Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/K3mFAL-m8Lw50py5QFODsNNuYVM.roa
File: K3mFAL-m8Lw50py5QFODsNNuYVM.roa (raw, json)
Hash identifier: 1pWTJjQrmHDLW0HGtXzVUlo3Idd4MiXI0AYXghDHqDE=
Subject key identifier: 2B:79:85:00:BF:A6:F0:BC:39:D2:9C:B9:40:53:83:B0:D3:6E:61:53
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 018CC26D1A2C7E70DA68705AB5AD5614ADB9
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/K3mFAL-m8Lw50py5QFODsNNuYVM.roa
Signing time: Mon 01 Jan 2024 00:29:39 +0000
ROA not before: Mon 01 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 213.205.0.0/19 maxlen: 24
82.85.16.0/24 maxlen: 24
82.85.24.0/24 maxlen: 24
82.85.18.0/24 maxlen: 24
82.85.28.0/24 maxlen: 24
82.85.27.0/24 maxlen: 24
82.85.61.0/24 maxlen: 24
195.130.248.0/22 maxlen: 24
213.205.32.0/24 maxlen: 24
213.205.32.0/19 maxlen: 24
213.205.33.0/24 maxlen: 24
213.205.34.0/24 maxlen: 24
213.205.36.0/24 maxlen: 24
213.205.37.0/24 maxlen: 24
82.85.154.0/24 maxlen: 24
94.32.64.0/20 maxlen: 24
94.32.80.0/21 maxlen: 24
212.123.79.0/24 maxlen: 24
212.123.84.0/23 maxlen: 24
212.123.82.0/23 maxlen: 24
94.32.96.0/23 maxlen: 24
94.32.100.0/22 maxlen: 24
94.32.102.0/24 maxlen: 24
94.32.104.0/21 maxlen: 24
212.123.93.0/24 maxlen: 24
94.32.115.0/24 maxlen: 24
217.133.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1a:2c:7e:70:da:68:70:5a:b5:ad:56:14:ad:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Jan 1 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b798500bfa6f0bc39d29cb9405383b0d36e6153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:54:3f:3a:73:73:45:5e:0b:b4:4e:dd:0e:5c:
46:a8:99:ab:d2:a9:72:28:7c:55:31:fa:5b:7f:d9:
fc:c4:ba:b9:e2:f4:71:46:5b:ca:da:a9:94:2c:ff:
3b:98:89:c7:8d:a2:eb:8c:e5:ed:5f:d3:0d:3b:8d:
21:b0:c6:e7:26:ef:1f:97:0e:8c:68:b2:07:35:ef:
ba:aa:36:b7:c4:08:5e:bb:20:90:5c:f1:f3:a9:04:
73:9e:eb:a4:25:56:fe:72:6b:d1:bd:f5:40:25:09:
f3:3f:cf:59:d6:d4:69:c6:7d:0f:c2:48:7c:09:ea:
10:e4:07:ab:cb:68:d1:07:a9:7d:9f:a0:84:8e:0b:
e3:a5:6d:10:b2:e1:85:0b:81:aa:9e:88:80:4c:55:
c6:83:60:90:6f:33:1e:40:0d:c0:00:e0:c7:f4:c6:
5c:8e:3e:86:b3:76:dd:f3:cf:f4:1d:c1:ca:f0:4b:
5a:e5:34:8d:80:e9:09:31:42:10:a2:c2:ab:0f:08:
2c:80:8a:02:90:94:82:a4:d3:e5:e1:89:c4:d3:29:
95:8b:be:9f:41:fd:ce:0f:4a:67:5b:16:3b:0d:c5:
3c:12:66:17:33:28:0d:f3:32:f7:3f:8a:77:0a:54:
19:4a:4e:24:38:7c:47:6e:f9:e3:bf:bd:a4:fd:3e:
8b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:79:85:00:BF:A6:F0:BC:39:D2:9C:B9:40:53:83:B0:D3:6E:61:53
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/K3mFAL-m8Lw50py5QFODsNNuYVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.85.16.0/24
82.85.18.0/24
82.85.24.0/24
82.85.27.0-82.85.28.255
82.85.61.0/24
82.85.154.0/24
94.32.64.0-94.32.87.255
94.32.96.0/23
94.32.100.0-94.32.111.255
94.32.115.0/24
195.130.248.0/22
212.123.79.0/24
212.123.82.0-212.123.85.255
212.123.93.0/24
213.205.0.0/18
217.133.170.0/24
Signature Algorithm: sha256WithRSAEncryption
45:0a:04:41:b2:12:32:bf:b4:ab:bb:b4:62:b8:7e:d1:5c:b4:
07:13:87:91:4e:58:78:b0:2c:7e:b5:b4:9a:fb:2d:8a:c4:97:
2b:d8:e4:a6:e4:d9:f5:a7:d0:86:03:b2:40:1b:e5:b4:e4:9d:
36:b5:be:1d:03:16:12:c0:ff:ff:9a:d0:0c:28:41:7f:42:2c:
86:96:0c:9d:21:5d:e6:4b:70:3d:b3:fa:1b:2a:9d:17:7d:8d:
03:0b:06:50:ff:64:7f:b7:61:bc:dd:d9:f7:84:45:98:be:e6:
cf:1d:d1:f1:f5:e1:bd:13:80:07:cb:f5:b0:f2:36:8e:f1:e8:
5b:23:05:87:80:34:16:ce:4a:f4:9b:be:a7:36:46:90:80:11:
dc:ba:a8:42:43:fd:88:e6:ea:86:1d:d1:b1:3a:b3:61:42:9a:
2d:1c:3d:c4:a6:5d:2e:d5:41:17:83:a2:ad:b4:65:fb:96:5d:
3d:bf:7b:6f:af:87:d9:df:49:b5:6c:6d:d9:b1:37:c7:4d:c5:
74:f5:b5:f4:69:15:06:9b:bb:1d:eb:99:b8:af:7c:44:88:de:
37:d8:b6:51:70:33:9b:9b:5c:6f:6f:9b:70:d8:74:ff:a0:55:
6e:ee:28:3c:eb:00:88:28:c6:9e:96:00:1e:c3:3c:fa:43:2d:
31:60:0a:82
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYzCbRosfnDaaHBata1WFK25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc5ODUwMGJmYTZmMGJjMzlkMjljYjk0MDUzODNiMGQzNmU2MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1Q/OnNzRV4LtE7dDlxGqJmr0qly
KHxVMfpbf9n8xLq54vRxRlvK2qmULP87mInHjaLrjOXtX9MNO40hsMbnJu8flw6M
aLIHNe+6qja3xAheuyCQXPHzqQRznuukJVb+cmvRvfVAJQnzP89Z1tRpxn0Pwkh8
CeoQ5Aery2jRB6l9n6CEjgvjpW0QsuGFC4GqnoiATFXGg2CQbzMeQA3AAODH9MZc
jj6Gs3bd88/0HcHK8Eta5TSNgOkJMUIQosKrDwgsgIoCkJSCpNPl4YnE0ymVi76f
Qf3OD0pnWxY7DcU8EmYXMygN8zL3P4p3ClQZSk4kOHxHbvnjv72k/T6LeQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFCt5hQC/pvC8OdKcuUBTg7DTbmFTMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvSzNtRkFMLW04THc1MHB5NVFGT0RzTk51WVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBABS
VRADBABSVRIDBABSVRgwDAMEAFJVGwMEAFJVHAMEAFJVPQMEAFJVmjAMAwQGXiBA
AwQDXiBQAwQBXiBgMAwDBAJeIGQDBAReIGADBABeIHMDBALDgvgDBADUe08wDAME
AdR7UgMEAdR7VAMEANR7XQMEBtXNAAMEANmFqjANBgkqhkiG9w0BAQsFAAOCAQEA
RQoEQbISMr+0q7u0Yrh+0Vy0BxOHkU5YeLAsfrW0mvstisSXK9jkpuTZ9afQhgOy
QBvltOSdNrW+HQMWEsD//5rQDChBf0IshpYMnSFd5ktwPbP6GyqdF32NAwsGUP9k
f7dhvN3Z94RFmL7mzx3R8fXhvROAB8v1sPI2jvHoWyMFh4A0Fs5K9Ju+pzZGkIAR
3LqoQkP9iObqhh3RsTqzYUKaLRw9xKZdLtVBF4OirbRl+5ZdPb97b6+H2d9JtWxt
2bE3x03FdPW19GkVBpu7HeuZuK98RIjeN9i2UXAzm5tcb2+bcNh0/6BVbu4oPOsA
iCjGnpYAHsM8+kMtMWAKgg==
-----END CERTIFICATE-----
Generated at Fri May 3 01:19:50 2024 by rpki-client on console-ams.rpki-client.org