Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/P3m25CQUDYU6VebS0UhAlIQINLM.roa
File: P3m25CQUDYU6VebS0UhAlIQINLM.roa (raw, json)
Hash identifier: UfIEaYZCG30kxshbHDUTRnllpmdvH5qb953I/JNPB+o=
Subject key identifier: 3F:79:B6:E4:24:14:0D:85:3A:55:E6:D2:D1:48:40:94:84:08:34:B3
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 018CC6B91234AFCCBD7F17C55D449D60399E
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/P3m25CQUDYU6VebS0UhAlIQINLM.roa
Signing time: Mon 01 Jan 2024 20:31:06 +0000
ROA not before: Mon 01 Jan 2024 20:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204287
IP address blocks: 89.46.152.0/21 maxlen: 32
77.81.104.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 10:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:12:34:af:cc:bd:7f:17:c5:5d:44:9d:60:39:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 1 20:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f79b6e424140d853a55e6d2d1484094840834b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:71:bc:09:ac:5e:e5:01:7a:bb:ea:de:ea:5c:
70:9f:ed:fa:9f:26:95:bf:0e:f5:7b:0d:ed:4e:be:
b4:09:b6:aa:83:3c:2f:07:31:c4:16:f6:bb:5d:b4:
73:4d:a1:1c:70:e6:a5:bb:4e:80:b8:fb:11:42:c5:
b3:9b:8f:c6:09:8e:59:4f:26:a3:74:91:18:44:b3:
d1:52:e8:8c:e0:c5:b1:4b:cf:e2:2a:33:24:53:f3:
df:4b:21:49:4e:60:8b:52:2a:9d:23:fe:fb:33:66:
92:11:64:91:2f:c1:28:e6:a3:f2:f4:a4:94:70:1d:
d8:92:22:5b:94:4c:cf:77:f5:1c:8d:e4:7d:13:83:
97:38:e9:ec:0b:ad:67:69:b0:80:7c:dc:44:17:e0:
8b:5d:71:bc:41:cc:0a:64:91:7d:c7:e5:60:d5:a1:
9d:14:1d:ec:38:5d:f8:33:72:db:b4:1f:39:26:a7:
f8:7b:7c:72:f7:01:57:6c:15:44:ef:2c:70:63:71:
39:82:92:4a:5b:4e:05:a0:d6:7d:00:ec:ef:2a:e3:
b2:9c:45:0b:6c:4b:2c:64:ce:fc:c3:26:6e:84:0f:
68:ae:25:f8:32:4d:4b:df:da:85:dd:b4:95:9b:4a:
90:f3:d8:4d:8e:5f:e1:42:dc:14:be:d4:00:46:66:
f8:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:79:B6:E4:24:14:0D:85:3A:55:E6:D2:D1:48:40:94:84:08:34:B3
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/P3m25CQUDYU6VebS0UhAlIQINLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.104.0/21
89.46.152.0/21
Signature Algorithm: sha256WithRSAEncryption
39:b2:84:08:23:bd:37:b3:7f:ae:e8:ef:0a:03:35:b6:f4:89:
f3:3a:4d:41:ed:e9:24:69:e3:ea:39:38:72:44:fb:48:81:e2:
8f:6e:42:ce:57:45:89:25:2f:4b:bc:65:86:73:99:a8:ac:e7:
23:04:49:ce:0c:dc:d2:eb:e2:d2:36:b2:3b:92:b1:f3:77:8e:
af:60:12:68:f8:6c:bf:3d:bf:41:af:c9:99:b8:43:be:9d:c3:
89:64:df:c8:83:94:a4:70:fc:2d:73:45:e6:f9:a1:f9:32:3c:
54:b9:29:26:83:9b:c3:fe:8d:7e:f5:ea:1f:e4:1c:8f:68:83:
f0:aa:11:39:1f:3a:21:89:d1:66:80:0b:db:3c:4a:cd:ed:83:
d0:dd:91:97:16:b2:19:26:e3:c7:ce:16:f0:18:26:0d:1a:b6:
90:2e:ff:0d:7d:6b:9f:ac:fd:e3:19:f0:59:fd:17:b7:01:4c:
37:f5:5a:40:97:f9:16:3d:15:a9:58:b6:4b:7f:a1:13:e1:80:
2c:df:ab:8b:3a:7a:ba:41:2e:db:37:2f:3c:41:48:ef:e4:69:
08:ae:4f:fb:0c:f2:a4:5e:19:b8:ef:76:55:5d:b6:ba:a9:50:
8c:f5:39:23:48:bb:e1:58:1d:44:ec:0d:35:05:84:c4:b4:8e:
22:55:ca:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuRI0r8y9fxfFXUSdYDmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjQwMTAxMjAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjc5YjZlNDI0MTQwZDg1M2E1NWU2ZDJkMTQ4NDA5NDg0MDgzNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3G8Caxe5QF6u+re6lxwn+36nyaV
vw71ew3tTr60CbaqgzwvBzHEFva7XbRzTaEccOalu06AuPsRQsWzm4/GCY5ZTyaj
dJEYRLPRUuiM4MWxS8/iKjMkU/PfSyFJTmCLUiqdI/77M2aSEWSRL8Eo5qPy9KSU
cB3YkiJblEzPd/UcjeR9E4OXOOnsC61nabCAfNxEF+CLXXG8QcwKZJF9x+Vg1aGd
FB3sOF34M3LbtB85Jqf4e3xy9wFXbBVE7yxwY3E5gpJKW04FoNZ9AOzvKuOynEUL
bEssZM78wyZuhA9oriX4Mk1L39qF3bSVm0qQ89hNjl/hQtwUvtQARmb4QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD95tuQkFA2FOlXm0tFIQJSECDSzMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvUDNtMjVDUVVEWVU2VmViUzBVaEFsSVFJTkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTVFoAwQD
WS6YMA0GCSqGSIb3DQEBCwUAA4IBAQA5soQII703s3+u6O8KAzW29InzOk1B7ekk
aePqOThyRPtIgeKPbkLOV0WJJS9LvGWGc5morOcjBEnODNzS6+LSNrI7krHzd46v
YBJo+Gy/Pb9Br8mZuEO+ncOJZN/Ig5SkcPwtc0Xm+aH5MjxUuSkmg5vD/o1+9eof
5ByPaIPwqhE5HzohidFmgAvbPErN7YPQ3ZGXFrIZJuPHzhbwGCYNGraQLv8NfWuf
rP3jGfBZ/Re3AUw39VpAl/kWPRWpWLZLf6ET4YAs36uLOnq6QS7bNy88QUjv5GkI
rk/7DPKkXhm473ZVXba6qVCM9TkjSLvhWB1E7A01BYTEtI4iVcr6
-----END CERTIFICATE-----
Generated at Sat May 18 14:36:03 2024 by rpki-client on console-ams.rpki-client.org