Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/3c-FaHD5i6as5Y6FVNeMkyeRvQ0.roa
File: 3c-FaHD5i6as5Y6FVNeMkyeRvQ0.roa (raw, json)
Hash identifier: ryvSwdLxF9Tta9gTceUC4iruOmkqfhSgulV/B49uI6U=
Subject key identifier: DD:CF:85:68:70:F9:8B:A6:AC:E5:8E:85:54:D7:8C:93:27:91:BD:0D
Certificate issuer: /CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Certificate serial: 018F81E1B9376418C45A497C2245B4C93C4E
Authority key identifier: BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/3c-FaHD5i6as5Y6FVNeMkyeRvQ0.roa
Signing time: Thu 16 May 2024 14:50:04 +0000
ROA not before: Thu 16 May 2024 14:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60284
IP address blocks: 178.238.0.0/22 maxlen: 24
193.9.27.0/24 maxlen: 24
193.135.96.0/22 maxlen: 24
193.228.197.0/24 maxlen: 24
193.228.198.0/24 maxlen: 24
2a13:a200::/29 maxlen: 48
2a13:a200::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/veY2_1I-Xzc0In8zxEwuUP-NHuI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/veY2_1I-Xzc0In8zxEwuUP-NHuI.mft
rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:e1:b9:37:64:18:c4:5a:49:7c:22:45:b4:c9:3c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde636ff523e5f3734227f33c44c2e50ff8d1ee2
Validity
Not Before: May 16 14:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddcf856870f98ba6ace58e8554d78c932791bd0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:20:27:b1:de:0b:10:b3:a1:9f:ba:64:70:fb:
29:82:67:83:66:49:e9:4a:51:49:7c:fc:e6:c4:2d:
a1:cd:7e:bb:78:0f:2b:58:66:63:8c:95:4f:3e:58:
27:94:d9:12:7f:90:a1:1e:74:df:db:e0:2f:61:21:
10:1f:a2:90:1b:45:95:e2:f1:1a:13:e1:af:0d:9a:
d7:f6:4a:f3:c6:0c:a5:7e:f9:70:c7:89:66:0f:54:
7d:5f:7e:5a:6d:e1:11:d2:78:31:5d:8e:80:a0:3c:
45:1d:45:32:84:52:b1:4f:88:27:09:87:28:24:10:
74:b2:4e:fd:06:fd:49:04:ed:fd:b8:80:9a:00:3d:
79:8c:42:d3:83:b8:21:3b:b8:97:9f:53:f9:9b:72:
93:70:44:3e:f1:4a:b9:9c:e6:38:ea:bb:da:0a:75:
ed:b6:82:46:de:0c:d7:68:d2:c8:c6:26:ca:6f:0a:
a0:08:20:24:39:aa:bc:3e:f6:f2:9c:1d:e0:67:3d:
8a:f5:7c:3d:bb:41:27:3e:a1:26:be:74:d8:11:f3:
60:d9:11:ee:69:87:f3:66:a5:05:a7:c6:d3:7e:9e:
17:d7:2d:a6:73:ec:0e:1d:3a:20:13:32:d8:86:68:
d2:5c:10:53:6b:31:2b:81:71:db:6a:58:95:52:fd:
25:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:CF:85:68:70:F9:8B:A6:AC:E5:8E:85:54:D7:8C:93:27:91:BD:0D
X509v3 Authority Key Identifier:
keyid:BD:E6:36:FF:52:3E:5F:37:34:22:7F:33:C4:4C:2E:50:FF:8D:1E:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veY2_1I-Xzc0In8zxEwuUP-NHuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/3c-FaHD5i6as5Y6FVNeMkyeRvQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0c4392-2754-4e33-a02f-7bfb4381ab54/1/veY2_1I-Xzc0In8zxEwuUP-NHuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.238.0.0/22
193.9.27.0/24
193.135.96.0/22
193.228.197.0-193.228.198.255
IPv6:
2a13:a200::/29
Signature Algorithm: sha256WithRSAEncryption
79:5c:f6:c6:5b:d6:c4:26:a5:83:8a:f3:99:ce:f3:15:72:f8:
e8:23:0b:7c:1b:8b:f5:82:df:b8:3c:ac:6b:14:44:d6:55:1b:
c8:b8:58:03:23:67:fd:a7:99:b2:74:5a:d8:f9:33:9d:f8:24:
ab:8c:91:55:7b:7b:5b:cd:0d:d9:3b:70:ca:9b:fd:9b:b8:72:
5b:9d:5e:38:9d:bf:e7:96:be:18:18:52:11:88:8b:bf:4b:5e:
e4:3f:4f:2b:0d:a5:d4:31:a2:12:66:49:0a:d4:c2:62:1f:e8:
49:2d:35:38:c1:d5:36:d7:f1:04:db:16:fa:6e:01:76:2e:f6:
39:22:a2:cb:14:fa:c4:3a:3c:51:14:07:bd:68:98:3e:86:3e:
3e:2d:53:39:4f:8f:79:f5:29:73:f7:30:d0:1f:04:b3:a7:f0:
73:26:84:68:e2:65:22:4b:9e:43:49:76:86:93:5c:6f:01:2c:
da:6c:ec:8b:cd:9c:f2:ef:d7:9c:dd:1d:e2:84:1e:bd:c3:5b:
fb:7d:07:5c:d2:d3:16:5f:71:49:59:f5:49:b9:0e:24:3b:f3:
e3:9c:8a:2e:2a:52:4f:66:89:8b:52:cd:01:47:aa:50:4f:e2:
0d:f1:33:4d:df:f2:31:40:8d:ad:b5:09:12:a4:a5:65:2c:23:
02:7f:b0:ff
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY+B4bk3ZBjEWkl8IkW0yTxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTYzNmZmNTIzZTVmMzczNDIyN2YzM2M0NGMyZTUwZmY4
ZDFlZTIwHhcNMjQwNTE2MTQ1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGNmODU2ODcwZjk4YmE2YWNlNThlODU1NGQ3OGM5MzI3OTFiZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CAnsd4LELOhn7pkcPspgmeDZknp
SlFJfPzmxC2hzX67eA8rWGZjjJVPPlgnlNkSf5ChHnTf2+AvYSEQH6KQG0WV4vEa
E+GvDZrX9krzxgylfvlwx4lmD1R9X35abeER0ngxXY6AoDxFHUUyhFKxT4gnCYco
JBB0sk79Bv1JBO39uICaAD15jELTg7ghO7iXn1P5m3KTcEQ+8Uq5nOY46rvaCnXt
toJG3gzXaNLIxibKbwqgCCAkOaq8PvbynB3gZz2K9Xw9u0EnPqEmvnTYEfNg2RHu
aYfzZqUFp8bTfp4X1y2mc+wOHTogEzLYhmjSXBBTazErgXHbaliVUv0lwwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFN3PhWhw+YumrOWOhVTXjJMnkb0NMB8GA1UdIwQY
MBaAFL3mNv9SPl83NCJ/M8RMLlD/jR7iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYt
N2JmYjQzODFhYjU0LzEvM2MtRmFIRDVpNmFzNVk2RlZOZU1reWVSdlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wYzQzOTItMjc1NC00ZTMzLWEwMmYtN2JmYjQzODFhYjU0
LzEvdmVZMl8xSS1YemMwSW44enhFd3VVUC1OSHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCsu4AAwQA
wQkbAwQCwYdgMAwDBADB5MUDBADB5MYwDQQCAAIwBwMFAyoTogAwDQYJKoZIhvcN
AQELBQADggEBAHlc9sZb1sQmpYOK85nO8xVy+OgjC3wbi/WC37g8rGsURNZVG8i4
WAMjZ/2nmbJ0Wtj5M534JKuMkVV7e1vNDdk7cMqb/Zu4cludXjidv+eWvhgYUhGI
i79LXuQ/TysNpdQxohJmSQrUwmIf6EktNTjB1TbX8QTbFvpuAXYu9jkiossU+sQ6
PFEUB71omD6GPj4tUzlPj3n1KXP3MNAfBLOn8HMmhGjiZSJLnkNJdoaTXG8BLNps
7IvNnPLv15zdHeKEHr3DW/t9B1zS0xZfcUlZ9Um5DiQ78+Ocii4qUk9miYtSzQFH
qlBP4g3xM03f8jFAja21CRKkpWUsIwJ/sP8=
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:29:11 2024 by rpki-client on console-ams.rpki-client.org