Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/3We-6s6Y_QbkSWLuHQeKZNx3-Zc.roa
File: 3We-6s6Y_QbkSWLuHQeKZNx3-Zc.roa (raw, json)
Hash identifier: VU/vtD5E2vVsFaeX523CNrkCexM+i5NFIFPY5Skp6/o=
Subject key identifier: DD:67:BE:EA:CE:98:FD:06:E4:49:62:EE:1D:07:8A:64:DC:77:F9:97
Certificate issuer: /CN=776fae43f73da35fe1a2e429662ae0b91751e3fb
Certificate serial: 018CC80162E925E7A9785E3F216ABF577EF9
Authority key identifier: 77:6F:AE:43:F7:3D:A3:5F:E1:A2:E4:29:66:2A:E0:B9:17:51:E3:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2-uQ_c9o1_houQpZirguRdR4_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/3We-6s6Y_QbkSWLuHQeKZNx3-Zc.roa
Signing time: Tue 02 Jan 2024 02:29:43 +0000
ROA not before: Tue 02 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30860
IP address blocks: 91.230.121.0/24 maxlen: 24
91.235.142.0/24 maxlen: 24
91.235.142.0/23 maxlen: 23
91.235.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/d2-uQ_c9o1_houQpZirguRdR4_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/d2-uQ_c9o1_houQpZirguRdR4_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/d2-uQ_c9o1_houQpZirguRdR4_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:62:e9:25:e7:a9:78:5e:3f:21:6a:bf:57:7e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=776fae43f73da35fe1a2e429662ae0b91751e3fb
Validity
Not Before: Jan 2 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd67beeace98fd06e44962ee1d078a64dc77f997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:53:13:a0:c5:ca:c2:1c:a8:52:f8:79:8d:82:
7f:dc:47:39:8b:e4:48:a9:e8:07:a9:89:9c:30:76:
54:2f:40:64:31:eb:1a:e5:e4:c6:d0:15:4c:51:2b:
a3:2d:7b:67:00:4e:bb:ef:c8:f2:c6:75:c4:8c:db:
a2:c3:98:01:1a:e2:1d:eb:60:fe:40:e2:88:29:d0:
2f:7b:43:b5:b0:cb:92:b3:22:f7:5a:b0:7b:71:c1:
d1:71:22:ea:65:9e:fc:b3:09:d3:97:87:6e:59:1e:
5b:0f:41:74:9f:59:28:c0:3f:f7:cf:42:ca:ce:69:
a4:bd:5d:22:bd:82:24:e9:ea:9e:22:25:84:60:dc:
96:df:90:2a:51:96:c9:ab:8e:8e:64:99:83:00:f6:
1e:69:55:74:bd:56:ee:9d:ab:3f:0a:7f:05:9a:4e:
b2:ee:f2:cb:9b:b6:34:d0:c5:87:d3:7b:d7:27:59:
d5:4f:ad:a5:db:a5:cc:40:2d:4b:14:94:85:7a:df:
f4:e6:22:60:48:64:d1:ab:50:eb:d3:82:60:80:a2:
d5:b1:99:01:aa:12:a6:44:5c:0e:b9:dc:41:10:4f:
7a:80:46:14:ce:c0:1e:0e:80:9f:6b:26:c5:c4:e0:
e0:e5:8b:91:ae:c4:b6:01:82:f7:54:2d:8c:5b:f9:
d2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:67:BE:EA:CE:98:FD:06:E4:49:62:EE:1D:07:8A:64:DC:77:F9:97
X509v3 Authority Key Identifier:
keyid:77:6F:AE:43:F7:3D:A3:5F:E1:A2:E4:29:66:2A:E0:B9:17:51:E3:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2-uQ_c9o1_houQpZirguRdR4_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/3We-6s6Y_QbkSWLuHQeKZNx3-Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0acf2d-5d62-43f3-8d14-4e0cc58163b0/1/d2-uQ_c9o1_houQpZirguRdR4_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.121.0/24
91.235.142.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:27:bc:51:00:b3:b5:85:c4:84:8d:bd:eb:89:83:16:dc:59:
4d:ec:17:ed:3d:09:d3:64:fe:f9:c0:75:6e:9d:d1:79:dd:0d:
15:de:75:a1:ee:00:8d:c4:b4:5c:5b:eb:3d:a0:b5:a4:75:9f:
12:14:09:4f:52:b6:b4:a4:2f:72:56:67:03:b2:64:17:a7:94:
a0:b9:06:2e:78:da:6b:7c:a9:6f:3f:7b:08:e3:a9:b3:64:67:
8e:2d:a2:30:fc:2e:81:8a:e5:73:62:02:8f:5d:db:13:65:6b:
4a:2b:ac:cc:4a:8c:03:0f:e9:ab:f7:b0:7f:94:60:ff:dc:b2:
e5:43:21:5e:f8:7c:54:e2:e8:57:42:4d:fb:f8:bd:ec:a4:bd:
54:6b:f1:53:71:e8:f4:d0:23:ff:91:86:1f:06:3e:9c:0c:34:
d4:8f:7f:4c:b3:b4:97:51:98:b4:f9:43:93:0a:d3:c2:8a:19:
b3:8e:06:d8:c0:da:94:1e:70:4c:e3:80:af:56:6f:27:ed:be:
d3:ea:37:73:3c:e5:fc:83:dc:38:5b:43:1d:b3:b9:b7:cd:89:
2b:e9:45:fc:bc:63:c7:66:1c:9e:bc:f1:62:9c:b2:4c:0b:67:
4d:81:ed:a0:f7:fe:92:fd:83:fa:4f:ab:17:c2:cc:e2:36:dc:
be:04:1c:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAWLpJeepeF4/IWq/V375MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NmZhZTQzZjczZGEzNWZlMWEyZTQyOTY2MmFlMGI5MTc1
MWUzZmIwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY3YmVlYWNlOThmZDA2ZTQ0OTYyZWUxZDA3OGE2NGRjNzdmOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlMToMXKwhyoUvh5jYJ/3Ec5i+RI
qegHqYmcMHZUL0BkMesa5eTG0BVMUSujLXtnAE6778jyxnXEjNuiw5gBGuId62D+
QOKIKdAve0O1sMuSsyL3WrB7ccHRcSLqZZ78swnTl4duWR5bD0F0n1kowD/3z0LK
zmmkvV0ivYIk6eqeIiWEYNyW35AqUZbJq46OZJmDAPYeaVV0vVbunas/Cn8Fmk6y
7vLLm7Y00MWH03vXJ1nVT62l26XMQC1LFJSFet/05iJgSGTRq1Dr04JggKLVsZkB
qhKmRFwOudxBEE96gEYUzsAeDoCfaybFxODg5YuRrsS2AYL3VC2MW/nSKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN1nvurOmP0G5Eli7h0HimTcd/mXMB8GA1UdIwQY
MBaAFHdvrkP3PaNf4aLkKWYq4LkXUeP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDItdVFfYzlvMV9ob3VRcFppcmd1UmRSNF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wYWNmMmQtNWQ2Mi00M2YzLThkMTQt
NGUwY2M1ODE2M2IwLzEvM1dlLTZzNllfUWJrU1dMdUhRZUtaTngzLVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wYWNmMmQtNWQ2Mi00M2YzLThkMTQtNGUwY2M1ODE2M2Iw
LzEvZDItdVFfYzlvMV9ob3VRcFppcmd1UmRSNF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+Z5AwQB
W+uOMA0GCSqGSIb3DQEBCwUAA4IBAQA/J7xRALO1hcSEjb3riYMW3FlN7BftPQnT
ZP75wHVundF53Q0V3nWh7gCNxLRcW+s9oLWkdZ8SFAlPUra0pC9yVmcDsmQXp5Sg
uQYueNprfKlvP3sI46mzZGeOLaIw/C6BiuVzYgKPXdsTZWtKK6zMSowDD+mr97B/
lGD/3LLlQyFe+HxU4uhXQk37+L3spL1Ua/FTcej00CP/kYYfBj6cDDTUj39Ms7SX
UZi0+UOTCtPCihmzjgbYwNqUHnBM44CvVm8n7b7T6jdzPOX8g9w4W0Mds7m3zYkr
6UX8vGPHZhyevPFinLJMC2dNge2g9/6S/YP6T6sXwsziNty+BBx6
-----END CERTIFICATE-----
Generated at Mon May 20 17:41:32 2024 by rpki-client on console-ams.rpki-client.org