Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/3xAVO3-9tgfyAR7aX6UE-5WtR54.roa
File: 3xAVO3-9tgfyAR7aX6UE-5WtR54.roa (raw, json)
Hash identifier: rmnTOvuKscSV7Rr/251yAA7GoDyIiDvtwGeZZcObw2I=
Subject key identifier: DF:10:15:3B:7F:BD:B6:07:F2:01:1E:DA:5F:A5:04:FB:95:AD:47:9E
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 018CC8022C16A51F8EFD99A0C745F9D1D577
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/3xAVO3-9tgfyAR7aX6UE-5WtR54.roa
Signing time: Tue 02 Jan 2024 02:30:34 +0000
ROA not before: Tue 02 Jan 2024 02:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208422
IP address blocks: 45.87.116.0/24 maxlen: 24
185.186.0.0/24 maxlen: 24
2a09:e201::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:2c:16:a5:1f:8e:fd:99:a0:c7:45:f9:d1:d5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: Jan 2 02:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df10153b7fbdb607f2011eda5fa504fb95ad479e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:75:99:f2:0b:45:cc:82:c4:a1:62:0c:20:4d:
cd:2a:53:0a:c7:c6:47:19:27:9a:74:ec:2c:00:d5:
ad:dc:19:e6:48:3d:87:40:36:f9:0f:63:43:ab:df:
17:af:1f:6c:cf:4c:57:9f:74:85:cf:2d:20:23:04:
75:36:b4:58:47:a2:66:7b:0d:b0:92:0b:3d:dc:ff:
58:b6:20:41:fa:4c:d1:f3:91:27:f8:fa:58:ae:c0:
12:9a:3f:06:ff:b7:50:78:38:70:fe:95:3b:ce:11:
f1:a0:58:da:42:92:5d:13:e4:b0:e2:a1:bc:87:5f:
65:2c:a1:c9:8e:64:ad:71:01:9e:56:b5:76:d7:36:
b5:9e:4d:c6:b6:8d:2d:a7:2c:bb:c4:aa:56:09:ef:
82:e8:f9:f6:d8:01:72:3f:24:d6:47:42:2b:13:c1:
9d:80:38:55:ac:23:3a:a5:87:cd:3a:bd:3f:3c:89:
fe:0b:f5:39:53:98:c7:6a:4a:05:bd:11:79:96:21:
d5:83:45:02:c5:b2:5b:18:6e:88:7c:5e:e7:e2:a6:
3b:49:26:eb:18:5a:72:8f:3f:f1:4d:68:16:41:c3:
6f:58:4a:47:c6:77:ee:d6:da:8a:c9:44:3f:10:03:
8d:4b:d8:40:e5:14:df:92:09:b8:be:20:36:c8:45:
69:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:10:15:3B:7F:BD:B6:07:F2:01:1E:DA:5F:A5:04:FB:95:AD:47:9E
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/3xAVO3-9tgfyAR7aX6UE-5WtR54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.116.0/24
185.186.0.0/24
IPv6:
2a09:e201::/48
Signature Algorithm: sha256WithRSAEncryption
54:56:a8:ee:c6:f3:ef:95:48:9b:19:15:ad:dd:2e:aa:f9:d3:
3e:ed:6a:3b:92:7f:4b:13:21:97:25:2f:bd:4c:c4:77:48:f2:
ab:2b:63:39:27:ab:24:ee:da:67:b0:de:df:bb:59:62:4a:46:
97:5b:cd:97:0d:96:29:3a:e1:f2:69:bc:73:04:60:68:c5:eb:
73:48:4b:86:23:f0:c5:36:f2:52:4d:b4:e3:54:cd:e2:30:45:
6d:18:ea:ce:0c:b0:e5:34:c8:ad:0d:2f:a7:46:de:25:78:38:
a5:e8:fe:bb:69:cb:7f:79:6d:ff:45:b3:93:c3:45:0a:0f:4a:
4e:25:1d:4b:25:f0:89:14:50:44:ed:f4:3d:ef:28:2e:8a:7a:
06:02:b6:ad:72:b5:ba:97:8f:82:1d:a7:8b:14:be:5f:51:c7:
90:13:c2:eb:86:c2:3f:43:2a:cd:7a:cd:d1:aa:91:dd:88:83:
7c:2b:34:5e:26:2a:99:80:52:fb:8b:85:bb:da:2e:ca:0e:59:
5d:79:71:e6:81:d0:02:82:14:b1:d2:31:6f:f1:5c:4a:f7:9e:
24:59:4c:03:04:50:3d:b6:4a:b2:4f:cb:a8:20:8e:ac:17:d3:
c3:60:34:79:a2:6b:c7:5c:71:b3:f7:75:19:b3:83:19:6d:52:
c5:b6:a3:5a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIAiwWpR+O/Zmgx0X50dV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjQwMTAyMDIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjEwMTUzYjdmYmRiNjA3ZjIwMTFlZGE1ZmE1MDRmYjk1YWQ0NzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHWZ8gtFzILEoWIMIE3NKlMKx8ZH
GSeadOwsANWt3BnmSD2HQDb5D2NDq98Xrx9sz0xXn3SFzy0gIwR1NrRYR6Jmew2w
kgs93P9YtiBB+kzR85En+PpYrsASmj8G/7dQeDhw/pU7zhHxoFjaQpJdE+Sw4qG8
h19lLKHJjmStcQGeVrV21za1nk3Gto0tpyy7xKpWCe+C6Pn22AFyPyTWR0IrE8Gd
gDhVrCM6pYfNOr0/PIn+C/U5U5jHakoFvRF5liHVg0UCxbJbGG6IfF7n4qY7SSbr
GFpyjz/xTWgWQcNvWEpHxnfu1tqKyUQ/EAONS9hA5RTfkgm4viA2yEVpbQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFN8QFTt/vbYH8gEe2l+lBPuVrUeeMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvM3hBVk8zLTl0Z2Z5QVI3YVg2VUUtNVd0UjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALVd0AwQA
uboAMA8EAgACMAkDBwAqCeIBAAAwDQYJKoZIhvcNAQELBQADggEBAFRWqO7G8++V
SJsZFa3dLqr50z7tajuSf0sTIZclL71MxHdI8qsrYzknqyTu2mew3t+7WWJKRpdb
zZcNlik64fJpvHMEYGjF63NIS4Yj8MU28lJNtONUzeIwRW0Y6s4MsOU0yK0NL6dG
3iV4OKXo/rtpy395bf9Fs5PDRQoPSk4lHUsl8IkUUETt9D3vKC6KegYCtq1ytbqX
j4Idp4sUvl9Rx5ATwuuGwj9DKs16zdGqkd2Ig3wrNF4mKpmAUvuLhbvaLsoOWV15
ceaB0AKCFLHSMW/xXEr3niRZTAMEUD22SrJPy6ggjqwX08NgNHmia8dccbP3dRmz
gxltUsW2o1o=
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:45:07 2024 by rpki-client on console-ams.rpki-client.org