Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pynI4NLkmwGix2Ra7GySV-817Jo.roa
File: pynI4NLkmwGix2Ra7GySV-817Jo.roa (raw, json)
Hash identifier: dXsUZLQK/W8b/zYs900CLrCB6fDJ2xQOVtsC40x0ZXs=
Subject key identifier: A7:29:C8:E0:D2:E4:9B:01:A2:C7:64:5A:EC:6C:92:57:EF:35:EC:9A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E55A514A1D47EBDD450BE009EFBD9116B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pynI4NLkmwGix2Ra7GySV-817Jo.roa
Signing time: Tue 19 Mar 2024 07:37:45 +0000
ROA not before: Tue 19 Mar 2024 07:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 82.153.225.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:55:a5:14:a1:d4:7e:bd:d4:50:be:00:9e:fb:d9:11:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 19 07:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a729c8e0d2e49b01a2c7645aec6c9257ef35ec9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:47:72:f6:06:b1:ad:10:f5:08:ca:8b:cd:96:
2a:b1:63:cf:14:59:4c:7c:53:46:a1:91:6a:5f:2d:
dd:8d:72:17:fe:68:7b:e0:f9:89:5c:1f:88:05:d2:
24:5a:47:34:46:98:53:35:41:81:27:77:77:44:3c:
a5:e1:5e:e6:33:76:eb:8f:0c:99:99:67:54:2c:ca:
a2:53:6e:2f:b9:ec:1e:81:2d:9e:44:39:30:e6:21:
cc:a2:89:5f:4c:00:1e:7e:ac:c9:9f:38:b4:f1:04:
f4:60:37:07:e4:33:9f:07:cc:b0:65:31:29:13:ea:
b1:e7:7d:3e:ae:7b:9e:eb:87:15:be:e1:8c:52:c1:
54:ab:e3:16:45:d9:19:29:12:5d:3e:d8:e3:22:4c:
6f:95:69:3d:3d:ed:35:ad:8a:65:39:69:11:53:97:
57:f2:d1:e0:a9:16:22:4d:e1:f7:76:60:94:cb:63:
00:42:16:97:9d:bf:c6:74:db:2f:b1:e4:0a:3b:a7:
9b:d1:2b:37:df:fe:9f:7f:fd:05:6b:7d:97:79:f7:
ec:37:47:c0:ad:fa:7f:77:db:5f:f2:c2:ce:df:3a:
5f:32:fb:61:4f:80:ce:cc:0c:be:c4:68:e6:a2:5e:
2e:41:ed:e8:32:ee:af:48:3e:25:5d:c1:cb:64:ba:
3f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:29:C8:E0:D2:E4:9B:01:A2:C7:64:5A:EC:6C:92:57:EF:35:EC:9A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pynI4NLkmwGix2Ra7GySV-817Jo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.225.0/24
89.213.43.0/24
89.213.145.0-89.213.146.255
89.213.161.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:7a:60:e7:75:e5:21:15:e5:9a:6a:2f:88:2c:14:f4:09:0e:
2a:86:2c:77:10:7a:b1:5e:59:5e:22:09:11:4e:0b:51:bf:ab:
0a:a5:5d:76:6b:56:c2:70:02:6e:29:af:72:f5:bc:64:23:b0:
42:c4:6e:db:9f:2c:01:97:b3:90:bb:4c:9d:ca:8d:3a:a6:c6:
f4:f5:11:be:8d:e5:a6:38:e0:df:c1:5d:86:a8:6f:ff:02:f8:
fb:c1:d8:55:3a:2d:6b:b0:e3:bf:d6:19:ea:30:8d:4c:7e:1c:
b6:98:b4:56:32:aa:d4:e7:8c:8a:fa:25:f6:36:25:56:c6:64:
85:c0:6d:dd:bc:2f:1a:a6:67:3f:ec:d0:5a:94:a1:2a:9a:d0:
f0:f9:02:96:45:78:dd:08:bd:64:8b:4f:d3:dc:8a:51:6d:52:
c5:cd:88:61:40:05:67:13:96:8d:e8:35:a1:e8:99:cc:0f:69:
fa:e4:11:9f:a8:66:4a:4e:dd:72:df:14:4f:1a:03:0b:69:10:
28:04:bc:e4:ce:55:e3:dd:5c:c8:12:ed:91:0d:ba:43:38:ec:
92:23:7d:1d:6d:29:5a:7b:ed:c6:c0:6b:42:91:b6:87:ea:7b:
23:0b:ee:1e:9b:58:61:6a:55:f5:16:4c:bc:56:c9:10:f9:36:
bd:5f:58:7e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY5VpRSh1H691FC+AJ772RFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzE5MDczNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI5YzhlMGQyZTQ5YjAxYTJjNzY0NWFlYzZjOTI1N2VmMzVlYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEdy9gaxrRD1CMqLzZYqsWPPFFlM
fFNGoZFqXy3djXIX/mh74PmJXB+IBdIkWkc0RphTNUGBJ3d3RDyl4V7mM3brjwyZ
mWdULMqiU24vuewegS2eRDkw5iHMoolfTAAefqzJnzi08QT0YDcH5DOfB8ywZTEp
E+qx530+rnue64cVvuGMUsFUq+MWRdkZKRJdPtjjIkxvlWk9Pe01rYplOWkRU5dX
8tHgqRYiTeH3dmCUy2MAQhaXnb/GdNsvseQKO6eb0Ss33/6ff/0Fa32XeffsN0fA
rfp/d9tf8sLO3zpfMvthT4DOzAy+xGjmol4uQe3oMu6vSD4lXcHLZLo/5QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKcpyODS5JsBosdkWuxsklfvNeyaMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcHluSTROTGttd0dpeDJSYTdHeVNWLTgxN0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUpnhAwQA
WdUrMAwDBABZ1ZEDBABZ1ZIDBABZ1aEwDQYJKoZIhvcNAQELBQADggEBAB56YOd1
5SEV5ZpqL4gsFPQJDiqGLHcQerFeWV4iCRFOC1G/qwqlXXZrVsJwAm4pr3L1vGQj
sELEbtufLAGXs5C7TJ3KjTqmxvT1Eb6N5aY44N/BXYaob/8C+PvB2FU6LWuw47/W
GeowjUx+HLaYtFYyqtTnjIr6JfY2JVbGZIXAbd28LxqmZz/s0FqUoSqa0PD5ApZF
eN0IvWSLT9PcilFtUsXNiGFABWcTlo3oNaHomcwPafrkEZ+oZkpO3XLfFE8aAwtp
ECgEvOTOVePdXMgS7ZENukM47JIjfR1tKVp77cbAa0KRtofqeyML7h6bWGFqVfUW
TLxWyRD5Nr1fWH4=
-----END CERTIFICATE-----
Generated at Tue Apr 30 13:57:15 2024 by rpki-client on console-fra.rpki-client.org