Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/1e4a1c-b14c-46b5-87cc-5d14a0ff6dee/1/3JC0xZ-fAQOfkX7mUoi28iywB94.roa
File: 3JC0xZ-fAQOfkX7mUoi28iywB94.roa (raw, json)
Hash identifier: 2xeuuF88YyVA3XVkcalehOJuZ8U2CKb9lhzb0nlSTis=
Subject key identifier: DC:90:B4:C5:9F:9F:01:03:9F:91:7E:E6:52:88:B6:F2:2C:B0:07:DE
Certificate issuer: /CN=cc642b1f5dd73af7d3ad05487e086001dff9b2e7
Certificate serial: 0191037462AE9CB5E08430C40D82D3850A7B
Authority key identifier: CC:64:2B:1F:5D:D7:3A:F7:D3:AD:05:48:7E:08:60:01:DF:F9:B2:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zGQrH13XOvfTrQVIfghgAd_5suc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/1e4a1c-b14c-46b5-87cc-5d14a0ff6dee/1/3JC0xZ-fAQOfkX7mUoi28iywB94.roa
Signing time: Tue 30 Jul 2024 11:44:04 +0000
ROA not before: Tue 30 Jul 2024 11:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44557
IP address blocks: 91.214.148.0/24 maxlen: 24
91.214.149.0/24 maxlen: 24
91.214.150.0/24 maxlen: 24
91.214.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/1e4a1c-b14c-46b5-87cc-5d14a0ff6dee/1/zGQrH13XOvfTrQVIfghgAd_5suc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/1e4a1c-b14c-46b5-87cc-5d14a0ff6dee/1/zGQrH13XOvfTrQVIfghgAd_5suc.mft
rsync://rpki.ripe.net/repository/DEFAULT/zGQrH13XOvfTrQVIfghgAd_5suc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:74:62:ae:9c:b5:e0:84:30:c4:0d:82:d3:85:0a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc642b1f5dd73af7d3ad05487e086001dff9b2e7
Validity
Not Before: Jul 30 11:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc90b4c59f9f01039f917ee65288b6f22cb007de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:dd:74:81:37:05:d6:ed:4d:41:c4:75:82:d2:
f4:71:cf:f3:5d:90:ad:f1:7a:d9:7e:82:ac:7e:f7:
04:22:d8:7e:40:66:bd:9e:91:01:de:6d:b3:5f:2d:
2b:19:fa:2c:2c:b9:dc:d4:02:6d:f5:46:1f:74:85:
8a:53:19:2f:74:e6:b0:1b:4f:4a:db:b0:c8:3a:96:
6f:40:57:a9:df:61:ed:26:07:74:3a:2f:a5:91:51:
01:f5:67:57:26:cf:4e:ad:b3:2b:d5:fb:74:b7:34:
3c:6b:9e:6f:a6:c2:a8:c7:9a:ca:5e:0b:f0:fe:ce:
93:f4:b9:87:54:50:3e:77:05:5b:ba:53:37:62:ed:
97:b0:a2:6e:4e:93:5d:1c:63:1f:df:e8:b3:36:cb:
8e:25:23:a3:80:31:eb:d6:3b:b8:89:68:34:37:ae:
90:11:0a:8d:81:26:4e:1f:45:6b:7f:53:db:29:6a:
7e:35:7f:5f:84:9b:19:1f:14:0f:7e:55:9a:b3:05:
16:da:a8:18:19:24:f4:a5:72:77:47:69:ef:65:dc:
8c:d8:5c:fb:0a:03:15:e6:6b:5d:76:b5:d4:7c:c3:
c0:22:07:df:92:ca:ad:b7:85:2b:87:48:ba:5a:2c:
09:e0:df:6a:cb:db:75:59:0c:28:03:01:d7:b7:0a:
7e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:90:B4:C5:9F:9F:01:03:9F:91:7E:E6:52:88:B6:F2:2C:B0:07:DE
X509v3 Authority Key Identifier:
keyid:CC:64:2B:1F:5D:D7:3A:F7:D3:AD:05:48:7E:08:60:01:DF:F9:B2:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zGQrH13XOvfTrQVIfghgAd_5suc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/1e4a1c-b14c-46b5-87cc-5d14a0ff6dee/1/3JC0xZ-fAQOfkX7mUoi28iywB94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/1e4a1c-b14c-46b5-87cc-5d14a0ff6dee/1/zGQrH13XOvfTrQVIfghgAd_5suc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.148.0/22
Signature Algorithm: sha256WithRSAEncryption
16:7d:92:84:40:f4:11:fb:e3:db:30:2c:aa:a9:f9:a5:da:52:
a6:05:28:51:5a:cb:db:08:ea:3b:b7:94:84:c2:4f:ba:df:d1:
2c:b6:f8:e4:72:46:1b:a8:10:b4:bd:cd:3f:f6:b5:fb:5d:47:
c8:12:22:57:6c:b9:30:52:8d:a2:dd:30:f3:c1:ff:b8:14:6a:
52:b5:47:d9:b9:03:61:ba:1e:3c:f3:78:4f:4f:38:e0:e5:34:
7a:04:79:2f:e4:dc:50:1f:16:27:8a:a6:18:a9:eb:2b:8e:a3:
7a:4c:bc:c9:3b:92:48:bc:d6:a5:df:25:dd:40:55:32:f4:b9:
96:59:14:29:fc:ca:c1:e2:6c:7d:80:c9:ef:e7:c0:ac:34:78:
dc:d3:e0:30:5b:b7:cb:9b:34:61:e0:e4:f1:d6:94:f4:c6:06:
66:28:a3:dc:3f:d1:cf:a2:b9:de:af:d5:30:ae:c6:97:03:98:
39:55:fd:db:c1:9e:ea:44:1f:2a:ac:f4:0e:f0:97:74:10:65:
52:d0:6d:f6:60:2c:91:f6:34:07:82:99:1f:51:f4:d9:2c:f3:
aa:52:22:30:e7:4e:58:fb:40:03:8d:db:d5:ce:57:bb:95:4d:
51:b6:54:fc:07:5c:fb:b4:b5:b0:5d:6a:6d:ca:09:f1:5b:27:
69:cb:34:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEDdGKunLXghDDEDYLThQp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNjQyYjFmNWRkNzNhZjdkM2FkMDU0ODdlMDg2MDAxZGZm
OWIyZTcwHhcNMjQwNzMwMTE0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzkwYjRjNTlmOWYwMTAzOWY5MTdlZTY1Mjg4YjZmMjJjYjAwN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2N10gTcF1u1NQcR1gtL0cc/zXZCt
8XrZfoKsfvcEIth+QGa9npEB3m2zXy0rGfosLLnc1AJt9UYfdIWKUxkvdOawG09K
27DIOpZvQFep32HtJgd0Oi+lkVEB9WdXJs9OrbMr1ft0tzQ8a55vpsKox5rKXgvw
/s6T9LmHVFA+dwVbulM3Yu2XsKJuTpNdHGMf3+izNsuOJSOjgDHr1ju4iWg0N66Q
EQqNgSZOH0Vrf1PbKWp+NX9fhJsZHxQPflWaswUW2qgYGST0pXJ3R2nvZdyM2Fz7
CgMV5mtddrXUfMPAIgffksqtt4Urh0i6WiwJ4N9qy9t1WQwoAwHXtwp+FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyQtMWfnwEDn5F+5lKItvIssAfeMB8GA1UdIwQY
MBaAFMxkKx9d1zr3060FSH4IYAHf+bLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekdRckgxM1hPdmZUclFWSWZnaGdBZF81c3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8xZTRhMWMtYjE0Yy00NmI1LTg3Y2Mt
NWQxNGEwZmY2ZGVlLzEvM0pDMHhaLWZBUU9ma1g3bVVvaTI4aXl3Qjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8xZTRhMWMtYjE0Yy00NmI1LTg3Y2MtNWQxNGEwZmY2ZGVl
LzEvekdRckgxM1hPdmZUclFWSWZnaGdBZF81c3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9aUMA0G
CSqGSIb3DQEBCwUAA4IBAQAWfZKEQPQR++PbMCyqqfml2lKmBShRWsvbCOo7t5SE
wk+639EstvjkckYbqBC0vc0/9rX7XUfIEiJXbLkwUo2i3TDzwf+4FGpStUfZuQNh
uh4883hPTzjg5TR6BHkv5NxQHxYniqYYqesrjqN6TLzJO5JIvNal3yXdQFUy9LmW
WRQp/MrB4mx9gMnv58CsNHjc0+AwW7fLmzRh4OTx1pT0xgZmKKPcP9HPorner9Uw
rsaXA5g5Vf3bwZ7qRB8qrPQO8Jd0EGVS0G32YCyR9jQHgpkfUfTZLPOqUiIw505Y
+0ADjdvVzle7lU1RtlT8B1z7tLWwXWptygnxWydpyzRF
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:51:20 2024 by rpki-client on console-fra.rpki-client.org