Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/3Hw8GzlixEbm36AiZslvs3-V0FY.roa
File: 3Hw8GzlixEbm36AiZslvs3-V0FY.roa (raw, json)
Hash identifier: adv13P7a7unuG4/Kw18uDjds8kwTZVlo1SAfLq0jdKE=
Subject key identifier: DC:7C:3C:1B:39:62:C4:46:E6:DF:A0:22:66:C9:6F:B3:7F:95:D0:56
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018D7D1EEE34DBE34B5DB674A693ABC2D7C9
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/3Hw8GzlixEbm36AiZslvs3-V0FY.roa
Signing time: Tue 06 Feb 2024 06:33:15 +0000
ROA not before: Tue 06 Feb 2024 06:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35392
IP address blocks: 94.188.142.0/24 maxlen: 24
94.188.198.0/24 maxlen: 24
94.188.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:1e:ee:34:db:e3:4b:5d:b6:74:a6:93:ab:c2:d7:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 6 06:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc7c3c1b3962c446e6dfa02266c96fb37f95d056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7c:c7:dd:a8:96:6e:58:63:17:67:c9:04:b9:
01:ea:81:99:20:35:78:df:8b:23:7a:fa:e6:ac:3b:
b9:1b:f9:4b:08:94:6f:73:79:69:7c:20:46:35:af:
c5:9d:d6:55:2d:88:91:bd:62:8c:d7:6c:1c:a0:82:
0f:a9:ba:8f:9a:a0:74:57:36:ec:f9:63:f4:a8:be:
8d:1d:52:29:33:c0:b0:0f:bb:46:22:36:e6:e7:f9:
a8:36:3a:02:c2:24:e8:37:9d:9c:3f:48:e9:a5:92:
5f:c3:13:c7:8e:10:a1:30:dd:41:23:d6:a2:bf:88:
ca:80:3c:4a:ff:65:49:8f:1a:a6:f5:97:3c:a9:f9:
69:db:f6:62:7c:3f:93:73:b0:57:bc:31:dd:d7:06:
48:55:96:51:62:01:e6:01:bf:66:a2:e0:9e:ae:c9:
06:0b:16:c5:a3:90:37:86:ed:bf:06:6a:9b:96:12:
cc:8a:fc:c2:0d:ea:35:b6:f8:63:54:95:9b:6e:36:
f1:92:de:08:67:9a:ea:41:fb:1d:9d:9f:72:c0:9b:
d6:72:74:e2:89:19:b9:ab:04:7c:4a:55:a2:f7:01:
8f:da:5e:bf:36:3a:02:74:27:36:ab:db:b7:20:8e:
71:37:06:57:79:de:7b:78:d4:df:1c:85:c4:18:63:
56:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7C:3C:1B:39:62:C4:46:E6:DF:A0:22:66:C9:6F:B3:7F:95:D0:56
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/3Hw8GzlixEbm36AiZslvs3-V0FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.142.0/24
94.188.198.0/24
94.188.220.0/24
Signature Algorithm: sha256WithRSAEncryption
82:98:ac:d3:13:0b:5f:51:13:d7:62:e5:3e:aa:f0:64:66:40:
79:19:e4:5e:bb:71:c5:c1:40:98:00:7a:13:f9:0a:71:2d:3c:
17:3b:e9:c8:21:42:bf:07:d9:3e:ec:b0:63:1a:88:20:4c:b0:
9a:04:b7:94:af:3c:27:ee:9c:3f:16:76:cd:f2:75:9b:a6:ba:
54:99:c7:a1:72:34:de:af:02:8b:a5:7a:ed:52:e7:2e:1e:20:
81:38:54:3c:9b:4c:53:c2:14:63:06:11:3d:2b:29:38:aa:b6:
43:c4:0d:82:e3:03:83:d9:07:bd:ea:d1:61:75:26:4f:6b:1a:
1d:34:29:39:52:bf:85:f5:f5:0b:47:84:27:aa:85:2e:fd:4f:
84:80:6b:b5:48:aa:3d:5a:be:f6:7c:9f:14:a0:ad:0e:0f:7d:
55:0a:67:4d:e6:2a:d7:4e:83:a7:89:1b:65:6b:0a:c6:70:91:
66:2d:bd:09:bb:35:02:a2:41:43:a7:81:19:74:83:87:10:23:
67:a8:6a:3d:66:32:cc:0c:cd:10:88:6e:a5:5c:22:49:da:b4:
c2:ed:22:e0:d8:d1:79:11:97:0b:84:ed:05:fc:5a:90:ca:f9:
f2:3c:17:3c:60:79:64:c8:b1:b6:64:36:46:a5:1d:d3:a7:8a:
2c:82:cd:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY19Hu402+NLXbZ0ppOrwtfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMjA2MDYzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzdjM2MxYjM5NjJjNDQ2ZTZkZmEwMjI2NmM5NmZiMzdmOTVkMDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXzH3aiWblhjF2fJBLkB6oGZIDV4
34sjevrmrDu5G/lLCJRvc3lpfCBGNa/FndZVLYiRvWKM12wcoIIPqbqPmqB0Vzbs
+WP0qL6NHVIpM8CwD7tGIjbm5/moNjoCwiToN52cP0jppZJfwxPHjhChMN1BI9ai
v4jKgDxK/2VJjxqm9Zc8qflp2/ZifD+Tc7BXvDHd1wZIVZZRYgHmAb9mouCerskG
CxbFo5A3hu2/BmqblhLMivzCDeo1tvhjVJWbbjbxkt4IZ5rqQfsdnZ9ywJvWcnTi
iRm5qwR8SlWi9wGP2l6/NjoCdCc2q9u3II5xNwZXed57eNTfHIXEGGNWiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNx8PBs5YsRG5t+gImbJb7N/ldBWMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvM0h3OEd6bGl4RWJtMzZBaVpzbHZzMy1WMEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXryOAwQA
XrzGAwQAXrzcMA0GCSqGSIb3DQEBCwUAA4IBAQCCmKzTEwtfURPXYuU+qvBkZkB5
GeReu3HFwUCYAHoT+QpxLTwXO+nIIUK/B9k+7LBjGoggTLCaBLeUrzwn7pw/FnbN
8nWbprpUmcehcjTerwKLpXrtUucuHiCBOFQ8m0xTwhRjBhE9Kyk4qrZDxA2C4wOD
2Qe96tFhdSZPaxodNCk5Ur+F9fULR4QnqoUu/U+EgGu1SKo9Wr72fJ8UoK0OD31V
CmdN5irXToOniRtlawrGcJFmLb0JuzUCokFDp4EZdIOHECNnqGo9ZjLMDM0QiG6l
XCJJ2rTC7SLg2NF5EZcLhO0F/FqQyvnyPBc8YHlkyLG2ZDZGpR3Tp4osgs0B
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:58:19 2024 by rpki-client on console-ams.rpki-client.org