Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/t3FhzpOgnWGIUQkysya-32jgyGk.roa
File: t3FhzpOgnWGIUQkysya-32jgyGk.roa (raw, json)
Hash identifier: oB02i69pUFNzUYunGwWdJjiaE/So54iK+esM417XJI0=
Subject key identifier: B7:71:61:CE:93:A0:9D:61:88:51:09:32:B3:26:BE:DF:68:E0:C8:69
Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Certificate serial: 018CC8011D50506343860CB4D6B514B9E477
Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/t3FhzpOgnWGIUQkysya-32jgyGk.roa
Signing time: Tue 02 Jan 2024 02:29:25 +0000
ROA not before: Tue 02 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 217.69.16.0/20 maxlen: 20
185.3.24.0/22 maxlen: 22
2a03:6c81::/32 maxlen: 32
2a03:6c82::/32 maxlen: 32
2a03:6c80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1d:50:50:63:43:86:0c:b4:d6:b5:14:b9:e4:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b77161ce93a09d6188510932b326bedf68e0c869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f8:b0:29:77:85:87:40:a9:16:de:39:5f:59:
9c:c4:d0:bf:0e:1a:5e:46:a0:ca:03:8b:f9:c6:4b:
f9:0f:43:89:01:92:8b:87:a7:53:bd:72:4b:11:f5:
d8:bc:2f:5c:56:86:89:3c:2e:e8:4d:4a:4d:00:56:
67:f4:f2:d5:4a:63:73:e7:8d:26:32:e5:27:e0:ee:
ff:d5:d2:49:35:c4:4e:42:31:ca:89:6e:a7:d8:d7:
d9:21:1f:33:a9:da:f5:2f:a4:c3:eb:16:19:9c:a7:
4c:2b:04:3c:e6:6d:eb:41:2a:be:28:4e:da:1d:cd:
9e:ed:57:55:bf:7e:e2:d9:a0:db:c9:7c:00:0e:19:
12:97:7b:0c:00:14:69:1d:01:4b:5b:2f:e1:e8:73:
45:4d:a9:50:fc:0a:5c:18:23:2c:31:59:31:e7:d6:
30:ad:14:ae:51:dd:82:4c:66:fd:89:fe:3b:6b:5a:
9b:f8:9f:69:4d:41:76:6d:52:09:d9:91:a5:7d:fb:
81:a6:71:40:b7:56:0b:36:de:9f:f4:5f:46:0d:ec:
af:14:e9:e7:9e:49:0d:d8:38:eb:ed:7f:33:0a:1b:
16:d9:56:90:c1:f1:2c:b9:bd:17:1f:db:1c:da:ab:
22:42:52:86:19:79:a0:af:14:7f:60:7d:46:3e:30:
86:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:71:61:CE:93:A0:9D:61:88:51:09:32:B3:26:BE:DF:68:E0:C8:69
X509v3 Authority Key Identifier:
keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/t3FhzpOgnWGIUQkysya-32jgyGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.24.0/22
217.69.16.0/20
IPv6:
2a03:6c80::-2a03:6c82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
44:e2:71:67:a7:7e:04:92:ca:8f:98:35:2e:ca:ac:29:84:af:
95:85:43:a9:27:97:09:f9:8c:c8:37:86:c4:88:ec:ae:65:db:
3c:44:2f:79:f7:33:c9:74:3b:62:52:8b:21:1e:2a:5b:e7:7b:
f5:13:06:b8:fb:57:f9:21:e5:fe:52:6d:f0:77:68:ce:1d:69:
8f:64:55:6d:60:b7:a3:f2:a8:57:60:0d:22:67:c1:33:48:ce:
d4:bd:b9:f6:c2:7b:71:d2:54:6c:96:6a:05:77:12:82:ec:50:
7f:c1:93:55:73:db:9c:19:a2:3a:9a:ff:39:8c:db:e6:d7:31:
30:ab:09:fa:04:94:e4:50:57:fb:de:d1:e0:9a:de:4d:74:2d:
b3:25:70:28:d1:83:20:14:fc:11:56:dd:3f:ce:33:6a:18:46:
ce:05:54:2d:39:3d:0c:1b:52:11:0a:f6:c0:ea:d0:4c:27:bf:
d6:2b:8f:a4:38:55:9d:91:d8:be:18:bf:80:b6:66:ec:3c:07:
f8:e4:19:ed:7f:e8:1c:9e:d3:30:b4:49:5b:06:f1:e0:cd:e3:
af:ec:82:1f:6d:87:86:4b:1f:29:a7:56:52:b7:2e:5b:38:cb:
fe:ad:76:20:8d:6f:56:0a:c3:46:1e:c4:df:73:a2:dc:44:76:
c2:79:32:40
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIAR1QUGNDhgy01rUUueR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzUwYmE4MmYzZmViNWFlZTI4OTM4ZmJmMWIwOWMxZTJm
ZDE5YjQwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzcxNjFjZTkzYTA5ZDYxODg1MTA5MzJiMzI2YmVkZjY4ZTBjODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmviwKXeFh0CpFt45X1mcxNC/Dhpe
RqDKA4v5xkv5D0OJAZKLh6dTvXJLEfXYvC9cVoaJPC7oTUpNAFZn9PLVSmNz540m
MuUn4O7/1dJJNcROQjHKiW6n2NfZIR8zqdr1L6TD6xYZnKdMKwQ85m3rQSq+KE7a
Hc2e7VdVv37i2aDbyXwADhkSl3sMABRpHQFLWy/h6HNFTalQ/ApcGCMsMVkx59Yw
rRSuUd2CTGb9if47a1qb+J9pTUF2bVIJ2ZGlffuBpnFAt1YLNt6f9F9GDeyvFOnn
nkkN2Djr7X8zChsW2VaQwfEsub0XH9sc2qsiQlKGGXmgrxR/YH1GPjCGVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLdxYc6ToJ1hiFEJMrMmvt9o4MhpMB8GA1UdIwQY
MBaAFDw1C6gvP+ta7iiTj78bCcHi/Rm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEt
NjFiNzkwMmVlMjA0LzEvdDNGaHpwT2duV0dJVVFreXN5YS0zMmpneUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEtNjFiNzkwMmVlMjA0
LzEvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuQMYAwQE
2UUQMBYEAgACMBAwDgMFByoDbIADBQAqA2yCMA0GCSqGSIb3DQEBCwUAA4IBAQBE
4nFnp34EksqPmDUuyqwphK+VhUOpJ5cJ+YzIN4bEiOyuZds8RC959zPJdDtiUosh
Hipb53v1Ewa4+1f5IeX+Um3wd2jOHWmPZFVtYLej8qhXYA0iZ8EzSM7Uvbn2wntx
0lRslmoFdxKC7FB/wZNVc9ucGaI6mv85jNvm1zEwqwn6BJTkUFf73tHgmt5NdC2z
JXAo0YMgFPwRVt0/zjNqGEbOBVQtOT0MG1IRCvbA6tBMJ7/WK4+kOFWdkdi+GL+A
tmbsPAf45Bntf+gcntMwtElbBvHgzeOv7IIfbYeGSx8pp1ZSty5bOMv+rXYgjW9W
CsNGHsTfc6LcRHbCeTJA
-----END CERTIFICATE-----
Generated at Sun May 5 00:31:55 2024 by rpki-client on console-fra.rpki-client.org