Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/3rVAJpF6ewlsLl85geEwtEI3k7A.roa
File: 3rVAJpF6ewlsLl85geEwtEI3k7A.roa (raw, json)
Hash identifier: j8iCVDSybOi1BIwrQyOgdU7f9Z0XwvwMu/VbCx2Gfhs=
Subject key identifier: DE:B5:40:26:91:7A:7B:09:6C:2E:5F:39:81:E1:30:B4:42:37:93:B0
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D24A0938A9C9890E88E6FAA49FBE8
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/3rVAJpF6ewlsLl85geEwtEI3k7A.roa
Signing time: Mon 01 Jan 2024 00:29:41 +0000
ROA not before: Mon 01 Jan 2024 00:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48948
IP address blocks: 93.114.160.0/24 maxlen: 24
93.114.161.0/24 maxlen: 24
93.114.162.0/24 maxlen: 24
93.114.163.0/24 maxlen: 24
93.114.164.0/24 maxlen: 24
93.114.165.0/24 maxlen: 24
93.114.166.0/24 maxlen: 24
93.114.167.0/24 maxlen: 24
2001:4d18:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:24:a0:93:8a:9c:98:90:e8:8e:6f:aa:49:fb:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=deb54026917a7b096c2e5f3981e130b4423793b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0f:73:db:cc:de:b5:59:2b:da:df:b6:3c:22:
37:be:bd:2d:64:39:b0:ec:e2:62:9c:a4:b9:1d:dc:
07:87:fd:2d:df:fb:0e:f5:19:83:3f:eb:ef:84:70:
ee:ce:8c:4f:14:89:7e:8e:71:9e:18:d6:8f:40:c1:
61:52:bf:a9:57:40:c4:d0:5f:32:45:35:43:53:89:
35:7f:ab:7b:97:38:2c:22:4e:58:8a:e6:c6:98:ea:
10:c4:6e:42:dc:71:80:b9:93:1f:46:2a:9a:bb:9c:
72:a0:8d:b1:5f:5e:aa:be:ec:d0:ab:ed:12:15:58:
54:5f:fd:b6:fe:17:58:e1:01:f8:4c:9e:de:67:0c:
d7:d5:a2:c3:0c:e0:4f:bc:f4:e2:9c:c8:1f:92:81:
75:cb:7a:f8:a2:54:ae:52:53:98:d4:5a:7d:e3:8d:
e0:1d:9a:24:d6:43:ee:f7:d1:fb:6d:01:b2:ac:6b:
5a:cf:c6:20:72:1c:1f:d2:c7:f6:90:d1:e8:c6:f7:
4f:50:72:09:b5:2b:d4:2c:b5:67:2c:4c:74:93:95:
88:5a:71:14:2d:2b:1d:65:7f:58:94:05:bb:0c:b6:
5e:f0:ac:88:56:88:14:17:63:d0:90:5b:af:82:b1:
08:eb:06:e4:3d:a2:de:a8:50:ea:88:17:2e:53:e1:
23:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B5:40:26:91:7A:7B:09:6C:2E:5F:39:81:E1:30:B4:42:37:93:B0
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/3rVAJpF6ewlsLl85geEwtEI3k7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.160.0/21
IPv6:
2001:4d18:3::/48
Signature Algorithm: sha256WithRSAEncryption
15:09:16:f8:c2:fa:d6:4d:28:02:a3:ba:09:aa:e2:10:3d:0c:
66:67:c1:b9:fe:c1:54:9e:e8:4d:50:17:4e:df:ca:e8:9d:57:
49:e9:f2:32:b0:c9:95:42:50:c4:51:81:74:d9:ec:70:fa:55:
15:97:f3:f9:d3:29:d5:b3:8f:0a:ba:ca:d6:b1:d7:79:d9:da:
cd:93:34:0f:2d:46:72:94:ba:3b:77:67:d4:8c:f8:4b:3d:38:
71:fa:21:80:03:57:c4:dd:87:3c:aa:95:86:66:24:31:f1:4a:
f1:e5:4c:3c:b0:18:2c:99:26:33:c3:1b:09:b9:7a:e7:2f:41:
a8:25:fe:f8:fd:2c:49:d0:67:45:7b:5d:92:22:f9:c7:5e:2c:
8e:dd:ec:03:32:8a:7c:53:6d:9b:ed:4b:25:03:2a:79:2c:bf:
ac:17:b4:c3:e4:02:f2:ac:08:bf:37:6a:86:39:56:3b:d0:ed:
43:66:fe:7a:23:4d:f5:4a:05:27:4c:d1:69:c3:e3:ae:55:c7:
4a:c5:f3:28:6a:cb:36:c8:ba:81:6d:e9:14:95:c1:6c:73:79:
1f:f0:bf:b7:49:7d:c8:bc:02:de:a8:fd:50:1b:c1:2d:2c:04:
0a:8f:f1:00:fb:34:60:c0:5f:cb:fa:ce:2d:d3:e6:16:09:6e:
0d:60:ac:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbSSgk4qcmJDojm+qSfvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWI1NDAyNjkxN2E3YjA5NmMyZTVmMzk4MWUxMzBiNDQyMzc5M2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw9z28zetVkr2t+2PCI3vr0tZDmw
7OJinKS5HdwHh/0t3/sO9RmDP+vvhHDuzoxPFIl+jnGeGNaPQMFhUr+pV0DE0F8y
RTVDU4k1f6t7lzgsIk5YiubGmOoQxG5C3HGAuZMfRiqau5xyoI2xX16qvuzQq+0S
FVhUX/22/hdY4QH4TJ7eZwzX1aLDDOBPvPTinMgfkoF1y3r4olSuUlOY1Fp9443g
HZok1kPu99H7bQGyrGtaz8Ygchwf0sf2kNHoxvdPUHIJtSvULLVnLEx0k5WIWnEU
LSsdZX9YlAW7DLZe8KyIVogUF2PQkFuvgrEI6wbkPaLeqFDqiBcuU+Ej4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN61QCaRensJbC5fOYHhMLRCN5OwMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvM3JWQUpwRjZld2xzTGw4NWdlRXd0RUkzazdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDXXKgMA8E
AgACMAkDBwAgAU0YAAMwDQYJKoZIhvcNAQELBQADggEBABUJFvjC+tZNKAKjugmq
4hA9DGZnwbn+wVSe6E1QF07fyuidV0np8jKwyZVCUMRRgXTZ7HD6VRWX8/nTKdWz
jwq6ytax13nZ2s2TNA8tRnKUujt3Z9SM+Es9OHH6IYADV8TdhzyqlYZmJDHxSvHl
TDywGCyZJjPDGwm5eucvQagl/vj9LEnQZ0V7XZIi+cdeLI7d7AMyinxTbZvtSyUD
Knksv6wXtMPkAvKsCL83aoY5VjvQ7UNm/nojTfVKBSdM0WnD465Vx0rF8yhqyzbI
uoFt6RSVwWxzeR/wv7dJfci8At6o/VAbwS0sBAqP8QD7NGDAX8v6zi3T5hYJbg1g
rMo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:20 2024 by rpki-client on console-fra.rpki-client.org