Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M1DLpUzBAq_SL01F1OS8niFwo6A.roa
File: M1DLpUzBAq_SL01F1OS8niFwo6A.roa (raw, json)
Hash identifier: hCUkOMAAy1g6rl5VXeWsNPLRTnagiAP2XTrDaziuUN4=
Subject key identifier: 33:50:CB:A5:4C:C1:02:AF:D2:2F:4D:45:D4:E4:BC:9E:21:70:A3:A0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01930D04DA3CF81662B9CFF6500B4CE1D4EC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M1DLpUzBAq_SL01F1OS8niFwo6A.roa
Signing time: Fri 08 Nov 2024 18:24:01 +0000
ROA not before: Fri 08 Nov 2024 18:24:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63150
IP address blocks: 82.152.6.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
194.105.83.0/24 maxlen: 24
194.105.89.0/24 maxlen: 24
213.210.55.0/24 maxlen: 24
213.218.228.0/24 maxlen: 24
213.218.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0d:04:da:3c:f8:16:62:b9:cf:f6:50:0b:4c:e1:d4:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 8 18:24:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3350cba54cc102afd22f4d45d4e4bc9e2170a3a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3e:44:0b:52:c2:bc:b2:01:1c:fd:d4:61:84:
5c:84:43:fa:76:02:ee:c9:77:a5:d8:22:a1:50:84:
2b:00:fb:ce:24:fa:84:ac:86:78:2c:a3:af:8c:28:
fa:33:e0:d8:44:c9:26:8b:2d:02:8a:78:a4:0e:4b:
02:8e:f1:6b:b3:f9:bf:06:f7:61:88:ca:8e:3a:47:
8e:bf:21:db:af:50:59:b9:c3:08:08:48:b7:14:c7:
1c:ad:5d:6f:d5:d8:47:07:b5:a1:57:0b:8b:0a:fa:
10:39:05:34:e0:6a:1e:ec:95:28:7d:34:f4:0b:84:
ad:bf:3e:f6:d9:94:df:7b:fa:00:23:1c:3e:60:c0:
49:43:8a:86:24:b5:7d:bc:99:f4:61:bb:7d:c1:74:
11:4f:0c:80:e1:0d:4d:fc:88:e2:e5:d4:c9:7f:15:
86:3e:ed:bc:48:4d:80:bf:0f:7b:39:9d:49:3e:db:
a3:c2:f5:17:c8:d1:18:2a:57:89:96:19:de:15:2b:
c7:45:53:5f:c9:c6:e3:79:38:00:16:b4:cc:34:72:
98:17:18:c3:c8:47:1c:3b:eb:3a:14:1a:af:0a:ec:
e1:e4:7e:e6:5f:2a:fd:1f:19:ed:26:67:1f:34:9c:
c7:6f:10:43:c9:7e:6f:69:56:0c:28:97:28:21:fe:
f7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:50:CB:A5:4C:C1:02:AF:D2:2F:4D:45:D4:E4:BC:9E:21:70:A3:A0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M1DLpUzBAq_SL01F1OS8niFwo6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.6.0/24
89.213.150.0/24
194.105.83.0/24
194.105.89.0/24
213.210.55.0/24
213.218.228.0/24
213.218.255.0/24
Signature Algorithm: sha256WithRSAEncryption
99:0e:01:f4:a9:68:1b:96:53:ac:b7:f8:93:02:c0:0d:85:54:
63:24:53:62:78:8f:70:17:7d:33:2b:56:43:85:94:c5:c8:f7:
cf:3c:fc:17:3f:8c:11:e6:d2:75:12:58:19:94:c5:17:e5:3d:
4a:58:f0:0a:32:a3:aa:b5:92:4c:82:37:81:5b:dc:6b:4b:bb:
59:a1:3c:94:d6:8c:35:ea:3b:d3:c2:45:ee:93:bb:40:ac:6a:
5f:93:df:51:41:86:3a:28:bb:7a:d4:ff:81:31:1c:9f:73:e4:
58:f4:1a:a5:de:ee:50:03:85:8d:61:74:bb:ad:ba:60:fc:11:
a8:4e:8e:13:0d:ff:cf:66:7c:b2:a3:24:e3:58:34:d8:eb:57:
43:e1:f7:74:d4:2d:e3:50:10:e7:e2:5b:d1:2e:85:e2:7c:7d:
2c:7c:f6:f8:e1:f3:76:43:28:b3:eb:a1:bb:62:2d:70:3f:06:
4d:ee:b7:36:e7:30:ea:15:64:6e:40:64:51:79:10:53:f2:1d:
a9:cb:c7:d0:0e:cb:ed:56:90:4e:3e:36:f5:c1:40:36:bb:2c:
44:57:8e:a2:b3:e1:00:bb:07:65:3b:96:47:b1:c5:8f:d5:e1:
4e:0b:a1:c4:13:98:bc:67:b0:ae:5f:05:81:3b:0d:5b:cb:c4:
33:20:84:4c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZMNBNo8+BZiuc/2UAtM4dTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTA4MTgyNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzUwY2JhNTRjYzEwMmFmZDIyZjRkNDVkNGU0YmM5ZTIxNzBhM2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3D5EC1LCvLIBHP3UYYRchEP6dgLu
yXel2CKhUIQrAPvOJPqErIZ4LKOvjCj6M+DYRMkmiy0CinikDksCjvFrs/m/Bvdh
iMqOOkeOvyHbr1BZucMICEi3FMccrV1v1dhHB7WhVwuLCvoQOQU04Goe7JUofTT0
C4Stvz722ZTfe/oAIxw+YMBJQ4qGJLV9vJn0Ybt9wXQRTwyA4Q1N/Iji5dTJfxWG
Pu28SE2Avw97OZ1JPtujwvUXyNEYKleJlhneFSvHRVNfycbjeTgAFrTMNHKYFxjD
yEccO+s6FBqvCuzh5H7mXyr9HxntJmcfNJzHbxBDyX5vaVYMKJcoIf73JQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDNQy6VMwQKv0i9NRdTkvJ4hcKOgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTTFETHBVekJBcV9TTDAxRjFPUzhuaUZ3bzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpgGAwQA
WdWWAwQAwmlTAwQAwmlZAwQA1dI3AwQA1drkAwQA1dr/MA0GCSqGSIb3DQEBCwUA
A4IBAQCZDgH0qWgbllOst/iTAsANhVRjJFNieI9wF30zK1ZDhZTFyPfPPPwXP4wR
5tJ1ElgZlMUX5T1KWPAKMqOqtZJMgjeBW9xrS7tZoTyU1ow16jvTwkXuk7tArGpf
k99RQYY6KLt61P+BMRyfc+RY9Bql3u5QA4WNYXS7rbpg/BGoTo4TDf/PZnyyoyTj
WDTY61dD4fd01C3jUBDn4lvRLoXifH0sfPb44fN2Qyiz66G7Yi1wPwZN7rc25zDq
FWRuQGRReRBT8h2py8fQDsvtVpBOPjb1wUA2uyxEV46is+EAuwdlO5ZHscWP1eFO
C6HEE5i8Z7CuXwWBOw1by8QzIIRM
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:20 2024 by rpki-client on console-ams.rpki-client.org