Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/m3TvjxhVULZpmavynC5ed363EtY.roa
File: m3TvjxhVULZpmavynC5ed363EtY.roa (raw, json)
Hash identifier: GnfsovfRU4TAVJHPiGIi/sbyloOaax+ShuhbLGiAPJQ=
Subject key identifier: 9B:74:EF:8F:18:55:50:B6:69:99:AB:F2:9C:2E:5E:77:7E:B7:12:D6
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 018CC9BCBC5FEDCA80834E5BA1E0AB1EF574
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/m3TvjxhVULZpmavynC5ed363EtY.roa
Signing time: Tue 02 Jan 2024 10:33:58 +0000
ROA not before: Tue 02 Jan 2024 10:33:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42708
IP address blocks: 79.141.174.0/23 maxlen: 23
185.174.133.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
193.42.39.0/24 maxlen: 24
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:bc:5f:ed:ca:80:83:4e:5b:a1:e0:ab:1e:f5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Jan 2 10:33:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b74ef8f185550b66999abf29c2e5e777eb712d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:49:4f:23:39:2c:9a:59:e2:b5:25:3b:cc:63:
5b:bd:7e:b4:e8:37:ca:68:da:f2:ef:87:59:ae:0e:
8b:3d:b2:ca:bd:f9:95:51:26:bb:53:28:5e:fc:22:
d3:f1:5f:f9:e7:b7:65:56:a5:75:55:28:8e:17:74:
28:ed:f4:00:bc:58:34:86:e2:9a:68:73:a6:f9:7d:
1b:47:34:7b:fc:9a:8e:7c:1a:67:0a:ea:ab:ed:ac:
7a:26:77:00:60:3d:f3:99:0c:80:4d:62:7f:6e:c1:
a1:56:c2:b1:bf:c6:0e:06:47:c4:11:94:7a:33:41:
57:07:96:f3:f4:8e:03:9f:39:56:f4:a9:8e:17:9d:
04:a9:c9:88:e1:ee:61:87:7e:94:7b:14:dd:ba:34:
16:5e:9a:c0:b2:1b:51:b7:05:5e:3e:4a:2c:9e:0b:
f1:37:a4:8b:f3:d8:35:10:9b:02:00:06:e9:c1:9b:
8b:ac:3b:54:13:ec:98:78:df:15:2b:f0:2f:ec:b8:
c6:b9:88:bd:b2:9e:9a:9c:17:85:9a:60:76:8b:eb:
e8:ce:3f:9a:6a:dd:c6:16:92:9c:1e:cd:c8:f3:eb:
5c:92:97:1d:f7:35:69:f1:30:f4:38:1c:3f:b2:5d:
fe:9b:d6:9c:66:be:af:bd:d1:31:83:f1:8f:a6:41:
4b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:74:EF:8F:18:55:50:B6:69:99:AB:F2:9C:2E:5E:77:7E:B7:12:D6
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/m3TvjxhVULZpmavynC5ed363EtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.174.0/23
185.117.88.0/23
185.174.133.0/24
193.42.39.0/24
IPv6:
2a01:8640:6::/48
2a01:8640:9::/48
Signature Algorithm: sha256WithRSAEncryption
84:bc:a1:dc:14:ba:23:f0:04:3c:c4:f8:21:6d:ea:ab:17:b7:
24:ab:31:bf:6d:53:c5:2d:9e:98:c2:06:90:7a:23:41:3d:b5:
15:de:b8:7c:12:5b:15:12:2b:c3:61:3c:21:55:d6:5e:52:0b:
a4:fa:09:cc:5e:8a:7f:57:33:09:7b:fb:30:e1:cd:fd:b8:35:
1f:3e:4d:2f:36:66:90:bb:27:cd:d8:4e:9b:d5:8d:1f:7c:a7:
2e:40:fb:56:e7:bf:b4:16:a9:36:a0:b2:ea:88:d5:f8:71:c7:
33:a9:2e:2c:3e:6a:e6:41:ee:46:e9:d8:42:7b:d5:ff:c6:b4:
89:b9:12:1b:c2:97:55:62:0d:ce:4b:23:e8:34:fb:29:a3:63:
18:34:83:5e:6f:a9:f1:38:03:2f:7e:bf:ce:76:7a:61:2b:36:
23:c7:42:a6:b2:8b:ac:42:d1:50:5e:74:f6:c5:da:ea:ef:a7:
6c:16:3d:a1:66:c6:52:86:a1:55:9b:3e:74:90:c5:89:6a:b0:
55:f4:28:5e:b5:8f:dd:38:3d:ae:f3:10:d2:a4:de:65:eb:a0:
fd:1c:53:cc:c5:6d:18:fd:4a:cf:7f:03:66:c1:10:bf:00:21:
52:21:77:da:52:de:31:f5:d9:7e:cc:45:10:0a:01:7d:95:ae:
76:16:67:b5
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzJvLxf7cqAg05boeCrHvV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjQwMTAyMTAzMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjc0ZWY4ZjE4NTU1MGI2Njk5OWFiZjI5YzJlNWU3NzdlYjcxMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvElPIzksmlnitSU7zGNbvX606DfK
aNry74dZrg6LPbLKvfmVUSa7Uyhe/CLT8V/557dlVqV1VSiOF3Qo7fQAvFg0huKa
aHOm+X0bRzR7/JqOfBpnCuqr7ax6JncAYD3zmQyATWJ/bsGhVsKxv8YOBkfEEZR6
M0FXB5bz9I4DnzlW9KmOF50EqcmI4e5hh36UexTdujQWXprAshtRtwVePkosngvx
N6SL89g1EJsCAAbpwZuLrDtUE+yYeN8VK/Av7LjGuYi9sp6anBeFmmB2i+vozj+a
at3GFpKcHs3I8+tckpcd9zVp8TD0OBw/sl3+m9acZr6vvdExg/GPpkFLYQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJt0748YVVC2aZmr8pwuXnd+txLWMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvbTNUdmp4aFZVTFpwbWF2eW5DNWVkMzYzRXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQBT42uAwQB
uXVYAwQAua6FAwQAwSonMBgEAgACMBIDBwAqAYZAAAYDBwAqAYZAAAkwDQYJKoZI
hvcNAQELBQADggEBAIS8odwUuiPwBDzE+CFt6qsXtySrMb9tU8UtnpjCBpB6I0E9
tRXeuHwSWxUSK8NhPCFV1l5SC6T6Ccxein9XMwl7+zDhzf24NR8+TS82ZpC7J83Y
TpvVjR98py5A+1bnv7QWqTagsuqI1fhxxzOpLiw+auZB7kbp2EJ71f/GtIm5EhvC
l1ViDc5LI+g0+ymjYxg0g15vqfE4Ay9+v852emErNiPHQqayi6xC0VBedPbF2urv
p2wWPaFmxlKGoVWbPnSQxYlqsFX0KF61j904Pa7zENKk3mXroP0cU8zFbRj9Ss9/
A2bBEL8AIVIhd9pS3jH12X7MRRAKAX2VrnYWZ7U=
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:59:24 2024 by rpki-client on console-ams.rpki-client.org