Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/3-OqAE0oEew8_EgR7pFO35TT-7c.roa
File: 3-OqAE0oEew8_EgR7pFO35TT-7c.roa (raw, json)
Hash identifier: jRRqk7Fkfc9xSb7St8VLq6KorfR8DlApl4ouIqGo2HI=
Subject key identifier: DF:E3:AA:00:4D:28:11:EC:3C:FC:48:11:EE:91:4E:DF:94:D3:FB:B7
Certificate issuer: /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Certificate serial: 0190C137708E7533529836938EDF77C84248
Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/3-OqAE0oEew8_EgR7pFO35TT-7c.roa
Signing time: Wed 17 Jul 2024 15:02:34 +0000
ROA not before: Wed 17 Jul 2024 15:02:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206495
IP address blocks: 81.28.252.0/22 maxlen: 22
185.186.242.0/24 maxlen: 24
194.9.56.0/23 maxlen: 23
194.9.80.0/23 maxlen: 23
194.150.68.0/23 maxlen: 23
194.150.70.0/23 maxlen: 23
2a04:1080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c1:37:70:8e:75:33:52:98:36:93:8e:df:77:c8:42:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Validity
Not Before: Jul 17 15:02:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfe3aa004d2811ec3cfc4811ee914edf94d3fbb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d4:35:a6:d6:71:9b:b9:4a:62:9e:3f:2b:18:
75:c2:9c:3e:5d:73:43:b0:79:5e:16:50:35:64:92:
eb:fd:7e:a1:68:71:6e:32:27:54:5e:f9:d6:c9:22:
9f:46:da:49:7a:5b:cb:7a:21:89:47:39:c1:fd:0c:
7c:f8:93:01:34:03:52:83:e4:b8:8a:f0:11:81:c9:
79:7f:f0:f6:af:5a:b1:d9:be:4a:f3:2c:a9:ac:29:
80:4f:02:8e:d5:d7:b8:d9:b3:0b:40:3c:4d:7f:15:
d1:82:5c:45:c2:2d:71:14:3b:7f:83:9a:ea:22:94:
ed:33:a9:e2:7e:58:bc:4b:ae:32:6c:e3:5d:eb:a0:
fb:53:0a:63:57:fa:3f:99:1b:c2:3c:c8:36:56:dc:
11:39:cf:4e:46:4d:4d:6c:08:71:30:f3:c7:ee:51:
72:1a:51:89:92:48:10:cd:30:6e:93:a5:e8:9c:2d:
ad:71:1c:a6:dc:e5:43:b7:35:bd:5a:11:5c:41:32:
e2:da:6c:b0:01:d6:31:d5:80:1a:7c:db:a1:ca:7b:
81:59:01:a5:24:71:1e:95:fc:57:82:65:34:c0:ab:
fb:fc:68:3b:77:a8:05:28:f5:76:05:3b:6d:4d:91:
50:6b:0d:f4:e0:1f:63:31:55:b7:d3:62:9f:84:91:
a1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E3:AA:00:4D:28:11:EC:3C:FC:48:11:EE:91:4E:DF:94:D3:FB:B7
X509v3 Authority Key Identifier:
keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/3-OqAE0oEew8_EgR7pFO35TT-7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.28.252.0/22
185.186.242.0/24
194.9.56.0/23
194.9.80.0/23
194.150.68.0/22
IPv6:
2a04:1080::/29
Signature Algorithm: sha256WithRSAEncryption
41:e8:e8:6a:63:3e:f7:af:21:be:b6:e4:2f:d0:90:47:f2:e4:
ce:4d:ea:15:7e:9d:28:c8:33:93:25:15:2e:30:94:ae:d5:80:
ae:19:18:d7:67:f0:6c:73:64:f8:45:a5:67:22:f1:1c:26:0a:
1e:dd:8c:36:d5:32:c0:83:9b:0b:a7:3f:5a:3b:5a:47:00:47:
52:96:6d:6e:d3:50:7f:20:d9:1f:1b:0c:a2:6c:01:bd:22:45:
db:2b:7a:da:9e:64:04:f3:15:00:03:31:4f:57:1b:e4:60:e6:
98:3b:a7:d0:9d:2e:b5:fc:ba:97:3b:db:11:10:47:5e:a6:f5:
f1:02:92:c8:88:05:3f:b0:a4:9d:7e:e1:76:1e:dd:55:4c:34:
6b:3e:20:20:67:23:20:01:fb:1c:ff:fb:fc:f4:ae:be:da:96:
d0:40:b4:22:bd:88:69:f9:58:0e:a4:9d:ec:02:6c:f5:91:e3:
f7:56:a9:92:c3:dd:64:2d:ce:3c:23:13:91:60:3d:2a:ff:c2:
a8:fa:96:00:59:43:52:7f:c5:72:2f:4c:f3:40:84:33:35:b0:
c7:f7:a4:cc:a8:e6:04:e4:c7:9b:74:de:92:62:50:fb:9f:a8:
c0:c3:e8:9a:7c:a0:65:95:b8:84:f2:67:1e:4e:66:bd:8f:67:
e0:c3:34:f7
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZDBN3COdTNSmDaTjt93yEJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi
MDY5MTEwHhcNMjQwNzE3MTUwMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmUzYWEwMDRkMjgxMWVjM2NmYzQ4MTFlZTkxNGVkZjk0ZDNmYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutQ1ptZxm7lKYp4/Kxh1wpw+XXND
sHleFlA1ZJLr/X6haHFuMidUXvnWySKfRtpJelvLeiGJRznB/Qx8+JMBNANSg+S4
ivARgcl5f/D2r1qx2b5K8yyprCmATwKO1de42bMLQDxNfxXRglxFwi1xFDt/g5rq
IpTtM6nifli8S64ybONd66D7UwpjV/o/mRvCPMg2VtwROc9ORk1NbAhxMPPH7lFy
GlGJkkgQzTBuk6XonC2tcRym3OVDtzW9WhFcQTLi2mywAdYx1YAafNuhynuBWQGl
JHEelfxXgmU0wKv7/Gg7d6gFKPV2BTttTZFQaw304B9jMVW302KfhJGhCwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFN/jqgBNKBHsPPxIEe6RTt+U0/u3MB8GA1UdIwQY
MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt
ZWU4MTBiODNhZGNkLzEvMy1PcUFFMG9FZXc4X0VnUjdwRk8zNVRULTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk
LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCURz8AwQA
ubryAwQBwgk4AwQBwglQAwQCwpZEMA0EAgACMAcDBQMqBBCAMA0GCSqGSIb3DQEB
CwUAA4IBAQBB6OhqYz73ryG+tuQv0JBH8uTOTeoVfp0oyDOTJRUuMJSu1YCuGRjX
Z/Bsc2T4RaVnIvEcJgoe3Yw21TLAg5sLpz9aO1pHAEdSlm1u01B/INkfGwyibAG9
IkXbK3ranmQE8xUAAzFPVxvkYOaYO6fQnS61/LqXO9sREEdepvXxApLIiAU/sKSd
fuF2Ht1VTDRrPiAgZyMgAfsc//v89K6+2pbQQLQivYhp+VgOpJ3sAmz1keP3VqmS
w91kLc48IxORYD0q/8Ko+pYAWUNSf8VyL0zzQIQzNbDH96TMqOYE5MebdN6SYlD7
n6jAw+iafKBllbiE8mceTma9j2fgwzT3
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:24 2024 by rpki-client on console-fra.rpki-client.org