Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SiO3LHt2gZLAGRxis_hm8h7XVjY.roa
File: SiO3LHt2gZLAGRxis_hm8h7XVjY.roa (raw, json)
Hash identifier: +onxcwVkUbnAkNVwOmGFFH6IJOMqPgy+gficaVfUVzU=
Subject key identifier: 4A:23:B7:2C:7B:76:81:92:C0:19:1C:62:B3:F8:66:F2:1E:D7:56:36
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FC971C6EACCEDFFBD476A9802BCE76DD6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SiO3LHt2gZLAGRxis_hm8h7XVjY.roa
Signing time: Thu 30 May 2024 12:20:27 +0000
ROA not before: Thu 30 May 2024 12:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199707
IP address blocks: 79.99.78.0/24 maxlen: 24
109.176.19.0/24 maxlen: 24
213.210.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c9:71:c6:ea:cc:ed:ff:bd:47:6a:98:02:bc:e7:6d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 30 12:20:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a23b72c7b768192c0191c62b3f866f21ed75636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a5:b3:37:01:87:96:ef:cd:a1:59:01:7e:06:
37:b6:04:7f:fc:5d:dc:f3:d9:4c:1a:a3:5a:b7:f6:
cd:2d:34:19:2b:87:bb:fa:b7:be:81:38:e0:98:6d:
8f:f5:90:bb:4b:9e:bf:41:33:67:bb:19:f2:72:6c:
a4:57:17:ee:5c:67:32:9d:cd:c5:1b:0a:45:0f:a8:
2f:20:a9:07:d0:fc:67:db:38:86:98:18:dc:cc:f5:
05:d7:81:54:76:58:b5:0e:f9:29:96:83:22:79:f5:
37:61:b8:5b:c5:d2:ae:9d:fa:03:35:1e:a3:9b:9c:
a3:aa:71:72:70:cb:5c:29:ec:b9:d8:d2:03:4e:2d:
f8:a8:ae:68:54:59:2a:6e:63:66:56:b0:45:6b:a4:
a7:71:b2:09:00:9d:67:a5:d6:8a:ed:00:0b:a8:af:
06:12:76:13:60:8c:a5:7b:32:dc:db:02:d6:82:57:
c7:34:fe:16:e4:6a:cb:ff:b9:64:83:47:b8:91:5e:
4b:21:48:70:bb:4b:af:f9:f8:d4:9c:5f:35:23:5b:
84:92:a0:b8:eb:a4:c9:59:3a:f7:a7:d4:88:4a:93:
44:7c:1a:4b:4c:ce:5b:4e:24:0d:08:ed:e2:6d:5d:
44:49:98:08:08:08:b2:cd:1b:5f:d6:8a:32:ea:2f:
ea:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:23:B7:2C:7B:76:81:92:C0:19:1C:62:B3:F8:66:F2:1E:D7:56:36
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SiO3LHt2gZLAGRxis_hm8h7XVjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.78.0/24
109.176.19.0/24
213.210.4.0/23
Signature Algorithm: sha256WithRSAEncryption
50:1d:59:d7:f6:7d:0d:bc:59:62:75:92:9a:96:f0:01:e5:f7:
e1:8e:44:9d:21:6e:47:61:8c:f5:21:d8:ff:8e:a4:cf:6e:5e:
ee:bb:7c:d9:81:f6:da:ff:12:61:de:f2:21:9a:01:8a:68:24:
83:ed:8b:41:20:14:bc:ea:34:58:63:00:97:22:98:ce:9a:c3:
03:7c:80:bb:0e:39:a4:3f:6b:51:45:ac:71:b5:3a:bd:d6:95:
ac:62:d2:54:dd:db:e1:4c:5a:de:14:a2:4c:2a:ae:ca:72:fd:
9d:c7:4a:23:5a:ba:44:31:9e:7e:d5:65:68:b3:bb:af:48:3a:
aa:38:ee:fc:2c:79:99:4b:8d:af:9d:04:d5:6e:26:8b:2f:70:
8b:8e:4b:80:fb:ca:7f:b1:9b:d9:6f:3e:2a:d2:95:15:d9:b0:
fe:f7:6b:08:1f:d0:e2:a9:52:07:16:78:7a:ba:bf:93:99:fc:
a3:53:a2:4e:91:0c:88:41:88:2f:6d:ec:92:41:67:7f:a8:7c:
00:4c:1d:6b:6b:9a:7f:49:72:20:31:ff:8f:c2:4b:d3:e8:b1:
5b:52:aa:a8:c2:78:5c:7a:50:73:24:52:37:8c:94:1b:d5:35:
93:c9:c3:a3:27:39:a5:e4:40:7f:83:88:4b:ec:ec:b7:aa:f2:
f7:34:30:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/JccbqzO3/vUdqmAK8523WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTMwMTIyMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTIzYjcyYzdiNzY4MTkyYzAxOTFjNjJiM2Y4NjZmMjFlZDc1NjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKWzNwGHlu/NoVkBfgY3tgR//F3c
89lMGqNat/bNLTQZK4e7+re+gTjgmG2P9ZC7S56/QTNnuxnycmykVxfuXGcync3F
GwpFD6gvIKkH0Pxn2ziGmBjczPUF14FUdli1DvkploMiefU3YbhbxdKunfoDNR6j
m5yjqnFycMtcKey52NIDTi34qK5oVFkqbmNmVrBFa6SncbIJAJ1npdaK7QALqK8G
EnYTYIylezLc2wLWglfHNP4W5GrL/7lkg0e4kV5LIUhwu0uv+fjUnF81I1uEkqC4
66TJWTr3p9SISpNEfBpLTM5bTiQNCO3ibV1ESZgICAiyzRtf1ooy6i/q8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEojtyx7doGSwBkcYrP4ZvIe11Y2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU2lPM0xIdDJnWkxBR1J4aXNfaG04aDdYVmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT2NOAwQA
bbATAwQB1dIEMA0GCSqGSIb3DQEBCwUAA4IBAQBQHVnX9n0NvFlidZKalvAB5ffh
jkSdIW5HYYz1Idj/jqTPbl7uu3zZgfba/xJh3vIhmgGKaCSD7YtBIBS86jRYYwCX
IpjOmsMDfIC7DjmkP2tRRaxxtTq91pWsYtJU3dvhTFreFKJMKq7Kcv2dx0ojWrpE
MZ5+1WVos7uvSDqqOO78LHmZS42vnQTVbiaLL3CLjkuA+8p/sZvZbz4q0pUV2bD+
92sIH9DiqVIHFnh6ur+TmfyjU6JOkQyIQYgvbeySQWd/qHwATB1ra5p/SXIgMf+P
wkvT6LFbUqqownhcelBzJFI3jJQb1TWTycOjJzml5EB/g4hL7Oy3qvL3NDBu
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:20 2024 by rpki-client on console-ams.rpki-client.org