Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/3XoRRPukq8VvKRIA2_mq2gjBthw.roa
File: 3XoRRPukq8VvKRIA2_mq2gjBthw.roa (raw, json)
Hash identifier: egb35O64KWiSqgQxvtlLM0znW1fhRlWgir/jbdqJ8FE=
Subject key identifier: DD:7A:11:44:FB:A4:AB:C5:6F:29:12:00:DB:F9:AA:DA:08:C1:B6:1C
Certificate issuer: /CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Certificate serial: 018EF513E7349D4EDA899602BB8D69FA6BB2
Authority key identifier: 12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/3XoRRPukq8VvKRIA2_mq2gjBthw.roa
Signing time: Fri 19 Apr 2024 06:38:25 +0000
ROA not before: Fri 19 Apr 2024 06:38:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61414
IP address blocks: 185.243.40.0/24 maxlen: 24
185.243.41.0/24 maxlen: 24
193.3.191.0/24 maxlen: 24
2a0d:280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:13:e7:34:9d:4e:da:89:96:02:bb:8d:69:fa:6b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Validity
Not Before: Apr 19 06:38:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd7a1144fba4abc56f291200dbf9aada08c1b61c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e6:bc:34:75:d6:90:d6:29:1b:46:89:3e:b2:
2a:7d:46:84:45:9c:12:f7:71:67:59:7b:55:d3:36:
35:56:75:28:a1:9d:0e:a1:e3:45:9e:cf:5e:f2:98:
38:43:db:dd:f3:d5:3c:4a:94:64:b3:6e:06:9d:e5:
f2:59:de:1d:74:7b:83:ee:4d:e6:7d:f4:a9:80:44:
8a:d6:fa:fa:0c:2c:7a:d2:1c:fb:27:52:f0:7b:ac:
f4:76:3c:a9:64:2d:36:69:7a:f1:53:8e:a0:da:fe:
86:19:95:68:06:02:4a:4f:5d:2c:1b:dd:de:a9:24:
4d:ca:2a:a7:de:38:c2:27:82:9a:fe:e9:53:09:8c:
f3:da:15:54:ec:77:1e:85:8a:09:8c:bd:79:7b:7d:
ec:80:36:9e:ed:53:8c:b9:0f:66:20:a1:36:c9:a7:
06:03:d6:f8:c0:8d:eb:d1:4a:39:87:11:5b:0a:ca:
01:d3:61:19:a3:a8:1b:16:2c:f1:58:c9:ae:c2:ea:
1a:a6:8c:41:ec:19:f0:de:41:a1:36:93:5a:d0:6e:
49:50:e4:0d:07:f7:33:f7:dc:19:af:39:74:9e:74:
0b:4b:77:63:94:bb:6a:d6:23:fe:39:a0:f7:1d:ab:
9d:c8:a9:d4:f0:90:ab:12:00:95:29:57:47:0a:35:
c0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7A:11:44:FB:A4:AB:C5:6F:29:12:00:DB:F9:AA:DA:08:C1:B6:1C
X509v3 Authority Key Identifier:
keyid:12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/3XoRRPukq8VvKRIA2_mq2gjBthw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.40.0/23
193.3.191.0/24
IPv6:
2a0d:280::/29
Signature Algorithm: sha256WithRSAEncryption
16:33:2c:29:52:4d:bc:d9:42:a9:9f:f3:92:59:a7:7f:8e:89:
1a:8b:85:6a:57:e1:5f:0c:4f:20:a7:20:eb:c9:63:ba:c0:60:
46:3c:55:12:f2:4a:b2:cb:e0:00:27:8a:a1:bf:90:e1:33:f3:
56:92:01:51:db:ef:d9:08:df:0e:1c:4d:4a:2e:d8:e8:f8:68:
0d:16:42:75:7e:6e:25:7b:df:b0:76:f3:7c:93:03:53:45:3c:
98:04:07:32:20:ef:42:d2:9f:35:06:d6:c4:96:4e:2b:05:86:
85:68:6f:ed:ce:f8:ff:1c:3d:4b:9e:b3:e5:0d:91:45:d4:13:
a7:21:0c:7f:c7:75:d8:87:a7:01:a2:f3:49:28:b0:75:5e:1c:
80:79:85:8f:4e:d8:78:60:20:37:f7:00:71:0d:25:4a:e4:a6:
68:fd:93:5c:e7:a1:39:95:d5:ac:f6:75:39:74:04:73:3e:74:
26:58:60:0c:a6:d4:b3:4d:e8:8c:45:ae:f2:46:51:64:10:d3:
12:d6:21:08:df:e0:9a:bd:e1:7a:3a:43:ea:e2:5b:11:1e:45:
7f:c6:d9:d1:18:72:34:1e:61:00:a9:61:6c:30:73:7d:10:72:
a5:7b:39:c3:71:13:5b:a7:04:ea:8f:83:6d:c2:8c:44:b2:52:
9b:32:b7:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY71E+c0nU7aiZYCu41p+muyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjBkZDJiOTJkYTI4NGM2M2NlYzQ2ZjZmNmE0MWMwMTNh
OWM4ODEwHhcNMjQwNDE5MDYzODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdhMTE0NGZiYTRhYmM1NmYyOTEyMDBkYmY5YWFkYTA4YzFiNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOa8NHXWkNYpG0aJPrIqfUaERZwS
93FnWXtV0zY1VnUooZ0OoeNFns9e8pg4Q9vd89U8SpRks24GneXyWd4ddHuD7k3m
ffSpgESK1vr6DCx60hz7J1Lwe6z0djypZC02aXrxU46g2v6GGZVoBgJKT10sG93e
qSRNyiqn3jjCJ4Ka/ulTCYzz2hVU7HcehYoJjL15e33sgDae7VOMuQ9mIKE2yacG
A9b4wI3r0Uo5hxFbCsoB02EZo6gbFizxWMmuwuoapoxB7Bnw3kGhNpNa0G5JUOQN
B/cz99wZrzl0nnQLS3djlLtq1iP+OaD3HaudyKnU8JCrEgCVKVdHCjXAOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN16EUT7pKvFbykSANv5qtoIwbYcMB8GA1UdIwQY
MBaAFBIg3SuS2ihMY87Eb29qQcATqciBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWIt
YTg1ODU4NDliZTE0LzEvM1hvUlJQdWtxOFZ2S1JJQTJfbXEyZ2pCdGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWItYTg1ODU4NDliZTE0
LzEvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBufMoAwQA
wQO/MA0EAgACMAcDBQMqDQKAMA0GCSqGSIb3DQEBCwUAA4IBAQAWMywpUk282UKp
n/OSWad/jokai4VqV+FfDE8gpyDryWO6wGBGPFUS8kqyy+AAJ4qhv5DhM/NWkgFR
2+/ZCN8OHE1KLtjo+GgNFkJ1fm4le9+wdvN8kwNTRTyYBAcyIO9C0p81BtbElk4r
BYaFaG/tzvj/HD1LnrPlDZFF1BOnIQx/x3XYh6cBovNJKLB1XhyAeYWPTth4YCA3
9wBxDSVK5KZo/ZNc56E5ldWs9nU5dARzPnQmWGAMptSzTeiMRa7yRlFkENMS1iEI
3+CaveF6OkPq4lsRHkV/xtnRGHI0HmEAqWFsMHN9EHKleznDcRNbpwTqj4NtwoxE
slKbMrd1
-----END CERTIFICATE-----
Generated at Fri May 24 07:02:06 2024 by rpki-client on console-ams.rpki-client.org