Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/3F47ONkNmG4y6ep3RmeANALPy7E.roa
File: 3F47ONkNmG4y6ep3RmeANALPy7E.roa (raw, json)
Hash identifier: dl1jpQAqlqiYf7TnsmAuOh73rZA+ZLiLHRmHqq38ERQ=
Subject key identifier: DC:5E:3B:38:D9:0D:98:6E:32:E9:EA:77:46:67:80:34:02:CF:CB:B1
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018F5907887A63B1BB5B4B392E66C1DF49E8
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/3F47ONkNmG4y6ep3RmeANALPy7E.roa
Signing time: Wed 08 May 2024 16:26:56 +0000
ROA not before: Wed 08 May 2024 16:26:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208392
IP address blocks: 109.120.145.0/24 maxlen: 24
109.120.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 07:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:59:07:88:7a:63:b1:bb:5b:4b:39:2e:66:c1:df:49:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: May 8 16:26:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc5e3b38d90d986e32e9ea774667803402cfcbb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ed:13:db:f7:c9:21:68:e4:d8:03:38:b3:2f:
c5:9e:86:23:ae:21:b1:1c:41:02:4c:9e:95:c6:fd:
15:b1:90:62:df:06:72:ec:89:5e:fb:57:9c:6b:70:
d4:08:2d:29:d9:cd:88:ce:00:6b:b2:0f:ed:da:79:
e8:b3:f5:26:db:a8:95:70:ec:1c:22:8f:b8:2b:11:
00:67:a3:cc:2d:56:7b:7b:2a:e6:02:48:c7:98:da:
0b:92:05:c1:f9:b0:2d:09:d5:26:67:a7:13:b3:4f:
68:f3:5a:d6:42:7e:cf:ac:45:3d:b1:d7:7f:25:59:
5a:f5:85:dd:56:81:4a:d8:6c:93:6a:32:69:3f:75:
07:77:61:9d:f0:52:6d:3b:e6:c0:bc:61:c1:a7:70:
7c:c7:d1:71:c1:c3:9d:87:a5:b2:1f:14:ae:39:44:
de:d7:b8:4a:75:b7:fc:85:73:fe:d1:e0:12:f0:cb:
47:68:0f:02:c3:2f:69:3d:fb:2b:55:69:6b:99:0f:
2d:0e:1e:c4:e8:f0:e0:cc:82:75:b2:d5:e0:c8:09:
2d:26:14:aa:3d:22:2a:ab:06:1a:0f:5d:3a:f7:cb:
3b:67:2a:a8:09:a6:76:12:58:f6:f7:1b:dd:f8:c1:
21:8b:2c:97:3f:08:24:8e:f6:3d:03:ca:9d:c3:af:
0b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:5E:3B:38:D9:0D:98:6E:32:E9:EA:77:46:67:80:34:02:CF:CB:B1
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/3F47ONkNmG4y6ep3RmeANALPy7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.145.0-109.120.146.255
Signature Algorithm: sha256WithRSAEncryption
6e:3f:03:f5:6a:fc:e7:55:a4:6f:83:25:90:e4:7b:fa:6b:1d:
06:23:d0:b5:16:54:ec:4e:01:0d:09:f8:8b:42:32:18:c1:87:
37:bb:94:af:7b:7d:ac:de:62:a4:ff:ba:71:f5:63:f1:c5:6e:
c0:4a:48:7a:eb:cd:94:14:2f:76:98:24:cf:b0:3b:88:aa:35:
52:f7:ce:a7:d6:52:2f:3f:8a:fd:64:63:7e:48:f2:2c:b2:d8:
93:07:b8:df:a1:d0:65:b6:80:be:64:21:5a:a5:82:b9:41:ca:
85:0c:61:f4:94:24:a1:c6:89:5f:b8:38:d9:8f:3f:5d:a1:95:
85:43:3e:4f:61:31:d1:e8:f4:16:8e:8b:01:27:66:db:9e:63:
d8:ca:10:53:10:fc:0b:2a:ba:e8:70:ff:ce:c5:a1:7a:2c:c3:
ec:ff:ba:a3:bc:1e:0f:66:ae:11:1f:d3:91:a1:ba:dc:54:e9:
3c:d6:7b:e3:c8:1f:fd:87:ce:21:7d:20:28:d0:fd:a6:c4:35:
65:1c:6d:5a:a8:a2:3a:17:f2:e5:2f:1f:2f:95:6e:38:56:c7:
c5:ef:ba:32:82:60:1a:2e:f8:f1:6c:73:83:16:53:42:89:4c:
70:ce:5e:f3:13:bd:e7:35:77:74:97:0b:17:f3:1a:4c:32:34:
ea:75:6c:36
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY9ZB4h6Y7G7W0s5LmbB30noMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNTA4MTYyNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzVlM2IzOGQ5MGQ5ODZlMzJlOWVhNzc0NjY3ODAzNDAyY2ZjYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou0T2/fJIWjk2AM4sy/FnoYjriGx
HEECTJ6Vxv0VsZBi3wZy7Ile+1eca3DUCC0p2c2IzgBrsg/t2nnos/Um26iVcOwc
Io+4KxEAZ6PMLVZ7eyrmAkjHmNoLkgXB+bAtCdUmZ6cTs09o81rWQn7PrEU9sdd/
JVla9YXdVoFK2GyTajJpP3UHd2Gd8FJtO+bAvGHBp3B8x9FxwcOdh6WyHxSuOUTe
17hKdbf8hXP+0eAS8MtHaA8Cwy9pPfsrVWlrmQ8tDh7E6PDgzIJ1stXgyAktJhSq
PSIqqwYaD10698s7ZyqoCaZ2Elj29xvd+MEhiyyXPwgkjvY9A8qdw68L7wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNxeOzjZDZhuMunqd0ZngDQCz8uxMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvM0Y0N09Oa05tRzR5NmVwM1JtZUFOQUxQeTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABteJED
BABteJIwDQYJKoZIhvcNAQELBQADggEBAG4/A/Vq/OdVpG+DJZDke/prHQYj0LUW
VOxOAQ0J+ItCMhjBhze7lK97fazeYqT/unH1Y/HFbsBKSHrrzZQUL3aYJM+wO4iq
NVL3zqfWUi8/iv1kY35I8iyy2JMHuN+h0GW2gL5kIVqlgrlByoUMYfSUJKHGiV+4
ONmPP12hlYVDPk9hMdHo9BaOiwEnZtueY9jKEFMQ/Asquuhw/87FoXosw+z/uqO8
Hg9mrhEf05GhutxU6TzWe+PIH/2HziF9ICjQ/abENWUcbVqoojoX8uUvHy+VbjhW
x8XvujKCYBou+PFsc4MWU0KJTHDOXvMTvec1d3SXCxfzGkwyNOp1bDY=
-----END CERTIFICATE-----
Generated at Mon Jun 3 10:40:31 2024 by rpki-client on console-ams.rpki-client.org