Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/guPJoU3okhYmo4uQ1yquKVFMo3Q.roa
File: guPJoU3okhYmo4uQ1yquKVFMo3Q.roa (raw, json)
Hash identifier: mjuscVovVhksdu3bJpsx5gtCo6CW9QziQvY3zFbtq8g=
Subject key identifier: 82:E3:C9:A1:4D:E8:92:16:26:A3:8B:90:D7:2A:AE:29:51:4C:A3:74
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 018CC500E5DFA57365A8BB0F2DC1DF88FE2C
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/guPJoU3okhYmo4uQ1yquKVFMo3Q.roa
Signing time: Mon 01 Jan 2024 12:30:19 +0000
ROA not before: Mon 01 Jan 2024 12:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 185.161.232.0/22 maxlen: 22
185.161.233.0/24 maxlen: 24
185.161.234.0/24 maxlen: 24
185.161.235.0/24 maxlen: 24
185.68.44.0/24 maxlen: 24
185.68.44.0/22 maxlen: 22
185.68.46.0/24 maxlen: 24
185.68.45.0/24 maxlen: 24
91.206.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:e5:df:a5:73:65:a8:bb:0f:2d:c1:df:88:fe:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 12:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82e3c9a14de8921626a38b90d72aae29514ca374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:21:61:e9:f3:2f:65:a2:1d:fd:d5:6f:c6:ed:
6f:b7:18:cc:de:ce:30:a6:32:2a:50:7e:a2:e1:c2:
55:60:8b:0c:3a:51:6c:6e:0d:4c:3b:f7:2f:df:5e:
05:1a:38:62:97:fc:77:a1:d2:f9:aa:fc:8f:6a:5a:
1f:a5:94:74:19:d2:69:0e:74:f3:ae:22:e2:e4:60:
0b:77:32:4c:18:0c:15:19:d6:74:18:f1:b8:10:a4:
98:b7:d0:ff:71:e7:70:1c:fb:2f:bd:d9:fd:93:d1:
05:d5:1b:8e:8a:35:c2:ff:b4:0c:2b:e2:d9:44:15:
60:6e:3a:cb:78:0d:2c:d3:68:2a:12:c9:7b:b7:b3:
33:f9:99:2c:40:c2:76:79:6b:fa:58:4d:da:93:ae:
f4:54:77:68:b9:e1:31:98:40:74:fc:dd:fa:d8:50:
28:4c:1f:8d:e1:21:85:a8:94:9c:0e:c9:a9:b0:db:
e3:77:71:71:26:1d:a0:d9:ae:63:95:4c:29:74:ad:
b9:62:70:8b:3a:d1:08:03:dc:81:36:bc:8f:fa:98:
a6:2a:fb:81:9b:78:0a:37:c2:c9:83:44:99:d3:aa:
ec:55:5c:b7:83:53:88:3c:11:3e:8f:f3:54:64:e8:
3f:8d:f5:59:11:4a:10:f6:5b:47:4c:9f:a5:1f:21:
22:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E3:C9:A1:4D:E8:92:16:26:A3:8B:90:D7:2A:AE:29:51:4C:A3:74
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/guPJoU3okhYmo4uQ1yquKVFMo3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/24
185.68.44.0/22
185.161.232.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:87:1f:c4:d2:bd:cd:ea:5b:50:65:61:05:cc:57:6d:f4:e4:
e6:e2:c6:d4:c5:be:22:38:2e:53:2a:74:c8:21:7b:f1:09:e8:
05:cd:48:a5:bd:ab:7d:bc:c2:b2:5a:b9:1e:7e:0f:d7:4e:3c:
9f:e3:7a:17:37:d8:70:fe:a8:06:5d:28:6a:88:bc:35:22:ea:
bd:9a:26:52:bc:71:c0:24:a3:91:60:09:01:ff:6e:a2:8b:97:
d6:96:f8:84:a0:09:6c:68:7d:be:6f:0e:a7:b3:8f:78:fe:55:
71:91:09:d7:b1:33:d9:de:4d:3b:51:6e:8f:58:c0:9a:06:79:
51:49:10:33:cc:ae:94:f1:24:92:4d:c0:9e:6e:7c:84:cc:57:
da:07:79:18:53:50:07:ca:4c:6e:4c:c6:d9:19:55:04:e7:11:
7a:ee:87:c9:a0:22:a8:9c:3a:5c:97:e5:b2:10:e1:85:06:94:
a7:fb:64:68:2e:22:dd:66:f0:3b:95:fd:31:78:f2:fd:01:35:
aa:77:43:cb:2c:c8:bc:2b:ca:a5:a1:f3:b8:3d:2a:65:2b:f0:
8c:6b:e3:f1:4f:de:66:b1:fb:c5:10:0f:d1:35:73:f6:71:41:
28:23:e6:f1:37:1d:95:11:d9:77:1d:af:83:ab:5a:5a:dc:35:
06:b1:6f:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAOXfpXNlqLsPLcHfiP4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjQwMTAxMTIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmUzYzlhMTRkZTg5MjE2MjZhMzhiOTBkNzJhYWUyOTUxNGNhMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiFh6fMvZaId/dVvxu1vtxjM3s4w
pjIqUH6i4cJVYIsMOlFsbg1MO/cv314FGjhil/x3odL5qvyPalofpZR0GdJpDnTz
riLi5GALdzJMGAwVGdZ0GPG4EKSYt9D/cedwHPsvvdn9k9EF1RuOijXC/7QMK+LZ
RBVgbjrLeA0s02gqEsl7t7Mz+ZksQMJ2eWv6WE3ak670VHdoueExmEB0/N362FAo
TB+N4SGFqJScDsmpsNvjd3FxJh2g2a5jlUwpdK25YnCLOtEIA9yBNryP+pimKvuB
m3gKN8LJg0SZ06rsVVy3g1OIPBE+j/NUZOg/jfVZEUoQ9ltHTJ+lHyEiDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFILjyaFN6JIWJqOLkNcqrilRTKN0MB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvZ3VQSm9VM29raFltbzR1UTF5cXVLVkZNbzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW84UAwQC
uUQsAwQCuaHoMA0GCSqGSIb3DQEBCwUAA4IBAQDAhx/E0r3N6ltQZWEFzFdt9OTm
4sbUxb4iOC5TKnTIIXvxCegFzUilvat9vMKyWrkefg/XTjyf43oXN9hw/qgGXShq
iLw1Iuq9miZSvHHAJKORYAkB/26ii5fWlviEoAlsaH2+bw6ns494/lVxkQnXsTPZ
3k07UW6PWMCaBnlRSRAzzK6U8SSSTcCebnyEzFfaB3kYU1AHykxuTMbZGVUE5xF6
7ofJoCKonDpcl+WyEOGFBpSn+2RoLiLdZvA7lf0xePL9ATWqd0PLLMi8K8qlofO4
PSplK/CMa+PxT95msfvFEA/RNXP2cUEoI+bxNx2VEdl3Ha+Dq1pa3DUGsW+/
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:44:34 2024 by rpki-client on console-fra.rpki-client.org