Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/3Wm2ORAuZy-MJVTC7E_n_J8fZ5U.roa
File: 3Wm2ORAuZy-MJVTC7E_n_J8fZ5U.roa (raw, json)
Hash identifier: sxEPcIj3WfBFUJMVTs2yjIzVT1Ak94puatI22k0+XT4=
Subject key identifier: DD:69:B6:39:10:2E:67:2F:8C:25:54:C2:EC:4F:E7:FC:9F:1F:67:95
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018CC727609B9CA236F57C49018ED0B18B47
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/3Wm2ORAuZy-MJVTC7E_n_J8fZ5U.roa
Signing time: Mon 01 Jan 2024 22:31:35 +0000
ROA not before: Mon 01 Jan 2024 22:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5588
IP address blocks: 217.8.160.0/19 maxlen: 19
94.42.0.0/16 maxlen: 16
195.94.192.0/19 maxlen: 19
78.133.128.0/17 maxlen: 17
85.219.128.0/17 maxlen: 17
89.174.0.0/16 maxlen: 16
89.174.23.0/24 maxlen: 24
217.153.0.0/16 maxlen: 16
157.25.0.0/16 maxlen: 16
2001:4190::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:60:9b:9c:a2:36:f5:7c:49:01:8e:d0:b1:8b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd69b639102e672f8c2554c2ec4fe7fc9f1f6795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:96:93:f9:bb:85:f1:b1:97:f5:eb:f8:6f:d8:
48:b5:50:21:51:52:fb:b4:d4:12:f6:4c:b5:6e:e1:
90:5a:77:bf:65:d3:f1:53:1a:b0:d5:5b:44:aa:72:
58:a1:da:43:f2:40:31:79:a2:db:2d:30:98:a5:46:
ac:95:d2:92:06:ba:ba:bd:85:7e:2e:20:3c:a3:b0:
86:e6:df:c5:61:a6:3b:e2:5c:1e:76:50:5f:13:26:
82:56:9f:0e:bd:01:30:87:ca:d8:b1:62:60:5a:be:
60:f2:99:cd:63:76:1c:28:b6:2b:84:da:d2:3f:15:
cf:8a:d2:2f:d2:c8:d2:25:ea:3c:89:48:9b:75:aa:
bc:42:e6:89:d2:61:fe:e4:48:4d:fc:27:17:fd:7a:
26:38:aa:e0:4c:51:00:44:8d:cc:22:86:4a:89:b6:
e6:04:14:a1:e7:b6:e2:b9:eb:0e:26:41:17:69:13:
a1:aa:8b:f1:bd:d9:1a:cc:ce:09:fa:f9:db:16:f5:
3a:0d:10:96:78:b3:eb:6b:40:ee:60:3e:23:af:61:
34:cd:51:c6:3f:ca:e0:51:1d:b2:af:80:dc:09:fe:
80:50:59:eb:04:0d:8b:2e:56:fe:73:ee:5b:ee:f9:
5e:d2:9f:10:8e:3a:5e:8c:d0:ea:76:99:45:af:32:
2c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:69:B6:39:10:2E:67:2F:8C:25:54:C2:EC:4F:E7:FC:9F:1F:67:95
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/3Wm2ORAuZy-MJVTC7E_n_J8fZ5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.128.0/17
85.219.128.0/17
89.174.0.0/16
94.42.0.0/16
157.25.0.0/16
195.94.192.0/19
217.8.160.0/19
217.153.0.0/16
IPv6:
2001:4190::/32
Signature Algorithm: sha256WithRSAEncryption
7a:84:56:c1:da:ee:c8:07:40:3e:45:38:dc:6c:d8:d8:ee:b2:
7f:86:41:1e:bc:b3:8e:f3:c6:8f:af:6d:e0:b2:26:40:6a:88:
fe:94:bb:7d:7c:8b:d7:96:83:69:18:92:3d:f5:05:fc:26:4e:
be:f6:59:fd:f1:2c:12:f7:6a:d2:e7:b7:19:09:93:48:b5:e0:
53:50:52:81:cf:62:1c:c0:58:ba:19:d3:95:17:f4:18:99:81:
22:57:23:90:3c:6f:94:7f:32:8c:0c:e7:c7:ed:04:40:f0:e4:
7c:8a:0d:41:d2:54:5f:9a:ca:12:83:cc:4e:ba:d5:97:ec:84:
2e:57:a8:72:db:89:42:16:a1:f4:07:a5:f2:79:0b:89:2f:ac:
29:df:2a:3b:df:5e:aa:21:14:e8:3e:f2:e5:79:85:d5:71:9d:
4d:55:71:03:a4:9f:98:88:10:94:f5:ad:d1:a4:91:6a:a9:0f:
e9:fb:79:d7:05:26:20:bf:f9:a9:cc:89:52:28:1f:de:c1:79:
19:93:f3:e2:f8:13:0b:4b:91:8f:c7:20:37:cf:f1:a2:03:39:
d9:b5:7c:8d:9d:88:08:f1:7d:95:58:84:63:97:1c:9c:0b:1e:
8a:af:49:bd:2a:8d:b3:be:69:a5:ba:f3:13:a0:47:a8:66:16:
fe:a4:da:10
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzHJ2CbnKI29XxJAY7QsYtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY5YjYzOTEwMmU2NzJmOGMyNTU0YzJlYzRmZTdmYzlmMWY2Nzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1paT+buF8bGX9ev4b9hItVAhUVL7
tNQS9ky1buGQWne/ZdPxUxqw1VtEqnJYodpD8kAxeaLbLTCYpUasldKSBrq6vYV+
LiA8o7CG5t/FYaY74lwedlBfEyaCVp8OvQEwh8rYsWJgWr5g8pnNY3YcKLYrhNrS
PxXPitIv0sjSJeo8iUibdaq8QuaJ0mH+5EhN/CcX/XomOKrgTFEARI3MIoZKibbm
BBSh57biuesOJkEXaROhqovxvdkazM4J+vnbFvU6DRCWeLPra0DuYD4jr2E0zVHG
P8rgUR2yr4DcCf6AUFnrBA2LLlb+c+5b7vle0p8QjjpejNDqdplFrzIsWQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFN1ptjkQLmcvjCVUwuxP5/yfH2eVMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvM1dtMk9SQXVaeS1NSlZUQzdFX25fSjhmWjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQHToWAAwQH
VduAAwMAWa4DAwBeKgMDAJ0ZAwQFw17AAwQF2QigAwMA2ZkwDQQCAAIwBwMFACAB
QZAwDQYJKoZIhvcNAQELBQADggEBAHqEVsHa7sgHQD5FONxs2Njusn+GQR68s47z
xo+vbeCyJkBqiP6Uu318i9eWg2kYkj31BfwmTr72Wf3xLBL3atLntxkJk0i14FNQ
UoHPYhzAWLoZ05UX9BiZgSJXI5A8b5R/MowM58ftBEDw5HyKDUHSVF+ayhKDzE66
1ZfshC5XqHLbiUIWofQHpfJ5C4kvrCnfKjvfXqohFOg+8uV5hdVxnU1VcQOkn5iI
EJT1rdGkkWqpD+n7edcFJiC/+anMiVIoH97BeRmT8+L4EwtLkY/HIDfP8aIDOdm1
fI2diAjxfZVYhGOXHJwLHoqvSb0qjbO+aaW68xOgR6hmFv6k2hA=
-----END CERTIFICATE-----
Generated at Sat May 18 14:38:24 2024 by rpki-client on console-ams.rpki-client.org