Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Kg7NJHCzKt6DiKAu-MRVhvDhsV0.roa
File: Kg7NJHCzKt6DiKAu-MRVhvDhsV0.roa (raw, json)
Hash identifier: cC4Zptawl8ALgTH9M7k+YnfNf+o/kZNb0a/SizE89oQ=
Subject key identifier: 2A:0E:CD:24:70:B3:2A:DE:83:88:A0:2E:F8:C4:55:86:F0:E1:B1:5D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192F6DC3F22058E850D0C3B08F4B51C02E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Kg7NJHCzKt6DiKAu-MRVhvDhsV0.roa
Signing time: Mon 04 Nov 2024 11:08:02 +0000
ROA not before: Mon 04 Nov 2024 11:08:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 81.168.96.0/24 maxlen: 24
82.153.51.0/24 maxlen: 24
82.153.148.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.63.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:dc:3f:22:05:8e:85:0d:0c:3b:08:f4:b5:1c:02:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 4 11:08:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a0ecd2470b32ade8388a02ef8c45586f0e1b15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ab:52:2f:3b:0c:03:0f:0c:fa:b9:10:6c:a0:
c2:9c:7b:0f:51:6e:87:3f:f6:4a:d2:8e:04:77:0a:
61:4e:7f:54:5c:36:b8:42:ac:a9:26:6a:e2:45:4b:
a4:9b:f9:0d:3c:60:4f:f0:70:fa:1b:cc:07:54:63:
99:33:e8:49:77:d6:6d:b6:8a:71:f5:66:b3:4b:77:
bf:4c:f6:cf:f2:9f:18:2f:9e:6e:34:b3:7a:43:14:
c9:e9:34:5f:2f:7e:5d:af:42:21:32:1a:e9:0f:ac:
2d:c9:a2:ee:fd:74:be:86:33:02:e1:43:ed:ee:6f:
1d:de:1e:e3:52:32:9b:86:41:96:f7:f5:f7:51:8f:
d8:74:56:2a:8a:fb:2b:e5:6d:a5:88:17:a0:c3:a0:
ab:6e:dc:ce:fd:e6:1a:7b:7d:9d:b6:d6:ff:d3:cf:
0c:89:43:67:ce:e5:9b:9c:5c:20:e7:b2:15:c4:ad:
d0:5a:e1:f3:5f:f1:ed:b8:25:06:de:e8:61:ff:d3:
4d:42:64:c6:7e:54:0c:6c:af:af:05:45:90:c0:9d:
95:34:32:7f:f6:3f:19:5d:0c:b9:8a:6d:11:09:17:
f4:46:9d:4b:0e:0d:e7:59:20:aa:c6:dd:bb:76:65:
96:ee:78:c8:bf:f2:52:dd:72:72:6d:78:12:df:96:
fd:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0E:CD:24:70:B3:2A:DE:83:88:A0:2E:F8:C4:55:86:F0:E1:B1:5D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Kg7NJHCzKt6DiKAu-MRVhvDhsV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.96.0/24
82.153.51.0/24
82.153.148.0/24
82.163.15.0/24
89.213.6.0/24
89.213.63.0/24
89.213.107.0/24
89.213.112.0/23
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
109.176.242.0/24
213.130.137.0/24
213.130.152.0/24
213.130.154.0/24
Signature Algorithm: sha256WithRSAEncryption
62:5f:42:1b:8a:a9:7c:85:60:c7:b7:c3:55:54:93:93:8a:6d:
f0:4d:51:b1:0f:b9:b7:97:b9:c8:31:2c:a5:e5:21:48:34:76:
f5:13:05:1c:cf:b9:77:da:4b:7f:59:70:6d:57:ed:2d:09:9a:
b2:df:a2:50:c8:02:07:5f:c2:12:62:f1:6d:22:88:f9:00:da:
a0:c2:82:41:55:76:1f:3c:64:8e:8f:49:a1:1c:b6:05:c8:8f:
92:ae:3d:85:95:8d:e5:ac:17:19:75:36:38:78:f1:7d:a0:ab:
91:00:7f:87:3f:e6:ee:e1:c1:c6:28:74:92:18:9c:bd:fe:1a:
ac:8b:64:17:d2:5e:5a:55:6f:b5:62:cf:44:13:66:57:8d:3c:
73:4e:ee:bd:38:8c:f0:24:da:5f:c7:5d:99:9c:5b:60:7c:2e:
82:b5:90:c5:29:01:de:18:82:b9:28:76:17:f1:b2:92:5a:db:
f6:83:0f:10:d1:f7:e0:fd:69:a9:56:68:cf:44:31:60:84:34:
f8:e9:f5:51:83:1c:79:fc:91:ca:0c:79:9a:55:41:35:de:a8:
cb:31:9e:24:7b:42:f9:31:d7:5b:38:4a:48:19:bd:73:6e:eb:
e9:51:de:2a:15:cb:69:d8:84:b8:fe:ea:24:e0:30:cc:bc:b7:
94:40:07:cd
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZL23D8iBY6FDQw7CPS1HALkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTA0MTEwODAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBlY2QyNDcwYjMyYWRlODM4OGEwMmVmOGM0NTU4NmYwZTFiMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6tSLzsMAw8M+rkQbKDCnHsPUW6H
P/ZK0o4EdwphTn9UXDa4QqypJmriRUukm/kNPGBP8HD6G8wHVGOZM+hJd9Zttopx
9WazS3e/TPbP8p8YL55uNLN6QxTJ6TRfL35dr0IhMhrpD6wtyaLu/XS+hjMC4UPt
7m8d3h7jUjKbhkGW9/X3UY/YdFYqivsr5W2liBegw6CrbtzO/eYae32dttb/088M
iUNnzuWbnFwg57IVxK3QWuHzX/HtuCUG3uhh/9NNQmTGflQMbK+vBUWQwJ2VNDJ/
9j8ZXQy5im0RCRf0Rp1LDg3nWSCqxt27dmWW7njIv/JS3XJybXgS35b9yQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFCoOzSRwsyreg4igLvjEVYbw4bFdMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS2c3TkpIQ3pLdDZEaUtBdS1NUlZodkRoc1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAUahgAwQA
UpkzAwQAUpmUAwQAUqMPAwQAWdUGAwQAWdU/AwQAWdVrAwQBWdVwAwQAWdV0AwQA
WdV5AwQAWdWdAwQAWdXjAwQAbbDyAwQA1YKJAwQA1YKYAwQA1YKaMA0GCSqGSIb3
DQEBCwUAA4IBAQBiX0Ibiql8hWDHt8NVVJOTim3wTVGxD7m3l7nIMSyl5SFINHb1
EwUcz7l32kt/WXBtV+0tCZqy36JQyAIHX8ISYvFtIoj5ANqgwoJBVXYfPGSOj0mh
HLYFyI+Srj2FlY3lrBcZdTY4ePF9oKuRAH+HP+bu4cHGKHSSGJy9/hqsi2QX0l5a
VW+1Ys9EE2ZXjTxzTu69OIzwJNpfx12ZnFtgfC6CtZDFKQHeGIK5KHYX8bKSWtv2
gw8Q0ffg/WmpVmjPRDFghDT46fVRgxx5/JHKDHmaVUE13qjLMZ4ke0L5MddbOEpI
Gb1zbuvpUd4qFctp2IS4/uok4DDMvLeUQAfN
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:15 2024 by rpki-client on console-fra.rpki-client.org