Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/c3TDTSIPBHw_7ucYbklD6Ay2WVM.roa
File: c3TDTSIPBHw_7ucYbklD6Ay2WVM.roa (raw, json)
Hash identifier: h0PzfJRDC2W8p1e4+7S5QkIOKdDIQ/VX0iQXzTK4h9U=
Subject key identifier: 73:74:C3:4D:22:0F:04:7C:3F:EE:E7:18:6E:49:43:E8:0C:B6:59:53
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 018CC3B687B539F8BE1A8F8E7B305D29074C
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/c3TDTSIPBHw_7ucYbklD6Ay2WVM.roa
Signing time: Mon 01 Jan 2024 06:29:28 +0000
ROA not before: Mon 01 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59793
IP address blocks: 95.85.80.0/23 maxlen: 23
93.179.70.0/23 maxlen: 23
93.179.72.0/21 maxlen: 21
79.133.106.0/23 maxlen: 23
93.179.80.0/21 maxlen: 21
79.133.112.0/21 maxlen: 21
95.181.136.0/21 maxlen: 21
95.181.240.0/21 maxlen: 21
93.179.122.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:87:b5:39:f8:be:1a:8f:8e:7b:30:5d:29:07:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7374c34d220f047c3feee7186e4943e80cb65953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:de:5b:5e:78:8d:5e:be:2f:fb:e3:db:58:cc:
49:52:66:af:b1:76:95:e2:22:17:ec:80:29:5c:33:
a3:a7:4b:ad:a5:0a:80:75:fb:92:8e:a9:30:d9:d3:
da:f1:78:d6:6a:61:70:5d:20:f0:a2:35:03:a2:b9:
c3:b2:d2:42:2f:8e:c5:4d:5b:46:fb:16:24:1c:24:
54:fc:a7:5a:1e:69:70:f3:66:3e:a2:6a:75:d2:92:
d0:dd:ab:c7:61:9c:4f:98:2a:61:4f:74:ac:0f:01:
d6:08:90:d3:bd:80:03:00:e9:52:1c:07:8b:5b:19:
04:d7:f9:b5:85:fb:c3:09:21:54:d1:df:eb:e9:4f:
79:41:03:19:12:ec:a2:1e:15:3f:41:94:f2:83:a3:
3f:8a:d7:01:8c:2c:07:8b:cc:f4:76:44:37:1e:f5:
d9:27:00:34:c8:50:3c:29:59:56:9c:f3:76:72:e4:
89:a9:8d:b6:40:10:3e:15:69:89:d4:0f:71:11:d9:
a8:e7:5c:da:7a:33:bb:fc:d0:e9:90:a6:f2:f8:d1:
85:b5:06:89:6c:31:e5:79:37:85:fa:02:9b:c6:8d:
91:a3:e8:25:7f:b5:4f:2c:a5:3c:05:54:cb:d3:d1:
da:14:4d:df:a7:44:7a:3f:eb:1a:7a:aa:7b:64:6c:
f5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:74:C3:4D:22:0F:04:7C:3F:EE:E7:18:6E:49:43:E8:0C:B6:59:53
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/c3TDTSIPBHw_7ucYbklD6Ay2WVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.106.0/23
79.133.112.0/21
93.179.70.0-93.179.87.255
93.179.122.0/23
95.85.80.0/23
95.181.136.0/21
95.181.240.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:45:a0:ef:19:29:f3:8a:1b:69:7b:a0:df:a8:2c:79:d9:7e:
fa:20:af:57:97:ff:5a:aa:4e:cf:91:eb:cd:6f:9c:6c:56:07:
18:cb:15:27:f4:ca:41:17:a9:cb:19:a6:98:a7:b3:1d:8a:68:
fe:87:ca:bd:fb:20:f1:65:03:1b:ba:87:65:73:38:da:33:b5:
93:24:f2:32:d2:30:d5:c0:ea:10:43:5f:81:fe:58:73:67:f5:
63:9c:94:92:a0:d1:e0:be:da:c0:8b:7f:9b:f9:da:46:6b:4e:
2b:af:c4:1d:a6:10:35:a7:f6:5e:ed:3e:37:b1:06:92:64:50:
24:b7:1e:ab:43:6f:60:1a:0c:51:5f:90:ab:c6:4a:13:4b:87:
b3:81:12:2b:e8:9d:12:d5:b7:89:b9:9c:39:cd:65:82:25:37:
a1:0c:ce:6b:2b:78:9f:50:ca:a3:71:2d:d4:c5:53:01:21:3b:
0a:cc:ff:cf:d9:2b:a1:0d:35:85:fd:bf:59:fe:90:7c:e8:7c:
7e:d6:99:05:9c:6f:63:d1:c1:cf:e4:a0:14:e7:2d:f3:f9:c9:
8f:6d:6c:61:0f:b7:6a:22:f4:f3:1f:4e:7f:65:d6:91:62:f5:
01:78:37:c9:bd:43:dd:cc:af:9b:1c:fe:9e:3f:10:a0:0e:04:
b5:73:88:08
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzDtoe1Ofi+Go+OezBdKQdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzc0YzM0ZDIyMGYwNDdjM2ZlZWU3MTg2ZTQ5NDNlODBjYjY1OTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3t5bXniNXr4v++PbWMxJUmavsXaV
4iIX7IApXDOjp0utpQqAdfuSjqkw2dPa8XjWamFwXSDwojUDornDstJCL47FTVtG
+xYkHCRU/KdaHmlw82Y+omp10pLQ3avHYZxPmCphT3SsDwHWCJDTvYADAOlSHAeL
WxkE1/m1hfvDCSFU0d/r6U95QQMZEuyiHhU/QZTyg6M/itcBjCwHi8z0dkQ3HvXZ
JwA0yFA8KVlWnPN2cuSJqY22QBA+FWmJ1A9xEdmo51zaejO7/NDpkKby+NGFtQaJ
bDHleTeF+gKbxo2Ro+glf7VPLKU8BVTL09HaFE3fp0R6P+saeqp7ZGz1qQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHN0w00iDwR8P+7nGG5JQ+gMtllTMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvYzNURFRTSVBCSHdfN3VjWWJrbEQ2QXkyV1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBT4VqAwQD
T4VwMAwDBAFds0YDBANds1ADBAFds3oDBAFfVVADBANftYgDBANftfAwDQYJKoZI
hvcNAQELBQADggEBAB5FoO8ZKfOKG2l7oN+oLHnZfvogr1eX/1qqTs+R681vnGxW
BxjLFSf0ykEXqcsZppinsx2KaP6Hyr37IPFlAxu6h2VzONoztZMk8jLSMNXA6hBD
X4H+WHNn9WOclJKg0eC+2sCLf5v52kZrTiuvxB2mEDWn9l7tPjexBpJkUCS3HqtD
b2AaDFFfkKvGShNLh7OBEivonRLVt4m5nDnNZYIlN6EMzmsreJ9QyqNxLdTFUwEh
OwrM/8/ZK6ENNYX9v1n+kHzofH7WmQWcb2PRwc/koBTnLfP5yY9tbGEPt2oi9PMf
Tn9l1pFi9QF4N8m9Q93Mr5sc/p4/EKAOBLVziAg=
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:37:21 2024 by rpki-client on console-ams.rpki-client.org