Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/3K3Ezh1hdim2G-yU9Q5A5aoMgFs.roa
File: 3K3Ezh1hdim2G-yU9Q5A5aoMgFs.roa (raw, json)
Hash identifier: nsHd6813m4el959/ZfKsPoHDWktUBeEFDdxuDp575Io=
Subject key identifier: DC:AD:C4:CE:1D:61:76:29:B6:1B:EC:94:F5:0E:40:E5:AA:0C:80:5B
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018CC94E108BEA2D57BEAE456624B0606E6C
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/3K3Ezh1hdim2G-yU9Q5A5aoMgFs.roa
Signing time: Tue 02 Jan 2024 08:33:05 +0000
ROA not before: Tue 02 Jan 2024 08:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44486
IP address blocks: 185.14.94.0/24 maxlen: 24
185.14.95.0/24 maxlen: 24
37.114.36.0/24 maxlen: 24
37.114.33.0/24 maxlen: 24
37.114.35.0/24 maxlen: 24
37.114.34.0/24 maxlen: 24
37.114.32.0/24 maxlen: 24
37.114.38.0/23 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.42.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.47.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.53.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
37.114.57.0/24 maxlen: 24
37.114.56.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
103.252.88.0/22 maxlen: 22
37.114.61.0/24 maxlen: 24
37.114.60.0/24 maxlen: 24
37.114.62.0/24 maxlen: 24
37.114.59.0/24 maxlen: 24
43.251.162.0/23 maxlen: 23
176.100.33.0/24 maxlen: 24
176.100.32.0/24 maxlen: 24
176.100.34.0/24 maxlen: 24
176.100.35.0/24 maxlen: 24
2a00:ccc1:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 18:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:10:8b:ea:2d:57:be:ae:45:66:24:b0:60:6e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 2 08:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcadc4ce1d617629b61bec94f50e40e5aa0c805b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:97:6b:6d:f4:02:90:93:79:65:8b:e6:06:5b:
8b:a7:66:74:3a:76:8d:91:f6:da:20:c3:04:d9:5b:
b8:62:32:07:75:15:14:eb:82:f8:18:2f:b6:18:46:
90:99:72:f3:5f:12:9b:07:da:31:27:ae:5d:64:81:
58:0e:64:9d:57:5b:f5:39:a0:63:31:9d:cc:52:97:
9b:cf:bd:0a:30:db:87:71:a9:0e:7a:9a:7e:3c:70:
65:4a:15:68:c2:03:d5:82:4f:0a:31:1c:77:f7:3a:
12:fd:64:44:ab:28:ff:fd:81:e3:b1:28:0c:ec:bd:
55:0f:36:3a:f2:cf:15:7b:b0:6b:87:bb:ea:61:93:
2b:5e:54:c7:40:72:8f:fe:16:80:65:db:44:e3:ad:
2d:59:44:8e:d1:b4:70:e7:d9:22:b1:88:ca:e6:1a:
34:b2:03:fc:1a:13:8c:cb:f5:a0:78:46:b7:a2:bf:
75:f7:46:c5:6f:86:b2:63:5c:25:f8:c5:27:9c:00:
96:00:30:c4:c6:29:f2:5c:00:10:0f:df:07:45:94:
f1:32:08:77:2b:b1:dd:6d:e4:f1:93:80:62:88:6c:
fc:83:53:61:af:2e:1c:5b:ba:71:10:40:4b:ef:98:
8b:ee:59:7b:85:a3:2e:ba:e3:e5:81:8d:a3:9d:71:
33:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AD:C4:CE:1D:61:76:29:B6:1B:EC:94:F5:0E:40:E5:AA:0C:80:5B
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/3K3Ezh1hdim2G-yU9Q5A5aoMgFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0-37.114.36.255
37.114.38.0/23
37.114.42.0/23
37.114.47.0-37.114.53.255
37.114.55.0-37.114.57.255
37.114.59.0-37.114.62.255
43.251.162.0/23
103.252.88.0/22
176.100.32.0/22
185.14.94.0/23
IPv6:
2a00:ccc1:100::/40
Signature Algorithm: sha256WithRSAEncryption
73:71:4b:b6:74:65:92:d9:00:b6:01:90:30:62:dc:fd:c3:7f:
97:8b:85:37:c1:c7:02:a2:86:1e:59:cb:38:a9:aa:ab:74:da:
0a:c2:b1:11:fa:ca:b2:db:f7:d5:58:f7:81:36:f5:b5:6b:40:
12:19:9b:91:d8:8a:44:0f:c4:8a:ad:22:0f:ac:9b:e8:74:98:
0b:93:88:30:a7:4e:4d:96:ad:2d:6a:c2:85:59:d6:4f:84:da:
79:8b:52:51:11:7f:ff:b6:31:96:cf:00:eb:e2:6f:1d:a7:38:
f0:db:10:ff:fb:b8:a3:5f:82:96:4f:db:f0:4f:cc:18:01:e6:
74:4a:34:f7:1e:59:11:43:3e:36:c0:80:87:ed:ed:1f:01:c3:
c8:8d:b5:77:2d:26:70:e5:47:ae:89:1b:81:34:6d:f8:c7:8e:
67:32:4d:fb:81:96:e0:cf:33:32:88:b4:ab:d7:71:a0:fa:60:
79:01:88:63:46:e0:a7:14:8f:4e:94:18:f7:e9:4a:99:2e:9b:
60:03:dd:ea:dd:94:37:b6:87:5a:f8:e9:04:f7:1c:16:ec:66:
99:9e:01:71:14:3b:7b:78:22:5e:25:fb:51:21:36:f4:55:85:
b2:22:e3:11:c2:0f:df:9f:6a:22:0c:21:03:36:13:ff:05:2a:
5e:d0:75:ca
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzJThCL6i1Xvq5FZiSwYG5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjQwMTAyMDgzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FkYzRjZTFkNjE3NjI5YjYxYmVjOTRmNTBlNDBlNWFhMGM4MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipdrbfQCkJN5ZYvmBluLp2Z0OnaN
kfbaIMME2Vu4YjIHdRUU64L4GC+2GEaQmXLzXxKbB9oxJ65dZIFYDmSdV1v1OaBj
MZ3MUpebz70KMNuHcakOepp+PHBlShVowgPVgk8KMRx39zoS/WREqyj//YHjsSgM
7L1VDzY68s8Ve7Brh7vqYZMrXlTHQHKP/haAZdtE460tWUSO0bRw59kisYjK5ho0
sgP8GhOMy/WgeEa3or9190bFb4ayY1wl+MUnnACWADDExinyXAAQD98HRZTxMgh3
K7HdbeTxk4BiiGz8g1Nhry4cW7pxEEBL75iL7ll7haMuuuPlgY2jnXEzhQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFNytxM4dYXYpthvslPUOQOWqDIBbMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvM0szRXpoMWhkaW0yRy15VTlRNUE1YW9NZ0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwYgQCAAEwXDAMAwQFJXIg
AwQAJXIkAwQBJXImAwQBJXIqMAwDBAAlci8DBAElcjQwDAMEACVyNwMEASVyODAM
AwQAJXI7AwQAJXI+AwQBK/uiAwQCZ/xYAwQCsGQgAwQBuQ5eMA4EAgACMAgDBgAq
AMzBATANBgkqhkiG9w0BAQsFAAOCAQEAc3FLtnRlktkAtgGQMGLc/cN/l4uFN8HH
AqKGHlnLOKmqq3TaCsKxEfrKstv31Vj3gTb1tWtAEhmbkdiKRA/Eiq0iD6yb6HSY
C5OIMKdOTZatLWrChVnWT4TaeYtSURF//7Yxls8A6+JvHac48NsQ//u4o1+Clk/b
8E/MGAHmdEo09x5ZEUM+NsCAh+3tHwHDyI21dy0mcOVHrokbgTRt+MeOZzJN+4GW
4M8zMoi0q9dxoPpgeQGIY0bgpxSPTpQY9+lKmS6bYAPd6t2UN7aHWvjpBPccFuxm
mZ4BcRQ7e3giXiX7USE29FWFsiLjEcIP359qIgwhAzYT/wUqXtB1yg==
-----END CERTIFICATE-----
Generated at Wed May 8 02:39:42 2024 by rpki-client on console-ams.rpki-client.org