Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/b3RGsa0CtxbOJ2TUictBVD2hg68.roa
File: b3RGsa0CtxbOJ2TUictBVD2hg68.roa (raw, json)
Hash identifier: Hyzbo42fIHjzSFyvbBr79OPoKEb2JZgategoTwEXQ7c=
Subject key identifier: 6F:74:46:B1:AD:02:B7:16:CE:27:64:D4:89:CB:41:54:3D:A1:83:AF
Certificate issuer: /CN=3db6e24cfc00d22f4efa39a421dafb7bb1da4b83
Certificate serial: 018CCA98FB03B3DD75EB2BD0BC9E7C327D3D
Authority key identifier: 3D:B6:E2:4C:FC:00:D2:2F:4E:FA:39:A4:21:DA:FB:7B:B1:DA:4B:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/b3RGsa0CtxbOJ2TUictBVD2hg68.roa
Signing time: Tue 02 Jan 2024 14:34:32 +0000
ROA not before: Tue 02 Jan 2024 14:34:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49067
IP address blocks: 194.31.11.0/24 maxlen: 24
185.98.218.0/24 maxlen: 24
185.98.216.0/24 maxlen: 24
185.98.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/PbbiTPwA0i9O-jmkIdr7e7HaS4M.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/PbbiTPwA0i9O-jmkIdr7e7HaS4M.mft
rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:98:fb:03:b3:dd:75:eb:2b:d0:bc:9e:7c:32:7d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3db6e24cfc00d22f4efa39a421dafb7bb1da4b83
Validity
Not Before: Jan 2 14:34:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f7446b1ad02b716ce2764d489cb41543da183af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7c:86:4e:80:a0:b7:b3:ec:f2:ee:19:73:a3:
25:0a:d0:24:74:81:83:50:55:e8:73:98:67:8b:33:
a0:d0:a7:64:11:e2:e5:f0:b5:3c:15:e9:0e:79:c6:
a2:e5:8b:d9:63:80:5e:05:0c:74:5b:51:1c:c3:8e:
b1:bf:60:df:02:be:cc:c5:d8:ed:1c:1f:7b:af:80:
5a:bc:40:dc:0f:87:e3:31:3b:17:91:90:5a:96:c3:
85:0a:ad:52:d0:7c:5a:67:76:15:da:af:fd:32:21:
76:64:b0:c2:c7:ec:e3:b1:3c:cc:c1:b5:8a:b0:d5:
f1:3a:62:e6:12:6c:d9:0e:38:f4:27:b4:07:6c:d4:
ce:42:e6:3e:4c:e9:58:7f:d2:d5:9d:4b:32:33:c9:
56:4e:2d:3b:a7:b7:bb:42:f8:ad:6b:a4:ee:00:0d:
5d:90:4c:47:d7:7d:3d:2f:0b:23:4c:a3:d1:31:b0:
a4:99:30:17:76:8f:9b:b0:86:a7:7b:2d:3b:29:45:
dd:e1:41:5f:cb:15:f7:c5:57:fd:fb:66:2b:2d:29:
66:62:9f:03:1a:6f:16:cc:73:be:a2:45:bb:fb:8c:
c3:96:fd:7c:62:d4:03:71:fd:70:c8:f2:28:0d:a9:
00:22:db:f5:82:60:f9:98:72:04:e7:0a:87:f4:be:
22:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:74:46:B1:AD:02:B7:16:CE:27:64:D4:89:CB:41:54:3D:A1:83:AF
X509v3 Authority Key Identifier:
keyid:3D:B6:E2:4C:FC:00:D2:2F:4E:FA:39:A4:21:DA:FB:7B:B1:DA:4B:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/b3RGsa0CtxbOJ2TUictBVD2hg68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/PbbiTPwA0i9O-jmkIdr7e7HaS4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.216.0-185.98.218.255
194.31.11.0/24
Signature Algorithm: sha256WithRSAEncryption
48:39:6c:fb:ef:d8:73:93:32:b3:5d:ec:ca:9a:ec:49:c0:a7:
76:b9:19:6b:b6:e7:fe:49:57:27:c1:b5:df:a2:08:59:1b:22:
3b:c6:03:d8:51:88:3c:c2:5c:f7:d4:2a:7c:af:93:ca:45:30:
52:fe:cc:fd:f8:c5:bb:c5:b1:5b:de:e5:ae:c4:0c:5a:e2:71:
9b:84:9f:49:c7:2b:74:84:55:e9:67:6c:39:64:76:bc:b0:24:
40:35:34:72:3e:81:b2:83:b3:69:37:a9:fe:18:d3:70:0d:60:
ec:8e:e1:33:f6:0f:7b:ef:a3:5e:d7:30:47:25:85:f0:c5:40:
80:7e:64:ea:8c:ce:c1:8c:b8:d6:42:2d:e4:62:a9:7b:0a:11:
5d:34:da:fa:a4:05:d2:7f:41:67:f1:48:e9:dc:9b:f7:40:97:
51:cf:45:e4:97:db:2f:e7:70:64:67:c4:b8:bc:1d:ba:8f:32:
8d:aa:0c:92:4c:8c:6b:89:4f:3b:43:3a:b4:84:88:54:da:2a:
58:d0:f5:c6:d9:67:70:08:bf:5a:f0:39:b5:75:d1:3a:9f:0e:
d2:d6:5a:55:2c:20:bd:ad:0d:c1:12:e0:ab:64:e9:bf:7e:04:
da:a8:25:f1:c8:26:75:a6:ad:d9:ec:42:6e:d8:19:4c:0f:13:
a2:cb:a0:79
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzKmPsDs9116yvQvJ58Mn09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZlMjRjZmMwMGQyMmY0ZWZhMzlhNDIxZGFmYjdiYjFk
YTRiODMwHhcNMjQwMTAyMTQzNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjc0NDZiMWFkMDJiNzE2Y2UyNzY0ZDQ4OWNiNDE1NDNkYTE4M2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnyGToCgt7Ps8u4Zc6MlCtAkdIGD
UFXoc5hnizOg0KdkEeLl8LU8FekOecai5YvZY4BeBQx0W1Ecw46xv2DfAr7Mxdjt
HB97r4BavEDcD4fjMTsXkZBalsOFCq1S0HxaZ3YV2q/9MiF2ZLDCx+zjsTzMwbWK
sNXxOmLmEmzZDjj0J7QHbNTOQuY+TOlYf9LVnUsyM8lWTi07p7e7Qvita6TuAA1d
kExH1309LwsjTKPRMbCkmTAXdo+bsIaney07KUXd4UFfyxX3xVf9+2YrLSlmYp8D
Gm8WzHO+okW7+4zDlv18YtQDcf1wyPIoDakAItv1gmD5mHIE5wqH9L4ibwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG90RrGtArcWzidk1InLQVQ9oYOvMB8GA1UdIwQY
MBaAFD224kz8ANIvTvo5pCHa+3ux2kuDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiaVRQd0EwaTlPLWpta0lkcjdlN0hhUzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9mN2JiYzQtNTYyYS00ZTc5LWE4ZWUt
OTM4MGU1Y2MwNTgwLzEvYjNSR3NhMEN0eGJPSjJUVWljdEJWRDJoZzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9mN2JiYzQtNTYyYS00ZTc5LWE4ZWUtOTM4MGU1Y2MwNTgw
LzEvUGJiaVRQd0EwaTlPLWpta0lkcjdlN0hhUzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAO5YtgD
BAC5YtoDBADCHwswDQYJKoZIhvcNAQELBQADggEBAEg5bPvv2HOTMrNd7Mqa7EnA
p3a5GWu25/5JVyfBtd+iCFkbIjvGA9hRiDzCXPfUKnyvk8pFMFL+zP34xbvFsVve
5a7EDFricZuEn0nHK3SEVelnbDlkdrywJEA1NHI+gbKDs2k3qf4Y03ANYOyO4TP2
D3vvo17XMEclhfDFQIB+ZOqMzsGMuNZCLeRiqXsKEV002vqkBdJ/QWfxSOncm/dA
l1HPReSX2y/ncGRnxLi8HbqPMo2qDJJMjGuJTztDOrSEiFTaKljQ9cbZZ3AIv1rw
ObV10TqfDtLWWlUsIL2tDcES4Ktk6b9+BNqoJfHIJnWmrdnsQm7YGUwPE6LLoHk=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:16:27 2024 by rpki-client on console-fra.rpki-client.org