Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3l0wLg3btmTZjiPti7Ee6tkHeKw.roa
File: 3l0wLg3btmTZjiPti7Ee6tkHeKw.roa (raw, json)
Hash identifier: fORIsMM715wNL8x3Oh4x8X98xT57kJpmZlFZxVIAOI8=
Subject key identifier: DE:5D:30:2E:0D:DB:B6:64:D9:8E:23:ED:8B:B1:1E:EA:D9:07:78:AC
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018F135186BCDB97724C6C01344A9F42D41B
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3l0wLg3btmTZjiPti7Ee6tkHeKw.roa
Signing time: Thu 25 Apr 2024 03:34:21 +0000
ROA not before: Thu 25 Apr 2024 03:34:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51628
IP address blocks: 192.145.99.0/24 maxlen: 24
2a09:6280:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:13:51:86:bc:db:97:72:4c:6c:01:34:4a:9f:42:d4:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Apr 25 03:34:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de5d302e0ddbb664d98e23ed8bb11eead90778ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8a:0e:32:99:a8:e5:de:52:cc:7b:27:fd:1c:
69:c8:84:f3:c7:ba:6a:92:f8:49:b4:95:9c:24:aa:
c9:c2:7c:cf:93:a1:e4:11:ae:07:53:b7:f9:65:b4:
61:76:8a:f1:07:5e:31:e1:a7:eb:b6:d2:31:dc:fc:
db:37:2a:54:18:8b:ee:77:64:40:6f:01:a3:e7:6d:
97:75:c2:e6:85:5e:1e:72:fa:26:64:58:3d:1f:64:
4e:a4:fc:fa:d1:bf:95:6f:bf:aa:bc:d6:1c:24:64:
71:0b:8b:55:29:55:4d:98:f4:7d:dd:5f:9a:15:4f:
83:0d:9c:62:60:6e:62:58:24:69:7b:f8:e4:42:22:
c8:51:77:c7:5c:8c:0b:aa:7b:df:34:dd:cd:b6:42:
5d:8c:60:c6:fc:99:05:23:1f:c7:51:3b:0b:65:e5:
38:65:c7:f1:68:57:42:bf:7b:89:d1:01:bd:16:30:
d6:f0:9e:5e:94:64:96:53:83:bf:82:da:91:93:2d:
8f:f5:cb:e2:53:26:e3:cf:b3:50:21:23:5a:f2:a0:
2a:07:a4:d0:45:2a:06:3b:a9:eb:40:be:82:19:7f:
6f:42:b2:4b:92:c7:81:d0:8b:a8:42:fe:40:50:32:
92:6b:8b:2a:42:0c:6b:e4:47:b8:d3:84:7c:52:30:
cf:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5D:30:2E:0D:DB:B6:64:D9:8E:23:ED:8B:B1:1E:EA:D9:07:78:AC
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3l0wLg3btmTZjiPti7Ee6tkHeKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.99.0/24
IPv6:
2a09:6280:2::/48
Signature Algorithm: sha256WithRSAEncryption
3a:4c:f8:64:3c:11:da:57:39:0a:fd:dd:93:dc:ec:c8:89:79:
8f:a5:0f:f4:01:9a:50:c7:d7:37:7e:4f:67:75:5c:91:93:ae:
f6:07:d9:1b:6d:2b:24:e7:49:67:6d:33:62:24:8c:c6:1f:47:
44:fb:c3:21:aa:e4:65:23:a7:e1:ff:1f:03:d7:20:36:d4:84:
80:e4:b7:98:93:f9:45:2e:1a:cb:c8:0c:b1:c6:d2:85:14:95:
e1:ac:11:b8:58:6a:c9:02:d9:6e:90:b8:c9:c9:2a:ec:08:41:
ae:6f:63:d3:fb:42:e8:e5:f2:b4:1d:97:57:32:56:2b:5b:71:
ab:cd:42:fd:dc:45:b7:94:09:df:26:02:76:85:6f:f4:b8:a6:
16:ff:d3:1f:49:5f:2e:8b:4b:ee:45:77:b0:00:ab:6e:88:60:
c1:43:70:5a:da:29:d2:ae:e1:39:ab:1d:c7:1d:6d:32:b3:ca:
20:c6:0a:e3:94:d1:55:dd:cb:bf:2a:ff:db:4d:1f:67:c4:ed:
00:1d:2b:a5:4d:85:b7:56:31:3a:7b:8f:07:81:05:24:6c:e0:
1b:20:6d:64:18:9f:4d:ca:62:13:d4:ea:db:d3:b7:65:48:eb:
da:67:5f:64:9b:ad:b0:c6:fc:78:af:b8:f8:fb:62:80:15:4f:
02:6a:3b:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY8TUYa825dyTGwBNEqfQtQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNDI1MDMzNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTVkMzAyZTBkZGJiNjY0ZDk4ZTIzZWQ4YmIxMWVlYWQ5MDc3OGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnooOMpmo5d5SzHsn/RxpyITzx7pq
kvhJtJWcJKrJwnzPk6HkEa4HU7f5ZbRhdorxB14x4afrttIx3PzbNypUGIvud2RA
bwGj522XdcLmhV4ecvomZFg9H2ROpPz60b+Vb7+qvNYcJGRxC4tVKVVNmPR93V+a
FU+DDZxiYG5iWCRpe/jkQiLIUXfHXIwLqnvfNN3NtkJdjGDG/JkFIx/HUTsLZeU4
ZcfxaFdCv3uJ0QG9FjDW8J5elGSWU4O/gtqRky2P9cviUybjz7NQISNa8qAqB6TQ
RSoGO6nrQL6CGX9vQrJLkseB0IuoQv5AUDKSa4sqQgxr5Ee404R8UjDPxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN5dMC4N27Zk2Y4j7YuxHurZB3isMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvM2wwd0xnM2J0bVRaamlQdGk3RWU2dGtIZUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwJFjMA8E
AgACMAkDBwAqCWKAAAIwDQYJKoZIhvcNAQELBQADggEBADpM+GQ8EdpXOQr93ZPc
7MiJeY+lD/QBmlDH1zd+T2d1XJGTrvYH2RttKyTnSWdtM2IkjMYfR0T7wyGq5GUj
p+H/HwPXIDbUhIDkt5iT+UUuGsvIDLHG0oUUleGsEbhYaskC2W6QuMnJKuwIQa5v
Y9P7Qujl8rQdl1cyVitbcavNQv3cRbeUCd8mAnaFb/S4phb/0x9JXy6LS+5Fd7AA
q26IYMFDcFraKdKu4TmrHccdbTKzyiDGCuOU0VXdy78q/9tNH2fE7QAdK6VNhbdW
MTp7jweBBSRs4BsgbWQYn03KYhPU6tvTt2VI69pnX2SbrbDG/HivuPj7YoAVTwJq
O/4=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:03:46 2024 by rpki-client on console-ams.rpki-client.org