Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8Kxuy9_mt64kmEWUusbXJzs0sgU.roa
File: 8Kxuy9_mt64kmEWUusbXJzs0sgU.roa (raw, json)
Hash identifier: C2bOq6SN9LMvLwNsZdmRrGIX8zR3wwfHJ0MCr2mFLHg=
Subject key identifier: F0:AC:6E:CB:DF:E6:B7:AE:24:98:45:94:BA:C6:D7:27:3B:34:B2:05
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906AFC0277D3BC937289C51260747C3CAB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8Kxuy9_mt64kmEWUusbXJzs0sgU.roa
Signing time: Sun 30 Jun 2024 21:10:18 +0000
ROA not before: Sun 30 Jun 2024 21:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138156
IP address blocks: 82.152.7.0/24 maxlen: 24
89.213.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6a:fc:02:77:d3:bc:93:72:89:c5:12:60:74:7c:3c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 21:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0ac6ecbdfe6b7ae24984594bac6d7273b34b205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b6:ae:cf:67:4a:f5:0b:01:d3:40:6f:86:23:
c7:54:91:8f:95:65:38:1a:5e:07:a8:d7:dc:81:e0:
f7:23:75:e3:3c:18:55:88:e4:ea:a5:b9:05:c1:4d:
92:70:bd:32:78:fe:26:3a:ce:4a:6f:16:5c:be:ad:
53:21:9e:81:b7:c8:bb:a8:37:25:e7:11:ae:99:fa:
d5:61:1a:81:ef:10:c1:d7:43:84:6c:6d:e9:a4:ed:
4b:39:f3:1c:20:6f:b7:7c:cc:b2:a9:05:ad:b6:81:
37:92:75:51:b3:11:0d:ff:ec:62:0d:84:6f:7f:35:
26:d5:7e:92:73:ad:6e:ed:ac:d1:c7:59:8c:eb:7f:
79:8e:0f:12:ba:4d:ef:59:e3:f2:1c:1b:43:48:5a:
d0:34:d8:3e:2d:fb:9f:f7:c2:3f:3d:b4:32:d1:55:
d1:f0:47:a6:c2:ec:79:f6:62:84:b1:74:b2:eb:64:
53:57:98:16:0c:07:8e:1b:b0:b7:25:01:7f:cb:a3:
59:89:4c:ee:a4:70:c1:c9:2f:6d:ff:8e:25:ae:5c:
65:ff:9e:5d:4a:42:ef:04:9b:94:7b:a9:44:e0:c2:
5f:cd:d6:84:b9:aa:d3:fb:17:e8:c9:0f:13:ed:7b:
e2:d5:a3:8f:4f:93:7a:63:26:c9:52:9e:e9:0c:cf:
d9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:AC:6E:CB:DF:E6:B7:AE:24:98:45:94:BA:C6:D7:27:3B:34:B2:05
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8Kxuy9_mt64kmEWUusbXJzs0sgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.7.0/24
89.213.57.0/24
Signature Algorithm: sha256WithRSAEncryption
36:55:ab:63:d7:f7:9d:7d:f3:75:48:38:a2:43:55:bc:5f:d5:
60:25:2a:76:69:ae:19:55:88:01:da:34:35:5c:a9:8d:e4:9d:
e3:e0:39:7b:90:06:3e:f4:04:b9:17:3c:fa:44:19:2f:07:28:
a3:a4:bf:c5:b1:ad:58:4a:e1:81:62:c9:22:aa:53:4e:37:44:
71:8a:17:3a:d6:97:df:81:4b:d8:2a:08:5c:6f:82:54:05:b7:
cd:4c:fe:8e:17:03:b4:56:9c:1a:ad:66:7c:8a:0a:8c:b4:5c:
89:24:74:17:d6:d4:4d:84:d5:d9:b4:21:2f:a4:96:db:54:26:
b2:38:dd:c2:a4:df:48:be:f1:5f:40:7a:57:7f:24:5d:d5:c3:
dd:a1:cf:35:7c:0f:5c:65:61:41:16:b5:c5:25:f7:d0:12:0b:
2e:16:e5:04:51:b9:62:4a:66:8a:2f:d7:b2:5c:a4:cb:01:19:
73:03:a5:f5:76:bd:68:cd:7b:2a:46:26:a2:da:00:0b:1f:4f:
f2:a8:7c:d2:f4:02:7d:12:56:de:85:ce:ba:ba:cf:77:2c:0d:
24:d5:e7:a3:7b:78:3d:49:27:c1:30:f7:69:ea:ca:01:fa:1d:
5d:80:dc:e7:d2:27:60:67:d0:86:ed:78:1a:08:c7:53:8e:80:
4c:44:2d:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBq/AJ307yTconFEmB0fDyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjMwMjExMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGFjNmVjYmRmZTZiN2FlMjQ5ODQ1OTRiYWM2ZDcyNzNiMzRiMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLauz2dK9QsB00BvhiPHVJGPlWU4
Gl4HqNfcgeD3I3XjPBhViOTqpbkFwU2ScL0yeP4mOs5KbxZcvq1TIZ6Bt8i7qDcl
5xGumfrVYRqB7xDB10OEbG3ppO1LOfMcIG+3fMyyqQWttoE3knVRsxEN/+xiDYRv
fzUm1X6Sc61u7azRx1mM6395jg8Suk3vWePyHBtDSFrQNNg+Lfuf98I/PbQy0VXR
8Eemwux59mKEsXSy62RTV5gWDAeOG7C3JQF/y6NZiUzupHDByS9t/44lrlxl/55d
SkLvBJuUe6lE4MJfzdaEuarT+xfoyQ8T7Xvi1aOPT5N6YybJUp7pDM/ZowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPCsbsvf5reuJJhFlLrG1yc7NLIFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOEt4dXk5X210NjRrbUVXVXVzYlhKenMwc2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpgHAwQA
WdU5MA0GCSqGSIb3DQEBCwUAA4IBAQA2Vatj1/edffN1SDiiQ1W8X9VgJSp2aa4Z
VYgB2jQ1XKmN5J3j4Dl7kAY+9AS5Fzz6RBkvByijpL/Fsa1YSuGBYskiqlNON0Rx
ihc61pffgUvYKghcb4JUBbfNTP6OFwO0VpwarWZ8igqMtFyJJHQX1tRNhNXZtCEv
pJbbVCayON3CpN9IvvFfQHpXfyRd1cPdoc81fA9cZWFBFrXFJffQEgsuFuUEUbli
SmaKL9eyXKTLARlzA6X1dr1ozXsqRiai2gALH0/yqHzS9AJ9Elbehc66us93LA0k
1eeje3g9SSfBMPdp6soB+h1dgNzn0idgZ9CG7XgaCMdTjoBMRC2T
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:42:32 2024 by rpki-client on console-fra.rpki-client.org