Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BIU8MtIPN8rg9DKqbIWnl5YpJi4.roa
File: BIU8MtIPN8rg9DKqbIWnl5YpJi4.roa (raw, json)
Hash identifier: BzrG0lKyPVgKyoqVIlxuxMrS51V4/a06EuqBlU6qwXs=
Subject key identifier: 04:85:3C:32:D2:0F:37:CA:E0:F4:32:AA:6C:85:A7:97:96:29:26:2E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192532D47C15D09194449744017506CA973
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BIU8MtIPN8rg9DKqbIWnl5YpJi4.roa
Signing time: Thu 03 Oct 2024 16:18:49 +0000
ROA not before: Thu 03 Oct 2024 16:18:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 79.99.76.0/24 maxlen: 24
82.152.110.0/24 maxlen: 24
82.153.66.0/24 maxlen: 24
109.176.16.0/24 maxlen: 24
109.176.165.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:53:2d:47:c1:5d:09:19:44:49:74:40:17:50:6c:a9:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 3 16:18:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04853c32d20f37cae0f432aa6c85a7979629262e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:88:c3:ea:91:ab:13:0e:4f:ed:b3:97:42:06:
41:93:01:5f:e3:40:99:be:5e:d2:87:55:45:31:58:
3f:4f:4f:0b:7f:c3:07:f1:92:e6:6a:2d:44:19:04:
a0:d1:bd:78:b1:cd:04:22:b9:bf:a1:8f:de:7c:d3:
08:f6:ba:e9:22:a9:56:85:63:65:a6:e2:d1:e7:1a:
bf:0c:51:f6:7f:e9:13:73:f7:5a:4c:53:db:8e:ef:
9a:36:74:b6:16:1e:5b:9a:c7:c6:91:b1:17:0d:8d:
30:48:9c:24:e2:69:3c:bb:98:c8:7a:4c:0b:72:05:
b5:3c:e2:b5:66:9f:bc:22:50:96:a6:a2:9b:0f:40:
a4:43:dc:d1:92:c9:c3:84:96:cc:68:47:94:ba:1d:
42:07:7e:f4:a6:3e:1b:2c:47:d9:99:39:cc:30:5d:
8f:f0:32:c4:1b:46:91:9d:55:2d:8a:53:75:15:56:
a0:ef:3e:0b:f0:a6:3b:7d:3f:af:a2:7b:d0:6c:9c:
47:03:9b:6b:2f:fe:e0:3c:6e:c4:cf:6b:59:b4:e1:
2f:1e:30:df:a2:e5:d1:d4:f0:47:35:eb:85:49:9c:
55:b2:4e:11:80:77:73:2e:cf:8e:ee:dd:36:45:16:
0f:de:45:54:1f:0a:1e:3e:8e:55:c1:e6:e7:54:3c:
b8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:85:3C:32:D2:0F:37:CA:E0:F4:32:AA:6C:85:A7:97:96:29:26:2E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BIU8MtIPN8rg9DKqbIWnl5YpJi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.76.0/24
82.152.110.0/24
82.153.66.0/24
109.176.16.0/24
109.176.165.0/24
213.218.213.0/24
213.218.227.0/24
Signature Algorithm: sha256WithRSAEncryption
63:ba:61:8c:ed:f3:37:29:89:21:0d:2c:50:91:81:6a:c1:f2:
ea:3b:51:f3:c8:ad:56:9f:34:f1:58:3d:ee:af:16:1c:c0:a9:
17:f2:1e:92:e6:6b:4b:36:6f:60:6e:68:4e:c2:8f:bc:95:17:
c2:96:de:64:77:9e:1a:04:0c:6b:86:5b:12:39:d5:17:40:24:
d4:dc:ed:7f:23:e7:3f:17:40:ed:00:db:bb:68:f2:88:2a:ff:
08:4a:dc:2b:be:8c:de:ad:2e:24:10:7e:ae:66:62:fd:8a:c9:
38:64:e9:26:6c:03:40:84:2d:fb:8e:a6:63:89:8a:ef:c3:45:
c4:be:c7:9b:86:84:3d:b4:ee:0f:53:b2:46:20:dd:5f:49:cc:
7e:b2:50:cb:ab:c6:77:d3:92:a4:0b:b0:f5:0e:86:8b:9b:2c:
2a:d2:db:86:f0:ef:35:a0:c6:dd:a4:d3:06:28:33:40:75:f8:
c0:d6:04:9f:c0:db:48:96:ce:df:b1:aa:1c:19:3b:99:99:2f:
5f:5a:46:67:ad:21:90:02:cc:49:72:b3:85:1e:dd:01:b7:d8:
ff:94:23:bb:09:64:02:70:c3:8c:1d:af:88:60:42:5d:b0:39:
c0:3f:85:cc:ab:7f:3a:94:01:b0:ba:b0:ae:f1:fe:70:eb:27:
99:1b:bc:ef
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZJTLUfBXQkZREl0QBdQbKlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDAzMTYxODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg1M2MzMmQyMGYzN2NhZTBmNDMyYWE2Yzg1YTc5Nzk2MjkyNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIjD6pGrEw5P7bOXQgZBkwFf40CZ
vl7Sh1VFMVg/T08Lf8MH8ZLmai1EGQSg0b14sc0EIrm/oY/efNMI9rrpIqlWhWNl
puLR5xq/DFH2f+kTc/daTFPbju+aNnS2Fh5bmsfGkbEXDY0wSJwk4mk8u5jIekwL
cgW1POK1Zp+8IlCWpqKbD0CkQ9zRksnDhJbMaEeUuh1CB370pj4bLEfZmTnMMF2P
8DLEG0aRnVUtilN1FVag7z4L8KY7fT+vonvQbJxHA5trL/7gPG7Ez2tZtOEvHjDf
ouXR1PBHNeuFSZxVsk4RgHdzLs+O7t02RRYP3kVUHwoePo5VwebnVDy4WwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFASFPDLSDzfK4PQyqmyFp5eWKSYuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQklVOE10SVBOOHJnOURLcWJJV25sNVlwSmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAT2NMAwQA
UphuAwQAUplCAwQAbbAQAwQAbbClAwQA1drVAwQA1drjMA0GCSqGSIb3DQEBCwUA
A4IBAQBjumGM7fM3KYkhDSxQkYFqwfLqO1HzyK1WnzTxWD3urxYcwKkX8h6S5mtL
Nm9gbmhOwo+8lRfClt5kd54aBAxrhlsSOdUXQCTU3O1/I+c/F0DtANu7aPKIKv8I
StwrvozerS4kEH6uZmL9isk4ZOkmbANAhC37jqZjiYrvw0XEvsebhoQ9tO4PU7JG
IN1fScx+slDLq8Z305KkC7D1DoaLmywq0tuG8O81oMbdpNMGKDNAdfjA1gSfwNtI
ls7fsaocGTuZmS9fWkZnrSGQAsxJcrOFHt0Bt9j/lCO7CWQCcMOMHa+IYEJdsDnA
P4XMq386lAGwurCu8f5w6yeZG7zv
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:28 2024 by rpki-client on console-ams.rpki-client.org