Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/A3Nzh5IMPdBrw6ZYMVUEQ_N86Hc.roa
File: A3Nzh5IMPdBrw6ZYMVUEQ_N86Hc.roa (raw, json)
Hash identifier: 5MaNpHmKeTyn/fJ+VjcwU8k7PJOljEqeXXhAN9QgS5w=
Subject key identifier: 03:73:73:87:92:0C:3D:D0:6B:C3:A6:58:31:55:04:43:F3:7C:E8:77
Certificate issuer: /CN=41761e6d16ebf17e571c6bf77ec06bdf7ab68af8
Certificate serial: 018CC6B8D7E1C091A76A22D75F7F1871BE85
Authority key identifier: 41:76:1E:6D:16:EB:F1:7E:57:1C:6B:F7:7E:C0:6B:DF:7A:B6:8A:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXYebRbr8X5XHGv3fsBr33q2ivg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/A3Nzh5IMPdBrw6ZYMVUEQ_N86Hc.roa
Signing time: Mon 01 Jan 2024 20:30:51 +0000
ROA not before: Mon 01 Jan 2024 20:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60193
IP address blocks: 194.32.70.0/24 maxlen: 24
194.32.68.0/24 maxlen: 24
194.32.83.0/24 maxlen: 24
194.31.255.0/24 maxlen: 24
2a10:7f80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/QXYebRbr8X5XHGv3fsBr33q2ivg.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/QXYebRbr8X5XHGv3fsBr33q2ivg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXYebRbr8X5XHGv3fsBr33q2ivg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 04:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d7:e1:c0:91:a7:6a:22:d7:5f:7f:18:71:be:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41761e6d16ebf17e571c6bf77ec06bdf7ab68af8
Validity
Not Before: Jan 1 20:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03737387920c3dd06bc3a65831550443f37ce877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b1:a6:fd:f2:01:e5:a6:09:ec:42:d0:f7:1b:
64:79:ac:03:06:02:8b:9e:16:98:ee:7b:1c:7d:47:
80:b5:6c:e2:75:08:ae:b9:0b:9a:47:b8:3b:5a:e2:
62:ca:0f:ac:05:57:57:88:0d:1b:3f:82:d2:50:75:
85:6f:71:c0:d5:5b:4c:31:1d:3a:09:85:d1:b8:76:
6c:f0:7b:fe:ea:a2:ca:de:05:2f:ba:67:0a:10:a1:
ac:dd:77:01:f2:5b:81:0e:f5:fa:c1:fa:e7:df:bf:
6c:fc:82:45:55:f9:04:7d:47:be:4e:a4:7d:68:d5:
d6:6b:78:79:74:80:30:67:12:27:85:43:82:a9:6b:
cb:88:ef:5d:bd:3b:6e:16:40:0e:0a:80:f1:5c:20:
77:f4:1b:52:60:55:e8:95:db:62:80:04:09:da:9c:
c8:dc:66:9b:bc:e0:da:14:17:67:e4:e9:1d:ed:3b:
cb:94:a5:e1:d3:8b:37:9a:86:8e:87:79:c4:42:30:
aa:e6:f3:ec:d1:8c:36:79:a6:eb:c6:7d:ed:6b:1c:
ea:1e:8a:b6:79:d3:94:67:ed:6c:7b:f4:ff:b0:a2:
fb:fd:5f:23:8f:ec:96:1f:11:74:01:b5:70:87:92:
f2:3f:ce:6c:f9:5d:4c:95:5e:16:ed:c7:4d:5d:a0:
30:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:73:73:87:92:0C:3D:D0:6B:C3:A6:58:31:55:04:43:F3:7C:E8:77
X509v3 Authority Key Identifier:
keyid:41:76:1E:6D:16:EB:F1:7E:57:1C:6B:F7:7E:C0:6B:DF:7A:B6:8A:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXYebRbr8X5XHGv3fsBr33q2ivg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/A3Nzh5IMPdBrw6ZYMVUEQ_N86Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/QXYebRbr8X5XHGv3fsBr33q2ivg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.255.0/24
194.32.68.0/24
194.32.70.0/24
194.32.83.0/24
IPv6:
2a10:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
5b:a8:9e:7f:38:2f:bc:ea:d6:03:d5:0e:9e:94:19:6e:cb:42:
a0:b1:44:88:2f:de:af:f6:79:bb:02:05:ea:24:42:31:22:6b:
c5:02:04:f4:5d:48:96:42:a3:6b:5f:f7:44:59:e4:4d:4c:72:
c9:c3:18:31:aa:ad:b8:a6:3c:9d:87:4c:e5:5f:0b:f8:d2:82:
7a:cd:f0:30:97:9d:42:c5:72:99:23:06:0d:11:ee:7d:59:7e:
c4:d7:2b:2e:e5:1f:a1:37:fe:76:64:7b:9e:e6:28:06:92:cf:
60:58:c2:e6:11:3a:cf:70:6f:87:47:cd:9d:60:30:48:f0:0d:
d6:29:96:43:30:11:14:c7:78:48:93:c8:53:06:8d:bb:ef:3c:
4c:85:32:f0:bf:25:ca:3b:8e:81:cc:5b:d6:d3:dd:59:46:fb:
44:ed:3e:dd:8c:73:c1:d1:27:f1:77:51:55:cc:9a:a8:ad:33:
7b:3d:7c:07:90:3a:26:f4:78:3b:e7:06:5b:45:b4:67:ab:e7:
db:4f:ae:9e:91:a4:24:ba:57:09:a8:11:f7:66:25:ca:71:2c:
b9:98:07:8e:8c:f9:42:8b:c3:6b:aa:6f:54:74:56:5b:e7:9f:
a0:ce:38:1c:92:6b:5a:bf:d9:c3:7d:e5:ae:a8:8f:d3:05:1d:
e4:a0:54:4d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGuNfhwJGnaiLXX38Ycb6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzYxZTZkMTZlYmYxN2U1NzFjNmJmNzdlYzA2YmRmN2Fi
NjhhZjgwHhcNMjQwMTAxMjAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzczNzM4NzkyMGMzZGQwNmJjM2E2NTgzMTU1MDQ0M2YzN2NlODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7Gm/fIB5aYJ7ELQ9xtkeawDBgKL
nhaY7nscfUeAtWzidQiuuQuaR7g7WuJiyg+sBVdXiA0bP4LSUHWFb3HA1VtMMR06
CYXRuHZs8Hv+6qLK3gUvumcKEKGs3XcB8luBDvX6wfrn379s/IJFVfkEfUe+TqR9
aNXWa3h5dIAwZxInhUOCqWvLiO9dvTtuFkAOCoDxXCB39BtSYFXoldtigAQJ2pzI
3GabvODaFBdn5Okd7TvLlKXh04s3moaOh3nEQjCq5vPs0Yw2eabrxn3taxzqHoq2
edOUZ+1se/T/sKL7/V8jj+yWHxF0AbVwh5LyP85s+V1MlV4W7cdNXaAw9QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFANzc4eSDD3Qa8OmWDFVBEPzfOh3MB8GA1UdIwQY
MBaAFEF2Hm0W6/F+Vxxr937Aa996tor4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhZZWJSYnI4WDVYSEd2M2ZzQnIzM3EyaXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZWIyODktNjI3MC00ZGIyLWFjZGUt
YTg3OWRmNDZlYjk5LzEvQTNOemg1SU1QZEJydzZaWU1WVUVRX044NkhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZWIyODktNjI3MC00ZGIyLWFjZGUtYTg3OWRmNDZlYjk5
LzEvUVhZZWJSYnI4WDVYSEd2M2ZzQnIzM3EyaXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwh//AwQA
wiBEAwQAwiBGAwQAwiBTMA0EAgACMAcDBQMqEH+AMA0GCSqGSIb3DQEBCwUAA4IB
AQBbqJ5/OC+86tYD1Q6elBluy0KgsUSIL96v9nm7AgXqJEIxImvFAgT0XUiWQqNr
X/dEWeRNTHLJwxgxqq24pjydh0zlXwv40oJ6zfAwl51CxXKZIwYNEe59WX7E1ysu
5R+hN/52ZHue5igGks9gWMLmETrPcG+HR82dYDBI8A3WKZZDMBEUx3hIk8hTBo27
7zxMhTLwvyXKO46BzFvW091ZRvtE7T7djHPB0Sfxd1FVzJqorTN7PXwHkDom9Hg7
5wZbRbRnq+fbT66ekaQkulcJqBH3ZiXKcSy5mAeOjPlCi8Nrqm9UdFZb55+gzjgc
kmtav9nDfeWuqI/TBR3koFRN
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:18:30 2024 by rpki-client on console-ams.rpki-client.org