Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/3y59T3vgUEUU_XoFI4iVcIYohP0.roa
File: 3y59T3vgUEUU_XoFI4iVcIYohP0.roa (raw, json)
Hash identifier: U+n5eaK4oq2egFHPRV4hWhvV0J3qjvVMUtszdSlSm3E=
Subject key identifier: DF:2E:7D:4F:7B:E0:50:45:14:FD:7A:05:23:88:95:70:86:28:84:FD
Certificate issuer: /CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Certificate serial: 018CC26D0D6F65CE1382C72AB9DEE1F809F1
Authority key identifier: 8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/3y59T3vgUEUU_XoFI4iVcIYohP0.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50763
IP address blocks: 185.241.44.0/22 maxlen: 22
185.241.44.0/23 maxlen: 23
185.241.46.0/24 maxlen: 24
2a0c:9880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0d:6f:65:ce:13:82:c7:2a:b9:de:e1:f8:09:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df2e7d4f7be0504514fd7a0523889570862884fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:09:35:52:44:93:f2:d5:46:e4:13:07:50:fc:
ef:91:75:21:c4:d9:17:ad:f5:33:6b:3a:69:a8:10:
07:7a:29:28:c6:8b:80:c9:81:01:b6:b9:a6:e4:10:
87:c0:9a:57:52:c1:ad:b2:d8:93:31:17:9c:04:26:
ef:aa:17:84:16:bb:83:47:4a:9c:b3:a0:3d:14:8d:
dd:2b:b7:dd:0d:09:29:3f:7f:f9:4a:59:c0:f6:8e:
5c:97:f3:42:2d:d9:89:00:52:8d:e8:10:5a:be:d2:
8a:4b:1f:46:4e:56:e1:6c:92:cb:c5:34:d6:b6:60:
f9:ab:c1:2c:b2:54:f6:c4:5c:df:94:96:6e:68:a7:
0f:57:da:b3:4c:52:6e:03:45:01:4b:2d:b9:34:69:
61:f6:d5:25:d7:ac:5b:4c:74:d1:d6:10:d6:95:c4:
83:ae:0e:38:93:5b:89:ac:15:2b:04:8e:fa:60:e5:
ed:25:5b:6c:94:b2:8f:7d:22:a9:12:06:4f:1b:89:
d2:1f:e7:dd:b9:d9:02:f2:16:83:f8:70:96:18:74:
c5:51:cd:95:a2:c1:4b:d9:fd:e1:8e:4d:63:ff:6e:
b7:94:5a:d8:6d:a8:cd:84:72:22:d0:dd:b6:20:11:
48:62:73:46:51:3c:8f:65:dd:52:52:c2:91:e4:59:
2b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2E:7D:4F:7B:E0:50:45:14:FD:7A:05:23:88:95:70:86:28:84:FD
X509v3 Authority Key Identifier:
keyid:8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/3y59T3vgUEUU_XoFI4iVcIYohP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.44.0/22
IPv6:
2a0c:9880::/29
Signature Algorithm: sha256WithRSAEncryption
7d:fe:62:98:1e:93:0b:91:91:dc:fe:62:be:79:2d:55:c9:90:
b6:95:c9:28:14:92:21:4c:a1:fb:52:7e:96:f9:8c:6e:28:5d:
d7:06:60:ca:c9:8e:5b:84:0e:4e:f9:9b:31:6e:9b:4a:a8:08:
ca:7f:94:15:83:84:2d:f9:77:47:c8:91:73:ce:79:08:73:94:
e2:8f:4b:a7:23:cd:c0:dc:0a:f8:4c:a2:f1:f8:6a:8e:50:ba:
11:74:6f:cb:33:dd:ff:85:8a:77:50:2f:64:f6:6c:af:40:ed:
68:7a:30:c1:d2:fb:c2:a3:37:d9:2b:b4:25:4a:6f:ca:f8:05:
8e:51:0a:ad:30:77:71:5a:56:ef:20:da:82:f9:3b:aa:9b:c9:
71:18:f7:df:8b:47:d6:35:b1:90:1f:ae:9f:1e:45:67:e8:6f:
7c:22:64:6f:14:a8:72:e6:d7:56:77:49:78:3e:bd:e0:52:c3:
b3:dd:1a:f1:a4:da:bc:ac:57:cd:ff:48:2e:27:a3:26:da:75:
7c:a8:e2:28:78:70:03:cc:df:48:b0:6f:11:74:59:f4:43:36:
af:68:fc:37:12:5e:7f:fe:6e:74:9d:7a:83:a4:50:19:40:90:
f6:8b:55:2b:e3:c6:b4:82:a9:06:e8:60:26:eb:c4:a9:7a:16:
75:44:d6:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbQ1vZc4Tgscqud7h+AnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTFmZTlhNGMwM2QwMTVhZWM5NzRlMmQyOTcwOWE5Nzll
YjgyZjEwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJlN2Q0ZjdiZTA1MDQ1MTRmZDdhMDUyMzg4OTU3MDg2Mjg4NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQk1UkST8tVG5BMHUPzvkXUhxNkX
rfUzazppqBAHeikoxouAyYEBtrmm5BCHwJpXUsGtstiTMRecBCbvqheEFruDR0qc
s6A9FI3dK7fdDQkpP3/5SlnA9o5cl/NCLdmJAFKN6BBavtKKSx9GTlbhbJLLxTTW
tmD5q8EsslT2xFzflJZuaKcPV9qzTFJuA0UBSy25NGlh9tUl16xbTHTR1hDWlcSD
rg44k1uJrBUrBI76YOXtJVtslLKPfSKpEgZPG4nSH+fdudkC8haD+HCWGHTFUc2V
osFL2f3hjk1j/263lFrYbajNhHIi0N22IBFIYnNGUTyPZd1SUsKR5FkrdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN8ufU974FBFFP16BSOIlXCGKIT9MB8GA1UdIwQY
MBaAFIqh/ppMA9AVrsl04tKXCal564LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYt
MWY5YWUwNTU2NDZmLzEvM3k1OVQzdmdVRVVVX1hvRkk0aVZjSVlvaFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYtMWY5YWUwNTU2NDZm
LzEvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufEsMA0E
AgACMAcDBQMqDJiAMA0GCSqGSIb3DQEBCwUAA4IBAQB9/mKYHpMLkZHc/mK+eS1V
yZC2lckoFJIhTKH7Un6W+YxuKF3XBmDKyY5bhA5O+ZsxbptKqAjKf5QVg4Qt+XdH
yJFzznkIc5Tij0unI83A3Ar4TKLx+GqOULoRdG/LM93/hYp3UC9k9myvQO1oejDB
0vvCozfZK7QlSm/K+AWOUQqtMHdxWlbvINqC+Tuqm8lxGPffi0fWNbGQH66fHkVn
6G98ImRvFKhy5tdWd0l4Pr3gUsOz3RrxpNq8rFfN/0guJ6Mm2nV8qOIoeHADzN9I
sG8RdFn0QzavaPw3El5//m50nXqDpFAZQJD2i1Ur48a0gqkG6GAm68SpehZ1RNaC
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:27 2024 by rpki-client on console-fra.rpki-client.org