Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/PsAR0eJYZRoDuSY6wKdS06GWVjw.roa
File: PsAR0eJYZRoDuSY6wKdS06GWVjw.roa (raw, json)
Hash identifier: vp2l0iXrZ9pora5Ba9R478et6j5GrCUJwiKjjUbFGlc=
Subject key identifier: 3E:C0:11:D1:E2:58:65:1A:03:B9:26:3A:C0:A7:52:D3:A1:96:56:3C
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 018D1C0DA0E7980248968CC02264BD8BA650
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/PsAR0eJYZRoDuSY6wKdS06GWVjw.roa
Signing time: Thu 18 Jan 2024 10:11:11 +0000
ROA not before: Thu 18 Jan 2024 10:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 93.187.32.0/24 maxlen: 24
93.187.36.0/24 maxlen: 24
185.52.116.0/24 maxlen: 24
185.52.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:0d:a0:e7:98:02:48:96:8c:c0:22:64:bd:8b:a6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Jan 18 10:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ec011d1e258651a03b9263ac0a752d3a196563c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:33:fb:92:c8:75:e3:00:9c:9c:7f:f1:88:ff:
dc:77:05:89:ff:9d:07:e7:8b:56:91:0d:a2:83:1a:
ee:5b:43:71:6e:23:10:5e:cf:ed:33:ad:d1:7a:08:
ce:e7:7b:8b:65:e4:41:56:f5:38:5f:3f:ec:bb:97:
ff:ff:06:0d:3a:2e:6e:cc:48:02:1f:7e:b6:72:49:
ad:22:80:d4:95:78:9e:f9:17:e8:fd:c9:29:1b:a3:
90:5c:48:cf:04:dd:31:f0:ac:85:8b:14:b0:de:83:
0e:b8:73:4c:97:2c:9e:c9:12:9c:cf:49:3c:73:aa:
93:50:a4:09:51:b2:86:51:e6:bf:41:ad:8f:a0:e7:
b4:cf:01:a4:24:c4:11:d8:3d:17:f8:9a:53:c9:99:
e0:e6:00:76:58:11:20:16:0f:44:5d:64:3e:c1:57:
29:cc:cf:d7:32:3a:23:b8:0e:03:c8:21:e6:a8:e8:
5f:0d:b5:f7:81:14:ed:00:38:c2:67:f5:93:a4:ed:
38:86:fd:c8:6a:6d:e7:79:db:7e:81:80:0b:62:b2:
9e:5b:3b:22:de:c1:1e:2d:9c:cd:d8:f7:2d:50:5d:
34:e3:fe:64:56:f0:83:2b:38:6a:2c:89:03:97:16:
b8:ae:d2:89:77:bd:de:89:df:5a:0e:a2:fc:cc:fc:
47:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C0:11:D1:E2:58:65:1A:03:B9:26:3A:C0:A7:52:D3:A1:96:56:3C
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/PsAR0eJYZRoDuSY6wKdS06GWVjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.32.0/24
93.187.36.0/24
185.52.116.0/24
185.52.118.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b6:b7:24:38:35:39:b6:2e:7c:41:b5:6f:03:f8:ea:ef:59:
a6:80:0e:cd:d7:5e:6b:ba:ed:8c:07:f2:00:e7:7e:56:d2:7d:
9b:76:e0:a5:e1:af:2d:97:f7:01:a0:f0:f2:e5:29:7b:82:32:
2f:61:c4:b1:9d:aa:9d:2d:dc:1a:09:49:b2:95:3d:41:0b:0f:
43:df:b1:44:ab:18:75:35:b5:83:64:83:4d:34:1a:64:37:f6:
a7:18:1c:b9:18:7d:23:e8:51:7f:e4:31:21:26:cc:85:c8:fb:
1b:43:80:d4:f7:95:31:24:57:61:c0:a3:1c:04:87:03:cb:87:
83:71:31:12:fa:c5:8b:68:7e:39:89:4e:db:4f:05:1d:c7:78:
fc:e6:55:db:25:eb:14:82:1a:db:c4:16:7d:67:09:78:28:9f:
34:9b:9a:4d:89:c3:ec:00:f9:d4:4f:ad:45:4d:44:69:66:b0:
54:8b:8f:2e:ac:f0:0f:50:45:58:a7:8f:fa:96:4e:03:20:99:
fb:71:ed:45:5b:fd:dc:b1:16:82:0a:50:04:90:88:3d:18:07:
18:f4:7b:0d:01:c9:09:e4:e4:6e:7f:27:64:1a:44:b8:fd:37:
c2:ff:a3:ef:bd:26:04:7d:a3:23:77:f8:1b:ad:4c:81:9f:31:
63:da:92:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0cDaDnmAJIlozAImS9i6ZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjQwMTE4MTAxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWMwMTFkMWUyNTg2NTFhMDNiOTI2M2FjMGE3NTJkM2ExOTY1NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjP7ksh14wCcnH/xiP/cdwWJ/50H
54tWkQ2igxruW0NxbiMQXs/tM63RegjO53uLZeRBVvU4Xz/su5f//wYNOi5uzEgC
H362ckmtIoDUlXie+Rfo/ckpG6OQXEjPBN0x8KyFixSw3oMOuHNMlyyeyRKcz0k8
c6qTUKQJUbKGUea/Qa2PoOe0zwGkJMQR2D0X+JpTyZng5gB2WBEgFg9EXWQ+wVcp
zM/XMjojuA4DyCHmqOhfDbX3gRTtADjCZ/WTpO04hv3Iam3nedt+gYALYrKeWzsi
3sEeLZzN2PctUF004/5kVvCDKzhqLIkDlxa4rtKJd73eid9aDqL8zPxHYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD7AEdHiWGUaA7kmOsCnUtOhllY8MB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvUHNBUjBlSllaUm9EdVNZNndLZFMwNkdXVmp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXbsgAwQA
XbskAwQAuTR0AwQAuTR2MA0GCSqGSIb3DQEBCwUAA4IBAQATtrckODU5ti58QbVv
A/jq71mmgA7N115ruu2MB/IA535W0n2bduCl4a8tl/cBoPDy5Sl7gjIvYcSxnaqd
LdwaCUmylT1BCw9D37FEqxh1NbWDZINNNBpkN/anGBy5GH0j6FF/5DEhJsyFyPsb
Q4DU95UxJFdhwKMcBIcDy4eDcTES+sWLaH45iU7bTwUdx3j85lXbJesUghrbxBZ9
Zwl4KJ80m5pNicPsAPnUT61FTURpZrBUi48urPAPUEVYp4/6lk4DIJn7ce1FW/3c
sRaCClAEkIg9GAcY9HsNAckJ5ORufydkGkS4/TfC/6PvvSYEfaMjd/gbrUyBnzFj
2pJd
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:33:08 2024 by rpki-client on console-ams.rpki-client.org