Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/3oXFekC71dbYiTujxurKx-YHWso.roa
File: 3oXFekC71dbYiTujxurKx-YHWso.roa (raw, json)
Hash identifier: VWPXv+GIQeVUCi3IpMlwA7/vni0dBxNp6LVyRBmZC24=
Subject key identifier: DE:85:C5:7A:40:BB:D5:D6:D8:89:3B:A3:C6:EA:CA:C7:E6:07:5A:CA
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: 018CC6B7948FDC3FA3619266211792CC1930
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/3oXFekC71dbYiTujxurKx-YHWso.roa
Signing time: Mon 01 Jan 2024 20:29:29 +0000
ROA not before: Mon 01 Jan 2024 20:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15511
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:94:8f:dc:3f:a3:61:92:66:21:17:92:cc:19:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 20:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de85c57a40bbd5d6d8893ba3c6eacac7e6075aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f4:7e:ef:19:d5:3b:8e:6e:d0:3c:41:02:e6:
77:9d:3a:b2:71:27:86:1e:bf:b1:68:31:a6:3d:15:
d5:02:8a:1b:d0:cb:e6:1d:90:67:b0:8d:37:c6:69:
9d:63:8b:71:3a:ef:5b:74:64:73:1e:f7:56:e9:fa:
28:6f:62:de:40:b1:c0:30:9a:cf:6e:94:01:7e:27:
55:5e:5e:86:9d:a3:dc:94:a5:e0:3d:48:86:26:fc:
7c:07:40:67:bf:0e:d0:75:7d:a7:28:06:3b:5b:26:
ea:04:91:5f:70:b9:4e:b6:94:0a:14:28:56:06:d2:
e9:0f:71:98:ac:75:bd:87:86:d6:c0:a7:4e:8f:cd:
f5:e4:ad:e1:b8:42:ef:3c:52:a5:3a:9b:f8:e3:96:
d1:e4:09:f1:4b:47:d7:9e:a5:4a:d8:e3:b1:4f:44:
a2:76:77:1d:39:e5:82:9c:49:6d:d7:a6:b0:07:4e:
f5:dd:c8:94:49:0f:d2:25:fb:e6:33:67:fb:c2:96:
28:d1:17:cf:fb:5f:27:39:4c:5b:4f:33:03:18:64:
5c:94:d2:5d:27:c1:64:1b:ee:6e:4d:b9:26:a5:70:
0a:16:a6:f1:1a:4f:3c:4e:d8:85:6d:e5:b6:30:49:
95:d9:8f:1e:06:13:87:8e:66:eb:98:bd:b0:07:19:
ef:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:85:C5:7A:40:BB:D5:D6:D8:89:3B:A3:C6:EA:CA:C7:E6:07:5A:CA
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/3oXFekC71dbYiTujxurKx-YHWso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:c2:b4:71:b2:ed:53:f0:f6:79:f7:ac:7a:ec:4c:0e:64:14:
26:27:8d:1e:de:c5:be:db:68:00:9f:a6:15:9f:28:5b:79:1f:
c6:0c:b0:92:c4:ae:05:00:ad:b0:12:38:4b:a4:29:35:ed:84:
4d:c3:34:53:46:ef:4d:f5:58:46:1c:15:12:9e:e5:be:05:18:
35:1f:96:3c:47:60:d4:cc:d7:8a:ee:d5:c8:e0:39:98:db:ef:
b4:c0:c6:d7:e6:4c:68:50:f9:16:a0:e0:25:e5:03:29:09:aa:
54:f8:64:c0:1e:d8:83:6c:aa:dc:62:46:a0:3d:e2:51:9d:a9:
f6:5c:26:19:0c:3d:38:d1:36:d3:6f:67:b3:84:e6:33:31:7a:
23:36:e9:c3:88:cb:d2:68:ed:c6:7a:39:9d:b5:46:95:15:83:
e8:a2:71:48:a8:a9:3f:ce:33:bc:6f:6c:0f:d6:fe:e3:a2:73:
ff:fb:35:9b:8f:d0:73:26:33:08:6d:ac:7c:99:3c:f4:af:0a:
d2:e5:dd:7b:3d:31:2a:58:19:de:82:04:50:c6:cb:2e:74:ed:
f3:33:c8:cb:c8:52:7f:e1:11:0a:7d:80:f1:67:e7:e9:e1:fa:
e2:1a:a5:30:29:e9:a6:3b:f3:27:f3:0c:8b:f5:cb:b0:01:91:
ef:06:95:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt5SP3D+jYZJmIReSzBkwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODQ3ZjgyMjE4OTdkNmU5NTJlODZlYTJjMzM5YWJhYWNj
MTMxZjUwHhcNMjQwMTAxMjAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTg1YzU3YTQwYmJkNWQ2ZDg4OTNiYTNjNmVhY2FjN2U2MDc1YWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPR+7xnVO45u0DxBAuZ3nTqycSeG
Hr+xaDGmPRXVAoob0MvmHZBnsI03xmmdY4txOu9bdGRzHvdW6foob2LeQLHAMJrP
bpQBfidVXl6GnaPclKXgPUiGJvx8B0Bnvw7QdX2nKAY7WybqBJFfcLlOtpQKFChW
BtLpD3GYrHW9h4bWwKdOj8315K3huELvPFKlOpv445bR5AnxS0fXnqVK2OOxT0Si
dncdOeWCnElt16awB0713ciUSQ/SJfvmM2f7wpYo0RfP+18nOUxbTzMDGGRclNJd
J8FkG+5uTbkmpXAKFqbxGk88TtiFbeW2MEmV2Y8eBhOHjmbrmL2wBxnv9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6FxXpAu9XW2Ik7o8bqysfmB1rKMB8GA1UdIwQY
MBaAFHCEf4IhiX1ulS6G6iwzmrqswTH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgt
NmU4Nzg0YTdhZDA5LzEvM29YRmVrQzcxZGJZaVR1anh1ckt4LVlIV3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgtNmU4Nzg0YTdhZDA5
LzEvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSYcAwQC
uV/8MA0GCSqGSIb3DQEBCwUAA4IBAQC2wrRxsu1T8PZ596x67EwOZBQmJ40e3sW+
22gAn6YVnyhbeR/GDLCSxK4FAK2wEjhLpCk17YRNwzRTRu9N9VhGHBUSnuW+BRg1
H5Y8R2DUzNeK7tXI4DmY2++0wMbX5kxoUPkWoOAl5QMpCapU+GTAHtiDbKrcYkag
PeJRnan2XCYZDD040TbTb2ezhOYzMXojNunDiMvSaO3GejmdtUaVFYPoonFIqKk/
zjO8b2wP1v7jonP/+zWbj9BzJjMIbax8mTz0rwrS5d17PTEqWBneggRQxssudO3z
M8jLyFJ/4REKfYDxZ+fp4friGqUwKemmO/Mn8wyL9cuwAZHvBpVL
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:30 2024 by rpki-client on console-fra.rpki-client.org