRA=
Subject key identifier: DC:39:23:B5:9B:C6:1E:A6:B5:BF:F7:23:F5:E8:9A:E3:94:6C:FB:CE
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 018CC86F17A5438C1B65A01F9D65650EFFE1
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/3DkjtZvGHqa1v_cj9eia45Rs-84.roa
Signing time: Tue 02 Jan 2024 04:29:32 +0000
ROA not before: Tue 02 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31562
IP address blocks: 83.166.64.0/19 maxlen: 19
83.166.64.0/24 maxlen: 24
2a03:9600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:17:a5:43:8c:1b:65:a0:1f:9d:65:65:0e:ff:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: Jan 2 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc3923b59bc61ea6b5bff723f5e89ae3946cfbce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:13:9e:5e:8f:a6:35:32:d9:d9:fa:af:9c:1f:
c6:77:07:b2:b1:65:b7:e1:17:1a:7f:d5:e7:a4:ee:
6d:f8:d0:47:93:57:3f:ff:50:68:c3:14:3c:29:3e:
73:76:c7:58:10:41:f8:c8:a1:c7:3d:b8:8a:3c:6e:
49:e7:20:99:81:2e:3c:5f:df:94:06:8c:07:67:41:
ec:7d:d8:ce:0b:3e:9f:fb:5c:13:a2:43:39:cf:23:
78:95:ce:1c:93:d7:1b:46:19:ad:17:89:fc:17:85:
e8:63:42:e7:8f:5f:26:d8:fc:75:ce:21:73:2f:3a:
c2:ad:b6:1a:dd:9f:b1:94:1f:b2:0c:e2:f8:d2:70:
15:be:67:e4:a6:07:f2:61:6b:9d:fe:b0:b4:51:76:
65:db:f1:07:89:d3:65:b3:86:49:bb:9a:19:0f:55:
b5:ed:92:fa:e5:4f:e0:6e:3b:49:2b:9f:d9:60:59:
d5:ec:73:87:b5:5d:e6:fb:93:a5:ea:d8:20:a9:d6:
ef:40:b3:f9:42:dc:d3:c7:b9:02:c3:53:a6:23:aa:
ab:42:50:0a:a2:42:6a:de:18:90:b8:0a:62:b2:67:
c9:ea:43:71:60:d8:0c:bb:1f:7e:40:fd:3e:c9:00:
0d:48:e2:a4:cb:73:52:89:ed:51:19:e8:98:ca:e3:
96:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:39:23:B5:9B:C6:1E:A6:B5:BF:F7:23:F5:E8:9A:E3:94:6C:FB:CE
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/3DkjtZvGHqa1v_cj9eia45Rs-84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.64.0/19
IPv6:
2a03:9600::/32
Signature Algorithm: sha256WithRSAEncryption
00:63:dd:d8:cb:c2:10:49:00:34:89:af:d2:1d:30:00:a0:c3:
ba:d0:e3:74:94:46:2a:58:cc:ec:a7:af:14:6e:c0:ec:22:46:
83:e4:3b:d7:5c:83:78:d6:f4:22:9e:63:5f:a3:6a:88:60:32:
fc:c8:52:9a:c0:16:46:cf:80:13:ff:59:3a:e3:19:3f:89:12:
bf:85:a8:0b:ac:da:c4:1a:a7:26:23:f0:5d:6b:f7:b9:21:63:
3e:03:58:f6:2c:da:5a:5d:d7:a3:6c:80:7c:6e:88:44:9f:31:
87:19:4f:9d:30:f9:91:c5:19:c9:f5:0b:2c:a3:80:a2:4f:25:
03:78:08:31:fb:e5:cb:e6:65:74:0a:35:30:87:21:3e:99:b7:
60:70:9a:7d:19:92:8a:29:07:f3:4a:8f:b2:6f:1d:7a:23:22:
15:1e:7e:e6:55:9e:e4:f4:2b:3a:5e:38:5f:9f:0f:83:a8:e9:
e6:78:4b:25:c3:f3:5b:5e:1e:70:72:27:67:87:5f:d3:95:75:
9f:19:cc:c5:8e:fb:ff:d1:25:0a:0a:36:a4:dc:ba:cb:44:58:
69:b1:3c:5f:dd:42:46:b8:fe:fc:b2:9a:8d:51:f9:75:57:68:
2d:04:b3:a3:62:72:fd:f8:01:a3:b9:97:53:49:c5:8b:35:27:
fa:83:c3:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbxelQ4wbZaAfnWVlDv/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjQwMTAyMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM5MjNiNTliYzYxZWE2YjViZmY3MjNmNWU4OWFlMzk0NmNmYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxOeXo+mNTLZ2fqvnB/GdweysWW3
4Rcaf9XnpO5t+NBHk1c//1BowxQ8KT5zdsdYEEH4yKHHPbiKPG5J5yCZgS48X9+U
BowHZ0HsfdjOCz6f+1wTokM5zyN4lc4ck9cbRhmtF4n8F4XoY0Lnj18m2Px1ziFz
LzrCrbYa3Z+xlB+yDOL40nAVvmfkpgfyYWud/rC0UXZl2/EHidNls4ZJu5oZD1W1
7ZL65U/gbjtJK5/ZYFnV7HOHtV3m+5Ol6tggqdbvQLP5QtzTx7kCw1OmI6qrQlAK
okJq3hiQuApismfJ6kNxYNgMux9+QP0+yQANSOKky3NSie1RGeiYyuOWOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNw5I7Wbxh6mtb/3I/XomuOUbPvOMB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvM0RranRadkdIcWExdl9jajllaWE0NVJzLTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFU6ZAMA0E
AgACMAcDBQAqA5YAMA0GCSqGSIb3DQEBCwUAA4IBAQAAY93Yy8IQSQA0ia/SHTAA
oMO60ON0lEYqWMzsp68UbsDsIkaD5DvXXIN41vQinmNfo2qIYDL8yFKawBZGz4AT
/1k64xk/iRK/hagLrNrEGqcmI/Bda/e5IWM+A1j2LNpaXdejbIB8bohEnzGHGU+d
MPmRxRnJ9Qsso4CiTyUDeAgx++XL5mV0CjUwhyE+mbdgcJp9GZKKKQfzSo+ybx16
IyIVHn7mVZ7k9Cs6Xjhfnw+DqOnmeEslw/NbXh5wcidnh1/TlXWfGczFjvv/0SUK
Cjak3LrLRFhpsTxf3UJGuP78spqNUfl1V2gtBLOjYnL9+AGjuZdTScWLNSf6g8PL
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:17:15 2024 by rpki-client on console-ams.rpki-client.org