Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/3DyIzzEGeAGV3ri-zPvpnkA39CQ.roa
File: 3DyIzzEGeAGV3ri-zPvpnkA39CQ.roa (raw, json)
Hash identifier: jKG4sW+4UvJSR9Ypl/aFi2bNWysHn5kQ8GmGkcT6uD4=
Subject key identifier: DC:3C:88:CF:31:06:78:01:95:DE:B8:BE:CC:FB:E9:9E:40:37:F4:24
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 018CC801F18F9F4878374EDEA59D464D2EC2
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/3DyIzzEGeAGV3ri-zPvpnkA39CQ.roa
Signing time: Tue 02 Jan 2024 02:30:19 +0000
ROA not before: Tue 02 Jan 2024 02:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48844
IP address blocks: 37.19.15.128/29 maxlen: 29
5.149.139.0/24 maxlen: 24
37.19.13.64/26 maxlen: 26
2a00:1528:aa00:d000::/56 maxlen: 56
2a00:1528:aa00:c000::/56 maxlen: 56
2a00:1528:aa00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:f1:8f:9f:48:78:37:4e:de:a5:9d:46:4d:2e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 2 02:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc3c88cf3106780195deb8beccfbe99e4037f424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7d:fa:77:fb:34:b5:5f:40:bc:37:45:ea:65:
8e:38:b9:b3:11:b5:e5:0c:e8:f4:f8:0a:7d:40:49:
f2:6a:b9:b3:ba:3d:0d:e3:f8:0b:2a:b7:cc:75:47:
e8:53:71:d2:21:4c:ff:25:d8:ec:42:09:c4:d0:4f:
7b:c3:c6:7b:f1:8d:1c:3a:4b:63:e6:2f:20:7d:67:
0d:4a:84:5a:f8:12:9d:0c:16:ac:42:16:a5:fa:79:
0b:83:1e:05:57:9c:5f:0b:fa:a3:2e:db:e8:d8:54:
06:ad:d7:be:4a:7a:ed:f4:05:01:bc:27:19:2c:fa:
d1:c4:54:c8:10:95:ae:3b:27:e8:63:19:07:07:e8:
7e:8a:2b:70:89:2a:67:0b:0f:97:64:f9:04:2d:4e:
7c:cb:ac:c6:c8:99:c9:74:68:e4:73:51:32:fb:bd:
62:78:ea:a9:fa:d4:fc:65:f4:40:b1:3d:5d:e4:58:
9c:b4:59:10:c8:04:17:ff:45:b1:70:14:b8:bc:8c:
54:8f:8d:18:7d:70:4b:fc:2e:29:d1:58:9f:22:51:
83:6b:13:57:ae:bf:f8:8b:62:5e:f0:4a:87:64:d1:
18:4c:cf:dd:99:1d:62:70:fe:78:70:8d:6c:34:8a:
78:00:92:55:18:ab:75:6f:6f:c6:a1:9f:fa:35:c4:
59:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3C:88:CF:31:06:78:01:95:DE:B8:BE:CC:FB:E9:9E:40:37:F4:24
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/3DyIzzEGeAGV3ri-zPvpnkA39CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.139.0/24
37.19.13.64/26
37.19.15.128/29
IPv6:
2a00:1528:aa00::/48
Signature Algorithm: sha256WithRSAEncryption
04:21:bb:52:c7:2f:98:fd:bf:c1:4a:11:db:c6:b4:cc:74:76:
48:77:ab:29:69:c6:a5:6e:de:ea:8b:0b:41:8e:dc:0f:89:ef:
4a:87:2f:2a:ca:37:b1:71:13:79:6c:61:f6:b2:99:c8:02:88:
ca:0e:af:b9:6a:89:45:d5:9b:7f:d8:0b:fa:0f:19:39:9e:c5:
75:f0:f9:56:65:9d:c1:af:72:d7:3b:01:b5:19:02:ed:5a:a9:
be:1c:97:7c:8b:81:81:76:00:15:9b:72:39:97:5f:a0:a1:76:
9c:22:98:4c:8d:f4:f7:38:bb:e9:dd:76:6a:26:b5:70:9a:b0:
34:0c:db:be:cd:e8:92:c6:4f:76:5e:66:aa:4d:8d:38:77:e3:
ba:71:c2:3f:ab:cb:57:ec:c8:3c:25:95:11:14:89:49:44:fd:
15:1c:c1:da:8b:57:0c:be:12:7a:9c:6d:ac:0a:68:39:7a:da:
23:00:58:4f:2d:ca:c0:d2:ea:20:06:7d:86:a4:8e:ef:ea:90:
de:76:b3:ca:e9:92:7d:7e:83:96:fa:c8:eb:65:2b:d9:1d:7c:
b1:73:64:04:94:aa:82:bb:cd:09:63:15:43:81:93:af:68:9a:
77:90:d0:97:84:c2:6c:7b:e1:dc:2d:44:b6:0f:3f:4e:93:c6:
c8:e4:65:1a
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzIAfGPn0h4N07epZ1GTS7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjQwMTAyMDIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzNjODhjZjMxMDY3ODAxOTVkZWI4YmVjY2ZiZTk5ZTQwMzdmNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh336d/s0tV9AvDdF6mWOOLmzEbXl
DOj0+Ap9QEnyarmzuj0N4/gLKrfMdUfoU3HSIUz/JdjsQgnE0E97w8Z78Y0cOktj
5i8gfWcNSoRa+BKdDBasQhal+nkLgx4FV5xfC/qjLtvo2FQGrde+Snrt9AUBvCcZ
LPrRxFTIEJWuOyfoYxkHB+h+iitwiSpnCw+XZPkELU58y6zGyJnJdGjkc1Ey+71i
eOqp+tT8ZfRAsT1d5FictFkQyAQX/0WxcBS4vIxUj40YfXBL/C4p0VifIlGDaxNX
rr/4i2Je8EqHZNEYTM/dmR1icP54cI1sNIp4AJJVGKt1b2/GoZ/6NcRZkQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFNw8iM8xBngBld64vsz76Z5AN/QkMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvM0R5SXp6RUdlQUdWM3JpLXpQdnBua0EzOUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQABZWLAwUG
JRMNQAMFAyUTD4AwDwQCAAIwCQMHACoAFSiqADANBgkqhkiG9w0BAQsFAAOCAQEA
BCG7UscvmP2/wUoR28a0zHR2SHerKWnGpW7e6osLQY7cD4nvSocvKso3sXETeWxh
9rKZyAKIyg6vuWqJRdWbf9gL+g8ZOZ7FdfD5VmWdwa9y1zsBtRkC7VqpvhyXfIuB
gXYAFZtyOZdfoKF2nCKYTI309zi76d12aia1cJqwNAzbvs3oksZPdl5mqk2NOHfj
unHCP6vLV+zIPCWVERSJSUT9FRzB2otXDL4SepxtrApoOXraIwBYTy3KwNLqIAZ9
hqSO7+qQ3nazyumSfX6DlvrI62Ur2R18sXNkBJSqgrvNCWMVQ4GTr2iad5DQl4TC
bHvh3C1Etg8/TpPGyORlGg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:24 2024 by rpki-client on console-fra.rpki-client.org