Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/3PPzyeFarFTeKFEORSejlb7bjIY.roa
File: 3PPzyeFarFTeKFEORSejlb7bjIY.roa (raw, json)
Hash identifier: gfOxQ5GGtiQAgd/JvZtpsO44Uu77Sv5zEKOdC6LjhEY=
Subject key identifier: DC:F3:F3:C9:E1:5A:AC:54:DE:28:51:0E:45:27:A3:95:BE:DB:8C:86
Certificate issuer: /CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Certificate serial: 019352FD43FECF2CA2B2EC2A6BDEB966DDE8
Authority key identifier: 7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/3PPzyeFarFTeKFEORSejlb7bjIY.roa
Signing time: Fri 22 Nov 2024 08:29:09 +0000
ROA not before: Fri 22 Nov 2024 08:29:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 5.42.199.0/24 maxlen: 24
5.253.63.0/24 maxlen: 24
45.129.78.0/24 maxlen: 24
79.133.180.0/24 maxlen: 24
89.191.234.0/24 maxlen: 24
176.119.141.0/24 maxlen: 24
194.113.153.0/24 maxlen: 24
194.147.215.0/24 maxlen: 24
195.226.194.0/24 maxlen: 24
195.245.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:52:fd:43:fe:cf:2c:a2:b2:ec:2a:6b:de:b9:66:dd:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Validity
Not Before: Nov 22 08:29:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcf3f3c9e15aac54de28510e4527a395bedb8c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0e:80:7d:3b:4b:ba:b6:30:1a:ef:e6:70:38:
02:24:9d:c7:e6:30:de:2c:3a:64:84:6b:14:23:2c:
ff:c9:df:bf:0d:56:61:03:0a:0e:d3:93:84:07:36:
9e:cb:ce:6e:c9:b2:fc:fd:de:f9:66:98:c2:f2:98:
9d:58:77:7e:8e:b0:ed:e5:ec:e4:e4:99:65:9d:c7:
c2:1a:70:b4:68:04:67:c5:e5:68:ab:03:98:1e:06:
e8:a3:99:2d:3e:e3:0c:52:e6:d0:da:e4:66:3f:c9:
f7:8c:9e:5e:61:39:87:25:d3:c6:ba:66:85:f9:71:
68:ca:62:85:6b:e7:c4:51:8f:3b:26:ab:a6:31:54:
46:da:d2:e3:b6:41:98:72:05:cf:68:1f:35:56:60:
51:d2:29:98:47:4d:75:69:1b:a7:96:ae:ba:3a:5e:
7f:d3:16:54:2c:9a:f6:f0:9f:b6:b8:bd:9b:9e:c8:
ba:9a:e5:35:86:51:c4:c4:79:fd:ec:75:38:58:4a:
6d:2b:9d:38:bb:78:fd:86:01:3b:b9:6b:8a:bc:c8:
21:00:e7:6a:91:54:86:96:34:d7:3f:34:7a:8b:e0:
5b:78:60:20:79:dc:d6:41:06:0a:9a:57:20:33:0f:
df:64:55:e7:5b:0e:b1:64:6e:c0:be:54:a4:b0:d3:
7a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F3:F3:C9:E1:5A:AC:54:DE:28:51:0E:45:27:A3:95:BE:DB:8C:86
X509v3 Authority Key Identifier:
keyid:7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/3PPzyeFarFTeKFEORSejlb7bjIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.199.0/24
5.253.63.0/24
45.129.78.0/24
79.133.180.0/24
89.191.234.0/24
176.119.141.0/24
194.113.153.0/24
194.147.215.0/24
195.226.194.0/24
195.245.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:bf:78:38:e4:b3:28:22:90:34:cf:8d:63:d5:7b:0a:80:84:
cc:a0:a6:e6:74:1b:5e:e9:7c:ed:f5:23:20:4f:f2:82:14:7e:
b6:22:ce:43:24:83:66:f0:60:65:ff:a7:ab:5e:b2:35:82:cd:
8f:7a:b5:38:15:b7:f5:ce:cc:06:4c:16:76:72:4a:c7:7d:05:
10:da:5d:d5:f6:e8:aa:15:0a:55:fb:20:f4:a2:74:f7:48:47:
95:89:58:8f:e8:90:a9:cd:12:31:8e:a7:f9:c5:e8:10:20:f5:
90:ca:cd:f6:d7:dd:75:81:5d:ef:e8:a3:b1:30:1e:4e:83:19:
a4:e4:1f:8b:93:fe:c9:20:0b:d7:f7:de:78:ca:eb:75:fd:e6:
0d:ba:1b:f0:23:ad:c9:65:ad:0a:92:dd:74:25:b2:26:7d:92:
4d:88:b2:f1:20:78:f3:75:ee:f1:27:11:e2:93:57:25:6c:84:
7f:a7:c2:1f:80:0d:f3:ab:fa:30:45:9c:3a:e0:e6:a5:10:fb:
4a:b0:3e:20:79:3f:c2:26:dc:c2:6a:eb:88:07:85:c3:0d:63:
98:f6:cd:a0:3f:50:16:ef:51:68:49:8d:74:ef:bd:2a:1a:e9:
d7:59:2c:45:dc:02:05:da:c0:b7:05:30:0f:9e:29:d0:2c:e0:
69:f7:b0:5d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZNS/UP+zyyisuwqa965Zt3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMmVhM2VjYWQ1YTQwMmI4ZmU1YTJhNjEzOGFmNjZhYWMy
NTdmZjkwHhcNMjQxMTIyMDgyOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2YzZjNjOWUxNWFhYzU0ZGUyODUxMGU0NTI3YTM5NWJlZGI4Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g6AfTtLurYwGu/mcDgCJJ3H5jDe
LDpkhGsUIyz/yd+/DVZhAwoO05OEBzaey85uybL8/d75ZpjC8pidWHd+jrDt5ezk
5JllncfCGnC0aARnxeVoqwOYHgboo5ktPuMMUubQ2uRmP8n3jJ5eYTmHJdPGumaF
+XFoymKFa+fEUY87JqumMVRG2tLjtkGYcgXPaB81VmBR0imYR011aRunlq66Ol5/
0xZULJr28J+2uL2bnsi6muU1hlHExHn97HU4WEptK504u3j9hgE7uWuKvMghAOdq
kVSGljTXPzR6i+BbeGAgedzWQQYKmlcgMw/fZFXnWw6xZG7AvlSksNN6PQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNzz88nhWqxU3ihRDkUno5W+24yGMB8GA1UdIwQY
MBaAFH0uo+ytWkArj+WiphOK9mqsJX/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgt
YjkxYjkyZDRkODAxLzEvM1BQenllRmFyRlRlS0ZFT1JTZWpsYjdiaklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgtYjkxYjkyZDRkODAx
LzEvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABSrHAwQA
Bf0/AwQALYFOAwQAT4W0AwQAWb/qAwQAsHeNAwQAwnGZAwQAwpPXAwQAw+LCAwQA
w/XvMA0GCSqGSIb3DQEBCwUAA4IBAQAvv3g45LMoIpA0z41j1XsKgITMoKbmdBte
6Xzt9SMgT/KCFH62Is5DJINm8GBl/6erXrI1gs2PerU4Fbf1zswGTBZ2ckrHfQUQ
2l3V9uiqFQpV+yD0onT3SEeViViP6JCpzRIxjqf5xegQIPWQys321911gV3v6KOx
MB5Ogxmk5B+Lk/7JIAvX9954yut1/eYNuhvwI63JZa0Kkt10JbImfZJNiLLxIHjz
de7xJxHik1clbIR/p8IfgA3zq/owRZw64OalEPtKsD4geT/CJtzCauuIB4XDDWOY
9s2gP1AW71FoSY10770qGunXWSxF3AIF2sC3BTAPninQLOBp97Bd
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:55 2024 by rpki-client on console-ams.rpki-client.org