Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/3Q7ng3QLpXrbtsxsH_x31AUUYW8.roa
File: 3Q7ng3QLpXrbtsxsH_x31AUUYW8.roa (raw, json)
Hash identifier: 2BMUbYICNoHaL2If8Yi3AU+6S0Hkq5FG0exHOPmiZYs=
Subject key identifier: DD:0E:E7:83:74:0B:A5:7A:DB:B6:CC:6C:1F:FC:77:D4:05:14:61:6F
Certificate issuer: /CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Certificate serial: 018CCA2A594ACDD41F597D36D2642D93F838
Authority key identifier: 39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/3Q7ng3QLpXrbtsxsH_x31AUUYW8.roa
Signing time: Tue 02 Jan 2024 12:33:42 +0000
ROA not before: Tue 02 Jan 2024 12:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206101
IP address blocks: 185.196.112.0/24 maxlen: 24
185.196.115.0/24 maxlen: 24
185.196.114.0/24 maxlen: 24
185.196.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.mft
rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:59:4a:cd:d4:1f:59:7d:36:d2:64:2d:93:f8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3976e6ab084c9eeede86e2af6bde7215274b95a7
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd0ee783740ba57adbb6cc6c1ffc77d40514616f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:4c:cf:aa:77:28:96:be:fc:dc:2e:9d:76:
27:13:b6:c1:24:05:20:47:3b:23:f6:93:fe:40:5e:
96:e1:88:b8:16:24:2b:d8:8e:44:c8:2d:fc:67:77:
8f:58:83:1c:d8:51:54:4f:6d:67:c5:7a:f0:71:99:
7e:d0:92:b2:ae:da:cc:b4:7a:ef:e9:98:3b:28:77:
ad:e7:26:36:c4:7a:af:84:f0:75:99:b3:50:16:ec:
e4:db:ac:fd:c3:1d:9e:71:c1:0f:1c:5c:79:c1:6e:
7e:44:65:83:ce:44:57:1a:38:4b:6f:bb:12:1b:0c:
d1:0f:ba:8b:7d:37:cf:98:c5:ec:07:db:28:ca:e9:
e9:41:0f:64:06:80:03:19:af:2b:82:0d:e6:64:f7:
cd:b1:55:0e:58:7e:c3:0d:a4:99:91:e5:3e:8d:cd:
96:db:e5:31:70:b2:a4:41:8a:44:f9:b7:29:61:86:
ac:37:ab:d9:0d:bc:43:85:aa:a0:3d:91:75:6c:34:
37:9f:0d:e1:8f:ad:b0:7e:93:28:30:04:1b:53:77:
c7:c6:07:26:08:60:c9:94:db:57:37:53:f7:57:0f:
03:a4:c3:3b:77:39:d4:d5:3b:2a:f7:c9:ba:f3:03:
f9:5a:cb:99:cc:7e:cc:e1:02:c0:dc:5e:5d:66:73:
a1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0E:E7:83:74:0B:A5:7A:DB:B6:CC:6C:1F:FC:77:D4:05:14:61:6F
X509v3 Authority Key Identifier:
keyid:39:76:E6:AB:08:4C:9E:EE:DE:86:E2:AF:6B:DE:72:15:27:4B:95:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXbmqwhMnu7ehuKva95yFSdLlac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/3Q7ng3QLpXrbtsxsH_x31AUUYW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/7029cc-d331-4606-889c-d66674cfa424/1/OXbmqwhMnu7ehuKva95yFSdLlac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.112.0/22
Signature Algorithm: sha256WithRSAEncryption
88:b6:c5:a9:05:50:c9:42:34:f7:0e:9b:1a:c1:b1:b7:32:49:
1a:97:8a:b7:04:47:d0:3c:b7:b9:1d:95:d0:af:91:25:f8:dc:
fb:1a:c0:81:4e:f7:36:08:49:60:f2:d3:dd:81:3b:3b:83:69:
9a:db:a6:e7:11:c1:a0:9d:37:e8:d7:68:77:2f:c2:02:6b:97:
56:19:02:de:0c:4e:b6:ba:30:a4:94:50:6d:1a:3a:36:32:92:
b5:1f:4b:ad:73:af:f4:ac:92:d9:47:62:d1:19:88:ba:45:b5:
52:7b:18:b2:91:34:49:0a:b0:a0:58:6f:d2:80:88:6a:7a:bf:
86:bf:51:8e:27:49:a5:10:58:43:d1:48:00:a6:0b:82:dd:b1:
1a:60:cb:71:b5:17:0f:9a:64:b6:44:c3:c1:52:18:64:6f:af:
6d:9d:20:07:df:f1:98:c8:f6:71:b6:2d:7d:4b:a3:e4:d5:f8:
3a:08:ec:a5:2a:e4:39:85:30:0f:99:ad:b9:96:09:2f:a3:9d:
13:aa:d2:1e:86:8e:f1:60:e6:99:eb:36:66:a9:c9:4e:7b:df:
d2:39:20:27:5a:d8:7e:89:2f:8e:e3:10:97:56:c7:3a:b2:ed:
a7:2e:55:6d:a4:68:8e:4f:72:cd:3f:a6:d8:8c:8d:e6:82:61:
50:63:2e:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKllKzdQfWX020mQtk/g4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzZlNmFiMDg0YzllZWVkZTg2ZTJhZjZiZGU3MjE1Mjc0
Yjk1YTcwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBlZTc4Mzc0MGJhNTdhZGJiNmNjNmMxZmZjNzdkNDA1MTQ2MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDtMz6p3KJa+/NwunXYnE7bBJAUg
Rzsj9pP+QF6W4Yi4FiQr2I5EyC38Z3ePWIMc2FFUT21nxXrwcZl+0JKyrtrMtHrv
6Zg7KHet5yY2xHqvhPB1mbNQFuzk26z9wx2eccEPHFx5wW5+RGWDzkRXGjhLb7sS
GwzRD7qLfTfPmMXsB9soyunpQQ9kBoADGa8rgg3mZPfNsVUOWH7DDaSZkeU+jc2W
2+UxcLKkQYpE+bcpYYasN6vZDbxDhaqgPZF1bDQ3nw3hj62wfpMoMAQbU3fHxgcm
CGDJlNtXN1P3Vw8DpMM7dznU1Tsq98m68wP5WsuZzH7M4QLA3F5dZnOh0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0O54N0C6V627bMbB/8d9QFFGFvMB8GA1UdIwQY
MBaAFDl25qsITJ7u3obir2vechUnS5WnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMt
ZDY2Njc0Y2ZhNDI0LzEvM1E3bmczUUxwWHJidHN4c0hfeDMxQVVVWVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC83MDI5Y2MtZDMzMS00NjA2LTg4OWMtZDY2Njc0Y2ZhNDI0
LzEvT1hibXF3aE1udTdlaHVLdmE5NXlGU2RMbGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucRwMA0G
CSqGSIb3DQEBCwUAA4IBAQCItsWpBVDJQjT3DpsawbG3Mkkal4q3BEfQPLe5HZXQ
r5El+Nz7GsCBTvc2CElg8tPdgTs7g2ma26bnEcGgnTfo12h3L8ICa5dWGQLeDE62
ujCklFBtGjo2MpK1H0utc6/0rJLZR2LRGYi6RbVSexiykTRJCrCgWG/SgIhqer+G
v1GOJ0mlEFhD0UgApguC3bEaYMtxtRcPmmS2RMPBUhhkb69tnSAH3/GYyPZxti19
S6Pk1fg6COylKuQ5hTAPma25lgkvo50TqtIeho7xYOaZ6zZmqclOe9/SOSAnWth+
iS+O4xCXVsc6su2nLlVtpGiOT3LNP6bYjI3mgmFQYy5A
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:00:21 2024 by rpki-client on console-fra.rpki-client.org