Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/e3IMh0o0RaYzrIqzE_YjHHYRaCg.roa
File: e3IMh0o0RaYzrIqzE_YjHHYRaCg.roa (raw, json)
Hash identifier: A8KwH8nbfEmN6m/82peu1KyVxYiu8v+S3RDtlkmxaIA=
Subject key identifier: 7B:72:0C:87:4A:34:45:A6:33:AC:8A:B3:13:F6:23:1C:76:11:68:28
Certificate issuer: /CN=a3698b01053911607edb2a76090a6aced95a3ed5
Certificate serial: 018CC5DC267E29E6D47370D78465DB1D0D69
Authority key identifier: A3:69:8B:01:05:39:11:60:7E:DB:2A:76:09:0A:6A:CE:D9:5A:3E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2mLAQU5EWB-2yp2CQpqztlaPtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/e3IMh0o0RaYzrIqzE_YjHHYRaCg.roa
Signing time: Mon 01 Jan 2024 16:29:48 +0000
ROA not before: Mon 01 Jan 2024 16:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 194.61.224.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/o2mLAQU5EWB-2yp2CQpqztlaPtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/o2mLAQU5EWB-2yp2CQpqztlaPtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2mLAQU5EWB-2yp2CQpqztlaPtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:26:7e:29:e6:d4:73:70:d7:84:65:db:1d:0d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3698b01053911607edb2a76090a6aced95a3ed5
Validity
Not Before: Jan 1 16:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b720c874a3445a633ac8ab313f6231c76116828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:77:6c:fc:47:f4:fd:b8:20:91:ad:9c:fe:89:
6d:36:5b:e7:97:d5:af:dd:2c:25:95:2b:51:f2:da:
e7:e8:14:11:52:99:2e:6b:e6:1e:b4:47:f3:a1:6b:
62:5f:57:c2:e0:45:da:16:10:db:e4:34:a8:74:fb:
c7:8e:3a:37:97:4a:41:c5:fb:da:79:3f:2e:ba:26:
36:e9:a5:a9:fa:6c:8f:9f:04:d7:b4:3e:5a:1d:05:
33:7e:43:8a:8d:4e:d6:f1:a6:d7:76:8a:01:c2:08:
97:d0:ef:65:33:de:9d:7e:5f:ae:91:9e:48:79:27:
14:18:cc:0e:36:f1:d8:c0:d2:07:fd:05:04:ac:80:
18:0f:6c:af:a8:f1:70:f4:8f:63:ea:ad:a9:25:f2:
dd:a4:f9:85:4e:a0:f4:8f:89:9a:52:ac:fc:ee:ee:
c8:40:b1:e3:e3:74:04:d1:d7:f8:ce:f4:e8:22:31:
80:7f:a9:ea:38:bf:00:5e:d2:50:27:7b:a2:00:c9:
87:94:fd:2b:c6:79:66:73:05:52:ef:ea:62:81:f7:
e0:48:b5:fa:8f:d6:d8:5a:bc:03:1c:7a:47:17:3c:
0e:db:eb:95:3f:ea:2a:5f:76:dd:dc:81:85:9f:a6:
ff:12:28:14:c6:be:f1:04:d3:cd:ea:48:75:cd:db:
38:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:72:0C:87:4A:34:45:A6:33:AC:8A:B3:13:F6:23:1C:76:11:68:28
X509v3 Authority Key Identifier:
keyid:A3:69:8B:01:05:39:11:60:7E:DB:2A:76:09:0A:6A:CE:D9:5A:3E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2mLAQU5EWB-2yp2CQpqztlaPtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/e3IMh0o0RaYzrIqzE_YjHHYRaCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/81d68a-536c-4442-b852-bbd311186950/1/o2mLAQU5EWB-2yp2CQpqztlaPtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.224.0/22
Signature Algorithm: sha256WithRSAEncryption
74:7d:31:d4:d0:60:32:4a:52:60:71:db:de:25:69:0a:4c:82:
f0:b5:3d:e8:60:8c:6f:b5:ab:dd:1c:de:b9:63:a3:00:95:cd:
e8:52:f2:9f:45:4f:b7:54:df:08:13:d1:37:61:ff:26:71:9e:
0c:65:5d:c7:9c:51:a2:b0:03:6e:86:bc:62:42:ab:06:40:ee:
80:78:50:78:5d:eb:91:16:0b:a9:42:ff:8c:b8:da:a1:c7:d1:
86:a5:d0:e6:95:98:62:11:f2:1e:7c:ec:0f:6e:b3:06:71:8d:
36:ed:51:2b:38:f7:30:4e:e0:4f:bc:c8:b3:8a:7b:6a:32:93:
44:99:5c:c1:33:47:97:f8:7f:19:37:c5:51:b6:0d:04:8d:4e:
e8:a6:78:c5:d4:fc:d4:9c:4d:5b:d9:b2:1e:2b:10:3f:33:8c:
cd:71:65:9b:3f:65:85:7a:99:7a:eb:58:2c:0e:f6:54:45:26:
28:c4:bb:77:0c:69:4b:bd:ea:37:87:c3:cc:20:34:54:f1:d1:
84:bc:00:c5:c1:80:11:d7:75:0f:a8:77:35:76:ab:ce:29:fb:
cf:df:46:5b:96:b5:dc:2d:31:6f:b1:8a:d5:2a:5a:ec:35:8d:
55:4d:11:76:77:ec:43:0c:91:0a:07:f3:1a:07:0a:00:25:6e:
55:9a:c7:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3CZ+KebUc3DXhGXbHQ1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjk4YjAxMDUzOTExNjA3ZWRiMmE3NjA5MGE2YWNlZDk1
YTNlZDUwHhcNMjQwMTAxMTYyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjcyMGM4NzRhMzQ0NWE2MzNhYzhhYjMxM2Y2MjMxYzc2MTE2ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknds/Ef0/bggka2c/oltNlvnl9Wv
3SwllStR8trn6BQRUpkua+YetEfzoWtiX1fC4EXaFhDb5DSodPvHjjo3l0pBxfva
eT8uuiY26aWp+myPnwTXtD5aHQUzfkOKjU7W8abXdooBwgiX0O9lM96dfl+ukZ5I
eScUGMwONvHYwNIH/QUErIAYD2yvqPFw9I9j6q2pJfLdpPmFTqD0j4maUqz87u7I
QLHj43QE0df4zvToIjGAf6nqOL8AXtJQJ3uiAMmHlP0rxnlmcwVS7+pigffgSLX6
j9bYWrwDHHpHFzwO2+uVP+oqX3bd3IGFn6b/EigUxr7xBNPN6kh1zds42wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHtyDIdKNEWmM6yKsxP2Ixx2EWgoMB8GA1UdIwQY
MBaAFKNpiwEFORFgftsqdgkKas7ZWj7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJtTEFRVTVFV0ItMnlwMkNRcHF6dGxhUHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84MWQ2OGEtNTM2Yy00NDQyLWI4NTIt
YmJkMzExMTg2OTUwLzEvZTNJTWgwbzBSYVl6cklxekVfWWpISFlSYUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS84MWQ2OGEtNTM2Yy00NDQyLWI4NTItYmJkMzExMTg2OTUw
LzEvbzJtTEFRVTVFV0ItMnlwMkNRcHF6dGxhUHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwj3gMA0G
CSqGSIb3DQEBCwUAA4IBAQB0fTHU0GAySlJgcdveJWkKTILwtT3oYIxvtavdHN65
Y6MAlc3oUvKfRU+3VN8IE9E3Yf8mcZ4MZV3HnFGisANuhrxiQqsGQO6AeFB4XeuR
FgupQv+MuNqhx9GGpdDmlZhiEfIefOwPbrMGcY027VErOPcwTuBPvMizintqMpNE
mVzBM0eX+H8ZN8VRtg0EjU7opnjF1PzUnE1b2bIeKxA/M4zNcWWbP2WFepl661gs
DvZURSYoxLt3DGlLveo3h8PMIDRU8dGEvADFwYAR13UPqHc1dqvOKfvP30ZblrXc
LTFvsYrVKlrsNY1VTRF2d+xDDJEKB/MaBwoAJW5VmseT
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:30:25 2024 by rpki-client on console-fra.rpki-client.org