Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3BPMEvRP56CHJiJXTC3BzKqkiUQ.roa
File: 3BPMEvRP56CHJiJXTC3BzKqkiUQ.roa (raw, json)
Hash identifier: cRxmNUArf9e8FxhtPyNUUEHeevEv0ECdYmTox1I2GQk=
Subject key identifier: DC:13:CC:12:F4:4F:E7:A0:87:26:22:57:4C:2D:C1:CC:AA:A4:89:44
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0192C3E54C948123F38E8E0F0F703BE07049
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3BPMEvRP56CHJiJXTC3BzKqkiUQ.roa
Signing time: Fri 25 Oct 2024 13:37:17 +0000
ROA not before: Fri 25 Oct 2024 13:37:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49811
IP address blocks: 31.148.16.0/22 maxlen: 24
31.148.244.0/24 maxlen: 24
93.170.48.0/23 maxlen: 24
93.171.228.0/23 maxlen: 24
93.171.236.0/23 maxlen: 24
95.47.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:e5:4c:94:81:23:f3:8e:8e:0f:0f:70:3b:e0:70:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Oct 25 13:37:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc13cc12f44fe7a0872622574c2dc1ccaaa48944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f8:50:be:e4:87:36:a3:ad:ac:e6:c2:96:42:
7a:5e:fa:f7:a9:25:4a:db:c0:d5:7c:7d:bb:87:7f:
01:7c:4a:3d:d9:6c:b6:ba:fc:a1:ca:86:20:96:5c:
fe:1d:ec:14:8d:53:59:0a:50:7b:f6:62:b5:d2:18:
5b:49:ff:16:28:ab:b0:97:cb:3b:a9:94:c9:9e:3c:
d2:ca:a1:cc:cb:e7:93:c1:05:75:0d:25:f1:cf:c5:
bc:c9:e2:45:34:b3:cb:ad:6e:3e:b9:6a:aa:81:4e:
fa:78:e8:07:68:14:fa:d7:fd:5d:71:45:b7:ec:a6:
f2:fc:9d:24:d4:ef:e8:5b:24:d9:08:8a:41:0e:7c:
f0:c8:25:ef:00:23:38:d9:6f:90:f1:a8:0c:d8:09:
2e:36:77:5e:28:33:d3:48:de:60:25:32:ae:81:67:
40:00:3a:ad:2d:53:98:f6:49:fd:1b:f5:0e:53:ce:
23:06:0c:8d:0d:78:52:8d:ab:21:54:db:c3:ac:c8:
7f:4e:e7:6e:c7:f2:0a:2f:65:63:af:1c:37:4e:52:
bb:fc:c1:9a:ba:1d:40:b9:a2:1c:37:db:72:c9:36:
6c:8f:34:af:e0:ac:93:58:36:b8:b6:69:89:a9:be:
a0:c4:00:c2:c8:00:0b:1d:56:a1:c2:3a:0a:c1:4b:
12:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:13:CC:12:F4:4F:E7:A0:87:26:22:57:4C:2D:C1:CC:AA:A4:89:44
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3BPMEvRP56CHJiJXTC3BzKqkiUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.16.0/22
31.148.244.0/24
93.170.48.0/23
93.171.228.0/23
93.171.236.0/23
95.47.254.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:7b:7c:65:01:5d:0f:07:20:83:9d:5f:77:7f:69:20:b9:e2:
9f:40:6b:4e:84:cf:7b:a9:cd:59:d2:32:73:17:d9:7e:05:e4:
e1:c6:20:98:8c:30:c9:b4:9f:d6:98:1c:75:da:1f:39:a8:b9:
11:d4:1a:4e:c0:7b:e4:52:d7:cf:eb:46:0b:82:ec:cb:1a:42:
f1:a5:90:90:4f:2f:4f:5d:2d:e0:e0:d2:be:cd:22:bd:d6:71:
5a:89:41:2c:2d:b2:b4:1e:05:d1:e5:9f:3e:36:2c:3d:d1:3d:
91:df:1b:ba:e2:99:5a:12:22:89:11:8e:3b:78:50:f3:93:a2:
2d:1e:83:4c:89:d5:5e:c7:ae:7a:6c:5b:ab:15:45:2a:77:b0:
6c:11:2b:ab:a4:ec:84:28:2f:f1:08:ca:f3:89:b8:57:46:3c:
25:ab:52:63:d4:b1:19:dd:47:4f:0b:66:d4:a1:70:02:86:46:
12:a3:4f:6b:d7:ba:f8:55:f5:7b:f7:2d:53:be:d3:59:c2:e1:
4d:50:98:7e:60:e4:0b:b5:6f:39:8b:24:74:54:b5:2d:4e:59:
c9:db:79:8b:e7:13:62:fc:f5:71:14:6f:a7:89:73:a4:be:aa:
72:65:a9:6c:a2:f2:e1:e3:79:2d:3f:a4:31:e2:b7:57:17:a3:
a7:7b:60:62
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZLD5UyUgSPzjo4PD3A74HBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQxMDI1MTMzNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzEzY2MxMmY0NGZlN2EwODcyNjIyNTc0YzJkYzFjY2FhYTQ4OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/hQvuSHNqOtrObClkJ6Xvr3qSVK
28DVfH27h38BfEo92Wy2uvyhyoYgllz+HewUjVNZClB79mK10hhbSf8WKKuwl8s7
qZTJnjzSyqHMy+eTwQV1DSXxz8W8yeJFNLPLrW4+uWqqgU76eOgHaBT61/1dcUW3
7Kby/J0k1O/oWyTZCIpBDnzwyCXvACM42W+Q8agM2AkuNndeKDPTSN5gJTKugWdA
ADqtLVOY9kn9G/UOU84jBgyNDXhSjashVNvDrMh/Tudux/IKL2Vjrxw3TlK7/MGa
uh1AuaIcN9tyyTZsjzSv4KyTWDa4tmmJqb6gxADCyAALHVahwjoKwUsSjQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNwTzBL0T+eghyYiV0wtwcyqpIlEMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvM0JQTUV2UlA1NkNISmlKWFRDM0J6S3FraVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCH5QQAwQA
H5T0AwQBXaowAwQBXavkAwQBXavsAwQBXy/+MA0GCSqGSIb3DQEBCwUAA4IBAQBa
e3xlAV0PByCDnV93f2kgueKfQGtOhM97qc1Z0jJzF9l+BeThxiCYjDDJtJ/WmBx1
2h85qLkR1BpOwHvkUtfP60YLguzLGkLxpZCQTy9PXS3g4NK+zSK91nFaiUEsLbK0
HgXR5Z8+Niw90T2R3xu64plaEiKJEY47eFDzk6ItHoNMidVex656bFurFUUqd7Bs
ESurpOyEKC/xCMrzibhXRjwlq1Jj1LEZ3UdPC2bUoXAChkYSo09r17r4VfV79y1T
vtNZwuFNUJh+YOQLtW85iyR0VLUtTlnJ23mL5xNi/PVxFG+niXOkvqpyZalsovLh
43ktP6Qx4rdXF6One2Bi
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:31:03 2024 by rpki-client on console-ams.rpki-client.org