Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/3BNCC6G8UKlPfD-EcgCOqjK8dfw.roa
File: 3BNCC6G8UKlPfD-EcgCOqjK8dfw.roa (raw, json)
Hash identifier: FnYucASH0faDas5zVmszZ9oYD2dtWt4x1IpKf5VnjYM=
Subject key identifier: DC:13:42:0B:A1:BC:50:A9:4F:7C:3F:84:72:00:8E:AA:32:BC:75:FC
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 018CC80156949BB441B58ACCDF04DAAFB6AF
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/3BNCC6G8UKlPfD-EcgCOqjK8dfw.roa
Signing time: Tue 02 Jan 2024 02:29:40 +0000
ROA not before: Tue 02 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3214
IP address blocks: 193.42.27.0/24 maxlen: 24
2a06:5040:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:56:94:9b:b4:41:b5:8a:cc:df:04:da:af:b6:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 2 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc13420ba1bc50a94f7c3f8472008eaa32bc75fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:25:f8:95:a6:88:a3:20:68:9c:40:48:60:2a:
cb:39:93:70:fe:aa:9f:20:0c:0f:db:84:5e:ad:7f:
af:97:35:db:08:93:e4:96:7e:b6:60:ce:fb:20:c3:
bf:4c:ff:2d:94:6a:6b:70:c0:6e:66:f7:dd:bc:34:
f5:bc:52:8a:e3:f0:47:09:c7:7a:de:ff:e8:4e:fd:
3a:8f:7f:a7:87:24:f7:07:d5:56:35:cd:30:b2:c3:
36:c8:50:32:10:79:64:e5:83:7a:cd:f2:08:3d:fe:
fc:43:89:01:fe:1f:67:d1:44:de:9d:71:2d:0c:1f:
da:e3:f3:bf:38:9b:fb:5c:04:a2:1c:ea:7b:88:88:
a1:ff:d5:78:f2:10:15:03:a9:54:fc:15:fa:e0:3b:
8e:0f:93:3f:42:6c:f4:ba:4f:67:93:d9:8c:ef:05:
e6:49:9d:46:45:ab:7b:2e:d6:5e:ec:3d:cb:1a:a2:
de:24:e4:e7:9a:2b:1e:e2:32:4d:22:98:40:1f:8d:
59:c2:fe:b1:64:99:d1:74:1a:95:53:f1:83:30:94:
99:71:16:09:ae:36:27:36:a4:00:3f:45:8b:64:0d:
33:55:60:dc:2c:a1:07:a7:6d:23:72:bc:0b:89:b4:
a3:b9:79:68:b4:74:cb:5d:1d:b8:6d:4b:65:b5:42:
da:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:13:42:0B:A1:BC:50:A9:4F:7C:3F:84:72:00:8E:AA:32:BC:75:FC
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/3BNCC6G8UKlPfD-EcgCOqjK8dfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.27.0/24
IPv6:
2a06:5040:6::/48
Signature Algorithm: sha256WithRSAEncryption
ad:8b:3b:75:3d:21:c6:05:0a:50:a9:41:76:90:e4:7e:45:e7:
fd:e3:9f:68:5b:c1:c6:af:85:a1:ce:4b:f7:64:d0:78:d6:e1:
b0:8f:0c:07:cf:ef:fc:11:8b:80:80:9b:cd:af:6b:49:5b:10:
5f:27:92:27:9e:10:26:aa:a3:ce:95:3b:d7:a3:ec:3e:22:76:
53:67:9e:e3:5a:c3:37:59:05:39:e1:3a:86:0b:83:11:36:19:
0d:e7:3b:a3:0a:71:16:86:92:d6:cd:22:3c:1d:72:7a:55:b0:
ad:02:74:eb:82:24:01:2b:9e:09:4c:d5:61:a5:bd:d9:a9:06:
dc:89:c7:91:f6:94:dd:4a:2a:13:26:4a:9a:33:bb:f7:d4:d7:
6f:a4:8e:61:8c:c6:5a:db:9f:7d:25:c0:09:77:33:7a:25:c9:
48:24:18:3f:dc:c7:ad:89:68:61:19:80:6a:fd:ff:7f:a7:5b:
ee:7d:86:d5:33:42:d1:5a:57:5d:a2:7d:b8:c5:48:3d:b4:ea:
ca:8b:1b:86:a2:c7:4c:c6:74:5e:cc:3f:50:00:25:bd:c7:8a:
e3:54:bf:86:77:1e:42:c8:40:ed:40:ca:c1:e9:50:38:01:fb:
f3:64:b5:fb:27:77:7c:a8:8a:be:2e:50:90:87:c5:b0:7e:11:
73:0e:90:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAVaUm7RBtYrM3wTar7avMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjQwMTAyMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzEzNDIwYmExYmM1MGE5NGY3YzNmODQ3MjAwOGVhYTMyYmM3NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+CX4laaIoyBonEBIYCrLOZNw/qqf
IAwP24RerX+vlzXbCJPkln62YM77IMO/TP8tlGprcMBuZvfdvDT1vFKK4/BHCcd6
3v/oTv06j3+nhyT3B9VWNc0wssM2yFAyEHlk5YN6zfIIPf78Q4kB/h9n0UTenXEt
DB/a4/O/OJv7XASiHOp7iIih/9V48hAVA6lU/BX64DuOD5M/Qmz0uk9nk9mM7wXm
SZ1GRat7LtZe7D3LGqLeJOTnmise4jJNIphAH41Zwv6xZJnRdBqVU/GDMJSZcRYJ
rjYnNqQAP0WLZA0zVWDcLKEHp20jcrwLibSjuXlotHTLXR24bUtltULa7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNwTQguhvFCpT3w/hHIAjqoyvHX8MB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvM0JOQ0M2RzhVS2xQZkQtRWNnQ09xaks4ZGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEtMGQ3YjU1MWY4Mjhj
LzEvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwSobMA8E
AgACMAkDBwAqBlBAAAYwDQYJKoZIhvcNAQELBQADggEBAK2LO3U9IcYFClCpQXaQ
5H5F5/3jn2hbwcavhaHOS/dk0HjW4bCPDAfP7/wRi4CAm82va0lbEF8nkieeECaq
o86VO9ej7D4idlNnnuNawzdZBTnhOoYLgxE2GQ3nO6MKcRaGktbNIjwdcnpVsK0C
dOuCJAErnglM1WGlvdmpBtyJx5H2lN1KKhMmSpozu/fU12+kjmGMxlrbn30lwAl3
M3olyUgkGD/cx62JaGEZgGr9/3+nW+59htUzQtFaV12ifbjFSD206sqLG4aix0zG
dF7MP1AAJb3HiuNUv4Z3HkLIQO1AysHpUDgB+/Nktfsnd3yoir4uUJCHxbB+EXMO
kGQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:09:05 2024 by rpki-client on console-ams.rpki-client.org