Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MdeWf8TxGSuO0Xp1hPQpLbvWf-4.roa
File: MdeWf8TxGSuO0Xp1hPQpLbvWf-4.roa (raw, json)
Hash identifier: 7v8j0P6q0ellZ6TZaj3oV2dysIPLy5gDT1K45TS5QOo=
Subject key identifier: 31:D7:96:7F:C4:F1:19:2B:8E:D1:7A:75:84:F4:29:2D:BB:D6:7F:EE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191CDB73B57FEEEF67623B7BF5CE10EFCCE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MdeWf8TxGSuO0Xp1hPQpLbvWf-4.roa
Signing time: Sat 07 Sep 2024 18:20:22 +0000
ROA not before: Sat 07 Sep 2024 18:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cd:b7:3b:57:fe:ee:f6:76:23:b7:bf:5c:e1:0e:fc:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 7 18:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31d7967fc4f1192b8ed17a7584f4292dbbd67fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f9:1c:d4:4b:1a:f1:3d:8a:62:5c:cd:a7:84:
7d:d4:94:9e:6a:12:72:92:19:b5:d8:88:e8:5a:d3:
30:8d:9f:0e:1a:e1:07:83:a8:72:a1:c9:c5:b2:c7:
b5:cb:9c:bf:4f:db:ac:39:64:ee:dd:a7:a3:de:76:
89:71:f4:09:0e:0c:1c:8a:c2:f9:6d:5b:06:76:fb:
88:87:ee:51:18:49:07:1a:9b:b3:a6:e8:18:77:18:
25:20:10:af:f3:fb:85:0c:c5:e8:f6:53:e2:2f:34:
55:db:d1:4d:a8:c8:ca:6a:98:78:fc:6b:86:03:71:
cf:ab:8e:08:fe:1f:d8:c2:96:d1:20:02:ea:18:8d:
ec:5b:7b:cc:74:71:39:89:25:23:dd:c9:02:71:56:
7a:0d:13:80:49:3f:b2:44:c5:f6:eb:57:26:96:a2:
b0:e5:9c:37:31:37:a4:a6:23:0b:e7:92:d0:02:16:
96:64:89:cc:f9:84:17:9d:99:03:74:19:cd:b8:02:
fb:16:96:c5:1c:23:b9:e3:e5:c0:34:32:49:5f:90:
46:c1:de:42:71:d1:a4:78:2e:2d:d0:75:9d:5e:39:
a2:d2:d1:0f:4a:bd:8e:5d:90:3f:c0:9c:7a:c4:f9:
25:3b:0a:96:70:bf:46:82:50:70:36:31:67:8a:b7:
b1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D7:96:7F:C4:F1:19:2B:8E:D1:7A:75:84:F4:29:2D:BB:D6:7F:EE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MdeWf8TxGSuO0Xp1hPQpLbvWf-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.4.0/23
82.153.153.0/24
82.153.156.0/24
82.153.200.0/24
213.210.63.0/24
213.218.211.0/24
213.218.233.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:84:88:46:3e:18:4c:c7:7f:2f:e2:6c:2e:ee:48:b8:c2:6a:
d3:19:5d:c0:e4:35:96:bb:c8:71:d6:fb:a2:19:8d:1c:32:4f:
81:ee:75:f5:73:a1:60:b6:41:b7:20:7f:1d:3f:fc:0c:86:a3:
d3:27:08:69:c5:c9:54:f1:f4:41:3d:83:33:b9:e1:a0:5e:db:
30:fd:94:81:c1:cf:fb:93:b2:7d:8b:aa:6c:07:61:a7:bb:b6:
12:64:68:21:59:02:a5:9a:b8:e0:8d:f0:8b:d6:9f:3c:4c:5b:
b8:51:6d:2e:89:7f:d4:ad:aa:7f:3e:4f:19:cc:cb:53:89:3a:
8d:37:ab:7a:9b:4c:7b:61:b4:77:f2:9d:9b:8e:ca:63:9f:32:
86:56:99:5d:08:7c:32:30:00:76:e9:b1:b1:4c:cf:54:d9:89:
cc:28:e7:43:be:79:9e:ef:59:00:f4:1f:5b:a7:25:64:bd:f5:
12:69:3e:56:19:b3:24:9e:18:44:e5:52:0d:3d:aa:81:67:f7:
d3:17:86:01:16:ff:87:05:6b:82:ce:b2:66:3a:41:f6:4b:70:
a8:c9:e0:35:c0:a7:6a:3a:39:62:97:ce:09:c2:ed:43:26:f7:
9d:52:78:8b:3f:96:74:c0:42:0c:f5:98:e0:b9:39:88:84:97:
07:d9:f2:e2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZHNtztX/u72diO3v1zhDvzOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTA3MTgyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ3OTY3ZmM0ZjExOTJiOGVkMTdhNzU4NGY0MjkyZGJiZDY3ZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fkc1Esa8T2KYlzNp4R91JSeahJy
khm12IjoWtMwjZ8OGuEHg6hyocnFsse1y5y/T9usOWTu3aej3naJcfQJDgwcisL5
bVsGdvuIh+5RGEkHGpuzpugYdxglIBCv8/uFDMXo9lPiLzRV29FNqMjKaph4/GuG
A3HPq44I/h/YwpbRIALqGI3sW3vMdHE5iSUj3ckCcVZ6DROAST+yRMX261cmlqKw
5Zw3MTekpiML55LQAhaWZInM+YQXnZkDdBnNuAL7FpbFHCO54+XANDJJX5BGwd5C
cdGkeC4t0HWdXjmi0tEPSr2OXZA/wJx6xPklOwqWcL9GglBwNjFnirexJQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDHXln/E8RkrjtF6dYT0KS271n/uMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTWRlV2Y4VHhHU3VPMFhwMWhQUXBMYnZXZi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBUpgEAwQA
UpmZAwQAUpmcAwQAUpnIAwQA1dI/AwQA1drTAwQA1drpMA0GCSqGSIb3DQEBCwUA
A4IBAQBehIhGPhhMx38v4mwu7ki4wmrTGV3A5DWWu8hx1vuiGY0cMk+B7nX1c6Fg
tkG3IH8dP/wMhqPTJwhpxclU8fRBPYMzueGgXtsw/ZSBwc/7k7J9i6psB2Gnu7YS
ZGghWQKlmrjgjfCL1p88TFu4UW0uiX/Urap/Pk8ZzMtTiTqNN6t6m0x7YbR38p2b
jspjnzKGVpldCHwyMAB26bGxTM9U2YnMKOdDvnme71kA9B9bpyVkvfUSaT5WGbMk
nhhE5VINPaqBZ/fTF4YBFv+HBWuCzrJmOkH2S3CoyeA1wKdqOjlil84Jwu1DJved
UniLP5Z0wEIM9ZjguTmIhJcH2fLi
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:00 2024 by rpki-client on console-fra.rpki-client.org