Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/3AOG1zwfdk7xNrMQuVWOg-anv7k.roa
File: 3AOG1zwfdk7xNrMQuVWOg-anv7k.roa (raw, json)
Hash identifier: 4FVwD7ftCTUeA9u/JnRf9YrqIyv+XJyxT1aCMLhao3M=
Subject key identifier: DC:03:86:D7:3C:1F:76:4E:F1:36:B3:10:B9:55:8E:83:E6:A7:BF:B9
Certificate issuer: /CN=5b70f736a4b0524a476f6f1be2964ae99b64789f
Certificate serial: 018CC348CB7EB558650C687AD333771D87A1
Authority key identifier: 5B:70:F7:36:A4:B0:52:4A:47:6F:6F:1B:E2:96:4A:E9:9B:64:78:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/3AOG1zwfdk7xNrMQuVWOg-anv7k.roa
Signing time: Mon 01 Jan 2024 04:29:36 +0000
ROA not before: Mon 01 Jan 2024 04:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25310
IP address blocks: 83.146.0.0/18 maxlen: 18
87.74.0.0/15 maxlen: 15
212.158.192.0/18 maxlen: 18
84.9.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:cb:7e:b5:58:65:0c:68:7a:d3:33:77:1d:87:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b70f736a4b0524a476f6f1be2964ae99b64789f
Validity
Not Before: Jan 1 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc0386d73c1f764ef136b310b9558e83e6a7bfb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:dc:5f:12:d3:05:df:52:01:62:16:b4:ac:d5:
7e:1d:f3:d2:77:61:2f:fc:22:56:b3:29:ee:56:78:
c8:c8:e9:a6:5f:28:90:98:2e:ff:53:ec:69:4d:4c:
82:eb:03:71:fa:e3:19:ad:6f:ee:6d:db:30:62:fa:
be:10:3c:36:31:ba:b1:df:a0:51:7e:8f:93:6c:8e:
e5:5b:5b:28:6f:97:53:3f:95:d8:2e:98:e8:2b:f3:
5f:94:60:9c:d9:ba:d6:8e:76:dd:b6:20:3a:45:14:
90:6d:76:a9:5a:79:f8:f8:80:26:c4:97:7f:64:68:
7c:2b:77:7a:88:69:e7:93:76:11:dd:1c:a8:83:1e:
2f:e4:f2:bd:fb:e0:b4:dd:0b:17:bd:bf:3c:ae:ba:
35:51:ca:43:79:3c:59:2c:f6:ea:a2:b5:7a:db:f4:
a9:01:5f:8f:1c:2e:f1:a8:19:f6:c8:d2:d0:f3:8a:
e6:05:54:56:46:cf:c7:d1:ae:7c:d3:a9:ed:ea:08:
2f:29:15:32:19:a0:37:13:94:1b:bc:8f:43:f8:87:
c3:f4:be:3e:8e:68:17:b0:2e:a5:c9:ca:3c:38:b7:
55:fb:0b:4f:c5:43:9e:8a:73:b2:23:92:58:f2:8b:
04:31:f1:21:28:cf:ea:f9:21:aa:8e:7c:93:c2:12:
64:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:03:86:D7:3C:1F:76:4E:F1:36:B3:10:B9:55:8E:83:E6:A7:BF:B9
X509v3 Authority Key Identifier:
keyid:5B:70:F7:36:A4:B0:52:4A:47:6F:6F:1B:E2:96:4A:E9:9B:64:78:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/3AOG1zwfdk7xNrMQuVWOg-anv7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.146.0.0/18
84.9.0.0/16
87.74.0.0/15
212.158.192.0/18
Signature Algorithm: sha256WithRSAEncryption
2e:7e:a7:31:c8:88:5a:05:65:72:b0:ef:d1:3b:5a:ea:b1:be:
ec:f1:dd:1d:8c:d2:1d:2e:74:63:b8:c0:46:42:32:1f:10:a5:
57:73:49:5f:41:ac:6c:e2:a8:ed:9a:f6:a1:40:ea:a6:ea:a4:
ee:ec:cb:10:5b:06:e5:64:c9:2b:9b:7e:7a:b3:0a:6d:c5:12:
94:0b:29:1c:e7:bf:e9:c1:dc:67:39:17:50:65:c9:5c:15:77:
54:0b:e5:37:b7:50:02:5f:35:70:ef:16:55:40:c2:1a:08:0c:
e7:e6:1a:7a:5b:58:5f:7d:fb:b4:01:0f:01:82:88:96:3e:38:
04:7f:39:30:fc:d5:64:dc:fd:c9:e7:86:00:16:12:ef:14:f3:
78:31:97:9c:ce:0b:a5:74:d8:27:15:6a:6b:2a:4b:8a:5b:cf:
f9:c0:46:74:d1:69:72:13:a5:88:5e:ea:55:9f:56:13:f3:d9:
81:64:23:0b:17:22:d8:ab:6f:e1:74:70:10:49:df:56:23:ee:
2d:9b:98:f2:78:0d:e3:4e:8a:bd:65:43:8e:59:08:b8:93:f7:
20:a5:c8:25:8f:2f:fd:c3:ef:2e:ea:97:ba:28:1d:be:4b:e3:
63:9c:34:34:cc:10:e9:93:39:66:86:e7:30:cf:66:81:57:db:
0d:dc:57:56
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzDSMt+tVhlDGh60zN3HYehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNzBmNzM2YTRiMDUyNGE0NzZmNmYxYmUyOTY0YWU5OWI2
NDc4OWYwHhcNMjQwMTAxMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzAzODZkNzNjMWY3NjRlZjEzNmIzMTBiOTU1OGU4M2U2YTdiZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdxfEtMF31IBYha0rNV+HfPSd2Ev
/CJWsynuVnjIyOmmXyiQmC7/U+xpTUyC6wNx+uMZrW/ubdswYvq+EDw2Mbqx36BR
fo+TbI7lW1sob5dTP5XYLpjoK/NflGCc2brWjnbdtiA6RRSQbXapWnn4+IAmxJd/
ZGh8K3d6iGnnk3YR3Ryogx4v5PK9++C03QsXvb88rro1UcpDeTxZLPbqorV62/Sp
AV+PHC7xqBn2yNLQ84rmBVRWRs/H0a5806nt6ggvKRUyGaA3E5QbvI9D+IfD9L4+
jmgXsC6lyco8OLdV+wtPxUOeinOyI5JY8osEMfEhKM/q+SGqjnyTwhJk1wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNwDhtc8H3ZO8TazELlVjoPmp7+5MB8GA1UdIwQY
MBaAFFtw9zaksFJKR29vG+KWSumbZHifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzNEM05xU3dVa3BIYjI4YjRwWks2WnRrZUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YTM4NDYtODVkOS00ZDk0LTllYjAt
Mjk3ODRkN2I2OGEyLzEvM0FPRzF6d2Zkazd4TnJNUXVWV09nLWFudjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YTM4NDYtODVkOS00ZDk0LTllYjAtMjk3ODRkN2I2OGEy
LzEvVzNEM05xU3dVa3BIYjI4YjRwWks2WnRrZUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwQGU5IAAwMA
VAkDAwFXSgMEBtSewDANBgkqhkiG9w0BAQsFAAOCAQEALn6nMciIWgVlcrDv0Tta
6rG+7PHdHYzSHS50Y7jARkIyHxClV3NJX0GsbOKo7Zr2oUDqpuqk7uzLEFsG5WTJ
K5t+erMKbcUSlAspHOe/6cHcZzkXUGXJXBV3VAvlN7dQAl81cO8WVUDCGggM5+Ya
eltYX337tAEPAYKIlj44BH85MPzVZNz9yeeGABYS7xTzeDGXnM4LpXTYJxVqaypL
ilvP+cBGdNFpchOliF7qVZ9WE/PZgWQjCxci2Ktv4XRwEEnfViPuLZuY8ngN406K
vWVDjlkIuJP3IKXIJY8v/cPvLuqXuigdvkvjY5w0NMwQ6ZM5ZobnMM9mgVfbDdxX
Vg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:58:51 2024 by rpki-client on console-ams.rpki-client.org