Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/O3AuqwTTUX3LhgT-9CcZl2GnHyY.roa
File: O3AuqwTTUX3LhgT-9CcZl2GnHyY.roa (raw, json)
Hash identifier: GPQ6QU0LakOqkClUzg37u5T2BeP5D84KLgpy21pwhyY=
Subject key identifier: 3B:70:2E:AB:04:D3:51:7D:CB:86:04:FE:F4:27:19:97:61:A7:1F:26
Certificate issuer: /CN=5949698bbcd24fc9e1a9f5f41486c31af19a4bc8
Certificate serial: 018CC9BCBCEEBACE92312C81092059226A83
Authority key identifier: 59:49:69:8B:BC:D2:4F:C9:E1:A9:F5:F4:14:86:C3:1A:F1:9A:4B:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WUlpi7zST8nhqfX0FIbDGvGaS8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/O3AuqwTTUX3LhgT-9CcZl2GnHyY.roa
Signing time: Tue 02 Jan 2024 10:33:58 +0000
ROA not before: Tue 02 Jan 2024 10:33:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49985
IP address blocks: 188.120.192.0/19 maxlen: 19
185.172.252.0/22 maxlen: 22
176.62.224.0/20 maxlen: 20
2a02:c60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/WUlpi7zST8nhqfX0FIbDGvGaS8g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/WUlpi7zST8nhqfX0FIbDGvGaS8g.mft
rsync://rpki.ripe.net/repository/DEFAULT/WUlpi7zST8nhqfX0FIbDGvGaS8g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:bc:ee:ba:ce:92:31:2c:81:09:20:59:22:6a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5949698bbcd24fc9e1a9f5f41486c31af19a4bc8
Validity
Not Before: Jan 2 10:33:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b702eab04d3517dcb8604fef427199761a71f26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:30:3c:1b:0e:30:cf:2a:3f:ed:d9:df:ed:f0:
bf:04:4c:85:6b:62:eb:ef:f4:51:34:75:f7:b2:bb:
83:f5:bf:d6:44:4e:91:f5:45:c5:fe:23:c6:02:a2:
9f:8f:65:d8:14:f5:90:1a:c2:8a:b2:10:18:98:e2:
ac:02:ed:29:1a:b4:a6:1d:06:48:f6:0a:df:f8:33:
42:35:63:b8:7f:c2:4a:0d:2e:0c:d5:32:74:b9:d8:
6d:2f:23:e3:7f:25:c6:0c:45:40:d0:a7:64:e2:a2:
5e:31:b7:98:1a:82:91:81:19:ca:f8:fe:11:6d:85:
1b:14:78:4a:62:de:79:4b:a4:1f:0d:18:0c:21:53:
e7:2d:52:94:5f:cb:67:a8:16:3d:19:bd:9d:ee:4e:
46:79:78:ae:87:d3:23:b4:fe:3a:98:a8:bf:27:6b:
2f:31:f9:94:71:5f:e9:05:82:bb:3e:47:05:0e:06:
e6:90:a6:00:50:63:db:cf:e3:d6:c0:61:21:d4:70:
2f:97:5b:9c:2d:05:45:77:e9:12:55:48:8c:69:f3:
c3:da:58:d5:da:68:3a:55:dc:9b:89:12:de:49:07:
78:9f:b2:6c:9c:9d:23:f0:fa:18:d2:27:90:c8:7c:
16:34:b1:a6:21:ba:f4:09:31:03:80:c6:92:1a:01:
21:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:70:2E:AB:04:D3:51:7D:CB:86:04:FE:F4:27:19:97:61:A7:1F:26
X509v3 Authority Key Identifier:
keyid:59:49:69:8B:BC:D2:4F:C9:E1:A9:F5:F4:14:86:C3:1A:F1:9A:4B:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WUlpi7zST8nhqfX0FIbDGvGaS8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/O3AuqwTTUX3LhgT-9CcZl2GnHyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/WUlpi7zST8nhqfX0FIbDGvGaS8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.224.0/20
185.172.252.0/22
188.120.192.0/19
IPv6:
2a02:c60::/32
Signature Algorithm: sha256WithRSAEncryption
0e:f2:3a:7d:a9:fc:5c:e0:e9:b3:72:39:5a:1b:ba:24:e6:0a:
ef:22:db:bc:31:99:de:b7:5f:23:22:32:57:9e:82:42:58:3d:
1e:7f:37:74:e5:8f:97:5d:0d:ba:cd:c6:bb:0e:f4:01:fd:ad:
13:71:00:dd:92:c5:43:cf:27:2d:3c:9d:17:ee:14:42:3a:bd:
d9:0c:57:7a:01:f6:66:9c:bb:36:0c:5e:3e:87:2e:6c:1c:25:
53:6a:89:95:98:8a:a5:6f:e0:79:50:60:ae:21:7d:b6:6a:ed:
8c:c2:56:3a:5b:ad:c8:a0:1a:d8:c1:9d:73:f1:9f:79:a6:2a:
19:0d:3d:cb:44:04:d0:a4:62:7e:6c:72:4a:17:84:c5:c7:1d:
2b:f6:57:8b:3c:1c:51:e3:de:51:34:37:0d:55:5e:e5:5f:12:
4e:02:60:ec:aa:68:49:41:b9:14:0e:09:85:22:c4:cc:a0:e3:
90:7b:10:48:00:bb:3f:e0:04:9d:51:5f:0e:a2:f2:93:25:96:
4b:bc:45:ae:55:ba:b4:87:72:8d:05:8c:f5:0a:fa:8c:96:5b:
e3:50:bc:3a:8f:b9:d1:2d:dd:73:69:75:3a:89:27:3f:74:01:
10:61:e6:cd:7f:e4:34:9a:cc:5e:44:44:f5:92:4c:b2:32:3d:
45:c1:b7:c9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJvLzuus6SMSyBCSBZImqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NDk2OThiYmNkMjRmYzllMWE5ZjVmNDE0ODZjMzFhZjE5
YTRiYzgwHhcNMjQwMTAyMTAzMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjcwMmVhYjA0ZDM1MTdkY2I4NjA0ZmVmNDI3MTk5NzYxYTcxZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TA8Gw4wzyo/7dnf7fC/BEyFa2Lr
7/RRNHX3sruD9b/WRE6R9UXF/iPGAqKfj2XYFPWQGsKKshAYmOKsAu0pGrSmHQZI
9grf+DNCNWO4f8JKDS4M1TJ0udhtLyPjfyXGDEVA0Kdk4qJeMbeYGoKRgRnK+P4R
bYUbFHhKYt55S6QfDRgMIVPnLVKUX8tnqBY9Gb2d7k5GeXiuh9MjtP46mKi/J2sv
MfmUcV/pBYK7PkcFDgbmkKYAUGPbz+PWwGEh1HAvl1ucLQVFd+kSVUiMafPD2ljV
2mg6VdybiRLeSQd4n7JsnJ0j8PoY0ieQyHwWNLGmIbr0CTEDgMaSGgEhMQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDtwLqsE01F9y4YE/vQnGZdhpx8mMB8GA1UdIwQY
MBaAFFlJaYu80k/J4an19BSGwxrxmkvIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1VscGk3elNUOG5ocWZYMEZJYkRHdkdhUzhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMWMwNTYtNmE4YS00MjI2LTgwM2Mt
NTgzZmJlNjRhOTU1LzEvTzNBdXF3VFRVWDNMaGdULTlDY1psMkduSHlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMWMwNTYtNmE4YS00MjI2LTgwM2MtNTgzZmJlNjRhOTU1
LzEvV1VscGk3elNUOG5ocWZYMEZJYkRHdkdhUzhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEsD7gAwQC
uaz8AwQFvHjAMA0EAgACMAcDBQAqAgxgMA0GCSqGSIb3DQEBCwUAA4IBAQAO8jp9
qfxc4OmzcjlaG7ok5grvItu8MZnet18jIjJXnoJCWD0efzd05Y+XXQ26zca7DvQB
/a0TcQDdksVDzyctPJ0X7hRCOr3ZDFd6AfZmnLs2DF4+hy5sHCVTaomVmIqlb+B5
UGCuIX22au2MwlY6W63IoBrYwZ1z8Z95pioZDT3LRATQpGJ+bHJKF4TFxx0r9leL
PBxR495RNDcNVV7lXxJOAmDsqmhJQbkUDgmFIsTMoOOQexBIALs/4ASdUV8OovKT
JZZLvEWuVbq0h3KNBYz1CvqMllvjULw6j7nRLd1zaXU6iSc/dAEQYebNf+Q0msxe
RET1kkyyMj1FwbfJ
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:23:16 2024 by rpki-client on console-fra.rpki-client.org