Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/3BnNwUZWzULFoDkHBWmqPZ9N300.roa
File: 3BnNwUZWzULFoDkHBWmqPZ9N300.roa (raw, json)
Hash identifier: nEyyZL+ef8fD1CNs6Iczj3WgEqQrWY+i4XcFgcRlouE=
Subject key identifier: DC:19:CD:C1:46:56:CD:42:C5:A0:39:07:05:69:AA:3D:9F:4D:DF:4D
Certificate issuer: /CN=f963247d0d83b9f608cf864f427cdfe94b252a10
Certificate serial: 018CC86FC6DDF8B17135CAAC3762DE2B13EF
Authority key identifier: F9:63:24:7D:0D:83:B9:F6:08:CF:86:4F:42:7C:DF:E9:4B:25:2A:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/3BnNwUZWzULFoDkHBWmqPZ9N300.roa
Signing time: Tue 02 Jan 2024 04:30:17 +0000
ROA not before: Tue 02 Jan 2024 04:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202191
IP address blocks: 185.26.211.0/24 maxlen: 24
185.26.210.0/24 maxlen: 24
185.26.210.0/23 maxlen: 23
185.26.208.0/24 maxlen: 24
193.53.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c6:dd:f8:b1:71:35:ca:ac:37:62:de:2b:13:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f963247d0d83b9f608cf864f427cdfe94b252a10
Validity
Not Before: Jan 2 04:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc19cdc14656cd42c5a039070569aa3d9f4ddf4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:04:af:e3:5b:2a:74:69:1e:6f:cd:d0:59:56:
d5:7e:76:8f:61:c6:4f:32:50:7e:f6:dc:c0:c4:8e:
39:0b:32:d3:63:da:30:57:36:1f:49:15:f4:55:0f:
85:11:32:6a:51:bf:f8:89:ca:d7:24:79:80:31:c3:
60:fb:39:12:e5:4b:bc:9a:49:d9:d6:8f:62:5f:d2:
03:9e:62:e1:d0:e3:7a:14:9e:f6:31:35:f6:cd:78:
2d:83:54:05:24:25:b1:6a:38:a6:53:c6:0f:99:53:
b8:2f:d2:18:33:c6:98:be:1a:77:2f:77:c5:f1:8c:
ad:61:86:a6:b4:f5:6e:0a:9c:f5:25:01:63:58:51:
b4:62:ea:52:27:b6:15:97:8b:1c:ad:84:49:40:0e:
e9:08:79:8a:e1:ad:3e:f6:1b:a2:f0:c7:80:ab:3e:
1b:cb:4a:d4:66:51:35:1c:c1:3d:5d:78:1a:eb:ca:
8c:df:a2:26:24:87:53:5a:fa:10:92:d8:3d:6b:b3:
94:bb:17:d8:53:45:48:13:99:32:e1:fd:a5:6e:3f:
0d:2b:2d:68:1e:ec:84:0b:cb:53:fc:8a:1d:61:6c:
51:af:5b:bb:fa:97:4f:b7:16:c6:c7:0d:8b:19:2a:
a4:91:92:cf:92:2d:4c:fd:af:31:ee:18:c3:a7:e5:
20:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:19:CD:C1:46:56:CD:42:C5:A0:39:07:05:69:AA:3D:9F:4D:DF:4D
X509v3 Authority Key Identifier:
keyid:F9:63:24:7D:0D:83:B9:F6:08:CF:86:4F:42:7C:DF:E9:4B:25:2A:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/3BnNwUZWzULFoDkHBWmqPZ9N300.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/95b434-3de0-48e9-88e9-2d7f38474c08/1/1-WMkfQ2DufYIz4ZPQnzf6UslKhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.208.0/24
185.26.210.0/23
193.53.39.0/24
Signature Algorithm: sha256WithRSAEncryption
57:c2:ec:8f:06:a3:ff:9c:66:a3:54:27:5f:49:11:16:62:2d:
5a:05:8d:43:5b:da:14:0f:e4:8e:38:b8:6a:87:31:64:f4:2d:
58:82:dc:16:ba:fd:f8:4a:90:8e:c6:56:2f:57:5c:21:d9:10:
8c:b9:0f:e8:31:2c:a6:21:fc:95:7b:86:ef:c3:fd:e3:ee:d4:
b7:84:8e:85:8f:cb:ea:1c:3b:ff:00:2c:a7:24:c3:36:4b:1e:
0a:12:ee:bf:c8:eb:97:5f:96:3e:3c:78:5d:b3:be:5a:f1:ca:
69:aa:38:09:96:0a:03:71:38:a7:02:be:0f:66:83:a9:8e:b5:
54:0f:f0:4b:1c:bb:10:0d:48:b1:c4:8c:f6:c6:60:cc:4e:ce:
9a:79:3b:a4:db:7e:a9:44:b2:aa:0a:42:1a:a8:ff:99:ba:1d:
8b:a7:e8:7d:8a:6c:98:3f:ed:df:cb:db:fd:21:a2:06:7a:6e:
a0:ef:21:61:54:d5:61:aa:60:4a:ef:e7:23:5f:7b:cf:8c:93:
da:a9:85:5c:d9:9f:a3:dc:a0:04:eb:f7:16:b3:57:8a:4e:e7:
89:30:d8:0b:6f:a5:1c:5a:96:87:de:9f:60:ec:80:0e:a8:13:
b5:60:e2:10:a8:79:bc:81:fe:9f:f3:a3:53:e4:76:62:6c:90:
ff:17:31:e3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzIb8bd+LFxNcqsN2LeKxPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NjMyNDdkMGQ4M2I5ZjYwOGNmODY0ZjQyN2NkZmU5NGIy
NTJhMTAwHhcNMjQwMTAyMDQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzE5Y2RjMTQ2NTZjZDQyYzVhMDM5MDcwNTY5YWEzZDlmNGRkZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQSv41sqdGkeb83QWVbVfnaPYcZP
MlB+9tzAxI45CzLTY9owVzYfSRX0VQ+FETJqUb/4icrXJHmAMcNg+zkS5Uu8mknZ
1o9iX9IDnmLh0ON6FJ72MTX2zXgtg1QFJCWxajimU8YPmVO4L9IYM8aYvhp3L3fF
8YytYYamtPVuCpz1JQFjWFG0YupSJ7YVl4scrYRJQA7pCHmK4a0+9hui8MeAqz4b
y0rUZlE1HME9XXga68qM36ImJIdTWvoQktg9a7OUuxfYU0VIE5ky4f2lbj8NKy1o
HuyEC8tT/IodYWxRr1u7+pdPtxbGxw2LGSqkkZLPki1M/a8x7hjDp+UgGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNwZzcFGVs1CxaA5BwVpqj2fTd9NMB8GA1UdIwQY
MBaAFPljJH0Ng7n2CM+GT0J83+lLJSoQMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1XTWtmUTJEdWZZSXo0WlBRbnpmNlVzbEtoQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYvOTViNDM0LTNkZTAtNDhlOS04OGU5
LTJkN2YzODQ3NGMwOC8xLzNCbk53VVpXelVMRm9Ea0hCV21xUFo5TjMwMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzYvOTViNDM0LTNkZTAtNDhlOS04OGU5LTJkN2YzODQ3NGMw
OC8xLzEtV01rZlEyRHVmWUl6NFpQUW56ZjZVc2xLaEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAC5GtAD
BAG5GtIDBADBNScwDQYJKoZIhvcNAQELBQADggEBAFfC7I8Go/+cZqNUJ19JERZi
LVoFjUNb2hQP5I44uGqHMWT0LViC3Ba6/fhKkI7GVi9XXCHZEIy5D+gxLKYh/JV7
hu/D/ePu1LeEjoWPy+ocO/8ALKckwzZLHgoS7r/I65dflj48eF2zvlrxymmqOAmW
CgNxOKcCvg9mg6mOtVQP8EscuxANSLHEjPbGYMxOzpp5O6TbfqlEsqoKQhqo/5m6
HYun6H2KbJg/7d/L2/0hogZ6bqDvIWFU1WGqYErv5yNfe8+Mk9qphVzZn6PcoATr
9xazV4pO54kw2AtvpRxalofen2DsgA6oE7Vg4hCoebyB/p/zo1PkdmJskP8XMeM=
-----END CERTIFICATE-----
Generated at Sat Dec 28 03:00:36 2024 by rpki-client on console-ams.rpki-client.org