Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/SX3ylag-hZOGWYy_pZkwNhLOSsE.roa
File: SX3ylag-hZOGWYy_pZkwNhLOSsE.roa (raw, json)
Hash identifier: 43OUdEAz6tq0z1F5ikIM0mpbPVhfkw5HMKGB/qtwP5M=
Subject key identifier: 49:7D:F2:95:A8:3E:85:93:86:59:8C:BF:A5:99:30:36:12:CE:4A:C1
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 019421B1CE7B56D9C1DE8891AA9949A1E36B
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/SX3ylag-hZOGWYy_pZkwNhLOSsE.roa
Signing time: Wed 01 Jan 2025 11:48:08 +0000
ROA not before: Wed 01 Jan 2025 11:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43297
IP address blocks: 79.133.98.0/24 maxlen: 24
95.85.86.0/24 maxlen: 24
95.85.87.0/24 maxlen: 24
185.13.32.0/24 maxlen: 24
185.13.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ce:7b:56:d9:c1:de:88:91:aa:99:49:a1:e3:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 11:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=497df295a83e859386598cbfa599303612ce4ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2e:ce:36:4f:9b:d0:28:e3:8b:52:19:9d:1f:
8b:40:41:c4:f6:d5:4f:b1:20:91:1a:9d:ac:c0:19:
db:21:d4:1d:aa:df:e2:05:47:17:33:b6:c7:e0:79:
40:a2:04:60:aa:8a:9b:14:6f:fd:03:e8:7e:55:65:
3d:e3:fc:8a:e3:30:f6:01:cc:ce:88:b6:43:59:d9:
12:fd:20:ec:d6:bc:88:0d:e7:ac:6c:3c:c6:df:0e:
81:3b:dd:c3:4f:f2:20:fe:33:67:98:e4:b6:39:65:
c7:3e:e7:5e:55:54:4b:ba:a7:db:50:b1:c9:11:af:
2d:b1:29:7d:8e:46:54:40:5e:89:f3:83:8c:2c:44:
c7:b2:32:0e:1c:71:b3:4b:ae:75:52:f5:98:e4:52:
68:d4:5f:9c:31:4e:be:56:ed:ac:31:e0:71:47:ae:
fb:e3:32:1a:cc:2a:e2:32:59:e7:fd:1b:7b:09:a0:
9c:79:0b:f8:3a:f2:8f:49:55:42:cf:6d:8b:4b:2d:
52:dc:28:c7:1b:64:ab:bd:9b:ba:83:7e:42:52:7d:
87:43:0e:2c:b7:53:71:28:89:3d:50:b6:ee:37:90:
be:23:e5:81:fe:ec:10:b8:7f:ad:ce:f7:84:cb:d1:
09:0c:8a:20:19:1e:5a:19:19:b5:f6:14:9b:ae:61:
1a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:7D:F2:95:A8:3E:85:93:86:59:8C:BF:A5:99:30:36:12:CE:4A:C1
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/SX3ylag-hZOGWYy_pZkwNhLOSsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.98.0/24
95.85.86.0/23
185.13.32.0/24
185.13.35.0/24
Signature Algorithm: sha256WithRSAEncryption
41:d3:63:06:59:c8:05:f8:13:53:23:71:38:01:4f:c1:c5:c4:
94:e8:91:8d:b9:43:aa:d9:c6:10:36:b9:12:61:cd:79:b5:9e:
0d:c7:d9:bc:b5:7d:fb:cc:ad:61:d6:33:33:3c:97:00:4b:56:
b6:0e:3f:41:57:86:dd:2c:68:6a:34:d7:56:99:2c:9d:99:58:
e7:a6:bb:10:c3:fa:32:57:23:dc:d4:d8:1a:3a:56:17:d6:af:
54:a3:72:d2:27:e9:ef:81:c1:97:83:d4:c8:fc:9d:ec:71:e3:
c4:f3:5e:34:bb:40:8e:0d:f1:28:fe:d1:b1:50:03:ce:65:64:
80:7c:8a:78:4d:3c:7f:99:61:69:06:ac:3b:bb:5a:6d:9a:de:
25:12:69:22:ed:da:8c:e8:64:79:0f:30:ab:e5:fd:c0:38:1a:
f5:a6:8b:dc:0e:9a:b8:20:76:2d:24:9b:8b:7e:97:b9:77:fd:
2b:d7:64:02:68:18:4c:83:44:bf:d5:ba:4b:32:e5:a7:77:2b:
82:25:f7:1a:90:80:ab:c5:b0:ae:b3:33:5a:16:87:2d:56:db:
cc:31:be:93:c8:61:58:dc:b6:f5:78:e1:42:f1:50:1d:4e:4c:
7c:6d:5f:d0:67:67:9d:f0:c3:32:41:92:31:24:2d:f1:42:08:
40:da:91:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhsc57VtnB3oiRqplJoeNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwMTAxMTE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTdkZjI5NWE4M2U4NTkzODY1OThjYmZhNTk5MzAzNjEyY2U0YWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0y7ONk+b0Cjji1IZnR+LQEHE9tVP
sSCRGp2swBnbIdQdqt/iBUcXM7bH4HlAogRgqoqbFG/9A+h+VWU94/yK4zD2AczO
iLZDWdkS/SDs1ryIDeesbDzG3w6BO93DT/Ig/jNnmOS2OWXHPudeVVRLuqfbULHJ
Ea8tsSl9jkZUQF6J84OMLETHsjIOHHGzS651UvWY5FJo1F+cMU6+Vu2sMeBxR677
4zIazCriMlnn/Rt7CaCceQv4OvKPSVVCz22LSy1S3CjHG2SrvZu6g35CUn2HQw4s
t1NxKIk9ULbuN5C+I+WB/uwQuH+tzveEy9EJDIogGR5aGRm19hSbrmEaYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEl98pWoPoWThlmMv6WZMDYSzkrBMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvU1gzeWxhZy1oWk9HV1l5X3Baa3dOaExPU3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT4ViAwQB
X1VWAwQAuQ0gAwQAuQ0jMA0GCSqGSIb3DQEBCwUAA4IBAQBB02MGWcgF+BNTI3E4
AU/BxcSU6JGNuUOq2cYQNrkSYc15tZ4Nx9m8tX37zK1h1jMzPJcAS1a2Dj9BV4bd
LGhqNNdWmSydmVjnprsQw/oyVyPc1NgaOlYX1q9Uo3LSJ+nvgcGXg9TI/J3scePE
8140u0CODfEo/tGxUAPOZWSAfIp4TTx/mWFpBqw7u1ptmt4lEmki7dqM6GR5DzCr
5f3AOBr1povcDpq4IHYtJJuLfpe5d/0r12QCaBhMg0S/1bpLMuWndyuCJfcakICr
xbCuszNaFoctVtvMMb6TyGFY3Lb1eOFC8VAdTkx8bV/QZ2ed8MMyQZIxJC3xQghA
2pHE
-----END CERTIFICATE-----
Generated at Tue Apr 15 21:00:59 2025 by rpki-client