Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/3ip74V50qs0h4ZWMyydEYUb3bSU.roa
File: 3ip74V50qs0h4ZWMyydEYUb3bSU.roa (raw, json)
Hash identifier: VaRHvi6F7wj7omvIXL/64w09nFe4kau8+GxnnxHfyXI=
Subject key identifier: DE:2A:7B:E1:5E:74:AA:CD:21:E1:95:8C:CB:27:44:61:46:F7:6D:25
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 018CC7944740B7B5E07234BC488E34AA99E6
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/3ip74V50qs0h4ZWMyydEYUb3bSU.roa
Signing time: Tue 02 Jan 2024 00:30:32 +0000
ROA not before: Tue 02 Jan 2024 00:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28886
IP address blocks: 217.28.48.0/20 maxlen: 20
2a02:2880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:47:40:b7:b5:e0:72:34:bc:48:8e:34:aa:99:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Jan 2 00:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de2a7be15e74aacd21e1958ccb27446146f76d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c2:00:a4:0a:0d:e6:c1:db:8f:a6:42:69:01:
f5:a5:98:a4:ca:21:55:f9:d2:6a:d4:7c:d3:b6:49:
98:8e:74:f0:d3:83:65:41:6d:e6:59:4d:6c:97:4f:
af:c6:cf:55:93:f3:b9:df:50:f6:97:32:ce:bf:66:
77:01:c5:61:bd:5b:69:25:be:a7:1e:07:61:a4:15:
7a:2c:76:49:43:93:63:15:8e:58:a1:5e:8b:2d:22:
8a:b5:71:c4:87:4b:db:43:47:ef:46:9c:45:05:35:
7c:46:d2:f1:30:54:ab:fe:fc:10:de:f4:8f:71:bb:
fa:a9:75:a7:52:c7:21:7b:ef:b0:a9:2f:ea:e2:4c:
98:66:b0:1d:c6:7b:db:0d:d4:bf:f3:ea:ea:04:47:
c5:a2:b6:49:37:e1:17:79:e6:44:36:b9:a5:bb:03:
00:f9:9e:9c:7e:98:99:f4:2a:68:8d:7b:2a:a4:45:
0d:ca:0b:cc:ab:5c:fa:cd:05:97:86:9b:64:9d:22:
c3:29:64:5f:a0:79:28:db:42:29:54:1a:25:14:85:
77:00:7b:8a:0a:97:8a:cf:eb:94:87:ca:75:80:7b:
28:ce:fa:b6:26:12:ba:6e:75:15:fb:3d:e7:61:71:
5d:38:2d:f2:d6:b9:0b:79:af:84:61:0b:c9:46:7b:
10:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2A:7B:E1:5E:74:AA:CD:21:E1:95:8C:CB:27:44:61:46:F7:6D:25
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/3ip74V50qs0h4ZWMyydEYUb3bSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.48.0/20
IPv6:
2a02:2880::/32
Signature Algorithm: sha256WithRSAEncryption
59:39:7f:33:84:50:7f:a4:4e:9d:2d:b1:f0:60:e2:74:7e:be:
0c:a6:0c:56:75:b2:95:be:a1:72:20:14:2d:dc:6b:be:43:4d:
6a:41:ce:b9:31:b4:99:77:b8:1f:b1:3c:bc:d8:b2:df:67:53:
92:74:39:52:e7:7c:5a:11:6a:55:9b:b7:b2:1d:0a:25:90:8e:
c1:ef:0a:c8:fd:de:91:51:1a:84:de:74:78:87:22:63:ab:41:
8e:43:4c:4b:db:01:64:06:1f:e5:8c:c2:f2:9e:17:35:0b:a4:
a9:a3:a2:ee:d9:4b:a6:06:ca:9d:fd:cd:91:86:49:b8:2c:fc:
42:6d:e7:ca:da:87:da:50:3f:ae:52:53:16:d1:b0:a0:2f:78:
58:ec:d4:65:aa:40:27:7e:30:4f:f0:99:13:76:0e:37:fb:83:
c3:5a:c7:6d:35:2d:5d:f0:dc:34:bc:08:65:ff:51:93:2f:4b:
2b:2f:4c:0f:88:c5:ab:67:83:a1:56:1a:e3:5b:26:db:39:4e:
93:fe:84:3a:b6:a8:4a:b2:44:d7:3a:4b:d6:31:60:79:6c:fc:
61:b2:a1:d5:8c:f9:10:17:c6:96:83:21:c5:21:29:34:36:f7:
a7:9d:45:52:b4:95:28:70:c0:43:41:8d:4b:48:00:c6:6d:04:
d5:0a:bf:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlEdAt7XgcjS8SI40qpnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjQwMTAyMDAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTJhN2JlMTVlNzRhYWNkMjFlMTk1OGNjYjI3NDQ2MTQ2Zjc2ZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8IApAoN5sHbj6ZCaQH1pZikyiFV
+dJq1HzTtkmYjnTw04NlQW3mWU1sl0+vxs9Vk/O531D2lzLOv2Z3AcVhvVtpJb6n
HgdhpBV6LHZJQ5NjFY5YoV6LLSKKtXHEh0vbQ0fvRpxFBTV8RtLxMFSr/vwQ3vSP
cbv6qXWnUsche++wqS/q4kyYZrAdxnvbDdS/8+rqBEfForZJN+EXeeZENrmluwMA
+Z6cfpiZ9CpojXsqpEUNygvMq1z6zQWXhptknSLDKWRfoHko20IpVBolFIV3AHuK
CpeKz+uUh8p1gHsozvq2JhK6bnUV+z3nYXFdOC3y1rkLea+EYQvJRnsQeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN4qe+FedKrNIeGVjMsnRGFG920lMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvM2lwNzRWNTBxczBoNFpXTXl5ZEVZVWIzYlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2RwwMA0E
AgACMAcDBQAqAiiAMA0GCSqGSIb3DQEBCwUAA4IBAQBZOX8zhFB/pE6dLbHwYOJ0
fr4MpgxWdbKVvqFyIBQt3Gu+Q01qQc65MbSZd7gfsTy82LLfZ1OSdDlS53xaEWpV
m7eyHQolkI7B7wrI/d6RURqE3nR4hyJjq0GOQ0xL2wFkBh/ljMLynhc1C6Spo6Lu
2UumBsqd/c2Rhkm4LPxCbefK2ofaUD+uUlMW0bCgL3hY7NRlqkAnfjBP8JkTdg43
+4PDWsdtNS1d8Nw0vAhl/1GTL0srL0wPiMWrZ4OhVhrjWybbOU6T/oQ6tqhKskTX
OkvWMWB5bPxhsqHVjPkQF8aWgyHFISk0NvennUVStJUocMBDQY1LSADGbQTVCr8X
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:53 2024 by rpki-client on console-ams.rpki-client.org