Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/3s7MsfGK5OyABG3TzWTKspQElGw.roa
File: 3s7MsfGK5OyABG3TzWTKspQElGw.roa (raw, json)
Hash identifier: NMsR85se7aG7uCP45PcNw/80hhFxf3mHXMY3eQNyIYI=
Subject key identifier: DE:CE:CC:B1:F1:8A:E4:EC:80:04:6D:D3:CD:64:CA:B2:94:04:94:6C
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018CC94AB98CD30C525B603C09F2EDCCF375
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/3s7MsfGK5OyABG3TzWTKspQElGw.roa
Signing time: Tue 02 Jan 2024 08:29:26 +0000
ROA not before: Tue 02 Jan 2024 08:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212384
IP address blocks: 83.147.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:b9:8c:d3:0c:52:5b:60:3c:09:f2:ed:cc:f3:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jan 2 08:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dececcb1f18ae4ec80046dd3cd64cab29404946c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:34:7a:0d:68:94:62:8f:0a:64:bd:d9:58:8b:
7e:3e:eb:54:30:e8:d7:12:3c:e7:ce:1f:e7:4e:88:
f2:ab:83:86:78:c5:ba:39:f7:93:01:c2:9c:c9:ed:
03:e6:8d:50:95:ad:1b:f4:73:ae:d4:ea:da:9a:4c:
6d:60:9b:a3:c1:04:5f:61:cf:d5:43:cc:cf:ad:d8:
bb:2c:35:6f:3f:79:63:5e:41:52:8c:d7:27:fd:05:
57:b5:58:34:94:3e:05:32:39:80:e0:d3:07:cf:03:
7a:54:ca:b1:c2:73:0a:f5:a6:af:f9:58:67:cf:cf:
f7:e3:76:16:be:32:51:69:ac:0c:aa:89:c0:21:ac:
50:a1:83:4e:88:3a:0f:f0:83:9a:be:1c:26:a6:aa:
6d:96:96:44:89:64:a4:17:9b:db:31:a6:5d:60:ac:
3d:fc:da:53:e7:07:d2:75:19:4b:fd:b0:38:9c:69:
30:ae:c2:08:8b:0c:bb:cb:a4:c4:ea:a3:7e:76:0c:
37:16:27:6e:bd:81:f4:8e:08:fd:d4:31:e3:76:91:
cc:9a:1f:69:75:35:43:3b:f9:bb:14:d4:0a:ee:03:
43:e1:0c:14:0f:b9:19:79:20:da:38:72:c1:02:37:
85:c4:af:2f:76:a6:b9:8e:e9:d3:5f:9f:5e:c2:65:
20:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:CE:CC:B1:F1:8A:E4:EC:80:04:6D:D3:CD:64:CA:B2:94:04:94:6C
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/3s7MsfGK5OyABG3TzWTKspQElGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.24.0/24
Signature Algorithm: sha256WithRSAEncryption
29:58:44:19:f5:65:cf:56:13:5c:99:3f:e0:0b:c8:3f:ab:16:
f5:cc:74:65:7c:1d:f3:11:a6:6c:bb:a5:74:03:c1:54:72:7d:
a4:e3:1f:00:30:1d:08:f8:f5:f6:28:8b:4c:6a:0a:c2:a4:55:
82:27:d5:a9:36:a1:86:46:e3:1b:b9:28:e6:8f:1d:87:9d:c9:
b5:dc:2b:d3:93:57:af:0a:bb:e4:30:ac:d0:78:08:52:70:15:
f0:15:43:b9:1b:ba:6a:1c:97:3c:3b:79:a9:03:4b:22:92:ce:
35:f0:0d:a1:e8:0a:04:87:cf:f3:90:50:bc:df:e9:c2:b0:6b:
4e:29:15:57:71:11:af:9a:06:e3:1e:45:f1:e7:2d:92:fa:39:
8b:fa:27:12:3f:f8:9c:d4:16:87:65:ce:70:31:4e:32:16:82:
15:d0:45:a3:ff:bf:9d:27:7b:0d:0f:5d:df:f5:49:22:f5:3b:
38:e7:ec:52:ea:55:c2:b1:69:3d:3f:19:63:52:2f:03:e0:2b:
da:59:99:5e:f9:62:e0:24:e0:b6:8d:47:76:27:22:fc:8b:75:
f4:97:99:44:30:f2:2b:2e:62:d6:70:7a:9a:ff:f3:f8:b2:55:
3f:c2:f2:8f:1c:31:a0:27:2b:0c:38:bc:32:12:0d:86:93:76:
ad:14:48:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSrmM0wxSW2A8CfLtzPN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwMTAyMDgyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWNlY2NiMWYxOGFlNGVjODAwNDZkZDNjZDY0Y2FiMjk0MDQ5NDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzR6DWiUYo8KZL3ZWIt+PutUMOjX
Ejznzh/nTojyq4OGeMW6OfeTAcKcye0D5o1Qla0b9HOu1OramkxtYJujwQRfYc/V
Q8zPrdi7LDVvP3ljXkFSjNcn/QVXtVg0lD4FMjmA4NMHzwN6VMqxwnMK9aav+Vhn
z8/343YWvjJRaawMqonAIaxQoYNOiDoP8IOavhwmpqptlpZEiWSkF5vbMaZdYKw9
/NpT5wfSdRlL/bA4nGkwrsIIiwy7y6TE6qN+dgw3FiduvYH0jgj91DHjdpHMmh9p
dTVDO/m7FNQK7gND4QwUD7kZeSDaOHLBAjeFxK8vdqa5junTX59ewmUgRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7OzLHxiuTsgARt081kyrKUBJRsMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvM3M3TXNmR0s1T3lBQkczVHpXVEtzcFFFbEd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5MYMA0G
CSqGSIb3DQEBCwUAA4IBAQApWEQZ9WXPVhNcmT/gC8g/qxb1zHRlfB3zEaZsu6V0
A8FUcn2k4x8AMB0I+PX2KItMagrCpFWCJ9WpNqGGRuMbuSjmjx2Hncm13CvTk1ev
CrvkMKzQeAhScBXwFUO5G7pqHJc8O3mpA0siks418A2h6AoEh8/zkFC83+nCsGtO
KRVXcRGvmgbjHkXx5y2S+jmL+icSP/ic1BaHZc5wMU4yFoIV0EWj/7+dJ3sND13f
9Uki9Ts45+xS6lXCsWk9PxljUi8D4CvaWZle+WLgJOC2jUd2JyL8i3X0l5lEMPIr
LmLWcHqa//P4slU/wvKPHDGgJysMOLwyEg2Gk3atFEhh
-----END CERTIFICATE-----
Generated at Wed May 15 16:41:50 2024 by rpki-client on console-fra.rpki-client.org