Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/k3Mas3kkhqS9arKKXobONXwy4M4.roa
File: k3Mas3kkhqS9arKKXobONXwy4M4.roa (raw, json)
Hash identifier: KC3Moe3X9WhqQF4UEYsLrIHkzBFbqL3hZNnc4NLRMcw=
Subject key identifier: 93:73:1A:B3:79:24:86:A4:BD:6A:B2:8A:5E:86:CE:35:7C:32:E0:CE
Certificate issuer: /CN=ae209c92646ae342caa5d46dc1d3735a0d2e7b14
Certificate serial: 018CC86F680FA452262C8C9FEE688537E0A2
Authority key identifier: AE:20:9C:92:64:6A:E3:42:CA:A5:D4:6D:C1:D3:73:5A:0D:2E:7B:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/riCckmRq40LKpdRtwdNzWg0uexQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/k3Mas3kkhqS9arKKXobONXwy4M4.roa
Signing time: Tue 02 Jan 2024 04:29:53 +0000
ROA not before: Tue 02 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58188
IP address blocks: 193.27.42.0/24 maxlen: 24
91.193.244.0/22 maxlen: 22
91.193.244.0/24 maxlen: 24
91.193.245.0/24 maxlen: 24
91.193.246.0/24 maxlen: 24
91.193.247.0/24 maxlen: 24
2a0e:9ac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/riCckmRq40LKpdRtwdNzWg0uexQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/riCckmRq40LKpdRtwdNzWg0uexQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/riCckmRq40LKpdRtwdNzWg0uexQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:68:0f:a4:52:26:2c:8c:9f:ee:68:85:37:e0:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae209c92646ae342caa5d46dc1d3735a0d2e7b14
Validity
Not Before: Jan 2 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93731ab3792486a4bd6ab28a5e86ce357c32e0ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:24:3d:e8:f2:04:43:69:64:3b:a6:92:09:51:
ba:b7:fd:6a:d1:0a:cd:ee:50:e8:95:7d:94:62:52:
24:6f:fe:67:3e:ed:28:36:1f:53:80:f3:07:14:90:
79:bb:59:d1:79:9e:91:29:1e:60:31:5b:22:b6:c0:
0f:d4:d6:47:ce:71:90:b2:51:ae:14:31:c6:da:49:
bc:a0:66:93:70:9c:c0:18:6b:00:86:d5:82:5c:bc:
b7:70:3e:a4:13:18:8d:6c:4c:a3:1e:31:d0:a5:8e:
dc:09:72:2f:58:94:a9:dd:21:15:17:f9:ae:d9:95:
a9:17:df:d9:72:65:1d:9c:38:df:f3:6b:6e:b1:8f:
6d:3a:8c:b0:93:b3:4e:6a:d3:16:2b:0f:58:aa:70:
92:a8:c6:70:5b:c5:05:9b:a0:bd:5b:65:87:7f:c2:
73:51:85:8b:21:c2:5f:29:79:8c:2a:0e:69:78:1b:
84:b1:8e:19:d4:06:9f:71:f2:3e:a8:62:d8:93:1e:
81:25:69:db:55:18:41:b4:6b:da:6b:e6:7f:78:29:
a9:7e:a0:38:0a:cc:8b:11:b8:73:37:e6:a0:d1:a0:
1a:e5:3a:d2:d1:39:8d:79:9b:a9:fb:00:e9:2f:cc:
d3:6c:4f:eb:b1:96:2e:d6:cd:dd:03:98:19:13:4a:
c1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:73:1A:B3:79:24:86:A4:BD:6A:B2:8A:5E:86:CE:35:7C:32:E0:CE
X509v3 Authority Key Identifier:
keyid:AE:20:9C:92:64:6A:E3:42:CA:A5:D4:6D:C1:D3:73:5A:0D:2E:7B:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/riCckmRq40LKpdRtwdNzWg0uexQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/k3Mas3kkhqS9arKKXobONXwy4M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/riCckmRq40LKpdRtwdNzWg0uexQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.244.0/22
193.27.42.0/24
IPv6:
2a0e:9ac0::/32
Signature Algorithm: sha256WithRSAEncryption
09:50:28:b9:9a:d3:ee:c1:49:0b:5a:13:9a:bc:b7:14:49:19:
50:2a:4c:28:81:48:90:cf:b9:3f:87:db:97:ac:f2:07:7a:e0:
ba:6c:ec:ca:63:aa:a7:4e:9f:92:6a:f6:4b:f4:4c:59:bb:8e:
a8:5d:ef:41:e8:6c:f1:c6:26:30:a4:f8:51:4a:b4:12:92:ac:
a1:36:67:ef:2a:8b:0a:cd:c6:7a:ee:c4:aa:e5:e2:ba:5b:2c:
87:ec:4e:76:01:bb:88:03:c1:b1:ff:a6:be:8e:b2:30:b6:60:
21:d1:0c:6d:3d:93:9e:02:31:52:f1:03:5e:48:86:dc:7a:d8:
68:94:b8:d5:59:60:a3:b2:a3:a9:39:82:7a:80:47:85:0d:c3:
b8:fe:7d:4d:e6:86:19:c0:29:5b:e4:a7:07:2e:44:68:32:3e:
d8:ef:30:c1:8e:3e:a8:29:33:fe:8d:7c:7e:0b:a9:f5:16:e4:
53:5c:6a:92:ff:b1:2b:25:f4:ec:8e:fa:ad:e3:27:d2:ac:a7:
e0:a4:00:9e:bc:e0:cc:0b:f7:ea:1f:97:77:15:d5:5d:17:18:
b9:ef:23:54:32:60:3a:a9:df:92:f2:69:64:4d:74:fe:8a:b5:
1e:13:6c:38:16:6c:2b:86:60:d2:6e:9d:2b:9b:64:8f:b6:dd:
3f:4b:03:a4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIb2gPpFImLIyf7miFN+CiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMjA5YzkyNjQ2YWUzNDJjYWE1ZDQ2ZGMxZDM3MzVhMGQy
ZTdiMTQwHhcNMjQwMTAyMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzczMWFiMzc5MjQ4NmE0YmQ2YWIyOGE1ZTg2Y2UzNTdjMzJlMGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yQ96PIEQ2lkO6aSCVG6t/1q0QrN
7lDolX2UYlIkb/5nPu0oNh9TgPMHFJB5u1nReZ6RKR5gMVsitsAP1NZHznGQslGu
FDHG2km8oGaTcJzAGGsAhtWCXLy3cD6kExiNbEyjHjHQpY7cCXIvWJSp3SEVF/mu
2ZWpF9/ZcmUdnDjf82tusY9tOoywk7NOatMWKw9YqnCSqMZwW8UFm6C9W2WHf8Jz
UYWLIcJfKXmMKg5peBuEsY4Z1AafcfI+qGLYkx6BJWnbVRhBtGvaa+Z/eCmpfqA4
CsyLEbhzN+ag0aAa5TrS0TmNeZup+wDpL8zTbE/rsZYu1s3dA5gZE0rBawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJNzGrN5JIakvWqyil6GzjV8MuDOMB8GA1UdIwQY
MBaAFK4gnJJkauNCyqXUbcHTc1oNLnsUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmlDY2ttUnE0MExLcGRSdHdkTnpXZzB1ZXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zZjNhMzAtM2U2NC00MzgwLWExNDgt
ZTBhMjNkYTVlNjI4LzEvazNNYXMza2tocVM5YXJLS1hvYk9OWHd5NE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zZjNhMzAtM2U2NC00MzgwLWExNDgtZTBhMjNkYTVlNjI4
LzEvcmlDY2ttUnE0MExLcGRSdHdkTnpXZzB1ZXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8H0AwQA
wRsqMA0EAgACMAcDBQAqDprAMA0GCSqGSIb3DQEBCwUAA4IBAQAJUCi5mtPuwUkL
WhOavLcUSRlQKkwogUiQz7k/h9uXrPIHeuC6bOzKY6qnTp+SavZL9ExZu46oXe9B
6GzxxiYwpPhRSrQSkqyhNmfvKosKzcZ67sSq5eK6WyyH7E52AbuIA8Gx/6a+jrIw
tmAh0QxtPZOeAjFS8QNeSIbcetholLjVWWCjsqOpOYJ6gEeFDcO4/n1N5oYZwClb
5KcHLkRoMj7Y7zDBjj6oKTP+jXx+C6n1FuRTXGqS/7ErJfTsjvqt4yfSrKfgpACe
vODMC/fqH5d3FdVdFxi57yNUMmA6qd+S8mlkTXT+irUeE2w4FmwrhmDSbp0rm2SP
tt0/SwOk
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:30:48 2024 by rpki-client on console-ams.rpki-client.org