Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/3b14DR1J9u8tpc8Fn7bytJ5P0_M.roa
File: 3b14DR1J9u8tpc8Fn7bytJ5P0_M.roa (raw, json)
Hash identifier: h5hPwqu0mfSalpodW6J/oz+2ZrLRL5DP0X5TxMWOzck=
Subject key identifier: DD:BD:78:0D:1D:49:F6:EF:2D:A5:CF:05:9F:B6:F2:B4:9E:4F:D3:F3
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 018CC4255457CE6C1240B3A68A66001AB23D
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/3b14DR1J9u8tpc8Fn7bytJ5P0_M.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60601
IP address blocks: 185.11.216.0/24 maxlen: 24
2a03:69c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:54:57:ce:6c:12:40:b3:a6:8a:66:00:1a:b2:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddbd780d1d49f6ef2da5cf059fb6f2b49e4fd3f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d3:1c:2b:b8:eb:19:73:42:a0:07:5a:5d:d4:
c8:07:a1:8d:39:59:8a:cf:35:b8:a1:02:d2:6c:1f:
41:24:c1:ee:75:a8:73:ba:43:ff:51:31:86:38:5c:
63:19:f8:fb:03:a1:45:d2:db:bb:05:41:41:0b:a4:
40:3a:44:92:39:80:bf:56:07:cc:03:87:cd:d0:41:
22:83:f1:7d:d3:17:5b:84:47:50:21:8a:2d:34:f1:
e5:57:29:b2:32:15:b7:75:75:f5:28:f6:94:ec:00:
78:ed:90:3b:91:f0:fe:b8:0c:70:99:2b:9c:99:78:
5f:ef:86:f8:2f:e5:4e:f8:57:f9:1b:45:64:54:7c:
2d:7c:82:45:cf:8c:96:72:cb:9f:9e:ae:fa:25:aa:
8f:09:73:0f:7b:98:ad:5c:2e:e9:4d:90:62:08:97:
f7:0e:65:ad:96:a4:c8:46:49:de:fc:6c:8c:cd:7b:
0f:eb:75:5f:c2:0c:03:86:3f:6f:0a:71:c0:90:e2:
19:d3:df:57:e0:4f:a3:07:55:f0:fa:f5:f6:73:d7:
16:41:54:e2:09:02:51:ff:1e:51:6b:cf:df:d1:3c:
cd:e8:6d:79:d9:e8:ef:26:a4:1a:67:04:14:69:10:
78:46:56:03:05:9d:88:9c:77:e8:7a:ba:dc:19:79:
d0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BD:78:0D:1D:49:F6:EF:2D:A5:CF:05:9F:B6:F2:B4:9E:4F:D3:F3
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/3b14DR1J9u8tpc8Fn7bytJ5P0_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.216.0/24
IPv6:
2a03:69c0::/48
Signature Algorithm: sha256WithRSAEncryption
07:eb:7d:12:89:45:f5:86:50:51:2a:62:9d:5a:21:ff:25:d3:
ff:d0:71:2e:dc:56:95:3f:5b:e0:90:1f:34:95:ca:63:cf:67:
f8:bc:7e:4f:39:86:b4:0e:1f:72:bf:44:60:4d:af:8d:3f:3e:
02:23:ea:04:f2:55:9e:43:4c:46:a3:66:02:c9:31:c6:e0:c9:
df:dc:a4:da:5b:e8:98:89:89:40:80:95:59:87:ff:93:74:a4:
56:97:f1:b2:bf:d5:90:48:51:b2:45:2e:b0:a4:94:c5:d0:95:
22:4d:2d:4a:36:ae:74:5d:2c:b3:e8:3d:ad:12:7c:d3:38:b5:
5c:11:20:04:ba:ed:15:2f:28:66:31:b2:5d:74:05:57:ae:01:
3d:27:e5:b3:2b:f1:49:02:01:f5:4e:23:89:21:e3:40:42:8e:
96:cc:b2:78:16:6e:75:6e:47:9a:8a:b6:6c:70:95:7e:ca:59:
46:0d:8b:d3:52:d7:2f:ac:95:1b:6b:73:ca:43:4e:1b:ef:0b:
71:45:ba:d2:bb:ab:0d:9f:2b:ca:a2:11:0f:a1:5d:d3:11:3d:
91:64:c9:85:81:29:37:e3:c7:bf:9d:e6:34:c5:23:db:85:3e:
d1:1e:69:dd:3d:87:7c:68:b0:c2:1a:74:95:4e:e6:60:bf:d1:
bb:5a:4b:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJVRXzmwSQLOmimYAGrI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGJkNzgwZDFkNDlmNmVmMmRhNWNmMDU5ZmI2ZjJiNDllNGZkM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NMcK7jrGXNCoAdaXdTIB6GNOVmK
zzW4oQLSbB9BJMHudahzukP/UTGGOFxjGfj7A6FF0tu7BUFBC6RAOkSSOYC/VgfM
A4fN0EEig/F90xdbhEdQIYotNPHlVymyMhW3dXX1KPaU7AB47ZA7kfD+uAxwmSuc
mXhf74b4L+VO+Ff5G0VkVHwtfIJFz4yWcsufnq76JaqPCXMPe5itXC7pTZBiCJf3
DmWtlqTIRkne/GyMzXsP63VfwgwDhj9vCnHAkOIZ099X4E+jB1Xw+vX2c9cWQVTi
CQJR/x5Ra8/f0TzN6G152ejvJqQaZwQUaRB4RlYDBZ2InHfoerrcGXnQXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN29eA0dSfbvLaXPBZ+28rSeT9PzMB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvM2IxNERSMUo5dTh0cGM4Rm43Ynl0SjVQMF9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQvYMA8E
AgACMAkDBwAqA2nAAAAwDQYJKoZIhvcNAQELBQADggEBAAfrfRKJRfWGUFEqYp1a
If8l0//QcS7cVpU/W+CQHzSVymPPZ/i8fk85hrQOH3K/RGBNr40/PgIj6gTyVZ5D
TEajZgLJMcbgyd/cpNpb6JiJiUCAlVmH/5N0pFaX8bK/1ZBIUbJFLrCklMXQlSJN
LUo2rnRdLLPoPa0SfNM4tVwRIAS67RUvKGYxsl10BVeuAT0n5bMr8UkCAfVOI4kh
40BCjpbMsngWbnVuR5qKtmxwlX7KWUYNi9NS1y+slRtrc8pDThvvC3FFutK7qw2f
K8qiEQ+hXdMRPZFkyYWBKTfjx7+d5jTFI9uFPtEead09h3xosMIadJVO5mC/0bta
Swc=
-----END CERTIFICATE-----
Generated at Thu May 16 23:11:17 2024 by rpki-client on console-fra.rpki-client.org