Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CLCfgHuZ4Fy-RcXRtNS9fAjfvbo.roa
File: CLCfgHuZ4Fy-RcXRtNS9fAjfvbo.roa (raw, json)
Hash identifier: 60y4ua02tjYrzmXcfWzgvbLGbE+YYrnzdI8pYAXikpw=
Subject key identifier: 08:B0:9F:80:7B:99:E0:5C:BE:45:C5:D1:B4:D4:BD:7C:08:DF:BD:BA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01932514A559F735569D3AC326048BC1459E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CLCfgHuZ4Fy-RcXRtNS9fAjfvbo.roa
Signing time: Wed 13 Nov 2024 10:32:10 +0000
ROA not before: Wed 13 Nov 2024 10:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214654
IP address blocks: 212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:14:a5:59:f7:35:56:9d:3a:c3:26:04:8b:c1:45:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 13 10:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08b09f807b99e05cbe45c5d1b4d4bd7c08dfbdba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2e:89:8f:1e:af:61:f1:b2:71:98:a4:2c:53:
5e:f0:66:92:44:e4:87:92:8f:4f:52:d1:ba:ca:b6:
d4:5a:7e:42:e8:6d:37:15:58:d6:d7:3c:82:08:ed:
9d:1d:a2:f8:6e:4d:95:5a:f5:19:c3:88:08:ed:85:
18:0f:69:b9:df:cb:e5:8f:2d:74:25:6c:06:3c:85:
47:9b:e8:00:4c:84:ce:53:88:d2:0c:40:2c:10:b3:
f5:a7:ec:36:24:ce:c9:d4:14:53:12:94:48:84:68:
c1:af:03:9c:38:8b:53:4b:09:ce:de:2a:d3:87:73:
c3:b7:ab:d9:33:3d:cb:d3:c3:3c:3b:66:d4:56:09:
6f:c4:5d:df:8e:18:96:f3:5d:1f:de:f8:e9:2b:42:
be:47:4e:18:a1:ea:9b:3d:a0:4b:20:ae:70:75:59:
54:8b:95:b3:25:46:e4:03:e8:4b:61:d2:30:84:81:
97:97:35:b1:40:26:4c:98:75:db:23:23:63:a8:58:
b7:79:48:68:a9:31:df:99:0d:5c:77:50:ec:f0:1b:
c1:0f:f3:7e:a0:0d:fe:71:5d:8f:00:ad:b4:7c:1f:
86:47:15:7d:61:f8:a4:23:44:39:b3:5e:1c:0d:64:
21:17:23:cf:3f:11:9b:96:7b:7d:0f:06:cb:db:d5:
6a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B0:9F:80:7B:99:E0:5C:BE:45:C5:D1:B4:D4:BD:7C:08:DF:BD:BA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CLCfgHuZ4Fy-RcXRtNS9fAjfvbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
75:83:ab:fe:c1:a7:f5:3a:9f:ee:7b:3b:ec:66:30:fd:ca:2f:
14:7c:7c:e8:d3:76:b9:40:bd:2f:73:a6:91:20:16:e5:0b:e6:
20:56:f3:fd:ed:d6:1e:53:e9:bc:8b:79:ab:59:3a:26:21:f2:
40:ca:78:10:6f:2b:fc:32:1a:5b:97:3a:44:61:1e:70:54:ca:
2d:f4:d2:f8:74:c2:f6:3a:54:71:11:d1:29:f5:53:a8:a8:7e:
68:a9:43:19:65:da:cc:5c:9b:d3:f8:c9:bc:42:9a:35:fd:40:
f7:01:e7:5b:10:3a:61:8c:40:14:e3:e2:2e:36:34:5d:bd:e3:
f1:33:07:ee:88:26:88:b7:a0:a2:82:4e:83:12:55:e0:9f:7a:
a9:2a:05:76:17:8e:93:46:ad:59:40:08:ed:48:90:38:2e:ae:
44:2f:68:c2:86:33:3a:38:3e:f0:eb:26:bd:12:61:71:b0:28:
03:42:80:b5:29:3e:02:29:97:a9:f4:cd:86:de:ab:6b:e2:69:
5e:6e:56:02:43:8b:97:f1:14:c7:10:13:2f:ce:c8:a2:07:25:
a7:70:af:6e:05:19:b3:8d:f0:17:e0:93:dc:76:a4:b5:5e:01:
fe:5a:dd:c5:43:c3:b1:e1:24:f6:dd:ed:fd:a4:04:d8:2a:29:
0f:a2:14:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMlFKVZ9zVWnTrDJgSLwUWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTEzMTAzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGIwOWY4MDdiOTllMDVjYmU0NWM1ZDFiNGQ0YmQ3YzA4ZGZiZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy6Jjx6vYfGycZikLFNe8GaSROSH
ko9PUtG6yrbUWn5C6G03FVjW1zyCCO2dHaL4bk2VWvUZw4gI7YUYD2m538vljy10
JWwGPIVHm+gATITOU4jSDEAsELP1p+w2JM7J1BRTEpRIhGjBrwOcOItTSwnO3irT
h3PDt6vZMz3L08M8O2bUVglvxF3fjhiW810f3vjpK0K+R04YoeqbPaBLIK5wdVlU
i5WzJUbkA+hLYdIwhIGXlzWxQCZMmHXbIyNjqFi3eUhoqTHfmQ1cd1Ds8BvBD/N+
oA3+cV2PAK20fB+GRxV9YfikI0Q5s14cDWQhFyPPPxGblnt9DwbL29VqeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAiwn4B7meBcvkXF0bTUvXwI3726MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ0xDZmdIdVo0RnktUmNYUnROUzlmQWpmdmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1CZRAwQB
1dI0AwQA1drvMA0GCSqGSIb3DQEBCwUAA4IBAQB1g6v+waf1Op/uezvsZjD9yi8U
fHzo03a5QL0vc6aRIBblC+YgVvP97dYeU+m8i3mrWTomIfJAyngQbyv8MhpblzpE
YR5wVMot9NL4dML2OlRxEdEp9VOoqH5oqUMZZdrMXJvT+Mm8Qpo1/UD3AedbEDph
jEAU4+IuNjRdvePxMwfuiCaIt6Cigk6DElXgn3qpKgV2F46TRq1ZQAjtSJA4Lq5E
L2jChjM6OD7w6ya9EmFxsCgDQoC1KT4CKZep9M2G3qtr4mleblYCQ4uX8RTHEBMv
zsiiByWncK9uBRmzjfAX4JPcdqS1XgH+Wt3FQ8Ox4ST23e39pATYKikPohQM
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:15 2024 by rpki-client on console-fra.rpki-client.org