Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Kiuzc5rs_A-neO3UJ_MHcVQkPVw.roa
File: Kiuzc5rs_A-neO3UJ_MHcVQkPVw.roa (raw, json)
Hash identifier: h2jUCTHJ8CkrBzaoK93X/LRkMJf4WgXGuFB/IlQ18ng=
Subject key identifier: 2A:2B:B3:73:9A:EC:FC:0F:A7:78:ED:D4:27:F3:07:71:54:24:3D:5C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019317703F8C882CD83A5717B02D0A9B83D4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Kiuzc5rs_A-neO3UJ_MHcVQkPVw.roa
Signing time: Sun 10 Nov 2024 18:57:32 +0000
ROA not before: Sun 10 Nov 2024 18:57:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214024
IP address blocks: 212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:17:70:3f:8c:88:2c:d8:3a:57:17:b0:2d:0a:9b:83:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 10 18:57:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a2bb3739aecfc0fa778edd427f3077154243d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8c:a4:ed:0d:c3:9e:6e:45:79:9a:40:08:f9:
ca:00:46:02:2f:e3:91:c4:15:b5:30:e2:d3:99:5e:
ac:cd:7a:80:91:b6:ad:d7:dc:82:d0:0e:1f:98:51:
c9:c7:5e:00:ad:35:44:a3:50:7f:bb:73:17:0a:71:
1e:7a:21:88:19:d2:8e:81:c7:6b:18:b1:ac:89:56:
d9:56:70:33:a1:83:91:ce:a5:cf:f8:d2:b4:0e:07:
3d:9e:80:c4:f0:17:2a:c1:a0:73:75:d7:b8:30:d6:
f9:6d:1d:f6:b2:cb:95:71:a2:5d:40:ee:19:8a:24:
93:f5:ba:a7:55:2f:87:65:cc:9b:0e:34:5f:4a:fb:
47:ac:c0:ae:16:56:c0:f7:1d:5d:e2:3b:26:9d:1b:
aa:7e:de:8b:07:f8:4c:d4:b6:c7:dc:9b:10:a9:ce:
c5:6c:91:db:97:6e:42:ea:19:d3:74:53:ff:22:c1:
fe:e4:bf:4e:34:f0:45:f6:b6:6c:dd:8c:ee:fe:41:
f2:25:f2:82:8f:c4:d9:93:06:f2:ae:57:f2:b6:12:
d9:bf:1e:7b:c6:67:48:43:d1:8b:59:18:23:b0:77:
b7:06:3d:5b:6e:f3:4d:60:be:25:60:f7:b1:bf:14:
fd:e4:5c:dc:cf:95:dd:52:be:27:8e:52:31:66:ae:
32:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2B:B3:73:9A:EC:FC:0F:A7:78:ED:D4:27:F3:07:71:54:24:3D:5C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Kiuzc5rs_A-neO3UJ_MHcVQkPVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
10:6c:5b:74:37:a4:1e:b4:43:d7:9c:ce:86:8a:d7:2a:3c:ad:
d1:43:9e:3c:f8:e1:11:98:23:e9:d5:71:1a:b5:f4:a2:8b:f2:
3e:0b:a6:e8:be:1e:0f:3e:a7:0d:af:21:f5:b6:d4:0a:d3:b6:
69:99:c9:f4:90:91:eb:e1:f9:65:a3:04:69:b9:30:fc:19:36:
51:88:6a:12:46:05:2f:98:53:0e:8e:67:24:4b:20:29:eb:d0:
06:a1:69:b5:fa:51:e8:47:18:ac:71:f4:fc:94:ea:19:9c:58:
a4:76:d9:d1:ad:4d:9a:0f:aa:2a:74:5b:86:9e:30:3e:57:f3:
60:da:03:0a:85:5f:b4:33:de:ad:90:0e:b5:d2:d6:72:73:d0:
3b:89:79:28:ac:e3:da:a1:fc:9c:df:41:c8:30:42:28:9d:eb:
f6:2f:6c:d9:06:8f:1e:db:80:4e:89:8a:8d:e6:d5:e6:b2:87:
73:bb:05:21:c9:bf:35:ba:6e:fe:1f:27:2c:7c:ef:f4:89:24:
b3:91:f8:06:3e:0c:a3:00:15:83:7d:2c:bb:e5:38:58:f4:d6:
ba:d7:65:d5:8a:6f:22:a7:33:79:97:04:c9:bf:95:2a:0c:84:
0c:3f:d8:e7:bf:b2:01:8c:2d:08:b0:8d:ab:0a:5b:1d:59:3e:
76:2d:05:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMXcD+MiCzYOlcXsC0Km4PUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTEwMTg1NzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJiYjM3MzlhZWNmYzBmYTc3OGVkZDQyN2YzMDc3MTU0MjQzZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYyk7Q3Dnm5FeZpACPnKAEYCL+OR
xBW1MOLTmV6szXqAkbat19yC0A4fmFHJx14ArTVEo1B/u3MXCnEeeiGIGdKOgcdr
GLGsiVbZVnAzoYORzqXP+NK0Dgc9noDE8BcqwaBzdde4MNb5bR32ssuVcaJdQO4Z
iiST9bqnVS+HZcybDjRfSvtHrMCuFlbA9x1d4jsmnRuqft6LB/hM1LbH3JsQqc7F
bJHbl25C6hnTdFP/IsH+5L9ONPBF9rZs3Yzu/kHyJfKCj8TZkwbyrlfythLZvx57
xmdIQ9GLWRgjsHe3Bj1bbvNNYL4lYPexvxT95Fzcz5XdUr4njlIxZq4yXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCors3Oa7PwPp3jt1CfzB3FUJD1cMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS2l1emM1cnNfQS1uZU8zVUpfTUhjVlFrUFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1CZRAwQB
1dI0AwQA1drvMA0GCSqGSIb3DQEBCwUAA4IBAQAQbFt0N6QetEPXnM6GitcqPK3R
Q548+OERmCPp1XEatfSii/I+C6bovh4PPqcNryH1ttQK07Zpmcn0kJHr4fllowRp
uTD8GTZRiGoSRgUvmFMOjmckSyAp69AGoWm1+lHoRxiscfT8lOoZnFikdtnRrU2a
D6oqdFuGnjA+V/Ng2gMKhV+0M96tkA610tZyc9A7iXkorOPaofyc30HIMEIonev2
L2zZBo8e24BOiYqN5tXmsodzuwUhyb81um7+HycsfO/0iSSzkfgGPgyjABWDfSy7
5ThY9Na612XVim8ipzN5lwTJv5UqDIQMP9jnv7IBjC0IsI2rClsdWT52LQUb
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:00 2024 by rpki-client on console-fra.rpki-client.org