Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PDOQlBZYINMya50zb_yO4NO6YGU.roa
File: PDOQlBZYINMya50zb_yO4NO6YGU.roa (raw, json)
Hash identifier: zUJi3KiSeHjA5mp3wo25khNCnJjR1ljydYUheVPLTxs=
Subject key identifier: 3C:33:90:94:16:58:20:D3:32:6B:9D:33:6F:FC:8E:E0:D3:BA:60:65
Certificate issuer: /CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Certificate serial: 018D823F7A4DC76E38CA1C79F94D63031E5E
Authority key identifier: 3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PDOQlBZYINMya50zb_yO4NO6YGU.roa
Signing time: Wed 07 Feb 2024 06:26:54 +0000
ROA not before: Wed 07 Feb 2024 06:26:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39305
IP address blocks: 89.40.176.0/22 maxlen: 22
94.24.24.0/22 maxlen: 22
94.24.30.0/23 maxlen: 23
185.88.9.0/24 maxlen: 24
185.151.214.0/23 maxlen: 24
193.57.226.0/24 maxlen: 24
193.57.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 09:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:3f:7a:4d:c7:6e:38:ca:1c:79:f9:4d:63:03:1e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Validity
Not Before: Feb 7 06:26:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c339094165820d3326b9d336ffc8ee0d3ba6065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0c:22:fa:34:bd:1d:d2:22:a9:50:ca:93:0f:
89:61:3c:28:48:a0:49:b6:91:dd:78:ac:a5:b3:28:
e3:a0:b3:b8:68:db:6b:65:90:cd:81:58:82:ee:6b:
dd:e6:c2:a1:81:9a:47:8b:3b:22:98:a4:da:69:8a:
1b:dc:7d:5a:63:b1:b0:3a:d6:b8:ad:76:64:25:60:
d3:8a:a9:94:c2:a9:56:81:45:09:7c:f3:eb:bd:00:
59:0f:df:90:0e:d2:7f:b4:6c:82:d0:20:44:56:b4:
99:4d:48:c2:ea:77:de:63:e8:4b:2d:29:e9:71:d4:
ad:6e:ce:1f:14:f2:19:5e:c3:22:e0:b9:94:a8:68:
a6:71:d0:42:d6:72:02:79:82:21:53:d6:72:11:bd:
25:38:e8:08:e1:f8:18:c5:35:28:24:67:ff:4c:7d:
53:e5:b9:55:c2:d7:4c:e5:78:72:7f:20:d1:a5:e0:
a3:39:b8:8a:c6:53:df:79:95:cd:f3:ab:d9:2e:71:
6b:af:0d:63:93:0d:00:dc:97:fb:41:b1:e2:d6:90:
27:05:7b:ea:52:bb:bd:52:9b:95:3d:67:7a:df:48:
47:b0:cd:a9:c8:96:57:42:a1:58:dd:79:85:50:29:
0b:cb:2b:af:cc:e1:46:b9:60:0b:0d:cf:cd:ab:72:
83:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:33:90:94:16:58:20:D3:32:6B:9D:33:6F:FC:8E:E0:D3:BA:60:65
X509v3 Authority Key Identifier:
keyid:3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PDOQlBZYINMya50zb_yO4NO6YGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.176.0/22
94.24.24.0/22
94.24.30.0/23
185.88.9.0/24
185.151.214.0/23
193.57.226.0/23
Signature Algorithm: sha256WithRSAEncryption
94:30:d9:34:df:35:f1:ab:9e:ea:1d:43:82:7d:a7:b2:68:31:
25:86:34:20:10:fb:37:09:a5:1f:d0:ac:5f:ef:14:6d:af:d5:
10:40:02:eb:7c:d3:32:f4:1a:3b:8c:2f:07:7a:d1:bd:d2:a9:
4e:64:ba:1d:73:fe:cf:df:50:6e:25:4f:b6:d6:f2:be:1f:3c:
0d:ff:9f:3c:d9:88:32:a4:55:e4:ea:b9:fc:a0:42:c9:77:56:
19:dc:20:a0:70:04:ae:e9:61:a2:dc:50:ad:22:f8:90:97:13:
6d:de:f8:34:8e:5d:cb:c6:ef:ef:3f:50:ff:97:9d:a4:8e:cb:
4f:aa:9c:e8:5a:bc:09:cd:92:64:b2:45:ef:2c:74:ff:a3:21:
ea:66:38:c1:d5:8e:ed:c2:5a:46:57:f2:b9:8f:03:6a:a1:00:
6e:f6:38:dc:38:68:96:ee:bd:8f:71:2b:a1:44:db:f6:4b:46:
0d:89:e4:ef:ac:33:37:14:bb:55:39:45:bb:61:47:11:14:56:
bf:d5:05:8b:05:22:d3:ea:90:f5:0e:af:15:9b:8d:59:96:6c:
e1:00:b6:6c:89:ae:20:f7:e3:78:10:8a:db:17:3b:80:9a:f9:
91:0b:74:59:38:b5:5e:a5:8a:85:45:a9:4e:a0:23:c7:6d:4a:
52:8e:08:4a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2CP3pNx244yhx5+U1jAx5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjMwNzUyZjNiYTAwMjZmYmIyMGM1ZTRjOTYzYjExMjlh
YzlkMzQwHhcNMjQwMjA3MDYyNjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMzOTA5NDE2NTgyMGQzMzI2YjlkMzM2ZmZjOGVlMGQzYmE2MDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQwi+jS9HdIiqVDKkw+JYTwoSKBJ
tpHdeKylsyjjoLO4aNtrZZDNgViC7mvd5sKhgZpHizsimKTaaYob3H1aY7GwOta4
rXZkJWDTiqmUwqlWgUUJfPPrvQBZD9+QDtJ/tGyC0CBEVrSZTUjC6nfeY+hLLSnp
cdStbs4fFPIZXsMi4LmUqGimcdBC1nICeYIhU9ZyEb0lOOgI4fgYxTUoJGf/TH1T
5blVwtdM5XhyfyDRpeCjObiKxlPfeZXN86vZLnFrrw1jkw0A3Jf7QbHi1pAnBXvq
Uru9UpuVPWd630hHsM2pyJZXQqFY3XmFUCkLyyuvzOFGuWALDc/Nq3KDmQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDwzkJQWWCDTMmudM2/8juDTumBlMB8GA1UdIwQY
MBaAFD8jB1LzugAm+7IMXkyWOxEprJ00MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlNSFV2TzZBQ2I3c2d4ZVRKWTdFU21zblRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MWY5YTEtNDM2OC00NTY4LWIwMjkt
ZGQyMjUzMGUxNWE0LzEvUERPUWxCWllJTk15YTUwemJfeU80Tk82WUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MWY5YTEtNDM2OC00NTY4LWIwMjktZGQyMjUzMGUxNWE0
LzEvUHlNSFV2TzZBQ2I3c2d4ZVRKWTdFU21zblRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCWSiwAwQC
XhgYAwQBXhgeAwQAuVgJAwQBuZfWAwQBwTniMA0GCSqGSIb3DQEBCwUAA4IBAQCU
MNk03zXxq57qHUOCfaeyaDElhjQgEPs3CaUf0Kxf7xRtr9UQQALrfNMy9Bo7jC8H
etG90qlOZLodc/7P31BuJU+21vK+HzwN/5882YgypFXk6rn8oELJd1YZ3CCgcASu
6WGi3FCtIviQlxNt3vg0jl3Lxu/vP1D/l52kjstPqpzoWrwJzZJkskXvLHT/oyHq
ZjjB1Y7twlpGV/K5jwNqoQBu9jjcOGiW7r2PcSuhRNv2S0YNieTvrDM3FLtVOUW7
YUcRFFa/1QWLBSLT6pD1Dq8Vm41ZlmzhALZsia4g9+N4EIrbFzuAmvmRC3RZOLVe
pYqFRalOoCPHbUpSjghK
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:39:56 2024 by rpki-client on console-fra.rpki-client.org