Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/3_SyjZHEl3kbZWf4KDfpZSo09kM.roa
File: 3_SyjZHEl3kbZWf4KDfpZSo09kM.roa (raw, json)
Hash identifier: fht1mJP8BTj2fUAN+CRbv3RsbYtdjk/hgC3Rs/x0pPE=
Subject key identifier: DF:F4:B2:8D:91:C4:97:79:1B:65:67:F8:28:37:E9:65:2A:34:F6:43
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 018CC9BCC0C0AC413B7C7CACD105BA55FD87
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/3_SyjZHEl3kbZWf4KDfpZSo09kM.roa
Signing time: Tue 02 Jan 2024 10:33:59 +0000
ROA not before: Tue 02 Jan 2024 10:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202015
IP address blocks: 79.141.173.0/24 maxlen: 24
91.193.19.0/24 maxlen: 24
194.124.229.0/24 maxlen: 24
77.83.199.0/24 maxlen: 24
193.42.38.0/24 maxlen: 24
79.141.162.0/23 maxlen: 23
79.141.160.0/23 maxlen: 23
79.141.172.0/24 maxlen: 24
185.33.84.0/23 maxlen: 23
185.33.86.0/23 maxlen: 23
2a01:8640:b::/48 maxlen: 48
2a01:8640:5::/48 maxlen: 48
2a01:8640:e::/48 maxlen: 48
2a01:8640:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c0:c0:ac:41:3b:7c:7c:ac:d1:05:ba:55:fd:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Jan 2 10:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dff4b28d91c497791b6567f82837e9652a34f643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ce:66:5c:2e:78:61:7f:27:a9:96:b9:df:e1:
cf:b5:84:ce:59:97:44:88:26:f8:65:00:26:99:95:
41:de:fb:78:df:f1:c0:db:a6:73:af:08:84:27:cf:
a4:66:cc:98:8b:13:c5:b4:2a:ff:41:8a:a0:5d:08:
d9:82:b6:40:52:71:29:57:d4:ca:ba:de:16:5b:06:
70:bd:74:0a:b6:c0:27:39:82:56:91:50:40:0b:2e:
23:44:c7:32:19:9d:77:02:d8:b4:2b:c5:b7:19:69:
5a:5a:fa:ad:df:c3:7e:c4:f1:f1:61:bc:32:61:a4:
52:56:db:72:25:7d:10:e6:af:1d:99:1c:d4:cc:60:
23:67:22:11:bb:70:40:ba:d3:42:b2:a4:57:98:5c:
be:19:1a:89:2a:05:03:2b:5a:c2:57:cf:d3:97:ee:
6c:89:f0:38:67:dd:46:6c:ce:9f:5b:f5:ae:99:bf:
64:1d:45:8c:2b:c8:45:4d:da:a4:ef:61:08:82:bd:
c4:a2:7c:32:e1:1d:b2:43:c7:20:09:05:03:a0:46:
d2:a5:f6:74:41:48:13:2b:97:3e:e7:4d:4d:ad:08:
21:4d:d0:f4:7c:cf:2e:2b:16:0d:c0:90:e4:99:53:
2c:c0:cd:2d:b3:1d:f9:16:20:9c:da:5e:85:dd:fd:
26:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F4:B2:8D:91:C4:97:79:1B:65:67:F8:28:37:E9:65:2A:34:F6:43
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/3_SyjZHEl3kbZWf4KDfpZSo09kM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.199.0/24
79.141.160.0/22
79.141.172.0/23
91.193.19.0/24
185.33.84.0/22
193.42.38.0/24
194.124.229.0/24
IPv6:
2a01:8640:4::/47
2a01:8640:b::/48
2a01:8640:e::/48
Signature Algorithm: sha256WithRSAEncryption
7b:84:33:0d:37:57:e6:c9:7a:b9:b9:93:4c:8d:ba:b4:e4:f5:
db:95:d2:04:39:c9:90:c1:25:5f:0b:43:2f:da:d8:db:40:bd:
68:cc:43:9f:29:a1:8f:7f:b3:59:14:8b:81:b1:94:3e:37:6b:
bb:23:78:70:d1:81:ec:9a:38:a3:15:f4:6f:ea:ca:1b:c7:f3:
4d:7d:bc:4d:d3:55:1a:1d:65:a0:85:eb:fc:21:c4:6d:d5:b4:
50:48:ce:57:21:78:7b:9b:0a:05:34:c9:5b:19:61:39:7c:44:
08:5a:42:1a:52:29:28:af:fe:01:6c:51:fb:77:19:8a:bd:3b:
a4:42:bf:2a:9e:21:49:2f:38:34:f5:5e:51:c5:57:93:9f:59:
dd:53:5d:ad:1d:2d:7a:a3:c7:f8:9d:33:d2:e9:41:2c:5a:5d:
25:b8:e7:70:d2:84:53:1d:90:31:92:a2:68:1f:dd:c3:41:8e:
1b:22:98:3f:21:c8:6b:57:66:3e:4f:3a:39:9b:88:f5:96:fd:
09:a3:95:31:4a:c4:f6:a4:68:24:25:46:f5:fc:84:c4:00:9c:
f3:98:16:b5:88:76:10:c4:08:d2:fa:1b:54:65:95:3d:a4:4a:
a1:7b:62:94:82:32:40:ba:ff:0d:5b:48:9a:98:b5:fd:53:73:
ca:0d:7b:61
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzJvMDArEE7fHys0QW6Vf2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjQwMTAyMTAzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmY0YjI4ZDkxYzQ5Nzc5MWI2NTY3ZjgyODM3ZTk2NTJhMzRmNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos5mXC54YX8nqZa53+HPtYTOWZdE
iCb4ZQAmmZVB3vt43/HA26ZzrwiEJ8+kZsyYixPFtCr/QYqgXQjZgrZAUnEpV9TK
ut4WWwZwvXQKtsAnOYJWkVBACy4jRMcyGZ13Ati0K8W3GWlaWvqt38N+xPHxYbwy
YaRSVttyJX0Q5q8dmRzUzGAjZyIRu3BAutNCsqRXmFy+GRqJKgUDK1rCV8/Tl+5s
ifA4Z91GbM6fW/Wumb9kHUWMK8hFTdqk72EIgr3Eonwy4R2yQ8cgCQUDoEbSpfZ0
QUgTK5c+501NrQghTdD0fM8uKxYNwJDkmVMswM0tsx35FiCc2l6F3f0mhwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFN/0so2RxJd5G2Vn+Cg36WUqNPZDMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvM19TeWpaSEVsM2tiWldmNEtEZnBaU28wOWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAwBAIAATAqAwQATVPHAwQC
T42gAwQBT42sAwQAW8ETAwQCuSFUAwQAwSomAwQAwnzlMCEEAgACMBsDBwEqAYZA
AAQDBwAqAYZAAAsDBwAqAYZAAA4wDQYJKoZIhvcNAQELBQADggEBAHuEMw03V+bJ
erm5k0yNurTk9duV0gQ5yZDBJV8LQy/a2NtAvWjMQ58poY9/s1kUi4GxlD43a7sj
eHDRgeyaOKMV9G/qyhvH8019vE3TVRodZaCF6/whxG3VtFBIzlcheHubCgU0yVsZ
YTl8RAhaQhpSKSiv/gFsUft3GYq9O6RCvyqeIUkvODT1XlHFV5OfWd1TXa0dLXqj
x/idM9LpQSxaXSW453DShFMdkDGSomgf3cNBjhsimD8hyGtXZj5POjmbiPWW/Qmj
lTFKxPakaCQlRvX8hMQAnPOYFrWIdhDECNL6G1RllT2kSqF7YpSCMkC6/w1bSJqY
tf1Tc8oNe2E=
-----END CERTIFICATE-----
Generated at Sat Jun 1 10:09:48 2024 by rpki-client on console-fra.rpki-client.org