Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/3CPpP1_XU7y2325EguJDTajCoL8.roa
File: 3CPpP1_XU7y2325EguJDTajCoL8.roa (raw, json)
Hash identifier: UAN36mhMg9KE+6NnklbmfkbKftroTSnagoR99wpA5Ow=
Subject key identifier: DC:23:E9:3F:5F:D7:53:BC:B6:DF:6E:44:82:E2:43:4D:A8:C2:A0:BF
Certificate issuer: /CN=68383ffa9f20bf021c090262994212d71667ed02
Certificate serial: 018CC7934B7F66F80F9535738CD274F0E323
Authority key identifier: 68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/3CPpP1_XU7y2325EguJDTajCoL8.roa
Signing time: Tue 02 Jan 2024 00:29:28 +0000
ROA not before: Tue 02 Jan 2024 00:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25048
IP address blocks: 81.90.128.0/20 maxlen: 24
2a00:e20::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 02:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:4b:7f:66:f8:0f:95:35:73:8c:d2:74:f0:e3:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68383ffa9f20bf021c090262994212d71667ed02
Validity
Not Before: Jan 2 00:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc23e93f5fd753bcb6df6e4482e2434da8c2a0bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3f:7f:e2:9f:b2:e2:e4:92:9d:af:5d:bb:2f:
10:b6:05:56:5a:fd:22:3a:a1:ee:e7:24:19:d8:15:
44:c9:c8:6f:74:b4:06:5f:8d:e2:f6:f4:90:67:0d:
3e:bc:8b:0f:a9:48:ef:a3:50:79:cd:df:e7:73:14:
e8:9b:8e:a1:07:d3:18:b4:73:e8:31:8c:27:04:d6:
5c:26:b1:a9:ec:89:de:0e:29:dd:13:7a:78:8a:64:
49:95:c9:11:67:0a:a0:9b:8a:b0:b5:aa:2d:ec:5d:
f9:92:68:3f:c8:71:5d:d7:e3:2c:72:db:fe:41:7f:
0b:33:f4:88:a1:89:c0:c6:ac:f7:53:dd:2f:9e:f1:
78:50:26:dc:5c:6e:65:1e:e0:34:94:81:04:f8:0f:
38:b1:bc:c4:d7:f7:56:39:f0:7d:52:b2:95:64:f8:
b4:a0:25:5a:17:2b:37:8d:53:1b:69:99:61:bf:2f:
58:b1:0b:3a:24:1e:e1:f4:e4:4c:f0:f6:21:d3:c6:
c1:b2:fc:53:29:3b:83:fc:bb:e1:01:1b:53:76:32:
90:9e:81:f9:ec:31:53:6d:45:75:cb:e4:60:16:1c:
a9:04:8b:ce:c4:ed:47:ae:7f:85:eb:56:6b:40:3e:
59:c4:ea:85:da:28:44:54:8e:d2:77:50:3f:0c:ec:
d1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:23:E9:3F:5F:D7:53:BC:B6:DF:6E:44:82:E2:43:4D:A8:C2:A0:BF
X509v3 Authority Key Identifier:
keyid:68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/3CPpP1_XU7y2325EguJDTajCoL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.128.0/20
IPv6:
2a00:e20::/29
Signature Algorithm: sha256WithRSAEncryption
63:de:31:cf:0a:03:18:f8:c5:6a:44:e3:dd:5c:73:39:72:f4:
86:87:64:23:57:cc:b2:96:e8:ea:7a:be:11:4b:df:46:d5:ef:
62:80:0b:41:42:a3:5e:b9:6b:7f:59:13:a0:c6:69:d9:dd:16:
d2:fb:12:92:c8:14:49:06:ff:e7:c8:1b:75:bb:47:5c:7c:42:
84:fa:3e:70:43:e8:79:e9:0f:6c:da:df:4b:ba:dd:40:c7:7b:
f3:d9:43:61:d4:be:42:51:7e:15:47:db:41:d4:69:36:bd:5f:
a2:22:b7:9c:41:8a:e7:ed:02:40:00:53:5b:e7:92:c9:fb:08:
93:1e:5d:2f:04:5c:0e:f4:24:b7:6e:d3:a3:65:1d:9b:96:43:
dc:a7:0d:e9:e2:d9:cf:d4:c0:a9:a6:16:f9:ce:51:4a:53:66:
86:9f:d3:92:aa:d0:ee:3b:27:f7:12:1e:b9:58:36:25:b6:03:
fc:1d:ed:46:e6:ad:2b:17:74:91:0f:32:ee:d7:4e:04:ad:42:
f7:a9:35:31:66:23:1d:67:87:aa:36:80:4a:49:21:25:05:a3:
07:00:5b:e8:63:8d:4a:be:d8:8c:ca:2e:68:4a:2a:c0:92:47:
0d:57:ab:ff:fa:e4:a6:cb:59:c0:a0:77:71:21:a8:91:5b:34:
d9:dc:cf:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHk0t/ZvgPlTVzjNJ08OMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzgzZmZhOWYyMGJmMDIxYzA5MDI2Mjk5NDIxMmQ3MTY2
N2VkMDIwHhcNMjQwMTAyMDAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzIzZTkzZjVmZDc1M2JjYjZkZjZlNDQ4MmUyNDM0ZGE4YzJhMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT9/4p+y4uSSna9duy8QtgVWWv0i
OqHu5yQZ2BVEychvdLQGX43i9vSQZw0+vIsPqUjvo1B5zd/ncxTom46hB9MYtHPo
MYwnBNZcJrGp7IneDindE3p4imRJlckRZwqgm4qwtaot7F35kmg/yHFd1+Msctv+
QX8LM/SIoYnAxqz3U90vnvF4UCbcXG5lHuA0lIEE+A84sbzE1/dWOfB9UrKVZPi0
oCVaFys3jVMbaZlhvy9YsQs6JB7h9ORM8PYh08bBsvxTKTuD/LvhARtTdjKQnoH5
7DFTbUV1y+RgFhypBIvOxO1Hrn+F61ZrQD5ZxOqF2ihEVI7Sd1A/DOzRzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNwj6T9f11O8tt9uRILiQ02owqC/MB8GA1UdIwQY
MBaAFGg4P/qfIL8CHAkCYplCEtcWZ+0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYt
NDA2MGU5ZWVlYjllLzEvM0NQcFAxX1hVN3kyMzI1RWd1SkRUYWpDb0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYtNDA2MGU5ZWVlYjll
LzEvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUVqAMA0E
AgACMAcDBQMqAA4gMA0GCSqGSIb3DQEBCwUAA4IBAQBj3jHPCgMY+MVqROPdXHM5
cvSGh2QjV8yylujqer4RS99G1e9igAtBQqNeuWt/WROgxmnZ3RbS+xKSyBRJBv/n
yBt1u0dcfEKE+j5wQ+h56Q9s2t9Lut1Ax3vz2UNh1L5CUX4VR9tB1Gk2vV+iIrec
QYrn7QJAAFNb55LJ+wiTHl0vBFwO9CS3btOjZR2blkPcpw3p4tnP1MCpphb5zlFK
U2aGn9OSqtDuOyf3Eh65WDYltgP8He1G5q0rF3SRDzLu104ErUL3qTUxZiMdZ4eq
NoBKSSElBaMHAFvoY41KvtiMyi5oSirAkkcNV6v/+uSmy1nAoHdxIaiRWzTZ3M94
-----END CERTIFICATE-----
Generated at Fri Jun 14 10:32:45 2024 by rpki-client on console-fra.rpki-client.org