Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K-D-EApn6JiZHIfeeYIMj1IMj0Y.roa
File: K-D-EApn6JiZHIfeeYIMj1IMj0Y.roa (raw, json)
Hash identifier: JRp1HfmrR5wDiQLrEVtbUW/MPtlwOC/TWbUuP7Jq2N4=
Subject key identifier: 2B:E0:FE:10:0A:67:E8:98:99:1C:87:DE:79:82:0C:8F:52:0C:8F:46
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01947543D304B42E07337F725BB4B7ADA670
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K-D-EApn6JiZHIfeeYIMj1IMj0Y.roa
Signing time: Fri 17 Jan 2025 17:16:06 +0000
ROA not before: Fri 17 Jan 2025 17:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59711
IP address blocks: 82.153.248.0/24 maxlen: 24
89.213.135.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
89.213.141.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
89.213.170.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:75:43:d3:04:b4:2e:07:33:7f:72:5b:b4:b7:ad:a6:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 17 17:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2be0fe100a67e898991c87de79820c8f520c8f46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:20:66:69:e8:d5:40:0f:d8:02:46:25:0a:0a:
36:9c:3e:21:7b:6a:bf:e1:02:c2:2a:c3:99:df:98:
04:e7:76:11:f4:2c:6c:ff:b8:19:82:89:e5:63:9c:
74:e4:75:0f:c5:ef:2e:63:14:85:48:6d:d6:b4:2a:
4c:f5:2d:34:d3:09:af:b5:7d:3c:7d:f2:6a:04:83:
75:44:5e:7f:07:87:70:0c:a8:68:9e:ad:9d:34:6a:
85:b2:91:a4:aa:26:c7:93:1e:2b:79:58:f7:75:33:
a1:8e:10:f9:3f:1b:ed:9d:70:ae:0a:e0:d6:03:fe:
4e:1c:e2:15:20:8a:77:fe:c1:ea:86:a5:27:96:cc:
1d:d5:52:e4:b3:30:b0:ae:5b:7b:a4:36:ec:c3:c2:
a7:8e:47:2e:5f:51:4e:7b:89:f4:92:3d:05:ea:17:
8b:f9:a7:7a:f3:58:44:d5:6f:aa:fd:90:90:88:ed:
5b:a7:05:7f:f4:ea:3c:8a:cf:a5:50:ba:27:bf:da:
e1:86:d0:07:22:1c:f4:4a:6c:b9:b1:5d:45:76:6b:
d6:08:c1:10:c6:42:56:28:11:03:2e:e2:bc:d6:f1:
5d:07:0b:20:59:fb:de:21:5d:66:b0:31:bd:c1:1f:
3a:0a:90:14:f7:5f:8c:fb:3f:61:a9:4d:18:72:21:
fe:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E0:FE:10:0A:67:E8:98:99:1C:87:DE:79:82:0C:8F:52:0C:8F:46
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K-D-EApn6JiZHIfeeYIMj1IMj0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.248.0/24
89.213.135.0/24
89.213.137.0/24
89.213.141.0/24
89.213.163.0/24
89.213.168.0/24
89.213.170.0/24
89.213.188.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:7f:e2:56:45:30:51:f2:ae:33:f2:c7:c1:63:8a:e3:cf:3c:
f3:83:eb:97:3d:b5:41:8d:8d:cd:a6:dc:df:4f:d9:d9:88:a5:
9e:b2:a5:12:91:84:ab:12:7c:85:cf:61:b3:a6:b1:dc:a9:36:
46:23:61:5c:8a:df:bc:70:87:9f:2f:5a:48:be:91:10:e8:da:
71:76:5a:2d:15:45:ba:45:00:5e:6a:36:16:eb:95:b4:45:2b:
6c:99:37:e9:ba:01:c8:d8:a1:e7:16:00:16:3d:84:d1:eb:88:
12:66:b8:ba:d2:eb:41:cf:fd:e3:01:7f:ce:aa:8f:b1:44:6e:
1d:06:0a:ba:7b:da:60:ee:43:3e:a7:38:d6:78:90:63:47:5e:
55:43:ec:ca:41:e4:67:67:f6:d4:7a:ef:4c:58:30:b2:e3:9f:
60:bd:6b:f8:06:1e:bf:27:1a:c4:c9:f3:96:a0:fd:7d:57:f2:
63:5c:25:ac:8b:a9:4b:0c:70:49:74:89:33:30:68:4a:b3:28:
ae:56:b8:ce:9e:99:81:e4:e3:c2:81:f8:75:0f:fd:e4:0c:9b:
7f:8d:4b:ac:0a:46:06:56:1c:47:81:cd:0f:a4:21:7a:21:13:
c8:38:a7:f1:e2:d6:45:db:a6:6e:42:6e:76:15:1a:90:4a:ab:
b0:d0:9a:b7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZR1Q9MEtC4HM39yW7S3raZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTE3MTcxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmUwZmUxMDBhNjdlODk4OTkxYzg3ZGU3OTgyMGM4ZjUyMGM4ZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSBmaejVQA/YAkYlCgo2nD4he2q/
4QLCKsOZ35gE53YR9Cxs/7gZgonlY5x05HUPxe8uYxSFSG3WtCpM9S000wmvtX08
ffJqBIN1RF5/B4dwDKhonq2dNGqFspGkqibHkx4reVj3dTOhjhD5PxvtnXCuCuDW
A/5OHOIVIIp3/sHqhqUnlswd1VLkszCwrlt7pDbsw8KnjkcuX1FOe4n0kj0F6heL
+ad681hE1W+q/ZCQiO1bpwV/9Oo8is+lULonv9rhhtAHIhz0Smy5sV1FdmvWCMEQ
xkJWKBEDLuK81vFdBwsgWfveIV1msDG9wR86CpAU91+M+z9hqU0YciH+MwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCvg/hAKZ+iYmRyH3nmCDI9SDI9GMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSy1ELUVBcG42SmlaSElmZWVZSU1qMUlNajBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUpn4AwQA
WdWHAwQAWdWJAwQAWdWNAwQAWdWjAwQAWdWoAwQAWdWqAwQBWdW8MA0GCSqGSIb3
DQEBCwUAA4IBAQAOf+JWRTBR8q4z8sfBY4rjzzzzg+uXPbVBjY3NptzfT9nZiKWe
sqUSkYSrEnyFz2GzprHcqTZGI2Fcit+8cIefL1pIvpEQ6NpxdlotFUW6RQBeajYW
65W0RStsmTfpugHI2KHnFgAWPYTR64gSZri60utBz/3jAX/Oqo+xRG4dBgq6e9pg
7kM+pzjWeJBjR15VQ+zKQeRnZ/bUeu9MWDCy459gvWv4Bh6/JxrEyfOWoP19V/Jj
XCWsi6lLDHBJdIkzMGhKsyiuVrjOnpmB5OPCgfh1D/3kDJt/jUusCkYGVhxHgc0P
pCF6IRPIOKfx4tZF26ZuQm52FRqQSquw0Jq3
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:43:41 2025 by rpki-client