Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/3JvHaKykxIPgZmmEJgdH6exGteo.roa
File: 3JvHaKykxIPgZmmEJgdH6exGteo.roa (raw, json)
Hash identifier: /vkIqLorxMZRWaEH+VQTSybZAeXIzJJMtr/dZvcNSvc=
Subject key identifier: DC:9B:C7:68:AC:A4:C4:83:E0:66:69:84:26:07:47:E9:EC:46:B5:EA
Certificate issuer: /CN=cc777a08a4564548b518ec3864b341e1fa5225ea
Certificate serial: 0192E277E6EE39BDCEB1434D455BE5BA043A
Authority key identifier: CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/3JvHaKykxIPgZmmEJgdH6exGteo.roa
Signing time: Thu 31 Oct 2024 12:06:01 +0000
ROA not before: Thu 31 Oct 2024 12:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202779
IP address blocks: 91.201.220.0/22 maxlen: 24
91.201.220.0/24 maxlen: 24
91.201.221.0/24 maxlen: 24
91.201.222.0/24 maxlen: 24
185.154.156.0/22 maxlen: 24
185.154.156.0/24 maxlen: 24
185.154.157.0/24 maxlen: 24
185.154.158.0/24 maxlen: 24
185.154.159.0/24 maxlen: 24
213.173.96.0/19 maxlen: 24
213.173.96.0/20 maxlen: 24
213.173.96.0/23 maxlen: 23
213.173.99.0/24 maxlen: 24
213.173.112.0/20 maxlen: 20
213.244.248.0/21 maxlen: 24
213.244.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.mft
rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:77:e6:ee:39:bd:ce:b1:43:4d:45:5b:e5:ba:04:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc777a08a4564548b518ec3864b341e1fa5225ea
Validity
Not Before: Oct 31 12:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc9bc768aca4c483e0666984260747e9ec46b5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e6:00:97:2e:ef:8b:c7:5a:8a:54:73:92:52:
2f:2c:71:18:99:e3:74:a8:91:c1:dd:51:fe:2b:3d:
33:ec:69:1d:4e:67:af:17:43:65:b8:ee:30:b3:2e:
1d:d0:16:7a:da:2b:ae:57:de:d1:7b:10:f0:90:c5:
a2:01:a9:dc:8d:46:7a:fc:85:ff:de:89:79:28:7f:
25:d0:b4:ac:50:24:83:b9:c5:ea:b9:b9:35:3b:b1:
96:63:73:1c:cd:06:47:96:9c:98:17:e8:d5:dd:93:
a5:1b:6a:87:2c:a8:66:bd:05:b6:8f:76:c7:56:26:
29:d0:5b:69:ac:b7:a3:ac:16:8c:30:b8:c8:3c:5c:
38:1c:1a:46:2a:26:53:2c:0d:03:ae:45:16:61:6f:
19:35:d2:fd:4f:7f:c2:c6:28:6a:bf:3e:ec:24:7e:
11:e0:6f:aa:d0:47:f2:68:54:19:97:ad:0f:c7:c2:
ad:8e:12:0b:08:1d:73:d8:d0:e9:d2:b6:df:e2:ad:
87:8c:fc:90:b2:59:83:e6:93:bd:b9:9a:02:c0:02:
f8:b1:9f:d7:7e:eb:24:b6:9e:af:61:f6:f7:6e:12:
20:85:c9:34:71:66:f6:e6:11:cb:30:15:3e:f4:a6:
4a:70:1b:40:02:c5:20:57:68:41:ad:5f:0c:77:de:
b9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9B:C7:68:AC:A4:C4:83:E0:66:69:84:26:07:47:E9:EC:46:B5:EA
X509v3 Authority Key Identifier:
keyid:CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/3JvHaKykxIPgZmmEJgdH6exGteo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.220.0/22
185.154.156.0/22
213.173.96.0/19
213.244.248.0/21
Signature Algorithm: sha256WithRSAEncryption
79:6f:0d:df:de:29:04:66:96:cf:26:26:b9:52:f2:ff:24:20:
ab:19:f4:ff:8c:4a:56:52:6e:11:66:83:88:f8:97:8e:b9:88:
f7:53:54:b3:cd:bf:70:73:4e:e4:9e:0e:66:ff:a9:da:b7:d8:
95:3d:e0:47:f0:c2:82:52:2d:89:79:14:0c:1e:34:cd:88:1c:
0d:33:05:18:1b:65:22:53:e7:d9:ef:51:c4:b5:cb:ff:d5:a5:
98:df:b3:28:77:dc:14:db:7b:4e:a2:64:2a:aa:21:7d:b4:90:
61:57:41:33:75:b1:2f:53:ef:4c:aa:5f:77:bc:1f:51:3a:aa:
fe:17:76:ae:d3:9c:f7:15:3e:34:bf:03:64:11:c7:9e:4f:96:
ac:5d:0c:b7:75:b5:1c:dc:dc:cd:88:f5:1c:c4:c2:43:14:3d:
b3:8d:34:b1:05:52:61:45:e1:5b:77:01:b0:7c:aa:5c:de:db:
8e:2a:fa:3e:53:f5:3b:2d:01:1f:09:1e:9e:7e:1f:93:28:5f:
4a:22:72:62:17:b4:61:f3:45:0e:1b:3e:b5:17:7c:b7:83:03:
b9:16:41:8c:08:e4:0a:e8:2b:b7:d8:cc:8b:49:39:d8:71:73:
ee:08:68:35:fd:b8:a7:30:57:ad:65:00:0d:61:67:33:ac:42:
d7:7a:d0:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLid+buOb3OsUNNRVvlugQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzc3YTA4YTQ1NjQ1NDhiNTE4ZWMzODY0YjM0MWUxZmE1
MjI1ZWEwHhcNMjQxMDMxMTIwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzliYzc2OGFjYTRjNDgzZTA2NjY5ODQyNjA3NDdlOWVjNDZiNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeYAly7vi8dailRzklIvLHEYmeN0
qJHB3VH+Kz0z7GkdTmevF0NluO4wsy4d0BZ62iuuV97RexDwkMWiAancjUZ6/IX/
3ol5KH8l0LSsUCSDucXqubk1O7GWY3MczQZHlpyYF+jV3ZOlG2qHLKhmvQW2j3bH
ViYp0FtprLejrBaMMLjIPFw4HBpGKiZTLA0DrkUWYW8ZNdL9T3/Cxihqvz7sJH4R
4G+q0EfyaFQZl60Px8KtjhILCB1z2NDp0rbf4q2HjPyQslmD5pO9uZoCwAL4sZ/X
fusktp6vYfb3bhIghck0cWb25hHLMBU+9KZKcBtAAsUgV2hBrV8Md9652wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNybx2ispMSD4GZphCYHR+nsRrXqMB8GA1UdIwQY
MBaAFMx3egikVkVItRjsOGSzQeH6UiXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhkNkNLUldSVWkxR093NFpMTkI0ZnBTSmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hNzJhNGItMDY5My00ZDFiLTliZmMt
NzY3YjBjYzgwYzA4LzEvM0p2SGFLeWt4SVBnWm1tRUpnZEg2ZXhHdGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hNzJhNGItMDY5My00ZDFiLTliZmMtNzY3YjBjYzgwYzA4
LzEvekhkNkNLUldSVWkxR093NFpMTkI0ZnBTSmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8ncAwQC
uZqcAwQF1a1gAwQD1fT4MA0GCSqGSIb3DQEBCwUAA4IBAQB5bw3f3ikEZpbPJia5
UvL/JCCrGfT/jEpWUm4RZoOI+JeOuYj3U1Szzb9wc07kng5m/6nat9iVPeBH8MKC
Ui2JeRQMHjTNiBwNMwUYG2UiU+fZ71HEtcv/1aWY37Mod9wU23tOomQqqiF9tJBh
V0EzdbEvU+9Mql93vB9ROqr+F3au05z3FT40vwNkEceeT5asXQy3dbUc3NzNiPUc
xMJDFD2zjTSxBVJhReFbdwGwfKpc3tuOKvo+U/U7LQEfCR6efh+TKF9KInJiF7Rh
80UOGz61F3y3gwO5FkGMCOQK6Cu32MyLSTnYcXPuCGg1/binMFetZQANYWczrELX
etDg
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:10 2024 by rpki-client on console-ams.rpki-client.org