Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0q3gYxGCtwj2ovPq8IwsSkKFeyw.roa
File: 0q3gYxGCtwj2ovPq8IwsSkKFeyw.roa (raw, json)
Hash identifier: rU8lr2Hq+cIo3K2oqRJ3M7OqX9ySwfeObIWK0FRf4ZQ=
Subject key identifier: D2:AD:E0:63:11:82:B7:08:F6:A2:F3:EA:F0:8C:2C:4A:42:85:7B:2C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F398059A57237EE84127B77467F71C9DC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0q3gYxGCtwj2ovPq8IwsSkKFeyw.roa
Signing time: Thu 02 May 2024 13:31:03 +0000
ROA not before: Thu 02 May 2024 13:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212504
IP address blocks: 213.218.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:80:59:a5:72:37:ee:84:12:7b:77:46:7f:71:c9:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 2 13:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2ade0631182b708f6a2f3eaf08c2c4a42857b2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:21:07:dd:62:09:86:e9:5a:73:00:0d:6e:62:
ee:bd:63:f1:b8:0a:1e:bb:b5:4f:83:ee:81:1a:10:
20:80:87:bc:2e:94:3a:ee:d3:65:b4:96:0b:87:10:
90:cd:fd:53:bd:6a:28:3f:35:0a:6e:35:9d:cf:d7:
e8:23:a4:b3:c7:62:ab:14:29:a7:a2:41:23:58:86:
54:50:f9:fc:dd:dd:0f:54:51:a3:da:4b:da:ee:9a:
b6:33:cb:d0:8d:09:b6:59:47:65:ac:aa:19:3e:83:
7a:76:81:f4:a3:7a:9e:e4:f6:51:15:30:87:58:ae:
13:86:68:4c:cd:3e:c4:e5:6a:7c:78:1a:0f:1e:bf:
4f:84:f5:db:fd:64:ce:9a:6c:92:1e:a6:e6:1a:3a:
5e:b4:00:84:eb:87:4c:64:23:ea:99:9f:7a:9d:37:
a7:59:6e:e2:49:1e:3c:eb:2b:0b:b0:88:c0:53:d3:
26:49:7c:11:a7:2f:62:1d:f5:80:a8:e2:51:c1:b1:
0e:e8:e1:c1:5c:00:1a:1e:97:71:a5:29:82:06:ad:
cc:8f:28:db:d6:ec:e3:25:3f:0b:24:0d:3e:9d:92:
05:dd:9c:e6:bc:c7:78:42:5d:15:cc:a4:01:6f:c1:
ba:27:f1:bd:fd:33:31:5d:1c:44:b7:70:b2:ae:e8:
93:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AD:E0:63:11:82:B7:08:F6:A2:F3:EA:F0:8C:2C:4A:42:85:7B:2C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0q3gYxGCtwj2ovPq8IwsSkKFeyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.236.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:33:77:11:ae:92:96:8e:74:6b:1f:fb:88:83:e9:2c:7f:60:
b7:67:d4:d7:31:43:e8:07:46:79:44:95:3e:68:1f:2b:1e:9b:
82:a0:71:57:3f:41:76:d5:d6:36:f7:bf:0e:cc:75:fa:47:4b:
ac:0e:6b:28:3b:3b:ed:bd:e2:55:73:f4:0c:d0:2f:af:30:c3:
ff:1a:db:19:1c:4f:5b:5c:16:0e:d1:ce:4e:be:81:76:51:8c:
30:7b:37:87:0d:05:ae:e2:6c:b4:35:06:8c:7f:33:28:cb:79:
bd:85:21:ba:4d:43:38:d1:fd:a4:d3:1b:02:74:9e:5c:63:34:
ea:c6:de:28:9e:6e:c5:dc:ca:f5:63:07:07:c1:9a:0a:85:8f:
9a:d1:7a:1d:5e:e5:b2:55:47:be:6f:4a:af:f7:f4:62:91:db:
ca:c7:d3:2c:b5:8a:76:5d:34:0c:fe:a0:0a:2b:00:db:12:0e:
fc:ef:0b:b7:ef:96:5c:ad:68:ae:63:c0:15:e2:7e:08:07:4c:
67:a2:8c:e8:e2:19:1b:1c:83:17:6b:3f:e9:df:fc:b9:45:94:
4e:13:8e:02:94:db:0e:d5:a5:b6:fb:b0:ba:3e:4b:d7:53:e7:
01:bc:66:38:ea:51:2c:9b:27:e4:a6:71:78:bd:f9:5d:1c:29:
1b:ee:37:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY85gFmlcjfuhBJ7d0Z/ccncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAyMTMzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmFkZTA2MzExODJiNzA4ZjZhMmYzZWFmMDhjMmM0YTQyODU3YjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyEH3WIJhulacwANbmLuvWPxuAoe
u7VPg+6BGhAggIe8LpQ67tNltJYLhxCQzf1TvWooPzUKbjWdz9foI6Szx2KrFCmn
okEjWIZUUPn83d0PVFGj2kva7pq2M8vQjQm2WUdlrKoZPoN6doH0o3qe5PZRFTCH
WK4ThmhMzT7E5Wp8eBoPHr9PhPXb/WTOmmySHqbmGjpetACE64dMZCPqmZ96nTen
WW7iSR486ysLsIjAU9MmSXwRpy9iHfWAqOJRwbEO6OHBXAAaHpdxpSmCBq3Mjyjb
1uzjJT8LJA0+nZIF3ZzmvMd4Ql0VzKQBb8G6J/G9/TMxXRxEt3CyruiT4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKt4GMRgrcI9qLz6vCMLEpChXssMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMHEzZ1l4R0N0d2oyb3ZQcThJd3NTa0tGZXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1drsMA0G
CSqGSIb3DQEBCwUAA4IBAQA+M3cRrpKWjnRrH/uIg+ksf2C3Z9TXMUPoB0Z5RJU+
aB8rHpuCoHFXP0F21dY2978OzHX6R0usDmsoOzvtveJVc/QM0C+vMMP/GtsZHE9b
XBYO0c5OvoF2UYwwezeHDQWu4my0NQaMfzMoy3m9hSG6TUM40f2k0xsCdJ5cYzTq
xt4onm7F3Mr1YwcHwZoKhY+a0XodXuWyVUe+b0qv9/RikdvKx9MstYp2XTQM/qAK
KwDbEg787wu375ZcrWiuY8AV4n4IB0xnoozo4hkbHIMXaz/p3/y5RZROE44ClNsO
1aW2+7C6PkvXU+cBvGY46lEsmyfkpnF4vfldHCkb7jcn
-----END CERTIFICATE-----
Generated at Mon Nov 25 14:08:01 2024 by rpki-client on console-ams.rpki-client.org