Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JXumnS475wUpr9JoVIDTzEdwaNc.roa
File: JXumnS475wUpr9JoVIDTzEdwaNc.roa (raw, json)
Hash identifier: pM8O4zun+51n6IJQdNw3Zl7/Teny8HIsAgoIDnarJvQ=
Subject key identifier: 25:7B:A6:9D:2E:3B:E7:05:29:AF:D2:68:54:80:D3:CC:47:70:68:D7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192331814327B5CB8979350417AE11AB84E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JXumnS475wUpr9JoVIDTzEdwaNc.roa
Signing time: Fri 27 Sep 2024 10:47:48 +0000
ROA not before: Fri 27 Sep 2024 10:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 80.240.86.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
212.38.89.0/24 maxlen: 24
213.218.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:33:18:14:32:7b:5c:b8:97:93:50:41:7a:e1:1a:b8:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 27 10:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=257ba69d2e3be70529afd2685480d3cc477068d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4a:3d:03:d7:40:7a:14:cd:3e:8e:2e:a4:45:
b8:d3:b2:02:4e:87:03:06:7b:78:01:05:b7:4e:b4:
b0:82:ae:80:51:30:e2:3c:d9:7a:d5:82:4b:9e:ab:
24:7b:77:8a:b0:c5:33:d2:87:5f:1d:dc:6b:42:8e:
44:15:c0:78:7e:78:48:df:99:9d:8c:5b:7d:4f:65:
ba:2b:36:ab:a6:4a:6b:a5:48:f8:23:50:73:b5:e7:
6e:8e:de:db:92:20:02:56:2e:17:8f:30:ee:d1:56:
fa:55:47:0c:15:58:fb:3d:be:d6:5e:1e:b0:79:65:
6c:47:f3:f5:51:07:0a:51:fb:3a:b1:a0:58:fd:bd:
47:fe:2c:4d:50:0f:7f:cb:3e:9e:b8:61:42:68:ea:
fd:e4:3d:22:42:6a:34:be:cd:e1:9c:6d:be:19:88:
93:ca:d4:9e:26:a2:d2:d0:01:3f:a7:80:07:6b:95:
1c:b2:f6:41:97:15:37:55:fc:4b:f6:d2:63:c5:12:
17:b5:98:87:55:ae:f6:a0:d3:28:18:1a:f8:93:67:
b8:30:6d:04:ec:96:87:3d:99:44:de:d1:d3:dc:0b:
56:bc:8f:00:41:c4:6e:98:61:b3:03:c5:4d:22:ca:
46:00:78:19:d2:9a:07:98:d0:bd:b6:6d:be:32:14:
5f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7B:A6:9D:2E:3B:E7:05:29:AF:D2:68:54:80:D3:CC:47:70:68:D7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JXumnS475wUpr9JoVIDTzEdwaNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.86.0/24
82.153.207.0/24
212.38.89.0/24
213.218.209.0/24
Signature Algorithm: sha256WithRSAEncryption
86:15:62:53:cd:89:fd:46:03:c1:3e:ca:f2:b3:69:d5:a5:b3:
f2:c6:be:a0:d7:6b:ac:6a:c2:21:2a:cd:2c:ab:82:22:5b:d1:
fb:6f:6c:8d:ae:df:35:bc:cf:04:cd:b7:fd:ff:07:5a:81:b2:
3d:59:61:77:53:e7:4d:32:3d:40:b8:f2:63:a9:19:cd:a4:a7:
7f:34:32:42:f2:ab:7f:ee:63:84:ae:45:91:e2:72:d6:68:73:
42:c2:a7:9c:f4:ca:72:19:a3:e0:36:94:23:62:5d:62:d6:18:
36:2b:5a:96:21:b6:8e:d8:7e:df:2e:48:0d:dd:e3:7c:5a:48:
f6:fa:57:01:b5:c9:10:39:91:03:8d:c2:e2:0c:bf:59:7a:3d:
79:27:51:c9:b5:04:0b:a0:d5:16:65:25:01:eb:5a:a9:6d:e0:
42:b1:f8:13:6a:fc:fe:31:b1:56:15:8f:ed:63:41:5e:84:dd:
f1:62:86:c6:bd:04:4d:bd:37:c8:2f:c0:24:f2:7e:cc:a0:1d:
51:75:e0:f4:1e:8f:64:b5:1d:ca:05:ff:f1:b8:b8:a1:7e:a8:
ba:78:fe:ec:92:8a:60:42:e7:91:43:a7:d1:db:9c:3d:c1:30:
2e:67:78:84:c9:2b:1a:2f:dd:ed:3e:0a:a4:95:4c:d6:f1:f0:
fe:18:01:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIzGBQye1y4l5NQQXrhGrhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTI3MTA0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdiYTY5ZDJlM2JlNzA1MjlhZmQyNjg1NDgwZDNjYzQ3NzA2OGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEo9A9dAehTNPo4upEW407ICTocD
Bnt4AQW3TrSwgq6AUTDiPNl61YJLnqske3eKsMUz0odfHdxrQo5EFcB4fnhI35md
jFt9T2W6KzarpkprpUj4I1Bztedujt7bkiACVi4XjzDu0Vb6VUcMFVj7Pb7WXh6w
eWVsR/P1UQcKUfs6saBY/b1H/ixNUA9/yz6euGFCaOr95D0iQmo0vs3hnG2+GYiT
ytSeJqLS0AE/p4AHa5UcsvZBlxU3VfxL9tJjxRIXtZiHVa72oNMoGBr4k2e4MG0E
7JaHPZlE3tHT3AtWvI8AQcRumGGzA8VNIspGAHgZ0poHmNC9tm2+MhRfNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCV7pp0uO+cFKa/SaFSA08xHcGjXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSlh1bW5TNDc1d1VwcjlKb1ZJRFR6RWR3YU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBWAwQA
UpnPAwQA1CZZAwQA1drRMA0GCSqGSIb3DQEBCwUAA4IBAQCGFWJTzYn9RgPBPsry
s2nVpbPyxr6g12usasIhKs0sq4IiW9H7b2yNrt81vM8Ezbf9/wdagbI9WWF3U+dN
Mj1AuPJjqRnNpKd/NDJC8qt/7mOErkWR4nLWaHNCwqec9MpyGaPgNpQjYl1i1hg2
K1qWIbaO2H7fLkgN3eN8Wkj2+lcBtckQOZEDjcLiDL9Zej15J1HJtQQLoNUWZSUB
61qpbeBCsfgTavz+MbFWFY/tY0FehN3xYobGvQRNvTfIL8Ak8n7MoB1RdeD0Ho9k
tR3KBf/xuLihfqi6eP7skopgQueRQ6fR25w9wTAuZ3iEySsaL93tPgqklUzW8fD+
GAEb
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:15 2024 by rpki-client on console-fra.rpki-client.org