Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/3Q7ZR2mcKvkRva93VAzQy_tPZ4U.roa
File: 3Q7ZR2mcKvkRva93VAzQy_tPZ4U.roa (raw, json)
Hash identifier: kN8agClVyZ3PiL4FbwzYsd2PNi/ktcnDX87/fc2Dngg=
Subject key identifier: DD:0E:D9:47:69:9C:2A:F9:11:BD:AF:77:54:0C:D0:CB:FB:4F:67:85
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0193220C45EC2C24553F4414BED42AD1500A
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/3Q7ZR2mcKvkRva93VAzQy_tPZ4U.roa
Signing time: Tue 12 Nov 2024 20:24:09 +0000
ROA not before: Tue 12 Nov 2024 20:24:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48449
IP address blocks: 185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:22:0c:45:ec:2c:24:55:3f:44:14:be:d4:2a:d1:50:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Nov 12 20:24:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd0ed947699c2af911bdaf77540cd0cbfb4f6785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:45:ab:78:a4:1c:6d:16:b9:01:4f:0c:ce:c9:
b7:5f:f1:b0:73:8a:74:38:5c:28:95:89:04:2a:d9:
64:1a:c4:90:f8:d0:67:56:33:a7:a0:60:a6:57:ea:
16:13:e9:fc:97:3c:65:0b:d6:d0:12:f0:36:3e:e5:
9b:4b:fa:89:50:02:b7:b5:14:7e:97:e7:bd:d9:6d:
ac:7f:58:12:28:94:c0:79:f6:a6:18:0b:f5:c8:e3:
b2:d4:40:ce:34:ba:7a:a6:0d:49:2d:4d:72:bf:df:
30:5b:e5:90:72:e9:27:e1:ad:52:8e:8a:68:4d:50:
db:13:5b:f5:0b:5e:72:ff:54:fd:02:b8:33:a9:cf:
eb:8c:ac:b4:77:4e:26:c7:e2:bd:7e:2f:28:ea:86:
91:32:ed:af:69:31:51:76:22:27:35:74:28:be:05:
91:54:0e:1f:cf:d3:10:19:d7:13:5c:b2:df:fe:85:
c4:0a:f4:02:35:ed:77:32:d0:89:e5:fa:a2:e7:6c:
8d:76:ae:43:4e:15:c5:ae:36:62:c3:fb:db:ef:96:
bb:36:5a:20:6c:1f:2e:43:65:38:e5:79:f2:88:39:
fa:60:e9:c2:4a:1d:53:9f:3f:7e:f4:49:56:a7:d8:
32:a7:8f:8b:19:99:52:16:bb:a9:75:ea:79:75:a3:
00:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0E:D9:47:69:9C:2A:F9:11:BD:AF:77:54:0C:D0:CB:FB:4F:67:85
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/3Q7ZR2mcKvkRva93VAzQy_tPZ4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.194.0/23
185.169.221.0-185.169.223.255
Signature Algorithm: sha256WithRSAEncryption
86:5d:1b:e7:5a:4b:cd:ab:f2:9e:71:48:70:dd:89:1d:d7:e2:
a7:0b:bb:79:51:2a:e6:39:1d:a0:88:d6:ac:ce:95:b6:4f:f7:
a9:80:03:e8:1d:e2:40:14:53:1b:c4:14:58:a6:75:71:2b:3f:
4a:39:28:5f:af:49:ea:86:d4:db:8a:b6:a1:44:f7:7a:4c:93:
d9:55:f8:68:b8:fd:f7:5e:fa:1f:44:bb:f8:3c:7f:6a:23:77:
be:df:f8:a3:72:4d:84:46:51:04:0d:aa:44:53:2f:53:cb:5e:
09:e9:24:bc:97:6b:85:a4:b5:c4:5e:6a:e1:1d:39:c2:bd:a3:
1d:9d:d6:05:4d:97:27:69:19:35:b1:64:06:3c:73:bb:3d:dd:
95:46:79:17:d0:04:00:7e:74:48:d9:e2:f0:6a:bf:ee:b8:4f:
de:72:05:06:6b:38:a9:7f:90:c0:47:10:b0:50:df:d6:63:fe:
10:24:df:42:e2:c8:89:e4:9d:9d:f8:21:dd:1d:c6:39:b0:0a:
e7:ab:f7:45:df:41:d9:ad:e1:c6:5c:7e:fd:19:b0:28:b3:ff:
f8:ae:b6:38:ce:28:93:6e:84:a4:7e:64:53:b1:ac:4b:90:ad:
23:a1:d2:7c:46:4c:11:28:1e:1b:86:e9:ea:01:0b:9f:35:6d:
9f:ba:76:f7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZMiDEXsLCRVP0QUvtQq0VAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjQxMTEyMjAyNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBlZDk0NzY5OWMyYWY5MTFiZGFmNzc1NDBjZDBjYmZiNGY2Nzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukWreKQcbRa5AU8Mzsm3X/Gwc4p0
OFwolYkEKtlkGsSQ+NBnVjOnoGCmV+oWE+n8lzxlC9bQEvA2PuWbS/qJUAK3tRR+
l+e92W2sf1gSKJTAefamGAv1yOOy1EDONLp6pg1JLU1yv98wW+WQcukn4a1Sjopo
TVDbE1v1C15y/1T9Argzqc/rjKy0d04mx+K9fi8o6oaRMu2vaTFRdiInNXQovgWR
VA4fz9MQGdcTXLLf/oXECvQCNe13MtCJ5fqi52yNdq5DThXFrjZiw/vb75a7Nlog
bB8uQ2U45XnyiDn6YOnCSh1Tnz9+9ElWp9gyp4+LGZlSFrupdep5daMAjQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFN0O2UdpnCr5Eb2vd1QM0Mv7T2eFMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvM1E3WlIybWNLdmtSdmE5M1ZBelF5X3RQWjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBuaDCMAwD
BAC5qd0DBAW5qcAwDQYJKoZIhvcNAQELBQADggEBAIZdG+daS82r8p5xSHDdiR3X
4qcLu3lRKuY5HaCI1qzOlbZP96mAA+gd4kAUUxvEFFimdXErP0o5KF+vSeqG1NuK
tqFE93pMk9lV+Gi4/fde+h9Eu/g8f2ojd77f+KNyTYRGUQQNqkRTL1PLXgnpJLyX
a4WktcReauEdOcK9ox2d1gVNlydpGTWxZAY8c7s93ZVGeRfQBAB+dEjZ4vBqv+64
T95yBQZrOKl/kMBHELBQ39Zj/hAk30LiyInknZ34Id0dxjmwCuer90XfQdmt4cZc
fv0ZsCiz//iutjjOKJNuhKR+ZFOxrEuQrSOh0nxGTBEoHhuG6eoBC581bZ+6dvc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:28:28 2024 by rpki-client on console-fra.rpki-client.org