Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/3MSaG7hcBaNhLWLmCXBm8AFMmAI.roa
File: 3MSaG7hcBaNhLWLmCXBm8AFMmAI.roa (raw, json)
Hash identifier: O71nJyu+c2o8rR8t+0ioErmdS7NwkIBtBxYMlAH4yWY=
Subject key identifier: DC:C4:9A:1B:B8:5C:05:A3:61:2D:62:E6:09:70:66:F0:01:4C:98:02
Certificate issuer: /CN=d98b5a5fb138683d1a8cc7019f78970bae678228
Certificate serial: 018CC348FE692670536B7F8ADC54FED1A27D
Authority key identifier: D9:8B:5A:5F:B1:38:68:3D:1A:8C:C7:01:9F:78:97:0B:AE:67:82:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/3MSaG7hcBaNhLWLmCXBm8AFMmAI.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39265
IP address blocks: 193.247.32.0/24 maxlen: 24
193.247.32.0/22 maxlen: 22
2001:67c:21c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.mft
rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 13:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fe:69:26:70:53:6b:7f:8a:dc:54:fe:d1:a2:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98b5a5fb138683d1a8cc7019f78970bae678228
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcc49a1bb85c05a3612d62e6097066f0014c9802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:86:3d:5d:ee:69:9d:11:6c:2f:0b:29:89:76:
14:2c:27:df:81:e4:c4:56:76:67:ef:f5:88:21:18:
32:9c:50:d3:f5:5e:8e:ad:18:0e:9d:59:9e:de:62:
56:b5:8a:67:27:e5:c1:0b:83:32:56:4d:b4:4d:83:
c6:b6:d4:7f:c7:49:05:4f:2f:04:20:52:ef:8e:45:
d0:e4:cd:9f:a8:ce:7a:99:b9:ca:3e:90:3d:5a:68:
7b:93:19:4b:f2:c5:ec:f3:d0:d6:1d:b9:56:2a:02:
06:fd:00:a4:35:a9:95:44:cc:9f:84:3e:21:72:a5:
73:ea:3f:81:76:93:9a:77:d0:f1:7c:3e:75:10:71:
d4:c9:ca:a3:ff:45:55:e3:5d:7e:46:20:db:0d:b6:
1b:17:6d:2c:53:a4:47:22:4f:fa:51:d9:58:df:d9:
7d:d3:3a:81:7b:01:f3:1a:71:f1:1a:55:bd:76:bc:
51:f5:90:cb:09:ae:09:f1:84:d1:03:42:e8:ca:f6:
51:24:ee:7d:dc:05:e6:a1:79:87:f0:d9:b2:48:63:
4d:28:07:d4:7b:66:e1:d6:14:67:5b:95:f1:93:b2:
ed:c0:ff:84:9d:f7:09:11:22:c8:38:c6:70:a8:ae:
29:d2:98:2c:ae:20:65:a8:88:d9:e0:c8:0b:59:3c:
9b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C4:9A:1B:B8:5C:05:A3:61:2D:62:E6:09:70:66:F0:01:4C:98:02
X509v3 Authority Key Identifier:
keyid:D9:8B:5A:5F:B1:38:68:3D:1A:8C:C7:01:9F:78:97:0B:AE:67:82:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/3MSaG7hcBaNhLWLmCXBm8AFMmAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.32.0/22
IPv6:
2001:67c:21c0::/48
Signature Algorithm: sha256WithRSAEncryption
8b:08:e8:e1:ea:6c:83:3c:e0:86:df:58:6c:20:f1:48:40:f1:
df:4f:a8:17:a2:1d:38:41:8e:52:47:07:05:93:79:0f:8a:90:
7d:45:ef:ea:f4:dc:38:98:3b:d0:e3:37:db:87:a5:6c:a9:71:
31:92:e5:c8:96:d7:dc:59:32:be:b6:09:bc:43:ee:b8:13:8f:
40:05:9e:c6:70:cf:e2:1a:8d:24:22:de:d9:f4:68:16:1b:1a:
b6:91:a1:5b:c0:03:60:dd:53:85:ed:6f:1d:33:e7:ea:1c:77:
b0:15:b3:0b:a9:ec:17:2c:93:9c:2d:7e:a4:ae:d8:69:d4:a5:
3b:86:91:a3:53:0b:48:dd:5a:5a:a0:a3:ce:39:e2:46:a1:e7:
03:e8:69:9b:44:d0:0c:b4:f1:f8:a6:db:77:37:b5:0f:e1:6c:
94:85:73:ed:cd:ac:15:d1:7d:af:9f:7a:b4:c9:a8:86:1f:35:
27:9b:80:c7:d9:ba:c7:76:49:60:e6:93:15:2f:32:da:4d:07:
b5:a9:50:21:d4:a4:e3:b8:ee:67:a4:5d:a2:03:88:fc:3b:cd:
41:fc:2c:71:fa:30:99:64:c2:dc:3f:13:d7:f5:05:e1:46:8e:
33:da:d8:15:e1:0d:c5:76:28:24:f1:71:3d:b3:6f:3c:96:6f:
85:55:fa:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDSP5pJnBTa3+K3FT+0aJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OGI1YTVmYjEzODY4M2QxYThjYzcwMTlmNzg5NzBiYWU2
NzgyMjgwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2M0OWExYmI4NWMwNWEzNjEyZDYyZTYwOTcwNjZmMDAxNGM5ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoY9Xe5pnRFsLwspiXYULCffgeTE
VnZn7/WIIRgynFDT9V6OrRgOnVme3mJWtYpnJ+XBC4MyVk20TYPGttR/x0kFTy8E
IFLvjkXQ5M2fqM56mbnKPpA9Wmh7kxlL8sXs89DWHblWKgIG/QCkNamVRMyfhD4h
cqVz6j+BdpOad9DxfD51EHHUycqj/0VV411+RiDbDbYbF20sU6RHIk/6UdlY39l9
0zqBewHzGnHxGlW9drxR9ZDLCa4J8YTRA0LoyvZRJO593AXmoXmH8NmySGNNKAfU
e2bh1hRnW5Xxk7LtwP+EnfcJESLIOMZwqK4p0pgsriBlqIjZ4MgLWTyb3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNzEmhu4XAWjYS1i5glwZvABTJgCMB8GA1UdIwQY
MBaAFNmLWl+xOGg9GozHAZ94lwuuZ4IoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMmU5NWQtMmNiNy00NmJlLWEyMjgt
ODMxN2E4Mjg4ZDEwLzEvM01TYUc3aGNCYU5oTFdMbUNYQm04QUZNbUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMmU5NWQtMmNiNy00NmJlLWEyMjgtODMxN2E4Mjg4ZDEw
LzEvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwfcgMA8E
AgACMAkDBwAgAQZ8IcAwDQYJKoZIhvcNAQELBQADggEBAIsI6OHqbIM84IbfWGwg
8UhA8d9PqBeiHThBjlJHBwWTeQ+KkH1F7+r03DiYO9DjN9uHpWypcTGS5ciW19xZ
Mr62CbxD7rgTj0AFnsZwz+IajSQi3tn0aBYbGraRoVvAA2DdU4Xtbx0z5+ocd7AV
swup7Bcsk5wtfqSu2GnUpTuGkaNTC0jdWlqgo8454kah5wPoaZtE0Ay08fim23c3
tQ/hbJSFc+3NrBXRfa+ferTJqIYfNSebgMfZusd2SWDmkxUvMtpNB7WpUCHUpOO4
7mekXaIDiPw7zUH8LHH6MJlkwtw/E9f1BeFGjjPa2BXhDcV2KCTxcT2zbzyWb4VV
+mo=
-----END CERTIFICATE-----
Generated at Mon May 27 15:35:46 2024 by rpki-client on console-fra.rpki-client.org