Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/36zk3_FjficgbMrly_-dCopHRsk.roa
File: 36zk3_FjficgbMrly_-dCopHRsk.roa (raw, json)
Hash identifier: gQCpNMFiFozbGuipFCs8IDMTIEcnXuha3YwfwbC2NYg=
Subject key identifier: DF:AC:E4:DF:F1:63:7E:27:20:6C:CA:E5:CB:FF:9D:0A:8A:47:46:C9
Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Certificate serial: 0190C565B1D336B514FDE93FAA022E604542
Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/36zk3_FjficgbMrly_-dCopHRsk.roa
Signing time: Thu 18 Jul 2024 10:31:34 +0000
ROA not before: Thu 18 Jul 2024 10:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.26.158.0/24 maxlen: 24
2a00:d0c0:1299::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:65:b1:d3:36:b5:14:fd:e9:3f:aa:02:2e:60:45:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120
Validity
Not Before: Jul 18 10:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dface4dff1637e27206ccae5cbff9d0a8a4746c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0b:40:82:d9:8c:53:4f:7e:d5:54:f9:37:42:
7e:e8:a5:7f:0c:1b:9d:dc:25:d3:1a:80:da:b8:69:
9e:22:00:5d:8b:d0:17:15:15:29:63:45:18:6e:f6:
d9:5d:a9:39:13:51:9a:d3:47:35:1e:9f:c2:b2:71:
95:bf:67:d1:8f:b2:98:ee:85:ca:39:46:9c:8a:ac:
25:fb:71:d6:fd:84:fc:1a:ee:81:e9:f4:a1:a3:2a:
30:61:a1:a1:ed:16:cf:83:6c:88:c5:50:e9:4a:6b:
d8:aa:43:7a:91:c9:d7:cf:67:e3:fa:f7:47:f4:05:
27:ab:b3:b5:bb:e2:b0:b7:db:3f:dd:f1:1e:39:46:
5e:62:9d:98:1e:52:7a:6f:4e:33:69:e8:5b:af:01:
c5:0c:ee:2c:73:8a:a5:43:03:dd:54:12:83:5c:89:
8f:9f:89:91:94:87:ec:29:c8:fc:44:fa:0c:0f:49:
0c:13:5c:79:23:e4:76:89:a3:38:fa:38:74:5f:8b:
31:23:63:d1:0c:75:84:00:a4:00:0e:b0:5d:27:3f:
6d:3a:e0:66:fd:1d:d1:5a:68:b0:2f:8d:1c:28:6f:
c1:a7:79:28:49:b0:4a:e0:4d:f2:b5:c3:8e:eb:3c:
c5:b8:e6:f7:94:26:72:c5:ee:c8:c0:69:f3:16:fb:
e2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:AC:E4:DF:F1:63:7E:27:20:6C:CA:E5:CB:FF:9D:0A:8A:47:46:C9
X509v3 Authority Key Identifier:
keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/36zk3_FjficgbMrly_-dCopHRsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.158.0/24
IPv6:
2a00:d0c0:1299::/48
Signature Algorithm: sha256WithRSAEncryption
7a:f2:88:3a:1e:3c:8d:cd:45:ec:41:a4:5b:25:f9:8e:b4:ae:
bc:80:64:4c:e5:c9:82:6b:87:26:53:5c:6f:33:da:ba:e0:75:
da:52:69:96:ee:8b:2f:19:de:f0:5e:81:e2:24:26:ec:8e:fb:
a2:85:ce:54:e9:55:3f:88:49:19:a2:ef:d2:3d:7a:6c:08:c0:
0f:de:ef:dc:75:b4:d9:ed:71:58:4a:f2:d9:16:d6:a3:ec:da:
5e:48:02:9a:68:5f:16:e7:8c:d9:ad:f4:5b:36:76:fe:9b:38:
cf:77:ae:b1:e1:e5:ff:e8:4c:02:e9:90:57:57:41:bf:fa:92:
cb:c6:9d:4a:f5:88:66:4b:b1:3e:e0:ec:58:97:38:7c:e7:57:
d9:4d:b8:f4:10:fd:7f:78:0f:c0:41:65:b5:bd:02:54:0c:85:
bb:35:27:59:f2:11:b3:1a:5a:57:00:19:9b:0e:9a:b8:e5:4f:
bd:a1:06:9e:3b:95:7c:1f:66:e8:d4:8f:f2:ac:52:b2:c6:13:
9b:52:b3:9f:52:ad:76:e1:5c:7d:03:f5:0b:45:88:30:77:b1:
e0:eb:23:db:ae:6e:85:e9:01:36:96:b9:ab:71:b2:29:e7:9f:
3d:7c:3d:a2:1b:32:4e:b4:37:be:69:2d:7f:83:9f:02:9b:c1:
9e:d3:42:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZDFZbHTNrUU/ek/qgIuYEVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy
NjExMjAwHhcNMjQwNzE4MTAzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmFjZTRkZmYxNjM3ZTI3MjA2Y2NhZTVjYmZmOWQwYThhNDc0NmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AtAgtmMU09+1VT5N0J+6KV/DBud
3CXTGoDauGmeIgBdi9AXFRUpY0UYbvbZXak5E1Ga00c1Hp/CsnGVv2fRj7KY7oXK
OUaciqwl+3HW/YT8Gu6B6fShoyowYaGh7RbPg2yIxVDpSmvYqkN6kcnXz2fj+vdH
9AUnq7O1u+Kwt9s/3fEeOUZeYp2YHlJ6b04zaehbrwHFDO4sc4qlQwPdVBKDXImP
n4mRlIfsKcj8RPoMD0kME1x5I+R2iaM4+jh0X4sxI2PRDHWEAKQADrBdJz9tOuBm
/R3RWmiwL40cKG/Bp3koSbBK4E3ytcOO6zzFuOb3lCZyxe7IwGnzFvvidQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN+s5N/xY34nIGzK5cv/nQqKR0bJMB8GA1UdIwQY
MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt
ZDA1Mzc0NWMyYWNjLzEvMzZ6azNfRmpmaWNnYk1ybHlfLWRDb3BIUnNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj
LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuRqeMA8E
AgACMAkDBwAqANDAEpkwDQYJKoZIhvcNAQELBQADggEBAHryiDoePI3NRexBpFsl
+Y60rryAZEzlyYJrhyZTXG8z2rrgddpSaZbuiy8Z3vBegeIkJuyO+6KFzlTpVT+I
SRmi79I9emwIwA/e79x1tNntcVhK8tkW1qPs2l5IAppoXxbnjNmt9Fs2dv6bOM93
rrHh5f/oTALpkFdXQb/6ksvGnUr1iGZLsT7g7FiXOHznV9lNuPQQ/X94D8BBZbW9
AlQMhbs1J1nyEbMaWlcAGZsOmrjlT72hBp47lXwfZujUj/KsUrLGE5tSs59SrXbh
XH0D9QtFiDB3seDrI9uuboXpATaWuatxsinnnz18PaIbMk60N75pLX+DnwKbwZ7T
Qls=
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:43:28 2024 by rpki-client on console-fra.rpki-client.org