Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3zDVgc_8G21zF8KdE1c7hqN7QQo.roa
File: 3zDVgc_8G21zF8KdE1c7hqN7QQo.roa (raw, json)
Hash identifier: Q4/r21QV/wepCV+1FmePDikOwBlD/nMSpJ+fzUfcu8w=
Subject key identifier: DF:30:D5:81:CF:FC:1B:6D:73:17:C2:9D:13:57:3B:86:A3:7B:41:0A
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019350457861D833A20D99A9B38639CC56B2
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3zDVgc_8G21zF8KdE1c7hqN7QQo.roa
Signing time: Thu 21 Nov 2024 19:49:10 +0000
ROA not before: Thu 21 Nov 2024 19:49:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 93.190.12.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.30.0/24 maxlen: 24
185.254.31.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
193.35.154.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:45:78:61:d8:33:a2:0d:99:a9:b3:86:39:cc:56:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Nov 21 19:49:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df30d581cffc1b6d7317c29d13573b86a37b410a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3d:d4:ab:b6:7b:e4:11:7b:81:58:10:5d:d5:
47:19:5f:b5:eb:6f:70:b3:4a:48:f9:2c:fe:87:e7:
ed:9d:5c:34:5c:d9:74:35:13:1e:84:31:6e:d4:bb:
38:0b:8d:00:af:eb:06:ca:ec:e8:18:82:43:53:73:
9d:ef:9f:d0:18:80:e4:17:69:cd:e3:56:32:f7:2d:
42:5d:76:dc:e0:5e:1d:c0:1f:a1:0c:65:51:8b:80:
78:f8:2d:37:33:37:39:7b:7d:03:16:27:5f:4f:92:
68:24:09:90:f1:90:a6:2b:ee:3b:c8:15:3e:65:64:
45:56:d6:21:08:d2:8e:f9:fc:7c:64:68:70:3a:4f:
f0:68:6e:e4:a7:58:0d:7e:e2:da:cb:6e:f6:ff:a0:
e8:69:3e:8b:b6:b2:a4:73:1a:c7:9e:5c:f1:b8:0a:
06:67:3d:8f:29:25:8d:32:b5:dd:75:d1:d1:6d:87:
36:fe:2b:e5:5a:bb:26:bd:fa:f8:8d:da:57:87:1e:
3e:93:e5:51:94:59:29:3c:a2:1b:86:78:e3:a8:13:
9b:23:87:33:38:f7:b7:09:49:bf:75:18:16:83:ee:
f6:9b:6c:03:64:de:f8:b0:d5:1e:72:c7:54:c4:b2:
74:c1:96:82:32:48:ad:ff:46:da:74:8d:ba:62:04:
f6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:30:D5:81:CF:FC:1B:6D:73:17:C2:9D:13:57:3B:86:A3:7B:41:0A
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/3zDVgc_8G21zF8KdE1c7hqN7QQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.12.0/24
109.236.51.0/24
160.20.109.0/24
185.86.6.0/24
185.243.181.0/24
185.254.28.0/22
185.254.239.0/24
193.35.152.0/22
193.160.143.0/24
194.62.54.0/24
Signature Algorithm: sha256WithRSAEncryption
40:d7:62:63:4b:6c:ad:d2:29:e9:0f:d8:fa:59:f0:06:4a:b3:
15:01:f0:b0:9e:d7:a7:e4:5c:c6:ca:3f:08:4c:11:89:a0:8d:
02:b5:14:71:a6:05:e3:8a:15:2c:97:78:bc:28:dc:b1:09:1d:
2a:36:a1:19:07:ab:04:05:fb:fc:75:45:29:de:bf:4c:a1:cb:
d7:e5:58:ff:a9:a8:45:16:69:14:84:2f:79:b0:8b:7c:fa:b5:
60:37:fc:40:81:92:7b:4e:c6:00:77:9a:57:1e:94:b3:00:7f:
44:04:fb:20:03:34:75:07:b9:9f:b3:f8:40:96:2e:ed:30:e6:
19:76:86:d2:ab:3c:9c:29:5d:af:95:ad:8c:ae:5e:30:df:4f:
d6:53:25:75:a1:c9:d2:c6:da:4d:50:8b:7b:a9:41:fe:ed:e0:
66:bd:60:3d:f9:ec:70:3a:2e:df:68:72:46:6e:4e:ca:7c:be:
17:47:0d:ee:1b:4e:29:a9:a0:ef:c1:a3:fb:f1:8e:bd:6a:ff:
10:94:41:0b:b1:7e:cc:d3:e7:69:1b:a6:84:e2:6b:1f:7d:78:
51:c8:75:73:bf:86:ec:fc:2c:fd:61:01:44:9d:5f:d6:21:c1:
a7:a7:6a:d4:d2:f7:3a:72:16:b2:20:3c:ea:1b:d3:f7:16:44:
e1:55:1c:64
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZNQRXhh2DOiDZmps4Y5zFayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQxMTIxMTk0OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjMwZDU4MWNmZmMxYjZkNzMxN2MyOWQxMzU3M2I4NmEzN2I0MTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz3Uq7Z75BF7gVgQXdVHGV+1629w
s0pI+Sz+h+ftnVw0XNl0NRMehDFu1Ls4C40Ar+sGyuzoGIJDU3Od75/QGIDkF2nN
41Yy9y1CXXbc4F4dwB+hDGVRi4B4+C03Mzc5e30DFidfT5JoJAmQ8ZCmK+47yBU+
ZWRFVtYhCNKO+fx8ZGhwOk/waG7kp1gNfuLay272/6DoaT6LtrKkcxrHnlzxuAoG
Zz2PKSWNMrXdddHRbYc2/ivlWrsmvfr4jdpXhx4+k+VRlFkpPKIbhnjjqBObI4cz
OPe3CUm/dRgWg+72m2wDZN74sNUecsdUxLJ0wZaCMkit/0badI26YgT2LwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFN8w1YHP/BttcxfCnRNXO4aje0EKMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvM3pEVmdjXzhHMjF6RjhLZEUxYzdocU43UVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAXb4MAwQA
bewzAwQAoBRtAwQAuVYGAwQAufO1AwQCuf4cAwQAuf7vAwQCwSOYAwQAwaCPAwQA
wj42MA0GCSqGSIb3DQEBCwUAA4IBAQBA12JjS2yt0inpD9j6WfAGSrMVAfCwnten
5FzGyj8ITBGJoI0CtRRxpgXjihUsl3i8KNyxCR0qNqEZB6sEBfv8dUUp3r9MocvX
5Vj/qahFFmkUhC95sIt8+rVgN/xAgZJ7TsYAd5pXHpSzAH9EBPsgAzR1B7mfs/hA
li7tMOYZdobSqzycKV2vla2Mrl4w30/WUyV1ocnSxtpNUIt7qUH+7eBmvWA9+exw
Oi7faHJGbk7KfL4XRw3uG04pqaDvwaP78Y69av8QlEELsX7M0+dpG6aE4msffXhR
yHVzv4bs/Cz9YQFEnV/WIcGnp2rU0vc6chayIDzqG9P3FkThVRxk
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:23:58 2024 by rpki-client on console-ams.rpki-client.org