Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/3MkDY0aFxj7VhO51KvSTxi2ni0U.roa
File: 3MkDY0aFxj7VhO51KvSTxi2ni0U.roa (raw, json)
Hash identifier: rUydzb5hrO0MZtleoC6a3fJHZqvyiy/SgymoAi4FdNk=
Subject key identifier: DC:C9:03:63:46:85:C6:3E:D5:84:EE:75:2A:F4:93:C6:2D:A7:8B:45
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 018CC94CAB192501EC874FBEB082A62914C6
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/3MkDY0aFxj7VhO51KvSTxi2ni0U.roa
Signing time: Tue 02 Jan 2024 08:31:34 +0000
ROA not before: Tue 02 Jan 2024 08:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21013
IP address blocks: 80.243.160.0/20 maxlen: 20
85.31.0.0/19 maxlen: 19
185.91.80.0/22 maxlen: 22
212.52.192.0/19 maxlen: 19
2a02:940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 11:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:ab:19:25:01:ec:87:4f:be:b0:82:a6:29:14:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Jan 2 08:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcc903634685c63ed584ee752af493c62da78b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4a:6b:fe:1a:ae:05:da:41:8d:78:97:95:cc:
f0:98:dd:ac:c4:c0:80:d2:eb:2c:70:bf:6d:d4:b9:
82:d7:34:76:14:71:2a:f9:6d:ff:c1:a7:a2:b8:1c:
d1:4a:bc:16:ca:b8:c2:ae:e2:5f:27:17:02:1b:33:
6d:f8:54:1c:03:43:48:02:09:7e:1b:9d:81:1e:1d:
aa:47:5f:a0:28:ee:74:dd:e4:85:a0:ae:01:9b:ad:
2e:e0:35:b7:3f:c9:e3:d7:46:12:4c:51:ca:38:1b:
1a:a9:e8:0d:1d:03:ab:01:94:33:8d:92:44:3b:03:
b9:19:94:bf:e6:83:5e:29:b0:16:06:48:d9:e4:c4:
54:f4:d5:de:7a:d2:c9:c4:40:d1:6e:4f:63:d6:fb:
c8:1c:f9:04:99:06:ef:28:b7:74:f8:e2:84:ec:21:
33:01:df:cd:d0:07:df:d5:15:42:bf:64:e8:d2:54:
ba:e5:b6:8d:10:01:a9:41:c1:aa:99:dd:42:3e:75:
a4:6d:7d:74:43:d4:36:69:6f:dd:2a:c7:20:0b:40:
dc:43:ed:1a:e4:c6:cd:80:0c:a8:72:63:a2:4d:c3:
82:f1:f9:73:fa:f2:2b:52:bf:ea:7c:20:74:af:d8:
1c:4c:e2:ae:39:a0:ef:a2:16:71:b0:78:e2:f9:7b:
2c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C9:03:63:46:85:C6:3E:D5:84:EE:75:2A:F4:93:C6:2D:A7:8B:45
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/3MkDY0aFxj7VhO51KvSTxi2ni0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.160.0/20
85.31.0.0/19
185.91.80.0/22
212.52.192.0/19
IPv6:
2a02:940::/32
Signature Algorithm: sha256WithRSAEncryption
57:29:24:fa:52:2a:e9:f9:80:0a:33:3e:77:1c:ba:d4:7b:3c:
c9:85:56:a0:61:62:f9:72:09:5f:32:19:ca:e5:21:96:64:8f:
ab:df:4e:6a:71:00:0b:f7:ab:c5:31:5e:ab:55:53:cf:99:a6:
fe:b7:ff:d5:9c:c2:62:41:00:10:a4:74:e4:b0:35:6a:18:00:
57:2c:3e:39:35:2b:19:ce:bc:3f:85:3e:25:02:bc:ba:e3:e3:
2a:b9:36:8e:81:d8:ae:13:1c:24:e8:c3:90:7d:5e:35:51:85:
68:1b:59:c1:2c:c7:74:ec:d7:43:d2:96:14:2e:32:d4:98:9f:
4b:16:77:57:99:2b:d6:d0:30:e2:75:23:d8:69:7c:66:46:14:
b7:e4:7f:89:c3:be:20:cc:ff:96:05:c0:1c:b3:24:a6:7e:81:
ae:dd:4c:2a:20:a0:04:17:12:be:fd:88:1e:f1:f9:04:e3:7e:
cf:ac:3b:ed:c5:3b:e7:44:5e:f8:c9:0d:f6:9f:d5:4e:0a:84:
26:2e:1d:f4:73:51:6f:7c:a7:7e:5f:9b:57:d9:c8:52:91:c4:
42:12:52:d4:76:90:94:3f:00:26:eb:b9:b9:73:24:4a:31:1a:
65:d6:22:10:a5:80:b3:58:05:f2:7f:ff:1d:a7:64:1a:c6:60:
4c:8c:73:92
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJTKsZJQHsh0++sIKmKRTGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjQwMTAyMDgzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2M5MDM2MzQ2ODVjNjNlZDU4NGVlNzUyYWY0OTNjNjJkYTc4YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0pr/hquBdpBjXiXlczwmN2sxMCA
0usscL9t1LmC1zR2FHEq+W3/waeiuBzRSrwWyrjCruJfJxcCGzNt+FQcA0NIAgl+
G52BHh2qR1+gKO503eSFoK4Bm60u4DW3P8nj10YSTFHKOBsaqegNHQOrAZQzjZJE
OwO5GZS/5oNeKbAWBkjZ5MRU9NXeetLJxEDRbk9j1vvIHPkEmQbvKLd0+OKE7CEz
Ad/N0Aff1RVCv2To0lS65baNEAGpQcGqmd1CPnWkbX10Q9Q2aW/dKscgC0DcQ+0a
5MbNgAyocmOiTcOC8flz+vIrUr/qfCB0r9gcTOKuOaDvohZxsHji+XssiwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNzJA2NGhcY+1YTudSr0k8Ytp4tFMB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvM01rRFkwYUZ4ajdWaE81MUt2U1R4aTJuaTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPOgAwQF
VR8AAwQCuVtQAwQF1DTAMA0EAgACMAcDBQAqAglAMA0GCSqGSIb3DQEBCwUAA4IB
AQBXKST6Uirp+YAKMz53HLrUezzJhVagYWL5cglfMhnK5SGWZI+r305qcQAL96vF
MV6rVVPPmab+t//VnMJiQQAQpHTksDVqGABXLD45NSsZzrw/hT4lAry64+MquTaO
gdiuExwk6MOQfV41UYVoG1nBLMd07NdD0pYULjLUmJ9LFndXmSvW0DDidSPYaXxm
RhS35H+Jw74gzP+WBcAcsySmfoGu3UwqIKAEFxK+/Yge8fkE437PrDvtxTvnRF74
yQ32n9VOCoQmLh30c1FvfKd+X5tX2chSkcRCElLUdpCUPwAm67m5cyRKMRpl1iIQ
pYCzWAXyf/8dp2QaxmBMjHOS
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:57:10 2024 by rpki-client on console-ams.rpki-client.org