Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/3GzZtT4mleZqSoj4tI9CwzdH39g.roa
File: 3GzZtT4mleZqSoj4tI9CwzdH39g.roa (raw, json)
Hash identifier: 2M1w13eYhRdB/FUNeMIjDH1TJPuelkhK5xw7yDiwklo=
Subject key identifier: DC:6C:D9:B5:3E:26:95:E6:6A:4A:88:F8:B4:8F:42:C3:37:47:DF:D8
Certificate issuer: /CN=f3ac8c7e32baf778b8c451a2d24cc68196964bfc
Certificate serial: 018CC7273D72BD0A7AEFB1E6F68E2E526652
Authority key identifier: F3:AC:8C:7E:32:BA:F7:78:B8:C4:51:A2:D2:4C:C6:81:96:96:4B:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/86yMfjK693i4xFGi0kzGgZaWS_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/3GzZtT4mleZqSoj4tI9CwzdH39g.roa
Signing time: Mon 01 Jan 2024 22:31:26 +0000
ROA not before: Mon 01 Jan 2024 22:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50472
IP address blocks: 195.160.173.0/24 maxlen: 24
2001:678:760::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/86yMfjK693i4xFGi0kzGgZaWS_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/86yMfjK693i4xFGi0kzGgZaWS_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/86yMfjK693i4xFGi0kzGgZaWS_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:3d:72:bd:0a:7a:ef:b1:e6:f6:8e:2e:52:66:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3ac8c7e32baf778b8c451a2d24cc68196964bfc
Validity
Not Before: Jan 1 22:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc6cd9b53e2695e66a4a88f8b48f42c33747dfd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7a:51:02:7c:25:12:b4:b8:4f:6f:69:41:99:
29:57:b4:18:c9:91:91:e2:67:0a:96:5e:d6:b3:a8:
04:ef:52:7e:96:ae:b9:76:42:35:77:c1:8e:2f:f5:
e5:61:d0:3a:eb:1e:40:12:e3:c9:f4:cf:66:23:21:
d5:98:9d:48:97:be:0e:f3:cc:87:5f:92:07:bb:74:
04:ba:27:10:d6:14:be:29:d5:d5:e1:ae:8d:6c:de:
6c:78:18:73:7c:de:ff:d2:aa:d3:23:1c:d3:6f:24:
20:bb:02:88:c6:f8:47:69:bb:c7:57:f5:10:5c:6f:
65:59:6f:b4:f3:64:3f:f7:95:42:80:f3:27:49:2d:
0c:62:60:4f:fa:fd:67:d9:48:4f:7d:94:27:c3:4b:
f5:38:27:27:20:e2:67:b6:be:32:be:e1:01:8f:98:
ff:28:56:f7:c0:2e:9b:5b:79:6f:bf:3c:c5:ef:b7:
36:55:e2:01:36:cb:7e:cc:4d:bf:2e:be:12:34:e8:
20:72:e6:a8:ea:5e:a8:21:8e:8b:70:09:2f:b0:ff:
d3:bd:71:05:9d:ab:e0:65:36:12:29:1a:85:7e:9a:
53:36:77:60:05:89:03:b0:da:78:08:5c:02:5f:43:
03:2b:65:11:0d:7d:fa:fc:6a:ba:56:68:90:7b:44:
a7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:6C:D9:B5:3E:26:95:E6:6A:4A:88:F8:B4:8F:42:C3:37:47:DF:D8
X509v3 Authority Key Identifier:
keyid:F3:AC:8C:7E:32:BA:F7:78:B8:C4:51:A2:D2:4C:C6:81:96:96:4B:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/86yMfjK693i4xFGi0kzGgZaWS_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/3GzZtT4mleZqSoj4tI9CwzdH39g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/86yMfjK693i4xFGi0kzGgZaWS_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.173.0/24
IPv6:
2001:678:760::/48
Signature Algorithm: sha256WithRSAEncryption
82:47:2c:bd:69:2b:f7:ad:83:99:7c:b8:6e:82:fe:d4:03:ec:
97:8c:95:3d:a9:a8:e4:29:f5:94:1c:93:25:38:83:f7:d5:73:
08:7a:21:69:02:f1:f3:2d:98:49:ec:87:1d:d7:ca:da:93:7b:
77:12:52:47:61:3e:8b:c5:b6:4d:f5:13:72:74:52:61:cb:65:
7d:e0:fd:1a:00:fa:9a:49:a5:28:a0:20:c9:eb:7b:bf:75:f2:
b3:67:63:57:e3:9c:e4:2d:6e:2b:26:e0:6d:79:cd:45:2a:c8:
bf:7b:77:70:e7:ee:f7:e2:e3:5b:b8:43:bc:62:27:df:83:63:
64:1e:b5:b4:3f:b5:51:95:7b:21:c0:af:18:4d:52:80:f8:96:
b0:ea:ee:3e:64:d6:3e:c0:a5:ca:19:64:13:c0:a4:3a:fa:23:
2c:63:97:15:27:c3:75:76:d8:ad:84:fc:c7:37:70:eb:14:91:
a4:ef:ba:71:c4:9a:7e:d4:ec:2c:26:d7:91:45:fc:08:6e:b1:
bc:ed:0a:8a:3f:c9:25:0e:2f:14:fa:2b:5b:24:46:f8:77:73:
56:be:6b:34:3f:c1:a9:f1:24:85:f6:c0:65:d1:7f:df:b0:f0:
7d:9b:aa:39:fa:dd:69:4a:b9:3c:1d:3b:34:e4:d3:54:a0:84:
bc:64:ba:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJz1yvQp677Hm9o4uUmZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWM4YzdlMzJiYWY3NzhiOGM0NTFhMmQyNGNjNjgxOTY5
NjRiZmMwHhcNMjQwMTAxMjIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzZjZDliNTNlMjY5NWU2NmE0YTg4ZjhiNDhmNDJjMzM3NDdkZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXpRAnwlErS4T29pQZkpV7QYyZGR
4mcKll7Ws6gE71J+lq65dkI1d8GOL/XlYdA66x5AEuPJ9M9mIyHVmJ1Il74O88yH
X5IHu3QEuicQ1hS+KdXV4a6NbN5seBhzfN7/0qrTIxzTbyQguwKIxvhHabvHV/UQ
XG9lWW+082Q/95VCgPMnSS0MYmBP+v1n2UhPfZQnw0v1OCcnIOJntr4yvuEBj5j/
KFb3wC6bW3lvvzzF77c2VeIBNst+zE2/Lr4SNOggcuao6l6oIY6LcAkvsP/TvXEF
navgZTYSKRqFfppTNndgBYkDsNp4CFwCX0MDK2URDX36/Gq6VmiQe0SnYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNxs2bU+JpXmakqI+LSPQsM3R9/YMB8GA1UdIwQY
MBaAFPOsjH4yuvd4uMRRotJMxoGWlkv8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODZ5TWZqSzY5M2k0eEZHaTBrekdnWmFXU193LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni81YzU4NTktNzVjMC00MzQ1LWJkMjkt
NDVjNTY4ZjhhMjdjLzEvM0d6WnRUNG1sZVpxU29qNHRJOUN3emRIMzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni81YzU4NTktNzVjMC00MzQ1LWJkMjktNDVjNTY4ZjhhMjdj
LzEvODZ5TWZqSzY5M2k0eEZHaTBrekdnWmFXU193LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw6CtMA8E
AgACMAkDBwAgAQZ4B2AwDQYJKoZIhvcNAQELBQADggEBAIJHLL1pK/etg5l8uG6C
/tQD7JeMlT2pqOQp9ZQckyU4g/fVcwh6IWkC8fMtmEnshx3XytqTe3cSUkdhPovF
tk31E3J0UmHLZX3g/RoA+ppJpSigIMnre7918rNnY1fjnOQtbism4G15zUUqyL97
d3Dn7vfi41u4Q7xiJ9+DY2QetbQ/tVGVeyHArxhNUoD4lrDq7j5k1j7ApcoZZBPA
pDr6IyxjlxUnw3V22K2E/Mc3cOsUkaTvunHEmn7U7Cwm15FF/AhusbztCoo/ySUO
LxT6K1skRvh3c1a+azQ/wanxJIX2wGXRf9+w8H2bqjn63WlKuTwdOzTk01SghLxk
ulQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:05 2024 by rpki-client on console-fra.rpki-client.org