Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5Bsi60IgoblZWsb1VAZhTf1uuw4.roa
File: 5Bsi60IgoblZWsb1VAZhTf1uuw4.roa (raw, json)
Hash identifier: NEGg76BFJnvKqlVvZETpA+X3U12UweQtdxleRuuVpFQ=
Subject key identifier: E4:1B:22:EB:42:20:A1:B9:59:5A:C6:F5:54:06:61:4D:FD:6E:BB:0E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01927063A8B6479CC3A400E99C543C2BDD9C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5Bsi60IgoblZWsb1VAZhTf1uuw4.roa
Signing time: Wed 09 Oct 2024 08:27:12 +0000
ROA not before: Wed 09 Oct 2024 08:27:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 80.240.85.0/24 maxlen: 24
89.213.229.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
217.145.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:70:63:a8:b6:47:9c:c3:a4:00:e9:9c:54:3c:2b:dd:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 9 08:27:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e41b22eb4220a1b9595ac6f55406614dfd6ebb0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:bd:42:dd:ec:6c:9c:b9:9b:b5:72:f6:9f:7b:
de:ae:2d:c5:4a:f3:71:a3:96:2d:7f:ee:89:b5:04:
37:cf:88:bd:38:db:df:93:7b:52:8d:c9:66:4a:61:
6d:c9:b4:0d:0b:e2:d3:4b:d3:d0:fe:7c:d8:6b:0e:
03:cc:5e:d0:b2:d5:36:b9:f7:69:62:59:1c:51:c1:
55:61:21:6e:ce:5d:0c:12:e3:76:d2:cf:f7:f0:75:
81:0a:b1:eb:22:3a:56:85:d5:79:14:f2:f0:c9:51:
24:77:b9:49:ee:2e:2a:2a:53:19:d1:64:1e:91:98:
39:36:ea:21:b7:e2:2e:4e:d1:f4:69:0b:74:8b:2e:
fd:f0:17:c2:94:bc:7e:7a:d7:e4:4b:98:49:5e:c8:
f8:22:6b:0d:29:ea:42:98:15:00:b5:a2:8e:7d:68:
d9:df:e2:3f:8a:b4:35:a9:55:1f:0a:89:ff:05:87:
6c:47:5e:d1:ea:f1:a9:36:89:57:e0:02:d4:70:ac:
e5:a0:2d:fb:cf:37:20:a9:d4:83:79:59:ad:cd:53:
37:4b:70:34:2b:c4:f6:0d:b0:c6:19:c5:78:2a:8c:
97:3b:f1:90:ea:93:c6:f2:4e:2c:81:fc:e3:64:0f:
b9:1e:03:55:b1:5f:df:93:3e:9f:73:df:5e:8b:af:
d3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1B:22:EB:42:20:A1:B9:59:5A:C6:F5:54:06:61:4D:FD:6E:BB:0E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5Bsi60IgoblZWsb1VAZhTf1uuw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.85.0/24
89.213.229.0/24
109.176.243.0/24
217.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:2f:5c:ea:0e:1d:fd:d7:ae:9e:01:d8:94:db:c1:19:4b:91:
ef:d8:55:82:35:a7:ac:a8:d4:93:94:5f:6b:5e:52:a3:50:d0:
cb:01:fb:6b:15:c4:0e:10:52:4b:5b:58:94:17:c8:16:95:2e:
26:7b:b7:76:0d:d7:f5:9f:24:f4:0b:3c:21:e9:3a:f8:be:c9:
ed:47:6a:e3:ca:f8:24:01:58:32:03:b1:93:c6:b0:35:98:8e:
93:40:87:3b:31:a6:b3:36:a2:65:85:ed:26:07:69:17:b2:89:
4a:e9:75:60:3d:4a:89:df:3a:2d:f7:e8:57:ac:de:60:ec:b3:
21:16:22:60:d9:bb:02:76:3c:b0:3a:cb:65:73:a3:3b:18:9e:
7e:25:c2:59:9e:d1:47:bf:12:b5:a8:a6:8d:32:82:e2:2d:aa:
7a:90:fc:21:d5:ad:0c:5a:e7:b2:64:f0:dd:87:35:56:94:0a:
4e:51:54:a8:fc:fb:7b:f4:a4:1a:ce:ff:43:26:2f:6c:54:e8:
db:c7:56:7c:b3:a7:08:17:b0:a4:df:d2:45:49:ba:70:ae:6d:
e5:44:fe:52:ca:93:17:26:71:58:14:5f:04:b6:b2:04:08:e5:
a3:c8:15:58:6d:ae:c3:a0:1a:20:41:03:73:e3:39:dc:c1:4e:
17:97:e2:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJwY6i2R5zDpADpnFQ8K92cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDA5MDgyNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDFiMjJlYjQyMjBhMWI5NTk1YWM2ZjU1NDA2NjE0ZGZkNmViYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6L1C3exsnLmbtXL2n3veri3FSvNx
o5Ytf+6JtQQ3z4i9ONvfk3tSjclmSmFtybQNC+LTS9PQ/nzYaw4DzF7QstU2ufdp
YlkcUcFVYSFuzl0MEuN20s/38HWBCrHrIjpWhdV5FPLwyVEkd7lJ7i4qKlMZ0WQe
kZg5Nuoht+IuTtH0aQt0iy798BfClLx+etfkS5hJXsj4ImsNKepCmBUAtaKOfWjZ
3+I/irQ1qVUfCon/BYdsR17R6vGpNolX4ALUcKzloC37zzcgqdSDeVmtzVM3S3A0
K8T2DbDGGcV4KoyXO/GQ6pPG8k4sgfzjZA+5HgNVsV/fkz6fc99ei6/TvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOQbIutCIKG5WVrG9VQGYU39brsOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNUJzaTYwSWdvYmxaV3NiMVZBWmhUZjF1dXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBVAwQA
WdXlAwQAbbDzAwQA2ZFHMA0GCSqGSIb3DQEBCwUAA4IBAQAdL1zqDh39166eAdiU
28EZS5Hv2FWCNaesqNSTlF9rXlKjUNDLAftrFcQOEFJLW1iUF8gWlS4me7d2Ddf1
nyT0Czwh6Tr4vsntR2rjyvgkAVgyA7GTxrA1mI6TQIc7MaazNqJlhe0mB2kXsolK
6XVgPUqJ3zot9+hXrN5g7LMhFiJg2bsCdjywOstlc6M7GJ5+JcJZntFHvxK1qKaN
MoLiLap6kPwh1a0MWueyZPDdhzVWlApOUVSo/Pt79KQazv9DJi9sVOjbx1Z8s6cI
F7Ck39JFSbpwrm3lRP5SypMXJnFYFF8EtrIECOWjyBVYba7DoBogQQNz4zncwU4X
l+Km
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:28 2024 by rpki-client on console-ams.rpki-client.org