Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/3OmNIoiiapFg1p4ooZN28WxH3kY.roa
File: 3OmNIoiiapFg1p4ooZN28WxH3kY.roa (raw, json)
Hash identifier: waSU7aHw+6khCb7BGI/FjrEVHVnh5FHwSfYCJxXx+RY=
Subject key identifier: DC:E9:8D:22:88:A2:6A:91:60:D6:9E:28:A1:93:76:F1:6C:47:DE:46
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 018CC7958A1A4810B78E10CEE9BA382FF159
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/3OmNIoiiapFg1p4ooZN28WxH3kY.roa
Signing time: Tue 02 Jan 2024 00:31:55 +0000
ROA not before: Tue 02 Jan 2024 00:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56534
IP address blocks: 92.255.96.0/21 maxlen: 21
45.135.215.0/24 maxlen: 24
93.174.72.0/21 maxlen: 21
185.47.52.0/22 maxlen: 22
185.47.54.0/24 maxlen: 24
92.255.60.0/24 maxlen: 24
89.223.80.0/21 maxlen: 21
92.255.88.0/21 maxlen: 32
2a04:ac00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8a:1a:48:10:b7:8e:10:ce:e9:ba:38:2f:f1:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 2 00:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dce98d2288a26a9160d69e28a19376f16c47de46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:0d:a2:47:a8:59:75:cd:ab:d3:a0:60:32:bb:
bf:06:6e:f6:81:09:e2:de:df:e6:09:6c:0c:4d:58:
c3:db:a4:e9:a6:fd:47:ee:26:2f:66:93:5a:bd:0f:
b6:bc:87:49:e4:15:70:f9:56:ac:4c:7b:97:e2:c2:
1f:49:4e:81:68:66:5e:f5:d8:5d:52:ef:f3:21:0d:
e4:82:3e:9c:94:4d:12:ba:7d:e4:c5:95:d2:9a:31:
b7:5d:c6:aa:92:f6:1f:99:c9:c1:37:fc:1f:7a:25:
f5:a5:b1:16:9a:ac:f6:c3:e8:56:7b:c4:6a:23:9a:
7c:74:16:e1:ba:17:d9:b6:70:5d:16:72:b3:ce:a6:
2a:db:9e:8f:b2:51:a8:75:14:76:ab:3e:b2:21:d9:
35:48:9c:79:7f:ab:0a:0d:cd:84:ec:42:c9:8c:0a:
1b:0f:5b:03:5a:5c:cc:0a:d4:f5:42:c4:a1:f7:2b:
3c:7c:c6:4c:a0:64:08:b2:76:00:24:01:70:f9:b4:
3f:94:ee:f7:2c:e6:08:bd:bb:e0:a4:90:5e:70:b8:
53:1b:90:b1:fb:9c:78:47:b9:f5:99:87:40:a5:a3:
f1:6e:62:7c:eb:4b:f8:44:58:6e:d6:08:c3:f9:ec:
0b:6d:d2:75:e8:0e:58:88:1a:07:50:df:cd:02:39:
a0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E9:8D:22:88:A2:6A:91:60:D6:9E:28:A1:93:76:F1:6C:47:DE:46
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/3OmNIoiiapFg1p4ooZN28WxH3kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.215.0/24
89.223.80.0/21
92.255.60.0/24
92.255.88.0-92.255.103.255
93.174.72.0/21
185.47.52.0/22
IPv6:
2a04:ac00::/29
Signature Algorithm: sha256WithRSAEncryption
05:48:18:0b:7d:7f:bb:74:1c:41:6a:13:58:86:1e:f8:f2:7d:
92:7e:8a:76:be:5a:2a:e3:b0:19:ae:fa:66:e5:3d:57:ca:d3:
43:78:44:4a:45:d7:01:a3:3e:15:85:92:91:cc:bd:f9:37:77:
3c:32:1f:5c:be:c3:aa:13:95:e0:e3:68:d5:be:81:e4:bd:32:
5d:5d:d5:22:08:b8:0c:ef:7c:1b:69:1a:9a:65:09:25:be:c0:
92:c4:b0:fa:a4:ee:f1:27:30:f9:9b:81:6b:ba:f1:5f:90:31:
b7:53:79:9e:e4:49:b2:d5:4d:46:2a:ba:14:db:a8:d0:6a:d2:
6f:80:63:14:7a:91:32:53:b7:61:21:92:5f:25:78:d9:d3:8d:
ea:8d:82:aa:50:03:47:63:11:a3:5b:b3:4a:a9:7b:93:ab:f0:
a2:2e:d3:16:9a:74:d5:c2:29:d4:73:75:fc:8d:82:a0:9b:3e:
ab:c5:e5:2b:29:82:28:0b:43:90:fe:6d:57:a9:5b:cc:a7:49:
71:12:d5:dc:ef:35:36:0b:6c:1e:46:4d:50:13:52:c4:1d:c2:
31:75:3e:3d:46:6f:3d:a9:b4:02:fd:ec:70:b7:21:6d:76:60:
23:cc:49:81:41:0b:15:85:aa:2a:26:66:d0:56:73:ef:4d:dd:
2b:78:63:ce
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzHlYoaSBC3jhDO6bo4L/FZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjQwMTAyMDAzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2U5OGQyMjg4YTI2YTkxNjBkNjllMjhhMTkzNzZmMTZjNDdkZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ2iR6hZdc2r06BgMru/Bm72gQni
3t/mCWwMTVjD26Tppv1H7iYvZpNavQ+2vIdJ5BVw+VasTHuX4sIfSU6BaGZe9dhd
Uu/zIQ3kgj6clE0Sun3kxZXSmjG3XcaqkvYfmcnBN/wfeiX1pbEWmqz2w+hWe8Rq
I5p8dBbhuhfZtnBdFnKzzqYq256PslGodRR2qz6yIdk1SJx5f6sKDc2E7ELJjAob
D1sDWlzMCtT1QsSh9ys8fMZMoGQIsnYAJAFw+bQ/lO73LOYIvbvgpJBecLhTG5Cx
+5x4R7n1mYdApaPxbmJ860v4RFhu1gjD+ewLbdJ16A5YiBoHUN/NAjmgJwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFNzpjSKIomqRYNaeKKGTdvFsR95GMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvM09tTklvaWlhcEZnMXA0b29aTjI4V3hIM2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQALYfXAwQD
Wd9QAwQAXP88MAwDBANc/1gDBANc/2ADBANdrkgDBAK5LzQwDQQCAAIwBwMFAyoE
rAAwDQYJKoZIhvcNAQELBQADggEBAAVIGAt9f7t0HEFqE1iGHvjyfZJ+ina+Wirj
sBmu+mblPVfK00N4REpF1wGjPhWFkpHMvfk3dzwyH1y+w6oTleDjaNW+geS9Ml1d
1SIIuAzvfBtpGpplCSW+wJLEsPqk7vEnMPmbgWu68V+QMbdTeZ7kSbLVTUYquhTb
qNBq0m+AYxR6kTJTt2Ehkl8leNnTjeqNgqpQA0djEaNbs0qpe5Or8KIu0xaadNXC
KdRzdfyNgqCbPqvF5SspgigLQ5D+bVepW8ynSXES1dzvNTYLbB5GTVATUsQdwjF1
Pj1Gbz2ptAL97HC3IW12YCPMSYFBCxWFqiomZtBWc+9N3St4Y84=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:42:23 2024 by rpki-client on console-fra.rpki-client.org