Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D00jJrL0vUd4vVb-SepgduqKB6c.roa
File: D00jJrL0vUd4vVb-SepgduqKB6c.roa (raw, json)
Hash identifier: LLpV5N+L/Voc/qhEdbkgEK0gQ4C9ieXGX+IhAE4UKwM=
Subject key identifier: 0F:4D:23:26:B2:F4:BD:47:78:BD:56:FE:49:EA:60:76:EA:8A:07:A7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01933A3EBDE43EB3942A463BB65628282611
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D00jJrL0vUd4vVb-SepgduqKB6c.roa
Signing time: Sun 17 Nov 2024 13:10:10 +0000
ROA not before: Sun 17 Nov 2024 13:10:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.34.0/24 maxlen: 24
82.153.37.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
82.153.132.0/24 maxlen: 24
82.153.224.0/24 maxlen: 24
89.213.4.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.190.0/24 maxlen: 24
89.213.196.0/24 maxlen: 24
109.176.247.0/24 maxlen: 24
109.176.251.0/24 maxlen: 24
185.49.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3a:3e:bd:e4:3e:b3:94:2a:46:3b:b6:56:28:28:26:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 17 13:10:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f4d2326b2f4bd4778bd56fe49ea6076ea8a07a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f1:37:c9:36:7a:51:ff:19:98:b7:b6:3e:65:
e6:94:29:57:24:d3:55:de:1f:2e:32:dc:29:4a:eb:
3d:24:5b:50:ff:54:80:4d:41:37:ae:49:ee:11:43:
74:d4:92:6d:48:b6:43:85:22:31:73:d1:84:9d:cc:
9c:fc:b1:ea:6c:5f:b9:ba:4e:9b:67:cb:fa:9d:41:
b0:0a:65:68:31:5e:dc:32:8b:88:ff:13:9a:e1:fd:
54:52:43:7d:73:62:5b:d1:fb:7b:4e:78:9d:ef:bb:
4d:5c:3b:9f:cb:60:37:87:69:71:fa:d8:e1:7f:65:
81:5d:9a:d6:81:5c:68:fd:f2:34:5d:98:59:e7:4c:
63:7d:f6:2b:ae:11:e6:bf:1c:7b:e6:85:b1:e0:17:
b4:cd:26:3d:77:df:d3:da:19:c4:3e:61:7f:ba:06:
0c:eb:05:8e:bf:91:63:fd:d7:e4:ef:3d:9c:42:a7:
3d:cb:d0:98:20:8f:31:94:65:06:63:cf:15:9e:ba:
9b:e5:05:cb:21:75:76:83:a4:b3:29:92:b5:89:04:
18:b9:c8:c5:68:f7:fe:e4:c2:7b:aa:fd:62:e6:08:
68:f1:cb:01:be:13:3c:2f:65:e5:e6:ea:a1:29:8d:
b0:b6:49:b4:84:7b:9d:16:4c:ad:99:5c:cb:a0:ec:
e5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:4D:23:26:B2:F4:BD:47:78:BD:56:FE:49:EA:60:76:EA:8A:07:A7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D00jJrL0vUd4vVb-SepgduqKB6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.248.0/24
82.152.251.0/24
82.152.254.0/24
82.153.34.0/24
82.153.37.0/24
82.153.69.0/24
82.153.72.0/24
82.153.79.0/24
82.153.132.0/24
82.153.224.0/24
89.213.4.0/24
89.213.7.0/24
89.213.130.0/24
89.213.190.0/24
89.213.196.0/24
109.176.247.0/24
109.176.251.0/24
185.49.124.0/24
Signature Algorithm: sha256WithRSAEncryption
18:22:04:aa:28:2b:83:c2:46:57:32:f1:a6:62:c3:85:6a:ce:
9a:6f:92:f5:c3:5f:61:af:d2:b6:50:65:b6:4d:50:eb:43:0f:
44:3a:37:90:b9:9b:bc:93:68:c4:56:e8:a1:7d:6d:43:1b:04:
8d:dc:63:40:b0:84:2d:59:02:e5:e6:7f:f0:36:60:42:86:45:
af:d0:4b:16:e7:af:fe:8c:e8:ff:85:0d:2e:8c:07:7a:0b:af:
45:d8:69:6c:20:55:51:b3:39:72:1d:01:d0:26:a8:ce:d3:89:
88:a6:67:3e:dd:49:9c:df:ca:41:09:f3:93:37:ff:c7:5e:ab:
e0:76:bb:f5:d1:f9:06:a9:b9:9e:e7:56:a1:b7:8e:f1:bc:d6:
ff:fb:72:44:cc:18:e7:10:2b:f3:8d:9f:bf:6f:8c:73:58:6f:
0d:6f:b1:a5:2e:69:1a:aa:9d:0d:eb:f0:f8:82:59:62:66:d1:
07:b0:5f:6c:30:83:c9:b0:9c:62:4c:bf:17:29:9b:ff:42:ee:
1b:b5:64:10:1c:d1:39:82:5c:42:82:3f:7d:2e:2a:c8:8d:b3:
48:b6:06:57:b5:bc:12:4e:b9:d4:47:ca:09:2a:e2:0f:7c:3e:
9f:e0:23:23:5e:39:ca:ce:9b:c4:a6:74:d4:fb:61:f3:cb:1b:
a2:d0:d5:ca
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZM6Pr3kPrOUKkY7tlYoKCYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTE3MTMxMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjRkMjMyNmIyZjRiZDQ3NzhiZDU2ZmU0OWVhNjA3NmVhOGEwN2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvE3yTZ6Uf8ZmLe2PmXmlClXJNNV
3h8uMtwpSus9JFtQ/1SATUE3rknuEUN01JJtSLZDhSIxc9GEncyc/LHqbF+5uk6b
Z8v6nUGwCmVoMV7cMouI/xOa4f1UUkN9c2Jb0ft7Tnid77tNXDufy2A3h2lx+tjh
f2WBXZrWgVxo/fI0XZhZ50xjffYrrhHmvxx75oWx4Be0zSY9d9/T2hnEPmF/ugYM
6wWOv5Fj/dfk7z2cQqc9y9CYII8xlGUGY88Vnrqb5QXLIXV2g6SzKZK1iQQYucjF
aPf+5MJ7qv1i5gho8csBvhM8L2Xl5uqhKY2wtkm0hHudFkytmVzLoOzlgQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFA9NIyay9L1HeL1W/knqYHbqigenMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRDAwakpyTDB2VWQ0dlZiLVNlcGdkdXFLQjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFGoeAME
AFKY+AMEAFKY+wMEAFKY/gMEAFKZIgMEAFKZJQMEAFKZRQMEAFKZSAMEAFKZTwME
AFKZhAMEAFKZ4AMEAFnVBAMEAFnVBwMEAFnVggMEAFnVvgMEAFnVxAMEAG2w9wME
AG2w+wMEALkxfDANBgkqhkiG9w0BAQsFAAOCAQEAGCIEqigrg8JGVzLxpmLDhWrO
mm+S9cNfYa/StlBltk1Q60MPRDo3kLmbvJNoxFbooX1tQxsEjdxjQLCELVkC5eZ/
8DZgQoZFr9BLFuev/ozo/4UNLowHeguvRdhpbCBVUbM5ch0B0CaoztOJiKZnPt1J
nN/KQQnzkzf/x16r4Ha79dH5Bqm5nudWobeO8bzW//tyRMwY5xAr842fv2+Mc1hv
DW+xpS5pGqqdDevw+IJZYmbRB7BfbDCDybCcYky/Fymb/0LuG7VkEBzROYJcQoI/
fS4qyI2zSLYGV7W8Ek651EfKCSriD3w+n+AjI145ys6bxKZ01Pth88sbotDVyg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:28 2024 by rpki-client on console-ams.rpki-client.org