Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3kQC79oK5drKiHasO9N75rQZ6HQ.roa
File: 3kQC79oK5drKiHasO9N75rQZ6HQ.roa (raw, json)
Hash identifier: VqcT84IWYpfs0F1ArLByyl+kvVEtaR8MPikD3p7I1Mc=
Subject key identifier: DE:44:02:EF:DA:0A:E5:DA:CA:88:76:AC:3B:D3:7B:E6:B4:19:E8:74
Certificate issuer: /CN=dc1fd007dffa508f30063fbe4d53a2b2e1e8c4de
Certificate serial: 018CC26CFC9D27FFF030CD01FB143929E49B
Authority key identifier: DC:1F:D0:07:DF:FA:50:8F:30:06:3F:BE:4D:53:A2:B2:E1:E8:C4:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3kQC79oK5drKiHasO9N75rQZ6HQ.roa
Signing time: Mon 01 Jan 2024 00:29:31 +0000
ROA not before: Mon 01 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33843
IP address blocks: 45.150.68.0/24 maxlen: 24
46.231.136.0/21 maxlen: 21
85.236.192.0/19 maxlen: 19
2a01:1ee::/32 maxlen: 32
2a01:1e8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fc:9d:27:ff:f0:30:cd:01:fb:14:39:29:e4:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc1fd007dffa508f30063fbe4d53a2b2e1e8c4de
Validity
Not Before: Jan 1 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de4402efda0ae5daca8876ac3bd37be6b419e874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4f:7d:b4:87:43:5b:30:16:74:95:c7:46:a3:
9f:1d:6b:08:64:81:11:75:c9:dc:e4:57:36:ec:09:
64:18:62:cb:2c:5d:00:9f:ea:39:b6:c2:0b:f8:13:
7f:33:9b:01:e4:52:54:00:e6:bb:33:a7:d3:b7:d6:
a4:6c:f4:38:96:d0:ea:7c:a2:a0:96:8e:83:85:0c:
77:8f:f5:fe:ab:52:df:0f:45:42:88:36:e3:07:ec:
70:4c:43:5c:ae:a0:58:a9:8c:28:33:3a:f7:5f:31:
c8:af:3e:13:74:8a:f9:5d:40:da:2f:16:a7:5b:05:
16:cd:4f:aa:7b:81:d8:ec:df:ab:65:3e:e9:f8:42:
ea:91:b5:cd:b8:79:1b:4e:dd:57:a1:94:1e:a4:16:
77:0f:dc:c1:d0:57:77:7f:ae:0a:49:b7:b5:e8:6a:
09:61:3a:c6:46:d4:64:1a:48:9d:85:3d:45:c6:2e:
70:4c:74:89:5f:a8:7e:3f:03:6e:73:d2:7f:5e:5c:
58:44:62:83:8d:a2:a2:43:1f:6f:d7:9e:cc:92:da:
88:15:32:5f:34:f5:40:14:ae:18:2e:08:8d:51:c5:
ee:ca:7b:65:74:b6:e6:d1:a3:14:71:b7:bd:d3:7c:
fc:d8:ae:c4:43:7e:bc:75:e8:f7:89:29:fb:b8:ad:
29:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:44:02:EF:DA:0A:E5:DA:CA:88:76:AC:3B:D3:7B:E6:B4:19:E8:74
X509v3 Authority Key Identifier:
keyid:DC:1F:D0:07:DF:FA:50:8F:30:06:3F:BE:4D:53:A2:B2:E1:E8:C4:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3kQC79oK5drKiHasO9N75rQZ6HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.68.0/24
46.231.136.0/21
85.236.192.0/19
IPv6:
2a01:1e8::/32
2a01:1ee::/32
Signature Algorithm: sha256WithRSAEncryption
4d:c3:c4:84:be:fd:a0:74:2f:83:f1:1b:5d:f6:c7:af:fa:c5:
0b:8b:24:3f:30:24:f9:11:ef:3c:04:d8:74:db:23:3e:88:1c:
b6:be:83:e0:a5:8c:f6:63:13:42:01:1a:96:c1:79:6f:32:9b:
93:c6:e4:c2:cb:95:11:88:40:06:26:47:8b:46:75:f6:e9:ec:
de:94:ad:9a:7b:0a:4c:41:0f:f8:b1:47:ef:db:1b:58:0d:c3:
54:28:ec:14:2c:ec:83:dc:3c:34:33:10:bb:52:eb:dd:2e:66:
a8:c8:86:aa:a9:a1:b5:ee:8a:ab:c4:e3:e2:4a:b0:90:87:92:
0a:e1:92:38:9f:6f:dc:39:51:12:75:b7:45:06:f6:b4:43:f8:
88:1f:64:c2:cb:13:72:c7:64:75:8c:3e:73:4d:17:f4:04:6a:
d7:ae:b4:f0:5f:b7:b9:33:d6:9e:1f:5e:a7:48:a4:aa:71:f0:
82:bd:ea:ff:86:c5:e2:8c:a8:77:98:8b:10:86:59:30:bb:76:
15:38:88:fc:47:a8:d7:2d:91:eb:2d:7d:2c:78:41:e6:b6:2f:
92:4f:04:35:e7:71:b0:97:b0:65:d4:6f:29:ea:ea:a9:e3:14:
31:00:2e:1b:2c:8e:e8:33:ed:b9:30:b7:8b:81:4f:b3:68:93:
94:78:40:77
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzCbPydJ//wMM0B+xQ5KeSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMWZkMDA3ZGZmYTUwOGYzMDA2M2ZiZTRkNTNhMmIyZTFl
OGM0ZGUwHhcNMjQwMTAxMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ0MDJlZmRhMGFlNWRhY2E4ODc2YWMzYmQzN2JlNmI0MTllODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU99tIdDWzAWdJXHRqOfHWsIZIER
dcnc5Fc27AlkGGLLLF0An+o5tsIL+BN/M5sB5FJUAOa7M6fTt9akbPQ4ltDqfKKg
lo6DhQx3j/X+q1LfD0VCiDbjB+xwTENcrqBYqYwoMzr3XzHIrz4TdIr5XUDaLxan
WwUWzU+qe4HY7N+rZT7p+ELqkbXNuHkbTt1XoZQepBZ3D9zB0Fd3f64KSbe16GoJ
YTrGRtRkGkidhT1Fxi5wTHSJX6h+PwNuc9J/XlxYRGKDjaKiQx9v157MktqIFTJf
NPVAFK4YLgiNUcXuyntldLbm0aMUcbe903z82K7EQ368dej3iSn7uK0pJwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFN5EAu/aCuXayoh2rDvTe+a0Geh0MB8GA1UdIwQY
MBaAFNwf0Aff+lCPMAY/vk1TorLh6MTeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JfUUI5XzZVSTh3QmotLVRWT2lzdUhveE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8wNzUzNzctZTQyNi00OTJmLWE1OWMt
YWU0Yzk1Yzk0MDA1LzEvM2tRQzc5b0s1ZHJLaUhhc085Tjc1clFaNkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8wNzUzNzctZTQyNi00OTJmLWE1OWMtYWU0Yzk1Yzk0MDA1
LzEvM0JfUUI5XzZVSTh3QmotLVRWT2lzdUhveE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALZZEAwQD
LueIAwQFVezAMBQEAgACMA4DBQAqAQHoAwUAKgEB7jANBgkqhkiG9w0BAQsFAAOC
AQEATcPEhL79oHQvg/EbXfbHr/rFC4skPzAk+RHvPATYdNsjPogctr6D4KWM9mMT
QgEalsF5bzKbk8bkwsuVEYhABiZHi0Z19uns3pStmnsKTEEP+LFH79sbWA3DVCjs
FCzsg9w8NDMQu1Lr3S5mqMiGqqmhte6Kq8Tj4kqwkIeSCuGSOJ9v3DlREnW3RQb2
tEP4iB9kwssTcsdkdYw+c00X9ARq16608F+3uTPWnh9ep0ikqnHwgr3q/4bF4oyo
d5iLEIZZMLt2FTiI/Eeo1y2R6y19LHhB5rYvkk8ENedxsJewZdRvKerqqeMUMQAu
GyyO6DPtuTC3i4FPs2iTlHhAdw==
-----END CERTIFICATE-----
Generated at Sun May 19 15:39:55 2024 by rpki-client on console-ams.rpki-client.org