Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/E338zGdXiRW1OvOYkR4UK-nzOyA.roa
File: E338zGdXiRW1OvOYkR4UK-nzOyA.roa (raw, json)
Hash identifier: 3Xv5A7MXPITCFs5yFaXu7gR2F124U+WV+I7E3edZbLI=
Subject key identifier: 13:7D:FC:CC:67:57:89:15:B5:3A:F3:98:91:1E:14:2B:E9:F3:3B:20
Certificate issuer: /CN=3d23758dfb6f1d43dcd64d0f0ab27ef715135952
Certificate serial: 018EE750095AB79F18E9C53C6AF38730E667
Authority key identifier: 3D:23:75:8D:FB:6F:1D:43:DC:D6:4D:0F:0A:B2:7E:F7:15:13:59:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PSN1jftvHUPc1k0PCrJ-9xUTWVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/E338zGdXiRW1OvOYkR4UK-nzOyA.roa
Signing time: Tue 16 Apr 2024 14:29:25 +0000
ROA not before: Tue 16 Apr 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29010
IP address blocks: 185.193.144.0/22 maxlen: 24
195.39.222.0/23 maxlen: 24
2a01:a780::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/PSN1jftvHUPc1k0PCrJ-9xUTWVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/PSN1jftvHUPc1k0PCrJ-9xUTWVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/PSN1jftvHUPc1k0PCrJ-9xUTWVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e7:50:09:5a:b7:9f:18:e9:c5:3c:6a:f3:87:30:e6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d23758dfb6f1d43dcd64d0f0ab27ef715135952
Validity
Not Before: Apr 16 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=137dfccc67578915b53af398911e142be9f33b20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fe:89:92:f9:c4:05:3f:be:20:f8:cc:5a:98:
50:63:44:d5:85:9f:32:84:7e:0b:f4:09:86:cd:60:
d7:a6:e0:b5:ee:e3:87:98:7c:b5:6e:03:b7:66:57:
02:9b:fa:32:81:a4:3e:00:2d:69:bb:5b:25:78:cc:
6f:75:a0:e6:17:ae:d7:ae:1e:d4:e0:96:83:a1:ea:
f4:52:3c:09:1e:22:11:51:b8:1a:0f:8b:ca:e1:1e:
7c:4d:fc:6b:7c:b0:96:a1:26:99:a8:e6:ae:33:34:
b6:98:66:52:66:28:fa:b0:0d:44:fc:e1:08:be:2d:
da:22:76:7a:ea:8f:04:39:2e:04:da:a0:c1:6a:30:
40:49:80:39:6f:6c:6c:68:71:b1:91:e2:61:c8:f4:
76:be:e8:aa:29:c2:5f:ea:27:d8:c0:56:db:3a:3c:
de:a7:d9:79:e9:da:1e:30:b8:43:23:42:8b:cc:0b:
3d:63:7a:72:61:a4:cb:3f:e5:81:03:f9:c4:ef:38:
18:a8:19:e1:a3:3d:3c:7a:fe:5e:68:c5:d4:d6:63:
8f:5c:92:a7:23:6d:f5:09:f3:7e:23:a1:1c:c4:5c:
83:de:f2:cd:d5:eb:11:92:6d:00:a5:6b:55:d8:c4:
2d:5b:f9:7e:84:67:2e:41:3c:2c:a5:7f:18:6b:16:
61:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:7D:FC:CC:67:57:89:15:B5:3A:F3:98:91:1E:14:2B:E9:F3:3B:20
X509v3 Authority Key Identifier:
keyid:3D:23:75:8D:FB:6F:1D:43:DC:D6:4D:0F:0A:B2:7E:F7:15:13:59:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PSN1jftvHUPc1k0PCrJ-9xUTWVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/E338zGdXiRW1OvOYkR4UK-nzOyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/PSN1jftvHUPc1k0PCrJ-9xUTWVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.144.0/22
195.39.222.0/23
IPv6:
2a01:a780::/32
Signature Algorithm: sha256WithRSAEncryption
42:f1:7f:94:29:43:86:29:9e:b2:a4:d6:51:45:d8:83:62:2b:
8c:a7:3a:b1:5f:ca:dc:89:18:57:46:be:d7:1d:ac:25:93:1e:
f2:34:ff:17:54:b3:c7:86:06:e3:8b:fe:cd:b7:66:23:38:09:
64:2e:34:b5:93:76:7f:92:76:d3:5a:83:7b:0d:31:46:3d:f6:
c7:36:cf:55:47:20:46:af:2e:c0:50:e4:61:d0:e9:55:1b:d4:
2b:44:d4:77:6b:d7:be:b2:49:ae:1d:56:ba:18:b4:76:73:a8:
6a:c7:e2:d5:bd:c6:a7:0c:fa:2c:b6:37:1a:fb:a8:6a:50:7b:
9d:c5:ae:9f:1f:d8:af:9a:44:2b:f9:02:9b:f1:65:15:8b:de:
23:5f:32:a0:70:b2:db:a2:6c:fa:b2:34:65:c1:d8:0e:40:be:
fb:92:c5:c5:5b:81:32:22:ef:f0:73:7b:2c:e8:30:71:6a:22:
ce:c7:19:1b:7e:13:80:a7:57:74:19:b2:d2:b5:25:97:86:a5:
7f:c6:fa:61:3b:62:26:e8:5b:c3:54:e7:0c:11:61:ce:5e:3f:
a8:65:a2:a2:ac:fe:25:4f:29:6b:38:24:1d:0d:eb:35:20:f8:
e4:4a:b5:97:f1:61:fd:8e:fd:15:05:0c:1d:2c:01:b9:4f:5b:
74:e9:31:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY7nUAlat58Y6cU8avOHMOZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMjM3NThkZmI2ZjFkNDNkY2Q2NGQwZjBhYjI3ZWY3MTUx
MzU5NTIwHhcNMjQwNDE2MTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzdkZmNjYzY3NTc4OTE1YjUzYWYzOTg5MTFlMTQyYmU5ZjMzYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv6JkvnEBT++IPjMWphQY0TVhZ8y
hH4L9AmGzWDXpuC17uOHmHy1bgO3ZlcCm/oygaQ+AC1pu1sleMxvdaDmF67Xrh7U
4JaDoer0UjwJHiIRUbgaD4vK4R58TfxrfLCWoSaZqOauMzS2mGZSZij6sA1E/OEI
vi3aInZ66o8EOS4E2qDBajBASYA5b2xsaHGxkeJhyPR2vuiqKcJf6ifYwFbbOjze
p9l56doeMLhDI0KLzAs9Y3pyYaTLP+WBA/nE7zgYqBnhoz08ev5eaMXU1mOPXJKn
I231CfN+I6EcxFyD3vLN1esRkm0ApWtV2MQtW/l+hGcuQTwspX8YaxZhwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBN9/MxnV4kVtTrzmJEeFCvp8zsgMB8GA1UdIwQY
MBaAFD0jdY37bx1D3NZNDwqyfvcVE1lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFNOMWpmdHZIVVBjMWswUENySi05eFVUV1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82NmVmYjQtZDJlYy00MGQ2LTlhM2Ut
Nzk5MGU4N2JiZDVmLzEvRTMzOHpHZFhpUlcxT3ZPWWtSNFVLLW56T3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82NmVmYjQtZDJlYy00MGQ2LTlhM2UtNzk5MGU4N2JiZDVm
LzEvUFNOMWpmdHZIVVBjMWswUENySi05eFVUV1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCucGQAwQB
wyfeMA0EAgACMAcDBQAqAaeAMA0GCSqGSIb3DQEBCwUAA4IBAQBC8X+UKUOGKZ6y
pNZRRdiDYiuMpzqxX8rciRhXRr7XHawlkx7yNP8XVLPHhgbji/7Nt2YjOAlkLjS1
k3Z/knbTWoN7DTFGPfbHNs9VRyBGry7AUORh0OlVG9QrRNR3a9e+skmuHVa6GLR2
c6hqx+LVvcanDPostjca+6hqUHudxa6fH9ivmkQr+QKb8WUVi94jXzKgcLLbomz6
sjRlwdgOQL77ksXFW4EyIu/wc3ss6DBxaiLOxxkbfhOAp1d0GbLStSWXhqV/xvph
O2Im6FvDVOcMEWHOXj+oZaKirP4lTylrOCQdDes1IPjkSrWX8WH9jv0VBQwdLAG5
T1t06THL
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:51:53 2024 by rpki-client on console-fra.rpki-client.org