Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/c3Q8nO-vDb1grmmusU93N2fCzsQ.roa
File: c3Q8nO-vDb1grmmusU93N2fCzsQ.roa (raw, json)
Hash identifier: QpwMNJBPAvwq2LBRHv590c2Z66JtC6Ru/DqVRmpb2To=
Subject key identifier: 73:74:3C:9C:EF:AF:0D:BD:60:AE:69:AE:B1:4F:77:37:67:C2:CE:C4
Certificate issuer: /CN=d654436ed3242bddb96fdf139a1253deb986dfd0
Certificate serial: 019241DFF65ED713A7D507F961D6B026E859
Authority key identifier: D6:54:43:6E:D3:24:2B:DD:B9:6F:DF:13:9A:12:53:DE:B9:86:DF:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/c3Q8nO-vDb1grmmusU93N2fCzsQ.roa
Signing time: Mon 30 Sep 2024 07:40:48 +0000
ROA not before: Mon 30 Sep 2024 07:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28753
IP address blocks: 37.58.48.0/20 maxlen: 20
46.165.192.0/18 maxlen: 18
78.159.96.0/19 maxlen: 19
84.16.224.0/19 maxlen: 19
91.109.16.0/20 maxlen: 20
178.162.192.0/18 maxlen: 18
185.17.144.0/22 maxlen: 22
212.95.32.0/19 maxlen: 19
217.20.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/1lRDbtMkK925b98TmhJT3rmG39A.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/1lRDbtMkK925b98TmhJT3rmG39A.mft
rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:41:df:f6:5e:d7:13:a7:d5:07:f9:61:d6:b0:26:e8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d654436ed3242bddb96fdf139a1253deb986dfd0
Validity
Not Before: Sep 30 07:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73743c9cefaf0dbd60ae69aeb14f773767c2cec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:84:31:ee:86:6e:50:b5:9f:3f:61:86:77:6e:
14:13:2e:ba:4f:b0:63:43:54:b7:6c:aa:9e:00:94:
fb:e4:fb:78:71:6a:de:a1:76:d1:9c:03:92:52:6c:
59:13:bd:ce:f1:dc:77:c8:4a:3d:26:0e:9a:4a:2b:
d4:f4:d1:46:af:60:4c:89:1e:65:ef:11:bf:7c:b3:
77:18:c4:4b:92:00:05:a4:a8:bc:b8:e3:f3:95:b9:
75:5a:f7:14:d5:39:a4:b8:23:9a:6e:35:e5:ad:a9:
1f:2f:bb:61:83:b5:b8:4d:f8:06:52:7c:a7:d7:c2:
75:1b:de:4a:66:0b:4b:87:f4:48:af:f0:38:51:ab:
97:a7:c8:a7:cc:23:c6:21:a9:03:a1:87:23:5d:5e:
da:86:b0:0b:66:e1:cb:b5:14:8f:87:e3:82:d7:e7:
69:af:5b:4f:46:b4:73:30:04:d9:48:74:71:63:a6:
b4:7c:bc:c6:e6:1d:71:20:a4:03:96:0f:cf:f4:93:
53:8d:a2:9f:26:ee:04:7c:a6:85:ef:96:67:c9:e9:
03:80:75:b1:b5:c7:0e:e9:97:15:fc:a0:46:17:32:
fe:50:66:d4:03:1f:26:a0:76:3d:db:9b:9a:ad:cb:
d6:37:46:13:21:5f:28:b6:09:88:41:a4:17:9e:59:
8a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:74:3C:9C:EF:AF:0D:BD:60:AE:69:AE:B1:4F:77:37:67:C2:CE:C4
X509v3 Authority Key Identifier:
keyid:D6:54:43:6E:D3:24:2B:DD:B9:6F:DF:13:9A:12:53:DE:B9:86:DF:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lRDbtMkK925b98TmhJT3rmG39A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/c3Q8nO-vDb1grmmusU93N2fCzsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3de94a-1e60-4eb8-9a5e-a142087ce890/1/1lRDbtMkK925b98TmhJT3rmG39A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.58.48.0/20
46.165.192.0/18
78.159.96.0/19
84.16.224.0/19
91.109.16.0/20
178.162.192.0/18
185.17.144.0/22
212.95.32.0/19
217.20.112.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:aa:51:47:0c:be:07:62:e9:58:7c:45:fa:8e:d9:2a:62:dd:
ef:cd:17:e2:c6:7b:dd:9a:a8:71:91:09:5a:85:a1:8a:d4:4b:
07:0d:b0:15:22:be:3b:35:a3:a3:49:6a:f9:2d:28:99:8f:f6:
49:0c:b8:e9:f7:4a:c1:68:90:1e:63:fb:73:33:7e:60:bd:52:
94:08:44:a3:c8:23:eb:f0:4b:7e:d4:be:87:aa:70:a0:b6:74:
58:d0:cf:db:29:24:87:48:96:d9:55:31:1a:36:08:f4:64:9c:
b9:a1:3b:fd:4a:5e:99:0d:30:f9:de:2a:14:20:ac:34:cf:3c:
cd:e0:60:ea:8b:f2:28:ec:50:f5:9f:81:d2:cb:61:47:c5:d8:
5b:f9:1c:bb:7f:dc:16:af:30:99:b9:bb:9b:8e:a2:7f:78:28:
f2:2a:f1:c4:82:0c:ba:da:f4:a8:07:5d:b0:c4:e8:70:63:92:
d2:84:78:6e:c7:10:70:aa:e2:af:ed:b8:d9:1e:4e:2b:95:5e:
85:1d:d9:27:b8:08:3f:c5:b0:17:fa:6c:6c:37:e7:91:28:1b:
40:2f:82:bd:b7:a2:3a:21:4d:6f:74:09:e8:53:96:3f:ec:5d:
8e:dd:2e:f5:47:d0:80:3c:26:44:89:e7:6a:fb:b7:5f:cb:54:
e5:3c:93:44
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZJB3/Ze1xOn1Qf5YdawJuhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTQ0MzZlZDMyNDJiZGRiOTZmZGYxMzlhMTI1M2RlYjk4
NmRmZDAwHhcNMjQwOTMwMDc0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzc0M2M5Y2VmYWYwZGJkNjBhZTY5YWViMTRmNzczNzY3YzJjZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4Qx7oZuULWfP2GGd24UEy66T7Bj
Q1S3bKqeAJT75Pt4cWreoXbRnAOSUmxZE73O8dx3yEo9Jg6aSivU9NFGr2BMiR5l
7xG/fLN3GMRLkgAFpKi8uOPzlbl1WvcU1TmkuCOabjXlrakfL7thg7W4TfgGUnyn
18J1G95KZgtLh/RIr/A4UauXp8inzCPGIakDoYcjXV7ahrALZuHLtRSPh+OC1+dp
r1tPRrRzMATZSHRxY6a0fLzG5h1xIKQDlg/P9JNTjaKfJu4EfKaF75ZnyekDgHWx
tccO6ZcV/KBGFzL+UGbUAx8moHY925uarcvWN0YTIV8otgmIQaQXnlmK0QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHN0PJzvrw29YK5prrFPdzdnws7EMB8GA1UdIwQY
MBaAFNZUQ27TJCvduW/fE5oSU965ht/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxSRGJ0TWtLOTI1Yjk4VG1oSlQzcm1HMzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZGU5NGEtMWU2MC00ZWI4LTlhNWUt
YTE0MjA4N2NlODkwLzEvYzNROG5PLXZEYjFncm1tdXNVOTNOMmZDenNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZGU5NGEtMWU2MC00ZWI4LTlhNWUtYTE0MjA4N2NlODkw
LzEvMWxSRGJ0TWtLOTI1Yjk4VG1oSlQzcm1HMzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQEJTowAwQG
LqXAAwQFTp9gAwQFVBDgAwQEW20QAwQGsqLAAwQCuRGQAwQF1F8gAwQE2RRwMA0G
CSqGSIb3DQEBCwUAA4IBAQCKqlFHDL4HYulYfEX6jtkqYt3vzRfixnvdmqhxkQla
haGK1EsHDbAVIr47NaOjSWr5LSiZj/ZJDLjp90rBaJAeY/tzM35gvVKUCESjyCPr
8Et+1L6HqnCgtnRY0M/bKSSHSJbZVTEaNgj0ZJy5oTv9Sl6ZDTD53ioUIKw0zzzN
4GDqi/Io7FD1n4HSy2FHxdhb+Ry7f9wWrzCZububjqJ/eCjyKvHEggy62vSoB12w
xOhwY5LShHhuxxBwquKv7bjZHk4rlV6FHdknuAg/xbAX+mxsN+eRKBtAL4K9t6I6
IU1vdAnoU5Y/7F2O3S71R9CAPCZEiedq+7dfy1TlPJNE
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:30:29 2024 by rpki-client on console-fra.rpki-client.org