Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3o0VHVCRwdZELdkW262JTdqqAAc.roa
File: 3o0VHVCRwdZELdkW262JTdqqAAc.roa (raw, json)
Hash identifier: ZSi29Pkv6sJM2FlNlnO/7xBBSHuW//+7tyHgRjD5dKc=
Subject key identifier: DE:8D:15:1D:50:91:C1:D6:44:2D:D9:16:DB:AD:89:4D:DA:AA:00:07
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB6A8CF22EF8A1D935E58DBD14910F
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3o0VHVCRwdZELdkW262JTdqqAAc.roa
Signing time: Mon 01 Jan 2024 02:30:08 +0000
ROA not before: Mon 01 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208626
IP address blocks: 185.39.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:6a:8c:f2:2e:f8:a1:d9:35:e5:8d:bd:14:91:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de8d151d5091c1d6442dd916dbad894ddaaa0007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ad:c6:19:78:37:6c:79:00:3f:fc:24:3f:31:
29:7b:05:71:fd:61:85:2d:fc:b9:1e:33:2e:ac:17:
4b:33:ac:da:a7:dc:7f:22:9c:61:5a:dd:aa:19:d1:
01:20:f7:44:f0:a1:40:41:9d:3e:10:61:7d:63:4f:
07:6b:ee:b4:ff:93:48:77:68:c9:99:bf:fd:fb:f2:
7e:a4:9b:05:07:a4:65:91:1b:c0:49:42:b7:4b:3c:
cc:8e:52:45:00:d9:1e:d1:6a:9f:df:7d:a6:88:ee:
55:dc:21:a4:6d:1b:a9:7c:d6:b6:69:45:36:ae:b0:
b2:d2:e4:1f:b0:fe:97:e6:ba:ee:cd:f6:ef:7a:53:
6c:ef:19:e0:0b:7f:b0:2c:09:1e:4c:09:5f:cd:07:
db:59:58:4a:b8:d7:21:a5:3e:e7:9a:14:8f:70:63:
a7:e2:fd:4e:3c:09:ea:2e:48:3f:28:12:51:ac:f1:
9f:94:c3:0f:b8:21:46:c1:b5:08:0f:e5:6a:ba:0c:
50:5d:40:e8:6b:d0:f0:06:95:a2:6b:c4:01:56:93:
98:3f:d2:fa:13:db:69:d4:4c:f2:81:44:8b:ec:6f:
11:d8:d9:59:69:fa:0c:2e:64:a2:02:03:d2:75:14:
e2:31:0f:5e:d3:ff:98:da:5b:11:4b:3f:57:dd:b4:
f1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8D:15:1D:50:91:C1:D6:44:2D:D9:16:DB:AD:89:4D:DA:AA:00:07
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3o0VHVCRwdZELdkW262JTdqqAAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.206.0/24
Signature Algorithm: sha256WithRSAEncryption
81:48:1e:c8:e1:1d:63:8a:e6:28:f3:02:46:8a:49:ee:dc:4e:
13:c7:19:90:47:87:b1:9a:61:a1:76:42:3f:c0:1a:78:be:fa:
8b:d1:d9:0c:12:00:7d:19:c8:74:43:a0:8b:99:84:b5:15:22:
72:ff:8c:41:4f:8f:4d:a3:05:a3:cb:50:0a:aa:9d:ef:3e:8a:
ea:9f:32:90:43:1f:fc:7a:06:cc:07:e1:18:bb:99:be:bd:2f:
0c:59:c2:4b:cf:2a:66:7a:d2:b8:85:bb:a7:a9:86:c6:b6:62:
b5:8b:c9:db:d4:fe:30:b1:b8:ac:5c:13:ba:95:fb:df:e7:2b:
e3:ae:78:14:cf:c9:4b:b0:bb:c4:53:50:9d:f3:99:6a:ba:21:
fc:4a:12:a5:87:76:9c:8c:84:c6:e6:d3:26:cb:5d:96:4e:80:
ed:da:0f:22:f3:2a:15:ec:85:f1:16:70:67:a8:9c:9f:65:6c:
6d:17:3f:8f:2f:ce:15:ed:b7:c6:45:55:52:ac:2c:6e:40:55:
c8:1f:c8:e8:14:59:93:9a:da:1a:7a:98:ac:72:3b:97:c2:18:
bf:0e:dd:a7:78:dd:9e:e7:1f:ac:c1:34:c1:87:f6:f8:46:46:
41:cd:d5:9c:6e:79:7c:05:f6:97:a5:11:10:34:3e:bd:0c:44:
a0:ad:53:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22qM8i74odk15Y29FJEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThkMTUxZDUwOTFjMWQ2NDQyZGQ5MTZkYmFkODk0ZGRhYWEwMDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAha3GGXg3bHkAP/wkPzEpewVx/WGF
Lfy5HjMurBdLM6zap9x/IpxhWt2qGdEBIPdE8KFAQZ0+EGF9Y08Ha+60/5NId2jJ
mb/9+/J+pJsFB6RlkRvASUK3SzzMjlJFANke0Wqf332miO5V3CGkbRupfNa2aUU2
rrCy0uQfsP6X5rruzfbvelNs7xngC3+wLAkeTAlfzQfbWVhKuNchpT7nmhSPcGOn
4v1OPAnqLkg/KBJRrPGflMMPuCFGwbUID+VqugxQXUDoa9DwBpWia8QBVpOYP9L6
E9tp1EzygUSL7G8R2NlZafoMLmSiAgPSdRTiMQ9e0/+Y2lsRSz9X3bTxWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6NFR1QkcHWRC3ZFtutiU3aqgAHMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvM28wVkhWQ1J3ZFpFTGRrVzI2MkpUZHFxQUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSfOMA0G
CSqGSIb3DQEBCwUAA4IBAQCBSB7I4R1jiuYo8wJGiknu3E4TxxmQR4exmmGhdkI/
wBp4vvqL0dkMEgB9Gch0Q6CLmYS1FSJy/4xBT49NowWjy1AKqp3vPorqnzKQQx/8
egbMB+EYu5m+vS8MWcJLzypmetK4hbunqYbGtmK1i8nb1P4wsbisXBO6lfvf5yvj
rngUz8lLsLvEU1Cd85lquiH8ShKlh3acjITG5tMmy12WToDt2g8i8yoV7IXxFnBn
qJyfZWxtFz+PL84V7bfGRVVSrCxuQFXIH8joFFmTmtoaepiscjuXwhi/Dt2neN2e
5x+swTTBh/b4RkZBzdWcbnl8BfaXpREQND69DESgrVOz
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:31:27 2024 by rpki-client on console-ams.rpki-client.org