Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3w2yDpuSuKg_u6v2K94iwYIR78Q.roa
File: 3w2yDpuSuKg_u6v2K94iwYIR78Q.roa (raw, json)
Hash identifier: +9B3tJvm++iaijIpl7SHy2rwocuUpWSPVeN76LEsigA=
Subject key identifier: DF:0D:B2:0E:9B:92:B8:A8:3F:BB:AB:F6:2B:DE:22:C1:82:11:EF:C4
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A0F96D89682667A8AE91FCF758EB1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3w2yDpuSuKg_u6v2K94iwYIR78Q.roa
Signing time: Tue 02 Jan 2024 12:33:23 +0000
ROA not before: Tue 02 Jan 2024 12:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51500
IP address blocks: 93.171.154.0/24 maxlen: 24
146.158.73.0/24 maxlen: 24
95.47.56.0/24 maxlen: 24
95.47.196.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0f:96:d8:96:82:66:7a:8a:e9:1f:cf:75:8e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df0db20e9b92b8a83fbbabf62bde22c18211efc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2a:17:a2:b4:e8:fc:5d:4b:a8:30:00:9c:45:
cd:1d:24:81:3b:42:1b:40:10:da:02:00:10:b7:f6:
56:a9:21:cc:bf:bb:48:17:62:99:dd:c9:c6:6a:bd:
ae:f9:18:ea:fb:69:b6:40:c1:3b:e3:cc:bd:ce:95:
3f:8b:29:72:3f:90:64:05:66:81:49:54:07:b1:c8:
e2:23:19:e9:11:f0:18:f2:df:1e:a2:31:cb:7c:1c:
7b:01:e4:e0:a1:47:be:a2:bc:d2:c7:60:16:d6:76:
a5:a2:cc:b7:2b:15:2c:8e:1e:13:6c:76:8d:eb:e5:
73:e8:9c:3b:ed:60:eb:ed:06:4a:d8:34:df:f6:eb:
63:44:d9:d1:42:54:12:dd:14:ab:65:12:8a:12:7e:
63:94:c6:96:d7:58:a4:80:2d:26:1f:ea:95:74:84:
47:36:f0:f3:5c:ba:7a:aa:32:ce:72:a1:bf:b3:e6:
33:6d:26:a7:fe:5e:ad:a2:66:f1:ed:fb:2e:c7:71:
c7:17:6a:7c:64:d4:ac:4c:79:e1:b4:83:86:12:75:
f4:83:fe:3d:0f:a0:dc:53:11:b4:00:d8:5b:23:6a:
9d:c8:a3:b9:f0:22:89:c9:ac:8a:ea:fa:d2:62:ba:
d9:4c:31:e5:ac:d6:7d:02:c3:1d:1c:3e:0c:14:1f:
d7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:0D:B2:0E:9B:92:B8:A8:3F:BB:AB:F6:2B:DE:22:C1:82:11:EF:C4
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3w2yDpuSuKg_u6v2K94iwYIR78Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.154.0/24
95.47.56.0/24
95.47.196.0/23
146.158.73.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:c3:f8:d0:46:6d:c9:be:ad:c2:c5:18:07:bf:96:45:87:d4:
3c:c2:11:8b:43:ce:a9:27:7d:ce:5d:cb:af:48:7c:97:96:c9:
74:45:d6:52:bd:ef:6d:e2:a0:7e:fd:ee:93:eb:ab:50:68:c0:
06:2f:85:19:e6:34:4a:c3:b3:43:58:53:2a:e4:8c:ca:23:04:
75:61:f0:99:5c:d6:e8:15:e5:63:93:06:be:0b:94:70:dc:27:
1a:eb:d3:6d:47:47:6b:e9:9a:c1:99:5c:d0:aa:cf:51:c3:be:
c0:66:ec:fb:f1:02:0f:f2:b8:d8:53:6b:ef:d8:fe:19:a9:79:
7a:48:17:26:9a:84:f6:c9:65:ee:9c:01:51:a3:62:c0:f5:2e:
05:f6:26:70:11:7e:a7:ab:b3:a3:5f:e8:d3:af:c3:90:2d:42:
07:1d:3e:f1:2e:a2:c9:58:46:a9:cd:2f:4b:93:58:b0:10:6b:
f4:10:af:7b:71:61:01:88:c0:74:22:3b:e6:35:b8:9e:1a:db:
ac:3a:89:7a:16:90:72:73:57:e8:27:85:ad:b6:5d:9a:74:da:
f7:25:9e:a3:30:d5:30:20:35:ac:13:b5:97:8d:21:9d:e2:9b:
22:d0:a0:9e:56:4d:9a:00:e1:cc:e2:49:bd:7f:ff:58:3f:78:
99:70:e4:38
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKg+W2JaCZnqK6R/PdY6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjBkYjIwZTliOTJiOGE4M2ZiYmFiZjYyYmRlMjJjMTgyMTFlZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyoXorTo/F1LqDAAnEXNHSSBO0Ib
QBDaAgAQt/ZWqSHMv7tIF2KZ3cnGar2u+Rjq+2m2QME748y9zpU/iylyP5BkBWaB
SVQHscjiIxnpEfAY8t8eojHLfBx7AeTgoUe+orzSx2AW1nalosy3KxUsjh4TbHaN
6+Vz6Jw77WDr7QZK2DTf9utjRNnRQlQS3RSrZRKKEn5jlMaW11ikgC0mH+qVdIRH
NvDzXLp6qjLOcqG/s+YzbSan/l6tombx7fsux3HHF2p8ZNSsTHnhtIOGEnX0g/49
D6DcUxG0ANhbI2qdyKO58CKJyayK6vrSYrrZTDHlrNZ9AsMdHD4MFB/XYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN8Nsg6bkrioP7ur9iveIsGCEe/EMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvM3cyeURwdVN1S2dfdTZ2Mks5NGl3WUlSNzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXauaAwQA
Xy84AwQBXy/EAwQAkp5JMA0GCSqGSIb3DQEBCwUAA4IBAQCmw/jQRm3Jvq3CxRgH
v5ZFh9Q8whGLQ86pJ33OXcuvSHyXlsl0RdZSve9t4qB+/e6T66tQaMAGL4UZ5jRK
w7NDWFMq5IzKIwR1YfCZXNboFeVjkwa+C5Rw3Cca69NtR0dr6ZrBmVzQqs9Rw77A
Zuz78QIP8rjYU2vv2P4ZqXl6SBcmmoT2yWXunAFRo2LA9S4F9iZwEX6nq7OjX+jT
r8OQLUIHHT7xLqLJWEapzS9Lk1iwEGv0EK97cWEBiMB0IjvmNbieGtusOol6FpBy
c1foJ4Wttl2adNr3JZ6jMNUwIDWsE7WXjSGd4psi0KCeVk2aAOHM4km9f/9YP3iZ
cOQ4
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:41 2024 by rpki-client on console-ams.rpki-client.org