Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/3P_ASOC29ClvbrDv_7mfxuE645M.roa
File: 3P_ASOC29ClvbrDv_7mfxuE645M.roa (raw, json)
Hash identifier: C8Afnkzu7Dj05MbtZkV/ncc0ICW/ThqkmXEFHRr8PBY=
Subject key identifier: DC:FF:C0:48:E0:B6:F4:29:6F:6E:B0:EF:FF:B9:9F:C6:E1:3A:E3:93
Certificate issuer: /CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
Certificate serial: 018CC72742FF657710D9E8FD9E6E1FD1E1B4
Authority key identifier: E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/3P_ASOC29ClvbrDv_7mfxuE645M.roa
Signing time: Mon 01 Jan 2024 22:31:28 +0000
ROA not before: Mon 01 Jan 2024 22:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14163
IP address blocks: 213.152.229.0/24 maxlen: 24
213.161.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.mft
rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:42:ff:65:77:10:d9:e8:fd:9e:6e:1f:d1:e1:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e30cc9429b63382e9b1714d21b3c96d2e5ebe257
Validity
Not Before: Jan 1 22:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcffc048e0b6f4296f6eb0efffb99fc6e13ae393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a2:29:f9:7d:fe:a8:e1:6e:95:d7:5c:02:ec:
95:02:cd:3f:c2:d9:90:b4:7b:d6:3a:90:e7:9d:c0:
5b:7c:6c:5e:51:8f:fd:b8:44:8e:98:29:7b:3b:44:
5a:46:9f:21:9e:06:8d:84:ca:65:e1:8a:4f:c1:36:
c7:a5:5a:a8:fd:46:da:16:ce:b2:f6:88:f5:73:6d:
78:9f:cf:a5:19:eb:1a:32:c2:08:e9:34:54:d5:dd:
f2:a6:6b:0e:1f:90:16:ed:c3:7a:6e:33:c9:db:db:
3a:69:a0:45:c0:eb:41:ac:ab:f5:61:1c:b3:2a:f1:
7a:3d:8e:7d:d0:73:ab:40:48:80:c4:7a:ae:f2:b3:
12:33:38:90:90:c1:b8:be:ef:1a:45:b6:f9:48:6f:
4f:fe:64:82:43:6a:84:7b:18:b2:2a:54:4c:d6:c9:
92:63:a6:e0:71:bb:fb:26:42:76:18:53:f4:95:25:
84:45:3d:73:25:3d:5a:36:6f:a1:64:56:ce:41:4f:
27:00:5a:ae:96:58:44:ca:26:76:f0:b1:a9:a5:1f:
2e:e2:9d:86:fc:01:6a:d7:14:bd:41:3c:49:aa:e3:
a6:5f:ec:b8:4f:fb:c2:92:d0:4d:e4:ca:1e:a4:36:
ed:95:bf:00:8d:9f:c3:8d:00:f9:b8:96:d9:f4:6b:
8b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FF:C0:48:E0:B6:F4:29:6F:6E:B0:EF:FF:B9:9F:C6:E1:3A:E3:93
X509v3 Authority Key Identifier:
keyid:E3:0C:C9:42:9B:63:38:2E:9B:17:14:D2:1B:3C:96:D2:E5:EB:E2:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4wzJQptjOC6bFxTSGzyW0uXr4lc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/3P_ASOC29ClvbrDv_7mfxuE645M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c73287-b1b1-4aca-bd2e-db4f352e9ad3/1/4wzJQptjOC6bFxTSGzyW0uXr4lc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.152.229.0/24
213.161.86.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:d2:4d:2b:79:df:77:f9:16:60:6e:32:a2:d8:23:8d:59:c0:
a4:cf:b5:44:ab:54:69:9c:e4:2d:85:aa:91:18:2b:1d:6f:64:
93:60:3c:ee:94:46:7b:2a:84:5f:a4:4f:a6:40:85:11:e1:5b:
31:f7:37:83:21:2c:ef:a7:f5:7e:5f:0c:ce:15:06:17:a6:3a:
07:16:27:21:70:03:31:24:c0:7a:8e:86:17:51:db:20:39:c7:
2f:b7:b7:f6:db:c9:39:5d:24:37:e7:bb:ef:bf:a6:93:0c:9c:
f6:05:6e:de:ca:47:fa:db:a1:a6:e7:e2:5a:f5:18:2a:0e:cd:
11:17:e7:40:95:92:90:74:4a:49:c0:f7:be:42:c3:08:78:09:
8a:3d:7a:fb:fc:8c:d9:b0:71:eb:3f:d4:e5:80:a5:bd:32:6f:
78:0c:60:6f:a6:87:79:bb:81:4b:47:21:35:f0:98:e7:63:f1:
3d:aa:36:3f:e1:f6:00:af:0c:7b:ed:1c:06:df:b6:6c:2d:f8:
6d:e2:a5:36:7c:09:85:66:d2:35:36:46:ce:fe:f1:95:6f:db:
66:a2:c9:fb:df:8e:67:c5:38:54:5d:c1:b9:86:28:27:5e:3d:
30:df:8f:47:f6:d5:c7:aa:13:35:49:4d:a2:8d:c3:e9:39:e8:
15:26:78:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ0L/ZXcQ2ej9nm4f0eG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMGNjOTQyOWI2MzM4MmU5YjE3MTRkMjFiM2M5NmQyZTVl
YmUyNTcwHhcNMjQwMTAxMjIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ZmYzA0OGUwYjZmNDI5NmY2ZWIwZWZmZmI5OWZjNmUxM2FlMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqIp+X3+qOFulddcAuyVAs0/wtmQ
tHvWOpDnncBbfGxeUY/9uESOmCl7O0RaRp8hngaNhMpl4YpPwTbHpVqo/UbaFs6y
9oj1c214n8+lGesaMsII6TRU1d3ypmsOH5AW7cN6bjPJ29s6aaBFwOtBrKv1YRyz
KvF6PY590HOrQEiAxHqu8rMSMziQkMG4vu8aRbb5SG9P/mSCQ2qEexiyKlRM1smS
Y6bgcbv7JkJ2GFP0lSWERT1zJT1aNm+hZFbOQU8nAFqullhEyiZ28LGppR8u4p2G
/AFq1xS9QTxJquOmX+y4T/vCktBN5MoepDbtlb8AjZ/DjQD5uJbZ9GuLCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNz/wEjgtvQpb26w7/+5n8bhOuOTMB8GA1UdIwQY
MBaAFOMMyUKbYzgumxcU0hs8ltLl6+JXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHd6SlFwdGpPQzZiRnhUU0d6eVcwdVhyNGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNzMyODctYjFiMS00YWNhLWJkMmUt
ZGI0ZjM1MmU5YWQzLzEvM1BfQVNPQzI5Q2x2YnJEdl83bWZ4dUU2NDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNzMyODctYjFiMS00YWNhLWJkMmUtZGI0ZjM1MmU5YWQz
LzEvNHd6SlFwdGpPQzZiRnhUU0d6eVcwdVhyNGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1ZjlAwQA
1aFWMA0GCSqGSIb3DQEBCwUAA4IBAQCz0k0red93+RZgbjKi2CONWcCkz7VEq1Rp
nOQthaqRGCsdb2STYDzulEZ7KoRfpE+mQIUR4Vsx9zeDISzvp/V+XwzOFQYXpjoH
FichcAMxJMB6joYXUdsgOccvt7f228k5XSQ357vvv6aTDJz2BW7eykf626Gm5+Ja
9RgqDs0RF+dAlZKQdEpJwPe+QsMIeAmKPXr7/IzZsHHrP9TlgKW9Mm94DGBvpod5
u4FLRyE18JjnY/E9qjY/4fYArwx77RwG37ZsLfht4qU2fAmFZtI1NkbO/vGVb9tm
osn7345nxThUXcG5hignXj0w349H9tXHqhM1SU2ijcPpOegVJniy
-----END CERTIFICATE-----
Generated at Sat May 25 17:53:52 2024 by rpki-client on console-ams.rpki-client.org