Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3_w_nVwUXRq9adps26J1NuDcotQ.roa
File: 3_w_nVwUXRq9adps26J1NuDcotQ.roa (raw, json)
Hash identifier: 0QWLYWuniK1y0epB/KdQymnrLKIdL/ritGfTiNLD8Pk=
Subject key identifier: DF:FC:3F:9D:5C:14:5D:1A:BD:69:DA:6C:DB:A2:75:36:E0:DC:A2:D4
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0192E4906791FB1C5495D23580D3C9F6F4DD
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3_w_nVwUXRq9adps26J1NuDcotQ.roa
Signing time: Thu 31 Oct 2024 21:52:01 +0000
ROA not before: Thu 31 Oct 2024 21:52:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 77.92.154.0/24 maxlen: 24
78.135.80.0/24 maxlen: 24
78.135.87.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e4:90:67:91:fb:1c:54:95:d2:35:80:d3:c9:f6:f4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Oct 31 21:52:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dffc3f9d5c145d1abd69da6cdba27536e0dca2d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:07:04:63:07:c0:88:3d:62:ad:33:fa:04:7b:
96:29:38:5d:91:1b:f8:36:91:a1:52:7a:cd:c4:19:
48:d7:bd:7a:dd:e0:6e:40:c6:bc:d2:b6:66:b0:de:
f0:39:4d:08:12:ea:8e:30:a9:8b:ba:d7:37:f0:e8:
e9:ec:92:47:48:05:1d:7f:b7:0e:c0:42:fb:f8:74:
33:93:f1:5f:c7:39:2e:bb:de:4d:41:92:3d:4c:da:
06:82:0c:6b:b4:2e:15:69:1f:19:4b:1f:01:47:6a:
f3:db:36:f1:f3:ca:9a:57:f4:39:69:57:2f:9e:10:
a5:35:ea:3c:d8:71:04:7f:4d:34:a0:b2:22:50:fd:
06:01:a9:fa:b6:28:ba:9c:77:88:70:b8:7b:45:e0:
de:ac:3d:97:2a:ac:43:49:b2:7b:3b:4d:a4:15:52:
63:ab:cb:32:04:c4:19:46:71:7a:e1:99:0c:13:17:
50:d8:ac:66:5f:7a:8b:1c:ca:dd:36:5d:17:a5:71:
9a:5b:53:70:c8:a2:23:8d:b3:83:f4:ba:5c:92:70:
74:31:9f:f2:1d:c2:e4:db:88:00:c0:8c:cc:28:1d:
76:cf:4c:4d:cf:4b:db:39:ba:e7:ab:2c:a9:63:39:
34:ae:09:8d:83:e6:37:5b:4a:43:fe:17:ca:ae:10:
31:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:FC:3F:9D:5C:14:5D:1A:BD:69:DA:6C:DB:A2:75:36:E0:DC:A2:D4
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3_w_nVwUXRq9adps26J1NuDcotQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.154.0/24
78.135.80.0/24
78.135.87.0/24
188.132.188.0/24
188.132.209.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:2f:44:b2:ea:86:ec:2b:90:4f:e9:94:e2:1a:e8:2c:a3:ec:
a5:ec:31:35:27:cc:40:1f:1a:17:17:e1:32:36:e5:3d:14:69:
e7:d8:96:21:66:f1:df:39:ba:c2:2f:70:36:f6:d4:37:88:18:
ff:4b:54:b6:55:9f:77:b0:b6:c4:88:c1:8c:22:e5:91:94:6e:
d3:7d:21:44:64:37:1c:da:46:83:d5:23:6a:64:a0:7e:bb:ed:
52:e3:6a:04:ae:15:8c:44:ef:1a:76:80:81:0b:60:2b:7a:61:
dc:94:da:43:a0:39:3c:c5:63:af:18:a4:7f:57:4d:31:49:0b:
67:51:38:c5:98:37:c7:f0:24:07:b2:65:9d:6d:29:93:21:b2:
4e:20:27:0a:6f:b7:75:b6:fa:b3:a9:6f:54:a3:5a:f1:cc:84:
d0:cd:c5:2b:50:55:f7:07:7b:46:1f:36:14:12:b1:bd:f5:61:
c0:87:36:6f:03:f9:d8:b1:59:68:18:ed:0f:82:0a:89:41:0e:
67:79:96:eb:a5:3b:aa:25:51:89:78:f0:9d:42:06:c6:bd:19:
2c:61:7f:ea:3e:f0:3a:fe:90:7f:53:d1:e9:0e:e5:80:99:a3:
76:01:bb:13:14:b3:9c:c3:9b:91:bf:dd:79:c7:02:44:54:91:
1d:4c:99:39
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLkkGeR+xxUldI1gNPJ9vTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMDMxMjE1MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmZjM2Y5ZDVjMTQ1ZDFhYmQ2OWRhNmNkYmEyNzUzNmUwZGNhMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gcEYwfAiD1irTP6BHuWKThdkRv4
NpGhUnrNxBlI17163eBuQMa80rZmsN7wOU0IEuqOMKmLutc38Ojp7JJHSAUdf7cO
wEL7+HQzk/Ffxzkuu95NQZI9TNoGggxrtC4VaR8ZSx8BR2rz2zbx88qaV/Q5aVcv
nhClNeo82HEEf000oLIiUP0GAan6tii6nHeIcLh7ReDerD2XKqxDSbJ7O02kFVJj
q8syBMQZRnF64ZkMExdQ2KxmX3qLHMrdNl0XpXGaW1NwyKIjjbOD9LpcknB0MZ/y
HcLk24gAwIzMKB12z0xNz0vbObrnqyypYzk0rgmNg+Y3W0pD/hfKrhAxcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN/8P51cFF0avWnabNuidTbg3KLUMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvM193X25Wd1VYUnE5YWRwczI2SjFOdURjb3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVyaAwQA
TodQAwQATodXAwQAvIS8AwQAvITRMA0GCSqGSIb3DQEBCwUAA4IBAQCML0Sy6obs
K5BP6ZTiGugso+yl7DE1J8xAHxoXF+EyNuU9FGnn2JYhZvHfObrCL3A29tQ3iBj/
S1S2VZ93sLbEiMGMIuWRlG7TfSFEZDcc2kaD1SNqZKB+u+1S42oErhWMRO8adoCB
C2AremHclNpDoDk8xWOvGKR/V00xSQtnUTjFmDfH8CQHsmWdbSmTIbJOICcKb7d1
tvqzqW9Uo1rxzITQzcUrUFX3B3tGHzYUErG99WHAhzZvA/nYsVloGO0PggqJQQ5n
eZbrpTuqJVGJePCdQgbGvRksYX/qPvA6/pB/U9HpDuWAmaN2AbsTFLOcw5uRv915
xwJEVJEdTJk5
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:24:29 2024 by rpki-client on console-ams.rpki-client.org