Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/fxXsK4UXinHL7EY5aKoxVqlFghw.roa
File: fxXsK4UXinHL7EY5aKoxVqlFghw.roa (raw, json)
Hash identifier: pdbvQO9Qt9diBa334sTyuzIgSk31EPQ2Wvzju8kBhgA=
Subject key identifier: 7F:15:EC:2B:85:17:8A:71:CB:EC:46:39:68:AA:31:56:A9:45:82:1C
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 018CCA2B0CF53BEE3AD003A0CB1AAA8B5572
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/fxXsK4UXinHL7EY5aKoxVqlFghw.roa
Signing time: Tue 02 Jan 2024 12:34:28 +0000
ROA not before: Tue 02 Jan 2024 12:34:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205766
IP address blocks: 82.98.82.0/24 maxlen: 24
212.19.38.240/28 maxlen: 28
82.98.87.0/24 maxlen: 24
212.19.62.160/27 maxlen: 27
2a02:2e0:3fc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:0c:f5:3b:ee:3a:d0:03:a0:cb:1a:aa:8b:55:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 2 12:34:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f15ec2b85178a71cbec463968aa3156a945821c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7a:45:9e:47:2f:47:7b:96:8d:b9:d6:b6:ad:
73:bb:5a:87:99:e9:7a:03:9d:09:88:fa:5c:53:62:
b9:ef:fb:cc:bc:c2:a1:0c:1c:12:82:37:b7:3a:48:
2e:b4:6c:04:21:20:92:5d:c5:2c:f0:10:4b:bd:7a:
bc:fb:06:50:9b:f2:dd:9f:f4:a6:2d:e8:fe:c6:82:
7b:4d:d3:e3:3d:c9:6c:6d:83:c6:e7:3c:6e:55:04:
01:5f:01:14:8d:39:f8:40:ef:cc:af:55:17:c7:1c:
f0:fd:e4:74:f8:f2:58:c0:84:98:ae:19:13:53:46:
72:54:f9:b5:4a:9d:1c:83:cc:87:19:81:fe:af:8c:
06:73:7e:31:13:0a:70:85:57:05:b3:8c:02:ae:ca:
35:b6:6d:da:11:9e:33:d0:f9:e6:24:a4:cd:0a:53:
53:a5:ae:aa:89:11:af:5b:0d:73:c8:6d:0d:ff:06:
b3:e7:c6:43:fb:ce:c3:c8:cd:8c:6c:50:09:12:1d:
7c:40:51:32:8b:f3:d9:ad:e7:f3:68:b5:30:05:d6:
a5:0a:76:8b:4a:de:e5:52:b1:fc:6f:95:9b:8b:90:
f9:f5:83:d9:09:9f:52:8a:43:96:f6:5e:79:d4:85:
91:77:e8:c6:f8:24:b5:37:3a:47:f9:8f:09:d3:7e:
63:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:15:EC:2B:85:17:8A:71:CB:EC:46:39:68:AA:31:56:A9:45:82:1C
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/fxXsK4UXinHL7EY5aKoxVqlFghw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.82.0/24
82.98.87.0/24
212.19.38.240/28
212.19.62.160/27
IPv6:
2a02:2e0:3fc::/48
Signature Algorithm: sha256WithRSAEncryption
9c:ff:4c:46:b3:c4:e7:cf:9a:52:ae:3a:e7:7c:be:6c:81:f1:
94:3a:b4:17:a6:09:f6:37:c4:c4:47:9b:37:73:84:42:2a:d9:
3e:fb:ae:19:37:37:69:cf:bb:a5:f7:cf:ab:97:5f:5e:92:1d:
57:4b:c5:3e:79:fc:36:01:08:8e:eb:e4:45:74:d5:e4:32:6f:
ef:62:27:7e:1e:8d:06:04:eb:60:dd:47:be:73:19:01:1d:c1:
3c:f4:5a:89:d8:c5:cc:a7:25:c8:8e:3d:91:29:e6:a2:c2:70:
81:bd:0b:ad:26:a5:bd:fc:ca:18:7b:28:6b:00:be:1f:82:01:
72:60:40:64:6c:59:ba:d3:c5:c3:61:a1:ff:be:f3:57:08:67:
fd:7c:bb:ff:12:9b:03:2f:45:12:02:33:b7:2f:16:b3:79:6d:
56:b0:e2:98:aa:cb:a3:7d:71:f8:cc:9f:67:1f:5b:5b:a8:7f:
7c:b4:25:5a:73:7e:97:e1:22:f5:79:6b:de:3f:e7:70:ba:26:
c3:78:8d:e5:e6:64:94:73:22:52:dd:3d:69:0e:37:cf:72:30:
f5:00:29:d4:0e:49:b6:04:60:ba:f0:42:ae:18:a9:b9:ba:b9:
f1:3a:08:c6:9a:df:44:a9:05:07:85:4c:bb:6c:38:0f:7e:09:
af:cf:15:53
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzKKwz1O+460AOgyxqqi1VyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjQwMTAyMTIzNDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjE1ZWMyYjg1MTc4YTcxY2JlYzQ2Mzk2OGFhMzE1NmE5NDU4MjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnpFnkcvR3uWjbnWtq1zu1qHmel6
A50JiPpcU2K57/vMvMKhDBwSgje3OkgutGwEISCSXcUs8BBLvXq8+wZQm/Ldn/Sm
Lej+xoJ7TdPjPclsbYPG5zxuVQQBXwEUjTn4QO/Mr1UXxxzw/eR0+PJYwISYrhkT
U0ZyVPm1Sp0cg8yHGYH+r4wGc34xEwpwhVcFs4wCrso1tm3aEZ4z0PnmJKTNClNT
pa6qiRGvWw1zyG0N/waz58ZD+87DyM2MbFAJEh18QFEyi/PZrefzaLUwBdalCnaL
St7lUrH8b5Wbi5D59YPZCZ9SikOW9l551IWRd+jG+CS1NzpH+Y8J035jMwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFH8V7CuFF4pxy+xGOWiqMVapRYIcMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvZnhYc0s0VVhpbkhMN0VZNWFLb3hWcWxGZ2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQAUmJSAwQA
UmJXAwUE1BMm8AMFBdQTPqAwDwQCAAIwCQMHACoCAuAD/DANBgkqhkiG9w0BAQsF
AAOCAQEAnP9MRrPE58+aUq4653y+bIHxlDq0F6YJ9jfExEebN3OEQirZPvuuGTc3
ac+7pffPq5dfXpIdV0vFPnn8NgEIjuvkRXTV5DJv72Infh6NBgTrYN1HvnMZAR3B
PPRaidjFzKclyI49kSnmosJwgb0LrSalvfzKGHsoawC+H4IBcmBAZGxZutPFw2Gh
/77zVwhn/Xy7/xKbAy9FEgIzty8Ws3ltVrDimKrLo31x+MyfZx9bW6h/fLQlWnN+
l+Ei9Xlr3j/ncLomw3iN5eZklHMiUt09aQ43z3Iw9QAp1A5JtgRguvBCrhipubq5
8ToIxprfRKkFB4VMu2w4D34Jr88VUw==
-----END CERTIFICATE-----
Generated at Fri Jun 21 04:04:36 2024 by rpki-client on console-fra.rpki-client.org