Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/3hNsC21NA9Hwr25r-fGna5Nwzp0.roa
File: 3hNsC21NA9Hwr25r-fGna5Nwzp0.roa (raw, json)
Hash identifier: I4wrXZcOGpk4AKJJHd1xXl/IgLzHY6TZGCvrm+4cYDU=
Subject key identifier: DE:13:6C:0B:6D:4D:03:D1:F0:AF:6E:6B:F9:F1:A7:6B:93:70:CE:9D
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 018D61D8370F3D6AF6279075637C0A72B0A4
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/3hNsC21NA9Hwr25r-fGna5Nwzp0.roa
Signing time: Wed 31 Jan 2024 23:26:16 +0000
ROA not before: Wed 31 Jan 2024 23:26:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61431
IP address blocks: 95.181.214.0/24 maxlen: 24
95.181.215.0/24 maxlen: 24
109.196.128.0/24 maxlen: 24
109.196.129.0/24 maxlen: 24
109.196.130.0/24 maxlen: 24
109.196.131.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
109.196.134.0/24 maxlen: 24
109.196.135.0/24 maxlen: 24
109.196.136.0/23 maxlen: 23
109.196.138.0/23 maxlen: 23
109.196.140.0/24 maxlen: 24
109.196.141.0/24 maxlen: 24
109.196.142.0/24 maxlen: 24
109.196.143.0/24 maxlen: 24
188.68.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:61:d8:37:0f:3d:6a:f6:27:90:75:63:7c:0a:72:b0:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 31 23:26:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de136c0b6d4d03d1f0af6e6bf9f1a76b9370ce9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:45:27:df:89:cb:ee:c2:7f:27:dc:f6:64:b2:
46:a8:bc:d0:e9:56:bf:38:c2:be:b4:a5:b8:9e:2c:
b8:8c:ba:15:4d:8e:49:b1:77:5d:6b:60:95:38:39:
d1:4b:2d:7a:c2:b8:a8:ed:84:ab:a3:24:ac:2f:6b:
00:77:69:32:ee:63:2e:b0:fe:04:84:8a:fc:d0:dd:
b7:3b:92:bb:76:48:b5:17:eb:11:c0:b1:85:67:74:
e1:19:f5:33:67:8c:79:9a:76:ea:64:4d:91:da:b3:
05:a8:f2:b4:d0:33:10:fb:81:5f:91:85:39:86:99:
1b:ff:f6:31:39:a2:fd:45:93:5e:ae:14:1a:e8:30:
bd:d8:2f:06:ed:30:98:ce:9d:6f:48:8b:71:05:c3:
1f:10:8f:9e:b4:0f:77:81:32:28:48:8b:99:83:c5:
d1:82:f4:a6:1b:2f:8b:88:7d:44:2e:5f:4f:57:6f:
4e:1e:97:97:80:b6:25:60:83:aa:e3:5b:dc:de:fc:
02:bf:f3:22:fa:c3:cf:7c:e3:c1:7b:df:e8:f4:00:
a8:75:dd:34:07:f1:e7:3e:58:ca:c0:ca:3c:21:fe:
c7:80:e9:fb:a8:c3:ee:86:aa:81:4f:0e:5d:ab:5a:
81:19:a2:b2:8e:4b:95:80:8a:f2:c5:dd:8e:0e:4e:
17:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:13:6C:0B:6D:4D:03:D1:F0:AF:6E:6B:F9:F1:A7:6B:93:70:CE:9D
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/3hNsC21NA9Hwr25r-fGna5Nwzp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.214.0/23
109.196.128.0/22
109.196.133.0-109.196.143.255
188.68.5.0/24
Signature Algorithm: sha256WithRSAEncryption
86:33:b9:44:79:20:3f:c5:94:ee:79:a6:dd:18:38:77:fe:42:
4a:e9:1e:41:56:fd:71:83:50:02:1f:b1:39:ff:d9:4d:99:d2:
59:4e:ae:b6:74:fd:a3:d2:b3:21:f3:48:4e:69:55:90:53:0a:
52:66:0a:73:0d:57:95:a8:ad:15:12:bc:2b:4c:2d:b8:c3:c1:
98:f4:7a:e6:cc:84:43:93:70:96:29:da:7b:04:ce:b9:96:3b:
54:5d:2e:c3:87:3d:c0:a7:bf:13:c9:6f:40:95:c9:9d:5c:e1:
a1:9d:9e:0b:0c:47:0a:87:5f:d0:a3:06:db:79:12:16:50:bd:
5f:a1:5b:58:35:d5:22:10:98:e3:e4:89:97:0f:fc:56:62:34:
a7:90:2b:72:13:49:3a:2d:93:d7:07:8b:b6:44:cb:71:05:37:
cb:d8:44:a8:9a:dd:12:c5:5d:03:56:8c:54:ea:25:bb:da:23:
d2:f7:27:d6:7b:dd:0f:67:ab:65:77:92:cf:92:7a:df:b6:8f:
57:7a:4e:f9:71:83:03:e0:c6:9d:41:7c:b2:73:2b:e4:5a:58:
b5:82:3b:61:dd:eb:79:32:22:d3:d8:b7:cb:ea:aa:80:b7:94:
ff:6b:73:5a:8f:50:39:61:f5:2e:ab:57:6a:e6:7a:8b:1f:54:
bb:e4:b8:b7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY1h2DcPPWr2J5B1Y3wKcrCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjQwMTMxMjMyNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEzNmMwYjZkNGQwM2QxZjBhZjZlNmJmOWYxYTc2YjkzNzBjZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEUn34nL7sJ/J9z2ZLJGqLzQ6Va/
OMK+tKW4niy4jLoVTY5JsXdda2CVODnRSy16wrio7YSroySsL2sAd2ky7mMusP4E
hIr80N23O5K7dki1F+sRwLGFZ3ThGfUzZ4x5mnbqZE2R2rMFqPK00DMQ+4FfkYU5
hpkb//YxOaL9RZNerhQa6DC92C8G7TCYzp1vSItxBcMfEI+etA93gTIoSIuZg8XR
gvSmGy+LiH1ELl9PV29OHpeXgLYlYIOq41vc3vwCv/Mi+sPPfOPBe9/o9ACodd00
B/HnPljKwMo8If7HgOn7qMPuhqqBTw5dq1qBGaKyjkuVgIryxd2ODk4X0QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN4TbAttTQPR8K9ua/nxp2uTcM6dMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvM2hOc0MyMU5BOUh3cjI1ci1mR25hNU53enAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBX7XWAwQC
bcSAMAwDBABtxIUDBARtxIADBAC8RAUwDQYJKoZIhvcNAQELBQADggEBAIYzuUR5
ID/FlO55pt0YOHf+QkrpHkFW/XGDUAIfsTn/2U2Z0llOrrZ0/aPSsyHzSE5pVZBT
ClJmCnMNV5WorRUSvCtMLbjDwZj0eubMhEOTcJYp2nsEzrmWO1RdLsOHPcCnvxPJ
b0CVyZ1c4aGdngsMRwqHX9CjBtt5EhZQvV+hW1g11SIQmOPkiZcP/FZiNKeQK3IT
STotk9cHi7ZEy3EFN8vYRKia3RLFXQNWjFTqJbvaI9L3J9Z73Q9nq2V3ks+Set+2
j1d6TvlxgwPgxp1BfLJzK+RaWLWCO2Hd63kyItPYt8vqqoC3lP9rc1qPUDlh9S6r
V2rmeosfVLvkuLc=
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:15:58 2024 by rpki-client on console-ams.rpki-client.org