Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/j9BS6TSn4ZaJS5O8vf-fysuvRRA.roa
File: j9BS6TSn4ZaJS5O8vf-fysuvRRA.roa (raw, json)
Hash identifier: 3J/2SiG4+3YACKui0i9D7UUY3r2Hw70t5cZiJ+7M354=
Subject key identifier: 8F:D0:52:E9:34:A7:E1:96:89:4B:93:BC:BD:FF:9F:CA:CB:AF:45:10
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 018CC348EE0F3338F2121C36B43E5EEEF6AB
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/j9BS6TSn4ZaJS5O8vf-fysuvRRA.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61102
IP address blocks: 81.218.219.0/24 maxlen: 24
81.218.109.0/24 maxlen: 24
81.218.235.0/24 maxlen: 24
81.218.238.0/24 maxlen: 24
82.80.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ee:0f:33:38:f2:12:1c:36:b4:3e:5e:ee:f6:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fd052e934a7e196894b93bcbdff9fcacbaf4510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b3:45:55:0d:e2:f2:70:ff:f5:68:28:80:05:
d2:65:6c:91:1a:3e:58:37:30:ae:9a:93:78:b7:9a:
24:16:f8:21:8a:f1:dc:a4:21:da:29:1a:91:ec:f1:
91:0c:f0:0a:64:ce:da:da:82:e4:13:7c:1f:f9:fe:
81:21:83:4d:e7:b8:c0:0b:b6:84:61:16:54:b3:6c:
18:90:fb:1c:88:27:78:75:96:d8:0e:a1:e1:70:b2:
c7:5d:33:ec:d8:34:26:93:ca:cc:38:66:b3:d3:00:
22:83:78:63:f1:1a:4c:f4:78:92:57:2f:43:4c:e9:
d1:92:9d:f3:84:60:9b:93:f2:3a:43:8a:9b:11:16:
47:33:d3:13:da:b2:cf:7c:9c:53:b3:f6:e1:48:ca:
e6:32:00:2f:a8:41:ab:42:6b:e3:52:2f:08:cc:4f:
2a:4f:db:49:cb:f5:fe:58:23:46:33:c3:78:3a:63:
80:99:9c:18:3c:93:e8:0d:90:6e:65:85:46:5d:68:
ed:51:dd:ac:40:8f:2e:58:a3:4d:62:4f:7b:c7:3c:
9a:b0:6d:7b:05:a7:d8:07:82:a2:fa:5d:68:9d:11:
ce:f2:72:5a:c4:b3:ce:2b:62:4b:52:f6:b0:29:e7:
e3:86:98:6e:c1:96:79:76:3b:d0:63:cd:4c:04:7d:
01:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D0:52:E9:34:A7:E1:96:89:4B:93:BC:BD:FF:9F:CA:CB:AF:45:10
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/j9BS6TSn4ZaJS5O8vf-fysuvRRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.218.109.0/24
81.218.219.0/24
81.218.235.0/24
81.218.238.0/24
82.80.245.0/24
Signature Algorithm: sha256WithRSAEncryption
23:06:33:bf:a5:03:fa:f4:4a:13:a4:cf:c0:4a:73:d2:ac:88:
ce:ba:a0:cd:19:89:39:90:24:84:4d:f5:50:23:27:0c:88:64:
08:70:34:fc:46:8e:f0:55:31:53:25:68:5a:90:ca:b3:19:38:
26:3e:1e:42:a3:2d:b1:9f:0d:e0:b8:dc:d2:8f:49:2d:b6:91:
61:04:05:9e:af:70:cb:ba:f8:e1:47:58:aa:a8:12:e7:96:e4:
7f:b3:3b:1c:dd:62:0a:95:79:b8:46:b1:a4:51:e3:25:c6:be:
73:2e:09:a0:4d:3b:5e:59:e0:fb:2c:56:84:9e:c3:97:63:15:
d4:ca:e1:5e:a6:4e:eb:d7:72:70:80:08:c9:da:8a:c3:8b:51:
e0:3d:58:0b:5e:1f:39:68:85:21:84:95:2d:ec:15:64:90:03:
3a:92:d3:a4:68:e3:52:ca:b7:f6:20:a0:b6:21:fe:4c:77:61:
8a:2f:40:ac:3d:ed:f4:6f:d6:e9:10:dc:5c:71:19:04:66:dc:
7f:9f:c6:bd:df:6a:34:ab:5e:b5:a0:51:c3:56:06:89:19:f7:
2a:b8:44:80:99:ad:bd:6b:77:d1:2b:d6:79:cd:65:77:b2:75:
29:4e:81:c9:34:1d:27:e4:9a:34:e2:13:ff:37:71:52:a3:52:
72:09:92:85
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDSO4PMzjyEhw2tD5e7varMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQwNTJlOTM0YTdlMTk2ODk0YjkzYmNiZGZmOWZjYWNiYWY0NTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrNFVQ3i8nD/9WgogAXSZWyRGj5Y
NzCumpN4t5okFvghivHcpCHaKRqR7PGRDPAKZM7a2oLkE3wf+f6BIYNN57jAC7aE
YRZUs2wYkPsciCd4dZbYDqHhcLLHXTPs2DQmk8rMOGaz0wAig3hj8RpM9HiSVy9D
TOnRkp3zhGCbk/I6Q4qbERZHM9MT2rLPfJxTs/bhSMrmMgAvqEGrQmvjUi8IzE8q
T9tJy/X+WCNGM8N4OmOAmZwYPJPoDZBuZYVGXWjtUd2sQI8uWKNNYk97xzyasG17
BafYB4Ki+l1onRHO8nJaxLPOK2JLUvawKefjhphuwZZ5djvQY81MBH0BcwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI/QUuk0p+GWiUuTvL3/n8rLr0UQMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvajlCUzZUU240WmFKUzVPOHZmLWZ5c3V2UlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUdptAwQA
UdrbAwQAUdrrAwQAUdruAwQAUlD1MA0GCSqGSIb3DQEBCwUAA4IBAQAjBjO/pQP6
9EoTpM/ASnPSrIjOuqDNGYk5kCSETfVQIycMiGQIcDT8Ro7wVTFTJWhakMqzGTgm
Ph5Coy2xnw3guNzSj0kttpFhBAWer3DLuvjhR1iqqBLnluR/szsc3WIKlXm4RrGk
UeMlxr5zLgmgTTteWeD7LFaEnsOXYxXUyuFepk7r13JwgAjJ2orDi1HgPVgLXh85
aIUhhJUt7BVkkAM6ktOkaONSyrf2IKC2If5Md2GKL0CsPe30b9bpENxccRkEZtx/
n8a932o0q161oFHDVgaJGfcquESAma29a3fRK9Z5zWV3snUpToHJNB0n5Jo04hP/
N3FSo1JyCZKF
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:12:06 2024 by rpki-client on console-fra.rpki-client.org