Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GZlYeZPBhKEH9HmbnNpneR-ocZc.roa
File: GZlYeZPBhKEH9HmbnNpneR-ocZc.roa (raw, json)
Hash identifier: IqUxryW9JN5CrI8EvYMHB0okpQ7UXGGHizSvsAMZdPY=
Subject key identifier: 19:99:58:79:93:C1:84:A1:07:F4:79:9B:9C:DA:67:79:1F:A8:71:97
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143CC035663BEBB8AC4DBA44BFA31EA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GZlYeZPBhKEH9HmbnNpneR-ocZc.roa
Signing time: Wed 01 Jan 2025 09:47:58 +0000
ROA not before: Wed 01 Jan 2025 09:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.219.0/24 maxlen: 24
194.105.76.0/22 maxlen: 24
213.130.132.0/22 maxlen: 22
213.218.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:cc:03:56:63:be:bb:8a:c4:db:a4:4b:fa:31:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1999587993c184a107f4799b9cda67791fa87197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:38:36:a1:52:04:b7:96:68:af:73:c6:ec:16:
25:8e:65:2b:b5:c9:4d:0b:4a:c7:4a:79:99:2a:fe:
ff:2a:d1:e3:f4:09:61:8b:c8:6b:7d:c4:ab:33:19:
14:65:e1:ab:da:4a:78:af:5e:05:b8:3d:0d:16:de:
c8:db:a1:c0:b7:0e:78:75:0d:3c:9f:98:28:20:ea:
aa:4f:8f:a5:e3:ed:d7:bf:e1:92:15:84:12:52:73:
55:3a:37:ab:18:7f:19:9a:c0:6b:b4:5a:96:00:34:
8c:26:3a:d5:fd:4f:01:ce:a5:9e:4e:99:be:cd:a6:
59:df:f7:90:88:c3:5e:e8:b4:f4:98:16:c4:ba:44:
99:10:3d:54:9b:31:34:a2:8b:4e:9b:16:23:46:eb:
30:12:82:f7:82:d3:af:bf:ac:7b:88:e0:5a:e2:d8:
ec:2e:65:d2:9c:7a:40:d5:10:a4:70:c1:3c:56:1c:
f6:de:77:2a:d1:1f:53:92:a2:7f:ba:c2:a9:94:b4:
f6:69:fe:b6:2c:4a:cd:af:3e:c6:3d:f3:f1:8e:42:
5b:af:45:19:64:ad:d0:f1:fb:ae:48:95:62:6e:05:
58:b1:65:1c:5e:1a:bf:31:d6:fc:60:f1:5c:2d:75:
e8:9f:92:16:5e:f0:23:be:4b:30:7d:d7:b4:80:7d:
03:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:99:58:79:93:C1:84:A1:07:F4:79:9B:9C:DA:67:79:1F:A8:71:97
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GZlYeZPBhKEH9HmbnNpneR-ocZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.216.0/22
194.105.76.0/22
213.130.132.0/22
213.218.244.0/22
Signature Algorithm: sha256WithRSAEncryption
27:a2:d8:a1:4e:f9:6c:0a:dd:62:b4:a8:f8:7a:4e:51:a5:b0:
63:63:52:8f:0f:ce:d8:64:5c:53:f8:2f:55:32:7e:d3:03:6f:
55:41:8c:59:45:12:a4:21:84:0f:45:13:43:b9:02:b5:74:27:
43:66:06:d5:65:0e:51:ab:62:10:77:f6:6a:5e:5a:1c:6a:b6:
68:a0:73:8e:c6:26:76:61:a7:e4:19:ca:a9:71:de:d7:33:14:
3b:0c:80:55:75:3b:d7:d7:73:57:d5:fe:e3:df:14:ae:d3:d1:
7d:82:f2:ec:85:9d:44:fb:80:6a:2b:6f:dc:81:3e:b3:13:97:
04:c1:38:95:93:d1:88:0d:f3:90:97:4d:a2:10:68:c2:93:66:
d9:ae:b7:16:33:e0:4d:13:b8:4d:27:15:06:21:fe:0d:4c:21:
a2:43:83:9f:de:c0:bb:9a:d2:12:94:f8:35:f6:b3:50:35:9b:
71:15:eb:f8:1b:15:1a:ef:a5:87:51:c4:4b:93:a0:8d:e7:20:
50:56:5c:18:e1:b6:50:a8:0d:1c:aa:10:91:34:72:c0:58:71:
6d:4e:41:96:31:4a:44:2f:6e:3c:02:34:c8:ea:aa:bb:8b:7b:
aa:d2:65:dd:d3:5c:70:76:12:22:b0:0b:3e:bb:10:f1:9c:cf:
16:e0:e1:b2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhQ8wDVmO+u4rE26RL+jHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk5NTg3OTkzYzE4NGExMDdmNDc5OWI5Y2RhNjc3OTFmYTg3MTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zg2oVIEt5Zor3PG7BYljmUrtclN
C0rHSnmZKv7/KtHj9Alhi8hrfcSrMxkUZeGr2kp4r14FuD0NFt7I26HAtw54dQ08
n5goIOqqT4+l4+3Xv+GSFYQSUnNVOjerGH8ZmsBrtFqWADSMJjrV/U8BzqWeTpm+
zaZZ3/eQiMNe6LT0mBbEukSZED1UmzE0ootOmxYjRuswEoL3gtOvv6x7iOBa4tjs
LmXSnHpA1RCkcME8Vhz23ncq0R9TkqJ/usKplLT2af62LErNrz7GPfPxjkJbr0UZ
ZK3Q8fuuSJVibgVYsWUcXhq/Mdb8YPFcLXXon5IWXvAjvkswfde0gH0DLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBmZWHmTwYShB/R5m5zaZ3kfqHGXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR1psWWVaUEJoS0VIOUhtYm5OcG5lUi1vY1pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUpnYAwQC
wmlMAwQC1YKEAwQC1dr0MA0GCSqGSIb3DQEBCwUAA4IBAQAnotihTvlsCt1itKj4
ek5RpbBjY1KPD87YZFxT+C9VMn7TA29VQYxZRRKkIYQPRRNDuQK1dCdDZgbVZQ5R
q2IQd/ZqXlocarZooHOOxiZ2YafkGcqpcd7XMxQ7DIBVdTvX13NX1f7j3xSu09F9
gvLshZ1E+4BqK2/cgT6zE5cEwTiVk9GIDfOQl02iEGjCk2bZrrcWM+BNE7hNJxUG
If4NTCGiQ4Of3sC7mtISlPg19rNQNZtxFev4GxUa76WHUcRLk6CN5yBQVlwY4bZQ
qA0cqhCRNHLAWHFtTkGWMUpEL248AjTI6qq7i3uq0mXd01xwdhIisAs+uxDxnM8W
4OGy
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:54:21 2025 by rpki-client