Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/3PuvyjcCWjyBg02nanR9icw9IUU.roa
File: 3PuvyjcCWjyBg02nanR9icw9IUU.roa (raw, json)
Hash identifier: Gc1kY/MQpMU1dqSgymrbuIqXx9frY0NugzxXBq55Dks=
Subject key identifier: DC:FB:AF:CA:37:02:5A:3C:81:83:4D:A7:6A:74:7D:89:CC:3D:21:45
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01915A9CFB1D9015D106067A96CB6A25F23A
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/3PuvyjcCWjyBg02nanR9icw9IUU.roa
Signing time: Fri 16 Aug 2024 09:55:22 +0000
ROA not before: Fri 16 Aug 2024 09:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 95.182.108.0/24 maxlen: 24
95.182.110.0/24 maxlen: 24
109.248.6.0/23 maxlen: 24
109.248.33.0/24 maxlen: 24
109.248.45.0/24 maxlen: 24
188.130.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5a:9c:fb:1d:90:15:d1:06:06:7a:96:cb:6a:25:f2:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Aug 16 09:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcfbafca37025a3c81834da76a747d89cc3d2145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fb:ab:2a:56:03:b5:44:f7:da:e9:98:15:dc:
97:50:c7:06:40:23:25:a5:c1:ad:54:c0:1f:af:a8:
ae:b1:be:74:0f:97:84:77:28:85:30:31:c7:9a:7c:
f9:5b:73:0c:3e:46:72:30:7d:1b:c3:1b:4f:fc:93:
ed:80:7f:7c:1d:08:82:9b:31:1a:9c:ac:cc:08:4d:
fe:46:36:df:62:01:ac:ca:a7:36:82:8d:5c:a4:08:
d1:7d:7f:96:25:c6:f0:97:77:b4:5b:69:b6:1f:da:
17:12:0b:7e:f7:8c:70:2f:85:7f:74:dd:f7:45:22:
55:73:54:2d:51:ba:ba:68:57:88:73:5b:69:ad:37:
98:ec:86:fe:e3:91:d5:a3:8b:3a:8e:67:e9:9c:0d:
8a:ac:84:ae:b9:3f:98:f4:51:68:ec:70:3d:d2:1a:
fb:34:1f:c2:69:f7:b6:fc:f6:bf:98:0d:7a:bc:f0:
1d:dd:05:ba:9a:da:c7:7e:39:6f:00:39:ec:68:c5:
7e:37:12:85:b4:09:b1:94:16:32:b5:0a:10:1c:13:
4d:e6:74:88:7c:fa:83:11:ab:84:aa:86:b5:17:9a:
f3:2c:73:61:ff:88:e1:d2:fa:d2:0e:b0:82:49:48:
09:87:37:81:d0:40:7e:93:76:a5:04:92:3e:35:f7:
8c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FB:AF:CA:37:02:5A:3C:81:83:4D:A7:6A:74:7D:89:CC:3D:21:45
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/3PuvyjcCWjyBg02nanR9icw9IUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.108.0/24
95.182.110.0/24
109.248.6.0/23
109.248.33.0/24
109.248.45.0/24
188.130.209.0/24
Signature Algorithm: sha256WithRSAEncryption
96:1a:7a:75:58:b0:2a:c4:ed:c1:b7:ce:e0:63:2d:2e:0f:1a:
40:09:8a:68:c0:29:57:93:75:4b:58:2e:e5:00:bf:51:ce:9c:
e5:36:fb:a9:58:23:ba:33:80:db:fa:30:80:bc:87:95:74:c0:
3a:21:62:24:a2:f7:81:46:ec:02:6d:e6:d4:4d:92:2a:3b:a1:
54:c5:be:ed:ca:19:23:8e:79:fd:b0:2f:76:b7:56:0a:96:99:
33:0a:f1:52:5f:e5:ae:88:8e:66:1c:1a:b7:5a:9b:69:e1:5a:
63:d0:37:2c:c8:76:82:5a:5d:d4:22:a1:74:33:2c:9e:fd:38:
5a:a9:18:76:52:fe:96:51:c2:42:c4:1d:29:30:25:3b:0f:de:
97:8e:cf:bf:1f:2f:4f:bb:21:02:6a:ed:35:e5:a7:1d:99:64:
74:ad:c8:6b:d9:82:57:1a:f2:a1:c9:6d:e6:9b:65:e3:fb:92:
cb:03:a2:38:58:6e:e9:b0:b5:45:39:c9:2a:8e:63:f2:e4:6e:
71:73:b3:80:a0:7f:04:24:55:18:fe:21:fa:a2:0f:c8:ab:92:
c7:83:82:f3:90:f1:18:6e:6f:9b:53:96:e4:07:78:56:ff:26:
af:29:28:e3:c1:34:1e:d5:10:00:42:28:45:07:be:ba:c1:4c:
48:bf:a3:5b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZFanPsdkBXRBgZ6lstqJfI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwODE2MDk1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ZiYWZjYTM3MDI1YTNjODE4MzRkYTc2YTc0N2Q4OWNjM2QyMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifurKlYDtUT32umYFdyXUMcGQCMl
pcGtVMAfr6iusb50D5eEdyiFMDHHmnz5W3MMPkZyMH0bwxtP/JPtgH98HQiCmzEa
nKzMCE3+RjbfYgGsyqc2go1cpAjRfX+WJcbwl3e0W2m2H9oXEgt+94xwL4V/dN33
RSJVc1QtUbq6aFeIc1tprTeY7Ib+45HVo4s6jmfpnA2KrISuuT+Y9FFo7HA90hr7
NB/Cafe2/Pa/mA16vPAd3QW6mtrHfjlvADnsaMV+NxKFtAmxlBYytQoQHBNN5nSI
fPqDEauEqoa1F5rzLHNh/4jh0vrSDrCCSUgJhzeB0EB+k3alBJI+NfeM6QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNz7r8o3Alo8gYNNp2p0fYnMPSFFMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvM1B1dnlqY0NXanlCZzAybmFuUjlpY3c5SVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX7ZsAwQA
X7ZuAwQBbfgGAwQAbfghAwQAbfgtAwQAvILRMA0GCSqGSIb3DQEBCwUAA4IBAQCW
Gnp1WLAqxO3Bt87gYy0uDxpACYpowClXk3VLWC7lAL9RzpzlNvupWCO6M4Db+jCA
vIeVdMA6IWIkoveBRuwCbebUTZIqO6FUxb7tyhkjjnn9sC92t1YKlpkzCvFSX+Wu
iI5mHBq3Wptp4Vpj0DcsyHaCWl3UIqF0Myye/ThaqRh2Uv6WUcJCxB0pMCU7D96X
js+/Hy9PuyECau015acdmWR0rchr2YJXGvKhyW3mm2Xj+5LLA6I4WG7psLVFOckq
jmPy5G5xc7OAoH8EJFUY/iH6og/Iq5LHg4LzkPEYbm+bU5bkB3hW/yavKSjjwTQe
1RAAQihFB766wUxIv6Nb
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:26:59 2024 by rpki-client on console-ams.rpki-client.org