Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SEsYv_5aCf3rWiSQYMk8BXO8raY.roa
File: SEsYv_5aCf3rWiSQYMk8BXO8raY.roa (raw, json)
Hash identifier: xhb/weEtkTUbDn7fHAkIiOjqP2KnzA+RHf4XpH0Ns6Y=
Subject key identifier: 48:4B:18:BF:FE:5A:09:FD:EB:5A:24:90:60:C9:3C:05:73:BC:AD:A6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421441D017B5E0186AD79B3487D415973
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SEsYv_5aCf3rWiSQYMk8BXO8raY.roa
Signing time: Wed 01 Jan 2025 09:48:19 +0000
ROA not before: Wed 01 Jan 2025 09:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214024
IP address blocks: 212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:1d:01:7b:5e:01:86:ad:79:b3:48:7d:41:59:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=484b18bffe5a09fdeb5a249060c93c0573bcada6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:db:db:2a:86:06:f3:76:c8:2d:74:a6:63:8f:
14:fb:81:1e:05:db:f1:ef:98:a4:89:0c:bc:34:81:
47:42:42:3c:7a:11:e1:c9:e8:4a:9a:a1:5b:ba:df:
33:b5:29:69:bb:a0:bc:90:85:2f:cb:a0:18:fd:77:
b8:e6:99:49:ec:00:23:20:af:f4:9e:86:2f:55:29:
ff:03:0f:da:f8:2a:55:0e:c6:e9:6f:c5:c5:81:4f:
b0:70:f4:dc:f9:ed:c3:96:5e:21:08:70:32:35:b1:
cc:2e:c5:e0:77:85:c6:7c:c9:98:b8:ef:41:d0:20:
ec:cc:92:1b:74:85:e9:ac:43:4b:f7:be:c2:59:2e:
af:e4:ee:00:c6:94:82:44:c5:18:41:70:5f:e0:78:
55:0a:21:ef:57:26:c1:cc:31:2c:c8:bf:0e:df:0d:
68:1e:84:9e:4c:7c:4d:60:e5:6b:e2:29:0a:95:ea:
50:cb:05:1e:0c:ff:b2:a4:c0:2f:5c:4a:f3:a8:44:
e8:1b:a7:00:32:9f:3e:4d:06:98:e2:9d:39:53:cd:
db:d0:dc:4a:e2:c7:32:7e:b5:a8:d7:58:22:78:fd:
11:bd:e7:83:cd:c5:d8:84:22:a6:1b:ae:ec:a0:b3:
8e:67:87:a1:dc:22:b2:97:dd:d1:8b:cc:40:11:e2:
8f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:4B:18:BF:FE:5A:09:FD:EB:5A:24:90:60:C9:3C:05:73:BC:AD:A6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SEsYv_5aCf3rWiSQYMk8BXO8raY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:d9:75:36:5b:b5:44:a3:25:c0:8b:2b:7c:a8:3b:44:d2:18:
29:62:73:9c:f4:43:f5:b0:77:7e:de:b0:75:f1:a9:62:68:e6:
90:cd:c2:80:20:e5:40:a7:b7:eb:09:0e:fc:5b:db:a4:8a:28:
62:a7:3f:08:a9:93:ba:af:47:3c:a2:4d:f8:b8:41:0f:00:95:
56:16:f7:47:2b:bb:3d:02:80:89:ba:b7:80:e0:2f:a8:29:57:
52:89:dc:71:55:79:e6:e0:97:07:27:47:10:65:e3:21:66:11:
16:16:ec:80:3b:1d:26:81:95:36:66:4f:ba:45:ee:8e:5c:32:
b7:99:49:ab:eb:78:eb:a2:c6:3a:b1:27:5a:9b:2a:b3:59:a5:
4b:7b:83:7f:f0:da:b8:78:cf:f1:45:de:ce:45:4e:95:5c:7d:
25:ac:87:7c:89:43:f8:27:c7:02:fd:c0:65:40:4c:8b:6b:3f:
f3:e2:f8:b0:08:fe:cd:08:6d:12:ab:44:71:b0:4c:ce:f0:ec:
14:c8:ed:a4:17:5d:83:d3:8c:12:4e:34:7e:91:f8:5f:92:60:
8a:4d:87:aa:e8:7c:5a:2c:80:2e:c4:51:26:af:d7:7f:8a:57:
1c:3b:08:70:13:ef:ec:8f:66:d4:4f:73:56:c9:26:be:75:0b:
1b:d5:36:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhRB0Be14Bhq15s0h9QVlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODRiMThiZmZlNWEwOWZkZWI1YTI0OTA2MGM5M2MwNTczYmNhZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdvbKoYG83bILXSmY48U+4EeBdvx
75ikiQy8NIFHQkI8ehHhyehKmqFbut8ztSlpu6C8kIUvy6AY/Xe45plJ7AAjIK/0
noYvVSn/Aw/a+CpVDsbpb8XFgU+wcPTc+e3Dll4hCHAyNbHMLsXgd4XGfMmYuO9B
0CDszJIbdIXprENL977CWS6v5O4AxpSCRMUYQXBf4HhVCiHvVybBzDEsyL8O3w1o
HoSeTHxNYOVr4ikKlepQywUeDP+ypMAvXErzqEToG6cAMp8+TQaY4p05U83b0NxK
4scyfrWo11gieP0RveeDzcXYhCKmG67soLOOZ4eh3CKyl93Ri8xAEeKPTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEhLGL/+Wgn961okkGDJPAVzvK2mMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU0VzWXZfNWFDZjNyV2lTUVlNazhCWE84cmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1CZRAwQB
1dI0AwQA1drvMA0GCSqGSIb3DQEBCwUAA4IBAQBM2XU2W7VEoyXAiyt8qDtE0hgp
YnOc9EP1sHd+3rB18aliaOaQzcKAIOVAp7frCQ78W9ukiihipz8IqZO6r0c8ok34
uEEPAJVWFvdHK7s9AoCJureA4C+oKVdSidxxVXnm4JcHJ0cQZeMhZhEWFuyAOx0m
gZU2Zk+6Re6OXDK3mUmr63jrosY6sSdamyqzWaVLe4N/8Nq4eM/xRd7ORU6VXH0l
rId8iUP4J8cC/cBlQEyLaz/z4viwCP7NCG0Sq0RxsEzO8OwUyO2kF12D04wSTjR+
kfhfkmCKTYeq6HxaLIAuxFEmr9d/ilccOwhwE+/sj2bUT3NWySa+dQsb1TbW
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:48:03 2025 by rpki-client