Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/3ThCgdjl0SDP9v-Sfq_ms6b86n4.roa
File: 3ThCgdjl0SDP9v-Sfq_ms6b86n4.roa (raw, json)
Hash identifier: Rvy5GgRMajipI003qArEAG2uDtMNE7WjgcVPtQQ7XYc=
Subject key identifier: DD:38:42:81:D8:E5:D1:20:CF:F6:FF:92:7E:AF:E6:B3:A6:FC:EA:7E
Certificate issuer: /CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
Certificate serial: 018CC4936C12734506A605A9FFF435967B15
Authority key identifier: 9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/3ThCgdjl0SDP9v-Sfq_ms6b86n4.roa
Signing time: Mon 01 Jan 2024 10:30:44 +0000
ROA not before: Mon 01 Jan 2024 10:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21413
IP address blocks: 93.159.96.0/19 maxlen: 24
31.187.67.0/24 maxlen: 24
31.187.77.0/24 maxlen: 24
85.190.176.0/21 maxlen: 24
31.187.79.0/24 maxlen: 24
212.99.192.0/19 maxlen: 24
185.90.128.0/22 maxlen: 24
83.221.224.0/19 maxlen: 24
89.187.200.0/21 maxlen: 24
94.100.64.0/20 maxlen: 24
176.126.88.0/22 maxlen: 22
185.175.209.0/24 maxlen: 24
77.235.160.0/19 maxlen: 24
193.98.112.0/21 maxlen: 21
46.227.216.0/21 maxlen: 24
87.121.192.0/20 maxlen: 24
37.247.64.0/19 maxlen: 24
87.121.224.0/20 maxlen: 24
80.243.32.0/19 maxlen: 24
2a00:1ca0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:6c:12:73:45:06:a6:05:a9:ff:f4:35:96:7b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f96ae2770265af32e7d4be86bab07a07c2d3353
Validity
Not Before: Jan 1 10:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd384281d8e5d120cff6ff927eafe6b3a6fcea7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a2:19:05:d8:a1:d9:26:4c:44:16:d6:fa:79:
3b:99:63:a7:36:56:cb:cd:13:b7:5a:ec:4f:aa:50:
06:86:cc:55:e0:fb:83:66:05:4c:e4:c0:9f:6e:d5:
ea:3c:16:c9:b3:ad:b2:5b:74:b8:ba:ff:47:d7:25:
66:e3:54:0c:6e:9c:09:da:07:db:39:28:af:b0:1d:
ae:a1:75:a0:9d:a1:ce:ff:a8:00:43:84:ab:10:03:
8f:9b:12:48:34:04:e3:eb:99:c9:e8:94:22:33:87:
b3:eb:a2:1c:f7:a5:49:a3:86:f6:be:9e:16:52:30:
01:a7:28:85:7a:47:c0:5e:e4:40:10:43:d3:2a:ed:
bb:6a:6e:49:a4:87:7d:fd:7d:95:b4:69:60:0f:f3:
b9:42:b6:0f:1a:79:0b:3d:6e:fc:42:12:45:c8:cc:
8f:8e:6f:6b:ff:ff:9d:58:1f:7c:92:02:f2:31:2c:
dc:fc:75:8d:00:ed:30:98:3b:be:da:87:db:47:60:
73:53:9b:3b:d8:59:f4:de:89:90:82:ad:09:22:63:
26:be:97:22:c8:80:84:69:17:b6:01:4e:06:40:f3:
18:9e:58:75:4c:4b:07:79:1c:65:5d:6a:ca:93:67:
ff:14:61:cf:ba:fd:d7:c0:eb:1d:12:d7:e3:d6:87:
05:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:38:42:81:D8:E5:D1:20:CF:F6:FF:92:7E:AF:E6:B3:A6:FC:EA:7E
X509v3 Authority Key Identifier:
keyid:9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/3ThCgdjl0SDP9v-Sfq_ms6b86n4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.67.0/24
31.187.77.0/24
31.187.79.0/24
37.247.64.0/19
46.227.216.0/21
77.235.160.0/19
80.243.32.0/19
83.221.224.0/19
85.190.176.0/21
87.121.192.0/20
87.121.224.0/20
89.187.200.0/21
93.159.96.0/19
94.100.64.0/20
176.126.88.0/22
185.90.128.0/22
185.175.209.0/24
193.98.112.0/21
212.99.192.0/19
IPv6:
2a00:1ca0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:5c:0e:21:b8:56:5b:de:c5:94:84:dd:c8:ae:0a:b7:1f:eb:
3d:2a:c8:5e:aa:72:1e:1a:18:06:a2:fb:69:f5:44:b6:84:5d:
2a:d7:7e:d0:8d:03:94:d9:97:72:64:a2:ff:57:77:39:bb:9d:
b9:36:cb:a3:64:93:59:02:71:8b:51:98:ed:7c:cb:f4:c8:a7:
c6:72:66:ac:00:14:b0:5b:bc:83:21:62:01:44:6f:5a:a6:c9:
2d:28:e4:85:a6:2d:35:f7:26:a5:68:50:ce:b1:85:5f:8b:d0:
5f:99:f4:92:6d:8a:55:57:42:ea:9c:cf:f8:b0:8d:96:d6:16:
f8:56:0b:e6:fa:ff:be:71:d5:6b:d7:69:e8:5c:e3:18:5a:93:
28:30:cf:f4:45:87:bc:03:1b:8a:01:19:45:12:b4:68:f1:27:
bf:46:17:e1:1f:bd:17:aa:64:11:32:c2:b0:24:b8:62:48:ec:
6f:78:12:a0:ac:de:e3:22:02:f4:79:ae:8b:61:88:e8:f9:b9:
79:46:b4:8b:68:1b:0b:84:a9:e0:88:5b:08:59:ea:81:e8:f1:
7a:4c:53:a6:c6:53:85:4a:da:ac:fd:2d:fa:5c:bb:e1:98:82:
f9:35:04:59:aa:68:40:a6:f3:b9:f9:70:df:74:95:b0:d1:bf:
7e:27:74:c9
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYzEk2wSc0UGpgWp//Q1lnsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmOTZhZTI3NzAyNjVhZjMyZTdkNGJlODZiYWIwN2EwN2My
ZDMzNTMwHhcNMjQwMTAxMTAzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDM4NDI4MWQ4ZTVkMTIwY2ZmNmZmOTI3ZWFmZTZiM2E2ZmNlYTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqIZBdih2SZMRBbW+nk7mWOnNlbL
zRO3WuxPqlAGhsxV4PuDZgVM5MCfbtXqPBbJs62yW3S4uv9H1yVm41QMbpwJ2gfb
OSivsB2uoXWgnaHO/6gAQ4SrEAOPmxJINATj65nJ6JQiM4ez66Ic96VJo4b2vp4W
UjABpyiFekfAXuRAEEPTKu27am5JpId9/X2VtGlgD/O5QrYPGnkLPW78QhJFyMyP
jm9r//+dWB98kgLyMSzc/HWNAO0wmDu+2ofbR2BzU5s72Fn03omQgq0JImMmvpci
yICEaRe2AU4GQPMYnlh1TEsHeRxlXWrKk2f/FGHPuv3XwOsdEtfj1ocFEQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFN04QoHY5dEgz/b/kn6v5rOm/Op+MB8GA1UdIwQY
MBaAFJ+WridwJlrzLn1L6GurB6B8LTNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjVhdUozQW1Xdk11ZlV2b2E2c0hvSHd0TTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82YmI1YjEtMWU2YS00NDU1LTlkNzUt
ZTY0Yzg4NWY2MmNlLzEvM1RoQ2dkamwwU0RQOXYtU2ZxX21zNmI4Nm40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82YmI1YjEtMWU2YS00NDU1LTlkNzUtZTY0Yzg4NWY2MmNl
LzEvbjVhdUozQW1Xdk11ZlV2b2E2c0hvSHd0TTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQAH7tD
AwQAH7tNAwQAH7tPAwQFJfdAAwQDLuPYAwQFTeugAwQFUPMgAwQFU93gAwQDVb6w
AwQEV3nAAwQEV3ngAwQDWbvIAwQFXZ9gAwQEXmRAAwQCsH5YAwQCuVqAAwQAua/R
AwQDwWJwAwQF1GPAMA0EAgACMAcDBQAqABygMA0GCSqGSIb3DQEBCwUAA4IBAQCs
XA4huFZb3sWUhN3Irgq3H+s9KsheqnIeGhgGovtp9US2hF0q137QjQOU2ZdyZKL/
V3c5u525NsujZJNZAnGLUZjtfMv0yKfGcmasABSwW7yDIWIBRG9apsktKOSFpi01
9yalaFDOsYVfi9BfmfSSbYpVV0LqnM/4sI2W1hb4Vgvm+v++cdVr12noXOMYWpMo
MM/0RYe8AxuKARlFErRo8Se/RhfhH70XqmQRMsKwJLhiSOxveBKgrN7jIgL0ea6L
YYjo+bl5RrSLaBsLhKngiFsIWeqB6PF6TFOmxlOFStqs/S36XLvhmIL5NQRZqmhA
pvO5+XDfdJWw0b9+J3TJ
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:20:35 2024 by rpki-client on console-ams.rpki-client.org