Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/9k_U0cseiz0W7VC_uLLS3bTLX6Q.roa
File: 9k_U0cseiz0W7VC_uLLS3bTLX6Q.roa (raw, json)
Hash identifier: K8IPHZbDLMnvGWmNQB2aZdoUyD0bGcTL4OBSYQ2EFbI=
Subject key identifier: F6:4F:D4:D1:CB:1E:8B:3D:16:ED:50:BF:B8:B2:D2:DD:B4:CB:5F:A4
Certificate issuer: /CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Certificate serial: 018CC4939552150E3DB4940E66988D8C2841
Authority key identifier: 3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/9k_U0cseiz0W7VC_uLLS3bTLX6Q.roa
Signing time: Mon 01 Jan 2024 10:30:55 +0000
ROA not before: Mon 01 Jan 2024 10:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12665
IP address blocks: 212.4.224.0/19 maxlen: 19
195.238.144.0/20 maxlen: 20
195.238.128.0/19 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/PfikDGosaZPJ--gd8-p903L5bew.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/PfikDGosaZPJ--gd8-p903L5bew.mft
rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:95:52:15:0e:3d:b4:94:0e:66:98:8d:8c:28:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Validity
Not Before: Jan 1 10:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f64fd4d1cb1e8b3d16ed50bfb8b2d2ddb4cb5fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:84:ed:bf:65:6e:eb:5c:04:42:41:45:fa:70:
9a:56:ef:60:7e:81:c6:f2:e0:2e:bc:a4:3a:43:ae:
0e:62:25:c0:f6:4c:cd:1f:05:ec:43:b0:c4:7d:12:
38:3a:ab:b5:77:cc:c0:00:d8:53:fe:e0:81:cd:ac:
88:c3:9e:c0:2e:a9:bd:ce:22:c8:dd:03:06:db:cb:
49:7f:d1:b0:58:93:0d:08:75:b3:bb:c6:98:20:ba:
c3:10:40:7b:16:77:1e:ff:59:38:e6:9b:55:63:45:
f7:29:fe:51:b0:23:c6:e1:d9:a8:ee:6d:70:c4:08:
ef:94:d5:02:d1:73:43:19:4d:96:5b:75:8a:0b:ce:
50:8b:53:30:09:5a:1f:20:1b:9d:d0:a0:b7:16:2d:
af:86:af:cc:7a:e6:96:c6:85:19:66:69:d9:82:15:
27:b5:07:fd:57:31:3e:b9:ff:7e:90:59:f1:39:77:
03:ac:f3:d9:6b:d4:86:c2:b0:bd:c0:ab:47:ee:00:
40:ff:61:24:25:95:55:7b:2a:59:ff:cf:33:ed:17:
15:d5:c8:cf:a3:19:bf:0a:88:ce:6b:a4:43:4e:21:
46:c5:32:bf:88:7f:e8:23:f6:8f:1a:92:dd:ef:69:
0a:83:2d:b6:05:68:7c:52:99:d2:1b:87:ee:bf:e6:
62:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4F:D4:D1:CB:1E:8B:3D:16:ED:50:BF:B8:B2:D2:DD:B4:CB:5F:A4
X509v3 Authority Key Identifier:
keyid:3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/9k_U0cseiz0W7VC_uLLS3bTLX6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/PfikDGosaZPJ--gd8-p903L5bew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.128.0/19
212.4.224.0/19
Signature Algorithm: sha256WithRSAEncryption
15:79:6b:12:1d:36:70:83:54:f2:3f:b4:a4:14:50:4a:e5:cb:
0f:bc:29:16:05:b5:49:b5:95:66:9f:3f:b4:66:7a:80:18:4b:
24:79:00:af:5e:1a:bf:8d:d8:e1:34:60:6a:bd:8d:d6:96:df:
d7:4d:c0:1b:96:e5:55:64:1e:16:79:b3:97:47:46:f1:d0:ba:
2a:ce:a2:25:e2:b9:8e:1c:ed:5f:80:7f:c3:0d:87:50:94:c7:
f3:26:d0:d5:81:70:98:96:8d:ac:ce:c0:73:50:a1:ad:0d:77:
5b:1a:7d:3a:fc:f5:1e:93:c1:33:81:e0:2c:af:e3:a6:5e:45:
64:21:19:8e:8e:d5:53:71:c3:78:48:6e:ae:5c:fd:e3:2a:37:
d4:72:5d:79:77:0c:83:e0:0c:25:58:cc:fe:6b:c7:f1:88:46:
44:7d:41:6c:7a:a4:9d:46:2c:ee:50:ae:71:cc:56:be:0d:dd:
23:d0:1f:77:c6:82:cd:26:4a:d9:b7:55:f5:43:4f:aa:c4:05:
43:19:ab:0b:7d:85:18:ea:c6:d8:d3:98:61:e4:d2:27:48:5a:
71:85:d3:e3:a4:b6:b8:32:7c:58:81:59:a0:3d:1e:34:85:f1:
87:63:da:a0:45:54:e7:b0:81:b5:c0:12:67:5f:cc:1d:44:d9:
ba:2e:11:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk5VSFQ49tJQOZpiNjChBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjhhNDBjNmEyYzY5OTNjOWZiZTgxZGYzZWE3ZGQzNzJm
OTZkZWMwHhcNMjQwMTAxMTAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjRmZDRkMWNiMWU4YjNkMTZlZDUwYmZiOGIyZDJkZGI0Y2I1ZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4Ttv2Vu61wEQkFF+nCaVu9gfoHG
8uAuvKQ6Q64OYiXA9kzNHwXsQ7DEfRI4Oqu1d8zAANhT/uCBzayIw57ALqm9ziLI
3QMG28tJf9GwWJMNCHWzu8aYILrDEEB7Fnce/1k45ptVY0X3Kf5RsCPG4dmo7m1w
xAjvlNUC0XNDGU2WW3WKC85Qi1MwCVofIBud0KC3Fi2vhq/MeuaWxoUZZmnZghUn
tQf9VzE+uf9+kFnxOXcDrPPZa9SGwrC9wKtH7gBA/2EkJZVVeypZ/88z7RcV1cjP
oxm/CojOa6RDTiFGxTK/iH/oI/aPGpLd72kKgy22BWh8UpnSG4fuv+ZiCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPZP1NHLHos9Fu1Qv7iy0t20y1+kMB8GA1UdIwQY
MBaAFD34pAxqLGmTyfvoHfPqfdNy+W3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2Yt
ODk1YTVhMzkyNDM4LzEvOWtfVTBjc2VpejBXN1ZDX3VMTFMzYlRMWDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2YtODk1YTVhMzkyNDM4
LzEvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFw+6AAwQF
1ATgMA0GCSqGSIb3DQEBCwUAA4IBAQAVeWsSHTZwg1TyP7SkFFBK5csPvCkWBbVJ
tZVmnz+0ZnqAGEskeQCvXhq/jdjhNGBqvY3Wlt/XTcAbluVVZB4WebOXR0bx0Loq
zqIl4rmOHO1fgH/DDYdQlMfzJtDVgXCYlo2szsBzUKGtDXdbGn06/PUek8EzgeAs
r+OmXkVkIRmOjtVTccN4SG6uXP3jKjfUcl15dwyD4AwlWMz+a8fxiEZEfUFseqSd
RizuUK5xzFa+Dd0j0B93xoLNJkrZt1X1Q0+qxAVDGasLfYUY6sbY05hh5NInSFpx
hdPjpLa4MnxYgVmgPR40hfGHY9qgRVTnsIG1wBJnX8wdRNm6LhGc
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:00 2024 by rpki-client on console-fra.rpki-client.org