Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/3xIfnCHrRcenOb0dFHQxahWDMQE.roa
File: 3xIfnCHrRcenOb0dFHQxahWDMQE.roa (raw, json)
Hash identifier: Fj5sw7sjl2MF7gzupjeigTcsyWh7XOzvMuT0ctMMeI4=
Subject key identifier: DF:12:1F:9C:21:EB:45:C7:A7:39:BD:1D:14:74:31:6A:15:83:31:01
Certificate issuer: /CN=7d4d1c8790a913e832c733dff778dee79129700a
Certificate serial: 018CC26D0AC30820C2FF963AC27508B14DDD
Authority key identifier: 7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/3xIfnCHrRcenOb0dFHQxahWDMQE.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12337
IP address blocks: 188.92.112.0/21 maxlen: 24
194.31.2.0/24 maxlen: 24
213.183.0.0/19 maxlen: 24
213.95.0.0/16 maxlen: 24
213.155.64.0/19 maxlen: 24
194.59.179.0/24 maxlen: 24
192.109.102.0/24 maxlen: 24
89.250.128.0/20 maxlen: 24
62.128.0.0/19 maxlen: 24
185.227.12.0/22 maxlen: 24
2001:780::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0a:c3:08:20:c2:ff:96:3a:c2:75:08:b1:4d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d4d1c8790a913e832c733dff778dee79129700a
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df121f9c21eb45c7a739bd1d1474316a15833101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:87:40:0d:68:d4:42:66:77:b9:8a:ad:30:71:
19:d8:5c:aa:7e:fa:8f:bf:9b:8f:d1:c7:6c:75:8e:
9a:b2:61:61:27:b9:96:2c:6f:f9:91:16:61:69:de:
6e:7b:fb:32:fc:fb:a5:d9:6a:03:f2:76:63:b6:78:
3b:b8:cc:5e:7d:7f:f5:a4:d3:d0:26:c2:0e:ba:04:
f5:e8:2c:06:d4:05:ca:84:32:41:fc:f6:69:a5:29:
e1:49:02:e0:2a:e4:ff:f4:de:fe:f0:f6:6d:c5:85:
58:a5:1c:93:3f:c4:55:56:52:9c:b5:9f:b2:5b:20:
72:41:bc:59:56:61:4e:58:a1:82:f1:c9:01:2a:51:
4c:23:fa:11:0e:76:62:43:08:85:20:f9:49:92:a7:
9b:98:98:0c:34:9e:4b:85:02:95:39:7a:eb:9e:06:
26:1b:88:29:64:f1:34:1b:7e:0d:4b:9c:c0:1f:31:
22:e3:36:32:5d:1d:57:8c:fb:e6:2f:56:0c:07:5e:
3c:e0:76:cf:b6:da:6f:e6:96:c2:9d:17:fb:c4:fc:
d4:81:b7:31:d4:b7:81:32:68:27:de:9c:30:1d:55:
26:aa:09:a4:88:ca:05:7c:2d:e6:a9:bc:8f:3f:9d:
d9:d0:94:3d:82:18:b3:a9:64:cb:88:73:3d:b3:fe:
67:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:12:1F:9C:21:EB:45:C7:A7:39:BD:1D:14:74:31:6A:15:83:31:01
X509v3 Authority Key Identifier:
keyid:7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/3xIfnCHrRcenOb0dFHQxahWDMQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.0.0/19
89.250.128.0/20
185.227.12.0/22
188.92.112.0/21
192.109.102.0/24
194.31.2.0/24
194.59.179.0/24
213.95.0.0/16
213.155.64.0/19
213.183.0.0/19
IPv6:
2001:780::/32
Signature Algorithm: sha256WithRSAEncryption
40:39:3e:00:25:e8:e8:5d:98:33:f5:ee:08:ca:f4:d7:76:82:
90:30:b1:5d:69:e2:8c:04:57:87:75:4b:dc:55:86:c4:3a:40:
7a:e7:2e:54:8a:d2:6e:c1:77:a8:7a:4f:a7:84:34:58:1a:c1:
90:67:8e:b5:65:8c:92:59:50:26:d1:96:e1:3a:d3:e1:5a:34:
d6:48:55:9c:77:cb:85:80:c8:62:b9:50:7c:b5:e6:30:7c:63:
fa:43:d7:af:b8:7e:5d:d2:b7:d3:c5:96:6e:55:4a:0d:17:19:
47:68:6f:b7:a4:3f:51:d1:b6:2a:d6:02:31:fd:54:d5:5f:28:
9a:bd:62:b9:02:35:66:66:3c:ce:f1:ad:cd:5d:ac:3d:97:36:
5d:67:d4:0d:b1:b2:88:5a:2d:a2:0d:8d:ba:e3:f4:bd:dd:4f:
c6:cf:eb:2e:bc:c7:e2:65:34:5f:c8:ee:02:c7:73:4a:8f:7f:
2d:04:5e:7a:9a:38:63:ae:72:eb:d4:d2:03:86:4c:d9:38:e7:
c2:70:d1:17:09:94:32:88:d8:8e:5c:90:3e:ad:68:5f:7e:22:
3e:5e:76:cb:9b:22:88:bf:db:03:25:e5:78:30:b4:bd:d6:4a:
17:c5:b3:cb:90:13:89:ab:f8:2d:27:8e:5e:12:9f:14:87:d6:
1f:4b:a6:c3
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYzCbQrDCCDC/5Y6wnUIsU3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNGQxYzg3OTBhOTEzZTgzMmM3MzNkZmY3NzhkZWU3OTEy
OTcwMGEwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjEyMWY5YzIxZWI0NWM3YTczOWJkMWQxNDc0MzE2YTE1ODMzMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYdADWjUQmZ3uYqtMHEZ2FyqfvqP
v5uP0cdsdY6asmFhJ7mWLG/5kRZhad5ue/sy/Pul2WoD8nZjtng7uMxefX/1pNPQ
JsIOugT16CwG1AXKhDJB/PZppSnhSQLgKuT/9N7+8PZtxYVYpRyTP8RVVlKctZ+y
WyByQbxZVmFOWKGC8ckBKlFMI/oRDnZiQwiFIPlJkqebmJgMNJ5LhQKVOXrrngYm
G4gpZPE0G34NS5zAHzEi4zYyXR1XjPvmL1YMB1484HbPttpv5pbCnRf7xPzUgbcx
1LeBMmgn3pwwHVUmqgmkiMoFfC3mqbyPP53Z0JQ9ghizqWTLiHM9s/5nEQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFN8SH5wh60XHpzm9HRR0MWoVgzEBMB8GA1UdIwQY
MBaAFH1NHIeQqRPoMscz3/d43ueRKXAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlUwY2g1Q3BFLWd5eHpQZjkzamU1NUVwY0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xYzYxODAtOTk1MC00Y2U4LTgxMWUt
ZjhkNjYyYjk2ZGFiLzEvM3hJZm5DSHJSY2VuT2IwZEZIUXhhaFdETVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xYzYxODAtOTk1MC00Y2U4LTgxMWUtZjhkNjYyYjk2ZGFi
LzEvZlUwY2g1Q3BFLWd5eHpQZjkzamU1NUVwY0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBBBAIAATA7AwQFPoAAAwQE
WfqAAwQCueMMAwQDvFxwAwQAwG1mAwQAwh8CAwQAwjuzAwMA1V8DBAXVm0ADBAXV
twAwDQQCAAIwBwMFACABB4AwDQYJKoZIhvcNAQELBQADggEBAEA5PgAl6OhdmDP1
7gjK9Nd2gpAwsV1p4owEV4d1S9xVhsQ6QHrnLlSK0m7Bd6h6T6eENFgawZBnjrVl
jJJZUCbRluE60+FaNNZIVZx3y4WAyGK5UHy15jB8Y/pD16+4fl3St9PFlm5VSg0X
GUdob7ekP1HRtirWAjH9VNVfKJq9YrkCNWZmPM7xrc1drD2XNl1n1A2xsohaLaIN
jbrj9L3dT8bP6y68x+JlNF/I7gLHc0qPfy0EXnqaOGOucuvU0gOGTNk458Jw0RcJ
lDKI2I5ckD6taF9+Ij5edsubIoi/2wMl5XgwtL3WShfFs8uQE4mr+C0njl4SnxSH
1h9LpsM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:12:46 2024 by rpki-client on console-fra.rpki-client.org