Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/3aZLc6I7mL_Pu8afIqGqcNSJGFw.roa
File: 3aZLc6I7mL_Pu8afIqGqcNSJGFw.roa (raw, json)
Hash identifier: 75Q8JXI7HpXsDaPzZbTIsHJyD/86M2c3B+TajOONOus=
Subject key identifier: DD:A6:4B:73:A2:3B:98:BF:CF:BB:C6:9F:22:A1:AA:70:D4:89:18:5C
Certificate issuer: /CN=93515f25986e4b572a78b109d995c9ddf5da1266
Certificate serial: 018CC7275BCCE75E9B5293A621C8D2ECCC2B
Authority key identifier: 93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/3aZLc6I7mL_Pu8afIqGqcNSJGFw.roa
Signing time: Mon 01 Jan 2024 22:31:34 +0000
ROA not before: Mon 01 Jan 2024 22:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60855
IP address blocks: 143.126.251.0/24 maxlen: 24
143.126.250.0/24 maxlen: 24
143.126.250.0/23 maxlen: 23
143.126.249.0/24 maxlen: 24
143.126.248.0/23 maxlen: 23
143.126.248.0/24 maxlen: 24
143.126.255.0/24 maxlen: 24
143.126.203.0/24 maxlen: 24
143.126.100.0/24 maxlen: 24
143.126.211.0/24 maxlen: 24
143.126.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.mft
rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5b:cc:e7:5e:9b:52:93:a6:21:c8:d2:ec:cc:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93515f25986e4b572a78b109d995c9ddf5da1266
Validity
Not Before: Jan 1 22:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dda64b73a23b98bfcfbbc69f22a1aa70d489185c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:61:11:07:f6:b9:d3:d8:dc:a3:9d:bc:93:d7:
75:21:cd:99:ac:4a:dd:56:88:e3:87:9c:76:f5:8c:
b9:4c:20:ad:8a:12:78:1f:c2:d4:1b:83:38:6f:90:
ab:7a:9f:92:00:89:a1:fe:b9:57:ec:2d:43:2b:f1:
7a:4b:14:c1:13:e3:a8:ca:46:0b:92:63:f4:7c:69:
b3:17:f6:5c:b6:23:b7:8d:24:40:a9:3e:dc:6c:2a:
84:14:d9:e1:bc:89:d4:37:fc:c3:e8:91:03:e5:75:
a2:a4:c8:56:cf:ea:e3:75:ff:97:13:a2:73:3c:1f:
af:94:fa:91:ad:3c:df:cd:f3:e2:6f:d8:d8:71:11:
95:bd:bb:7b:eb:3f:08:c2:51:d6:8d:13:eb:8a:b4:
3d:12:81:67:54:19:1d:30:82:76:25:de:69:41:4c:
5d:be:a1:65:d1:27:ba:6e:6b:14:24:09:ab:aa:5a:
fe:2a:ce:02:84:a2:1e:2e:c0:43:90:df:92:c3:da:
e9:35:a9:8b:45:d3:4c:d7:62:0e:83:04:4a:8a:4e:
75:c3:08:ff:00:c6:d8:d2:42:3d:1b:a1:58:94:d8:
0f:6d:a0:a8:7e:a8:51:ed:b7:c4:d8:a6:dc:3f:52:
a4:a2:e5:9a:da:cd:07:9e:38:84:f6:c8:e0:ed:7f:
24:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A6:4B:73:A2:3B:98:BF:CF:BB:C6:9F:22:A1:AA:70:D4:89:18:5C
X509v3 Authority Key Identifier:
keyid:93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/3aZLc6I7mL_Pu8afIqGqcNSJGFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.126.100.0/24
143.126.203.0/24
143.126.211.0/24
143.126.221.0/24
143.126.248.0/22
143.126.255.0/24
Signature Algorithm: sha256WithRSAEncryption
29:ff:7a:ee:4b:9a:d3:87:3b:51:56:b1:a4:eb:a7:53:df:ad:
f7:63:31:09:c6:9f:7b:55:ed:ed:62:31:35:b3:8c:6e:b6:1f:
fe:2c:5f:67:c0:46:11:f1:9d:49:aa:12:18:8a:a6:41:e4:61:
80:c7:cd:98:7f:27:19:17:34:7f:07:51:ba:30:a4:d2:83:ba:
ac:54:99:e5:01:2b:41:f0:d8:50:37:f4:e7:22:15:bd:eb:9c:
7d:c5:3c:f4:e8:5f:53:56:5b:52:a8:56:4e:6f:da:86:e9:ba:
22:23:b9:4e:a3:34:ad:70:f9:83:5c:72:e9:d9:c1:2d:24:4b:
c7:ff:29:ac:34:29:4e:db:21:e0:60:db:db:05:78:d2:b8:68:
7c:c6:b3:bd:28:3d:a2:a0:23:5a:92:33:c7:31:8d:4f:d5:81:
de:5e:d5:d8:42:9d:34:92:56:3b:2b:54:a6:04:5c:bd:45:d7:
d9:64:cd:35:9f:29:eb:8a:19:67:91:bd:9f:c4:08:e3:00:23:
3b:ee:7a:36:5e:8b:69:5f:b3:d5:6c:46:c5:f9:35:96:20:9a:
92:47:21:cf:d2:37:f8:ec:63:3c:cf:98:7e:89:8c:66:82:14:
a2:95:2e:81:5a:68:ae:26:2d:ea:05:63:ac:60:e7:ea:39:38:
aa:62:18:79
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHJ1vM516bUpOmIcjS7MwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTE1ZjI1OTg2ZTRiNTcyYTc4YjEwOWQ5OTVjOWRkZjVk
YTEyNjYwHhcNMjQwMTAxMjIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGE2NGI3M2EyM2I5OGJmY2ZiYmM2OWYyMmExYWE3MGQ0ODkxODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGERB/a509jco528k9d1Ic2ZrErd
Vojjh5x29Yy5TCCtihJ4H8LUG4M4b5Crep+SAImh/rlX7C1DK/F6SxTBE+OoykYL
kmP0fGmzF/ZctiO3jSRAqT7cbCqEFNnhvInUN/zD6JED5XWipMhWz+rjdf+XE6Jz
PB+vlPqRrTzfzfPib9jYcRGVvbt76z8IwlHWjRPrirQ9EoFnVBkdMIJ2Jd5pQUxd
vqFl0Se6bmsUJAmrqlr+Ks4ChKIeLsBDkN+Sw9rpNamLRdNM12IOgwRKik51wwj/
AMbY0kI9G6FYlNgPbaCofqhR7bfE2KbcP1KkouWa2s0HnjiE9sjg7X8kKwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN2mS3OiO5i/z7vGnyKhqnDUiRhcMB8GA1UdIwQY
MBaAFJNRXyWYbktXKnixCdmVyd312hJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2Yt
MTNkNTEzMjhhOWY3LzEvM2FaTGM2STdtTF9QdThhZklxR3FjTlNKR0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2YtMTNkNTEzMjhhOWY3
LzEvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAj35kAwQA
j37LAwQAj37TAwQAj37dAwQCj374AwQAj37/MA0GCSqGSIb3DQEBCwUAA4IBAQAp
/3ruS5rThztRVrGk66dT3633YzEJxp97Ve3tYjE1s4xuth/+LF9nwEYR8Z1JqhIY
iqZB5GGAx82YfycZFzR/B1G6MKTSg7qsVJnlAStB8NhQN/TnIhW965x9xTz06F9T
VltSqFZOb9qG6boiI7lOozStcPmDXHLp2cEtJEvH/ymsNClO2yHgYNvbBXjSuGh8
xrO9KD2ioCNakjPHMY1P1YHeXtXYQp00klY7K1SmBFy9RdfZZM01nynrihlnkb2f
xAjjACM77no2XotpX7PVbEbF+TWWIJqSRyHP0jf47GM8z5h+iYxmghSilS6BWmiu
Ji3qBWOsYOfqOTiqYhh5
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:48:46 2024 by rpki-client on console-fra.rpki-client.org