Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/AF_Vr0nxUzhNuX2kyf-vgwZ9apA.roa
File: AF_Vr0nxUzhNuX2kyf-vgwZ9apA.roa (raw, json)
Hash identifier: xql+kwA9H7WnofVYosfXiLu/qdj4RytXvtOcLPMUUzQ=
Subject key identifier: 00:5F:D5:AF:49:F1:53:38:4D:B9:7D:A4:C9:FF:AF:83:06:7D:6A:90
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018CC8DF942C1A58607494AD280440E98454
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/AF_Vr0nxUzhNuX2kyf-vgwZ9apA.roa
Signing time: Tue 02 Jan 2024 06:32:24 +0000
ROA not before: Tue 02 Jan 2024 06:32:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39378
IP address blocks: 194.76.226.0/24 maxlen: 24
79.132.130.0/24 maxlen: 24
79.132.131.0/24 maxlen: 24
79.132.134.0/24 maxlen: 24
185.219.220.0/23 maxlen: 23
185.219.222.0/24 maxlen: 24
185.219.223.0/24 maxlen: 24
185.158.251.0/24 maxlen: 24
185.212.44.0/24 maxlen: 24
185.212.45.0/24 maxlen: 24
185.212.46.0/24 maxlen: 24
185.212.47.0/24 maxlen: 24
91.241.93.0/24 maxlen: 24
2a0b:7140:5::/48 maxlen: 48
2a0b:7140::/48 maxlen: 48
2a07:fc00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:94:2c:1a:58:60:74:94:ad:28:04:40:e9:84:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 06:32:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=005fd5af49f153384db97da4c9ffaf83067d6a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0e:69:6c:17:e7:04:32:ea:de:34:70:d8:1b:
fc:04:f4:25:ce:ad:a8:3a:db:33:19:63:da:b5:df:
0a:de:de:37:e1:27:81:1c:fb:01:de:37:76:d8:88:
70:f7:a9:18:66:f9:7b:d1:90:3f:f0:3b:ad:b9:c7:
8d:51:3f:bb:d1:16:de:14:bc:65:f2:08:e2:7d:0b:
78:2f:d7:c6:ab:77:8d:ed:2c:0a:95:8f:88:98:52:
e8:0d:9f:48:b4:3a:41:46:e7:11:e4:6c:b4:b8:55:
d0:2e:09:55:73:ef:f0:71:44:92:ba:29:94:08:8b:
3b:e0:35:37:98:39:3a:ad:93:e3:49:b3:6e:a2:5e:
1b:ee:90:93:60:c8:e7:41:00:d8:d1:bb:b8:b6:38:
9a:0b:b6:cc:c6:c9:2e:47:f9:e8:e5:70:b2:ab:69:
12:7d:b6:6c:21:a6:49:a0:fa:71:38:a1:fb:1f:32:
b2:9a:f4:5d:e4:45:ce:d0:f5:18:e4:7a:d0:e4:3b:
3e:1e:08:89:1d:7f:b1:4d:3d:6a:38:91:b4:0e:9e:
d9:87:1f:d8:c4:fc:c1:3f:fc:32:a9:81:a1:ee:38:
3d:19:b6:5d:0f:1c:70:39:33:bb:7b:ac:27:63:7d:
bf:d0:ba:09:d4:ef:bc:32:98:ff:d9:e1:3c:36:9e:
ce:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5F:D5:AF:49:F1:53:38:4D:B9:7D:A4:C9:FF:AF:83:06:7D:6A:90
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/AF_Vr0nxUzhNuX2kyf-vgwZ9apA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.130.0/23
79.132.134.0/24
91.241.93.0/24
185.158.251.0/24
185.212.44.0/22
185.219.220.0/22
194.76.226.0/24
IPv6:
2a07:fc00::/48
2a0b:7140::/48
2a0b:7140:5::/48
Signature Algorithm: sha256WithRSAEncryption
80:31:a7:d3:f8:13:bc:36:89:3c:47:e4:24:1f:c5:d4:38:ae:
66:3c:76:dc:6b:62:89:06:de:53:f0:62:29:61:f4:bf:0c:29:
fc:ab:d7:58:5a:ce:2b:01:0d:26:86:9d:ae:af:ee:24:80:ca:
cc:4d:c2:49:de:06:05:6a:84:aa:78:63:8e:9f:e7:3d:8a:f3:
9f:b0:14:63:a6:76:8e:9b:c0:65:80:60:c7:9a:31:80:a3:69:
43:4e:66:1c:3f:4a:a3:ea:2c:30:49:b4:52:2d:43:18:e9:89:
04:98:72:02:00:de:f5:43:04:ed:ae:34:a9:cd:14:25:3e:b8:
64:d9:83:03:89:e4:3e:99:ff:7e:55:2a:69:b3:9f:0f:a2:c3:
7b:61:d2:ad:5e:b5:13:86:0b:d8:5f:5a:48:22:e7:56:91:0a:
94:0a:60:c9:bb:78:4b:3e:bb:13:7f:90:18:f6:39:79:6d:c4:
d5:39:2d:b1:d7:64:36:58:21:65:d0:cd:28:fc:0b:65:34:bb:
55:55:62:84:a8:db:a2:d2:aa:94:59:87:a6:c9:aa:b3:d7:41:
76:66:97:0c:4f:e7:c3:0c:45:2a:69:68:26:a7:11:c8:11:ea:
01:f4:1a:b4:1c:57:45:f4:2a:73:9a:9e:af:06:6b:83:33:f7:
a4:59:87:53
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzI35QsGlhgdJStKARA6YRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjQwMTAyMDYzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVmZDVhZjQ5ZjE1MzM4NGRiOTdkYTRjOWZmYWY4MzA2N2Q2YTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAng5pbBfnBDLq3jRw2Bv8BPQlzq2o
OtszGWPatd8K3t434SeBHPsB3jd22Ihw96kYZvl70ZA/8DutuceNUT+70RbeFLxl
8gjifQt4L9fGq3eN7SwKlY+ImFLoDZ9ItDpBRucR5Gy0uFXQLglVc+/wcUSSuimU
CIs74DU3mDk6rZPjSbNuol4b7pCTYMjnQQDY0bu4tjiaC7bMxskuR/no5XCyq2kS
fbZsIaZJoPpxOKH7HzKymvRd5EXO0PUY5HrQ5Ds+HgiJHX+xTT1qOJG0Dp7Zhx/Y
xPzBP/wyqYGh7jg9GbZdDxxwOTO7e6wnY32/0LoJ1O+8Mpj/2eE8Np7OqQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFABf1a9J8VM4Tbl9pMn/r4MGfWqQMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvQUZfVnIwbnhVemhOdVgya3lmLXZnd1o5YXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAwBAIAATAqAwQBT4SCAwQA
T4SGAwQAW/FdAwQAuZ77AwQCudQsAwQCudvcAwQAwkziMCEEAgACMBsDBwAqB/wA
AAADBwAqC3FAAAADBwAqC3FAAAUwDQYJKoZIhvcNAQELBQADggEBAIAxp9P4E7w2
iTxH5CQfxdQ4rmY8dtxrYokG3lPwYilh9L8MKfyr11hazisBDSaGna6v7iSAysxN
wkneBgVqhKp4Y46f5z2K85+wFGOmdo6bwGWAYMeaMYCjaUNOZhw/SqPqLDBJtFIt
QxjpiQSYcgIA3vVDBO2uNKnNFCU+uGTZgwOJ5D6Z/35VKmmznw+iw3th0q1etROG
C9hfWkgi51aRCpQKYMm7eEs+uxN/kBj2OXltxNU5LbHXZDZYIWXQzSj8C2U0u1VV
YoSo26LSqpRZh6bJqrPXQXZmlwxP58MMRSppaCanEcgR6gH0GrQcV0X0KnOanq8G
a4Mz96RZh1M=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:10:55 2024 by rpki-client on console-fra.rpki-client.org