Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/s3M_RuqpyBixiyG244Q87OqgxlE.roa
File: s3M_RuqpyBixiyG244Q87OqgxlE.roa (raw, json)
Hash identifier: NLehC2iwIsgbXq7aavGCMayjnTL0aHUHp0Hcs7+TYZA=
Subject key identifier: B3:73:3F:46:EA:A9:C8:18:B1:8B:21:B6:E3:84:3C:EC:EA:A0:C6:51
Certificate issuer: /CN=ba9efca86dea70d3ee90181678c8eb30e6916d1d
Certificate serial: 018CC8DE64C0CA897F454EF879DCF20C3438
Authority key identifier: BA:9E:FC:A8:6D:EA:70:D3:EE:90:18:16:78:C8:EB:30:E6:91:6D:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/s3M_RuqpyBixiyG244Q87OqgxlE.roa
Signing time: Tue 02 Jan 2024 06:31:07 +0000
ROA not before: Tue 02 Jan 2024 06:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56472
IP address blocks: 185.22.36.0/22 maxlen: 24
80.86.48.0/20 maxlen: 24
2a02:29a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:64:c0:ca:89:7f:45:4e:f8:79:dc:f2:0c:34:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9efca86dea70d3ee90181678c8eb30e6916d1d
Validity
Not Before: Jan 2 06:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3733f46eaa9c818b18b21b6e3843ceceaa0c651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:bf:13:bd:47:5c:a2:76:2a:ad:fb:77:44:2b:
13:ef:77:df:7a:26:08:28:b6:ab:e2:c6:23:a4:58:
07:df:66:62:c2:3c:a0:d9:a9:69:e7:38:58:9c:62:
49:0c:88:af:c5:0f:a9:af:55:7f:e7:9c:de:c8:8e:
d3:e1:f2:7f:8a:87:00:0e:63:dd:78:8e:46:aa:67:
da:aa:8b:24:14:7f:30:4b:56:6e:5f:ba:9f:6d:e1:
ef:5d:65:2a:33:1b:00:0c:52:99:21:30:75:d4:1a:
ff:cb:7e:18:1a:43:5b:d1:10:0e:9b:b5:02:40:5b:
f5:b3:a5:65:f4:7f:56:dc:51:2e:18:e2:dd:3a:de:
82:ef:c1:40:3c:54:95:09:f8:60:93:5d:ee:c3:62:
16:bb:2f:e5:af:9c:3b:cb:d7:29:bb:ed:6f:a4:96:
2b:88:2f:bb:0e:36:9a:8d:c6:44:30:60:d2:fb:0f:
25:db:c0:a8:e1:06:23:00:44:3c:d7:9a:6f:bf:51:
52:4b:63:48:ba:21:1e:7c:c3:25:1b:10:82:33:9d:
73:ec:eb:45:dd:d3:89:07:74:76:a5:10:08:66:c0:
8d:03:89:79:b9:63:84:fe:88:93:df:83:7e:5f:d2:
14:2f:6f:0e:08:8f:c0:6b:96:07:d5:c3:e4:51:76:
d8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:73:3F:46:EA:A9:C8:18:B1:8B:21:B6:E3:84:3C:EC:EA:A0:C6:51
X509v3 Authority Key Identifier:
keyid:BA:9E:FC:A8:6D:EA:70:D3:EE:90:18:16:78:C8:EB:30:E6:91:6D:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up78qG3qcNPukBgWeMjrMOaRbR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/s3M_RuqpyBixiyG244Q87OqgxlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/75b838-4ece-4998-8ad8-17d31dee8e12/1/up78qG3qcNPukBgWeMjrMOaRbR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.48.0/20
185.22.36.0/22
IPv6:
2a02:29a0::/32
Signature Algorithm: sha256WithRSAEncryption
54:f3:d1:3f:75:88:f5:57:47:6c:3d:6a:5f:68:48:d9:3a:fa:
88:5c:f6:57:a1:5f:c1:bb:ee:4c:90:9c:47:9f:29:e1:18:1f:
63:47:87:4f:1e:3b:5f:7a:10:1c:38:71:eb:98:7f:fe:af:14:
17:08:fd:97:ff:92:10:b5:f1:55:90:98:3a:1a:68:58:62:c6:
df:00:35:dc:1f:79:90:07:ed:c7:5d:5b:15:f2:9c:76:41:22:
c8:ab:70:69:df:a9:3d:d8:25:09:3e:15:9d:cd:39:db:65:59:
0c:24:e4:b9:05:ed:49:0a:6c:fa:0b:62:9c:ab:e6:f3:4f:e6:
97:fa:3b:18:06:82:92:53:7b:ee:2f:4e:1d:02:76:f2:4d:9b:
12:e6:52:70:a7:7c:2b:ce:25:ae:5c:78:bf:c8:15:b4:01:f1:
8e:4a:46:85:41:3a:11:41:68:62:57:9c:62:93:5f:ef:3f:54:
57:4a:0b:72:87:db:a5:e2:bc:fc:1e:83:63:9c:b0:31:c5:ac:
79:99:39:20:1f:bc:34:ab:e2:36:28:92:7a:ad:87:d6:3e:a0:
b2:8b:f5:ec:e9:be:70:bb:cb:0d:4d:21:fd:35:cb:2b:b3:5f:
27:12:63:85:43:a2:fa:54:23:90:a0:e0:a3:fa:33:e7:98:a2:
9a:f2:14:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3mTAyol/RU74edzyDDQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWVmY2E4NmRlYTcwZDNlZTkwMTgxNjc4YzhlYjMwZTY5
MTZkMWQwHhcNMjQwMTAyMDYzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzczM2Y0NmVhYTljODE4YjE4YjIxYjZlMzg0M2NlY2VhYTBjNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr8TvUdconYqrft3RCsT73ffeiYI
KLar4sYjpFgH32Ziwjyg2alp5zhYnGJJDIivxQ+pr1V/55zeyI7T4fJ/iocADmPd
eI5GqmfaqoskFH8wS1ZuX7qfbeHvXWUqMxsADFKZITB11Br/y34YGkNb0RAOm7UC
QFv1s6Vl9H9W3FEuGOLdOt6C78FAPFSVCfhgk13uw2IWuy/lr5w7y9cpu+1vpJYr
iC+7DjaajcZEMGDS+w8l28Co4QYjAEQ815pvv1FSS2NIuiEefMMlGxCCM51z7OtF
3dOJB3R2pRAIZsCNA4l5uWOE/oiT34N+X9IUL28OCI/Aa5YH1cPkUXbYewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLNzP0bqqcgYsYshtuOEPOzqoMZRMB8GA1UdIwQY
MBaAFLqe/Kht6nDT7pAYFnjI6zDmkW0dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXA3OHFHM3FjTlB1a0JnV2VNanJNT2FSYlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83NWI4MzgtNGVjZS00OTk4LThhZDgt
MTdkMzFkZWU4ZTEyLzEvczNNX1J1cXB5Qml4aXlHMjQ0UTg3T3FneGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83NWI4MzgtNGVjZS00OTk4LThhZDgtMTdkMzFkZWU4ZTEy
LzEvdXA3OHFHM3FjTlB1a0JnV2VNanJNT2FSYlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUFYwAwQC
uRYkMA0EAgACMAcDBQAqAimgMA0GCSqGSIb3DQEBCwUAA4IBAQBU89E/dYj1V0ds
PWpfaEjZOvqIXPZXoV/Bu+5MkJxHnynhGB9jR4dPHjtfehAcOHHrmH/+rxQXCP2X
/5IQtfFVkJg6GmhYYsbfADXcH3mQB+3HXVsV8px2QSLIq3Bp36k92CUJPhWdzTnb
ZVkMJOS5Be1JCmz6C2Kcq+bzT+aX+jsYBoKSU3vuL04dAnbyTZsS5lJwp3wrziWu
XHi/yBW0AfGOSkaFQToRQWhiV5xik1/vP1RXSgtyh9ul4rz8HoNjnLAxxax5mTkg
H7w0q+I2KJJ6rYfWPqCyi/Xs6b5wu8sNTSH9Ncsrs18nEmOFQ6L6VCOQoOCj+jPn
mKKa8hTp
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:43:23 2024 by rpki-client on console-fra.rpki-client.org