Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/3Q-fRC3mcMCjO-XzNDaI8p6NXQY.roa
File: 3Q-fRC3mcMCjO-XzNDaI8p6NXQY.roa (raw, json)
Hash identifier: A2LrEGEFNDMylOdD3M9/KzlVIw+oUrv9pD8QraMoyIo=
Subject key identifier: DD:0F:9F:44:2D:E6:70:C0:A3:3B:E5:F3:34:36:88:F2:9E:8D:5D:06
Certificate issuer: /CN=01292e03a731796e1d7b148b1dd235d144352f5d
Certificate serial: 018CC5DC1A788164052DA2A6382983F0B513
Authority key identifier: 01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/3Q-fRC3mcMCjO-XzNDaI8p6NXQY.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210547
IP address blocks: 195.96.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/ASkuA6cxeW4dexSLHdI10UQ1L10.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/ASkuA6cxeW4dexSLHdI10UQ1L10.mft
rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1a:78:81:64:05:2d:a2:a6:38:29:83:f0:b5:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01292e03a731796e1d7b148b1dd235d144352f5d
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd0f9f442de670c0a33be5f3343688f29e8d5d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:95:da:5e:59:0b:73:91:87:70:b1:fd:3b:ba:
73:8c:ed:e8:2d:e2:4d:8e:66:e7:0e:86:8e:0f:1a:
35:ef:42:e6:7e:55:c2:60:41:e2:c7:ff:f8:fe:f7:
20:9a:d6:fd:c3:60:e0:7b:71:49:c4:d6:93:82:3a:
a8:22:c2:21:5f:48:3f:6a:b2:f4:f2:80:e3:ae:65:
67:47:78:a9:56:fb:2d:a4:9f:8a:8a:ea:81:28:ea:
85:b5:8f:49:1e:15:c3:e9:26:0c:f5:d2:b7:9e:af:
15:a6:32:9e:03:12:a4:96:fd:03:59:cb:24:39:4b:
80:fd:65:df:dc:c2:10:5e:01:e4:43:00:0e:8f:9e:
71:ef:11:4f:77:15:1a:52:1f:c0:1d:5d:cb:6c:18:
6f:07:cb:0f:d9:a0:b5:14:5d:a7:7d:8b:2d:f2:49:
d0:81:e6:21:6f:77:b4:51:19:2f:d7:18:10:93:23:
c3:cf:b2:0b:18:0f:a7:69:40:5e:96:10:49:ca:53:
65:89:ea:4a:7d:15:dd:bf:f4:e8:34:23:15:be:25:
81:f5:c9:eb:59:36:7a:21:a1:4e:69:b9:ad:af:3c:
f2:06:72:36:9d:af:f8:e6:a8:c5:0c:1f:48:49:9b:
4e:c3:f5:3c:38:8c:b5:1e:ce:a4:ce:23:46:a2:6d:
82:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:0F:9F:44:2D:E6:70:C0:A3:3B:E5:F3:34:36:88:F2:9E:8D:5D:06
X509v3 Authority Key Identifier:
keyid:01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/3Q-fRC3mcMCjO-XzNDaI8p6NXQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/ASkuA6cxeW4dexSLHdI10UQ1L10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.153.0/24
Signature Algorithm: sha256WithRSAEncryption
02:61:54:17:44:8f:52:4d:53:08:a3:26:59:c9:86:66:df:f9:
f3:55:3f:8c:cc:96:71:f9:dd:db:50:e9:21:4d:c0:f8:0b:6d:
c0:30:d3:57:86:b3:53:96:e3:0e:b2:e5:f8:e1:a5:6e:fe:f1:
00:c0:84:d2:f0:08:f4:ce:93:a6:5b:da:99:09:bf:90:3a:34:
a0:1a:7f:b2:fc:23:ed:9d:0e:d5:1f:92:6c:3e:65:42:e5:62:
7d:72:d1:4d:27:b2:47:5f:81:12:a8:65:f5:3b:b4:a3:6f:f8:
34:82:1f:04:dd:c6:97:5c:81:5c:41:d0:6b:28:77:79:17:da:
0e:46:cf:9d:23:f8:ad:74:49:1f:2f:3d:bb:8f:d8:52:38:a3:
28:ea:8a:eb:0d:b8:76:39:20:0d:1a:ad:42:23:fe:fe:46:ae:
4a:04:ac:0b:70:f4:29:88:06:0b:6f:59:27:34:59:01:bd:77:
21:7b:f7:fb:ec:d7:04:88:9b:9c:1a:a1:01:04:de:c9:eb:1d:
3a:d7:57:85:dd:4a:3b:01:e6:3b:26:43:b8:47:8e:a2:e7:dc:
c8:c3:df:3f:ed:ec:43:8f:95:34:94:ea:07:82:79:dd:f9:84:
cb:69:7c:9e:4a:9e:95:7b:f9:f6:9e:7d:7d:50:3e:9c:c7:a7:
06:4d:65:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Bp4gWQFLaKmOCmD8LUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMjkyZTAzYTczMTc5NmUxZDdiMTQ4YjFkZDIzNWQxNDQz
NTJmNWQwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDBmOWY0NDJkZTY3MGMwYTMzYmU1ZjMzNDM2ODhmMjllOGQ1ZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpXaXlkLc5GHcLH9O7pzjO3oLeJN
jmbnDoaODxo170LmflXCYEHix//4/vcgmtb9w2Dge3FJxNaTgjqoIsIhX0g/arL0
8oDjrmVnR3ipVvstpJ+KiuqBKOqFtY9JHhXD6SYM9dK3nq8VpjKeAxKklv0DWcsk
OUuA/WXf3MIQXgHkQwAOj55x7xFPdxUaUh/AHV3LbBhvB8sP2aC1FF2nfYst8knQ
geYhb3e0URkv1xgQkyPDz7ILGA+naUBelhBJylNliepKfRXdv/ToNCMVviWB9cnr
WTZ6IaFOabmtrzzyBnI2na/45qjFDB9ISZtOw/U8OIy1Hs6kziNGom2C5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0Pn0Qt5nDAozvl8zQ2iPKejV0GMB8GA1UdIwQY
MBaAFAEpLgOnMXluHXsUix3SNdFENS9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVNrdUE2Y3hlVzRkZXhTTEhkSTEwVVExTDEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zYWEwZjUtZWFlNS00OWEzLThlZTkt
MGRmN2RmNGQ1YjAxLzEvM1EtZlJDM21jTUNqTy1Yek5EYUk4cDZOWFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zYWEwZjUtZWFlNS00OWEzLThlZTktMGRmN2RmNGQ1YjAx
LzEvQVNrdUE2Y3hlVzRkZXhTTEhkSTEwVVExTDEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CZMA0G
CSqGSIb3DQEBCwUAA4IBAQACYVQXRI9STVMIoyZZyYZm3/nzVT+MzJZx+d3bUOkh
TcD4C23AMNNXhrNTluMOsuX44aVu/vEAwITS8Aj0zpOmW9qZCb+QOjSgGn+y/CPt
nQ7VH5JsPmVC5WJ9ctFNJ7JHX4ESqGX1O7Sjb/g0gh8E3caXXIFcQdBrKHd5F9oO
Rs+dI/itdEkfLz27j9hSOKMo6orrDbh2OSANGq1CI/7+Rq5KBKwLcPQpiAYLb1kn
NFkBvXche/f77NcEiJucGqEBBN7J6x0611eF3Uo7AeY7JkO4R46i59zIw98/7exD
j5U0lOoHgnnd+YTLaXyeSp6Ve/n2nn19UD6cx6cGTWV2
-----END CERTIFICATE-----
Generated at Tue Nov 26 10:19:46 2024 by rpki-client on console-ams.rpki-client.org