Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ToMapRU1_o-C41B85kgtgelpzwo.roa
File: ToMapRU1_o-C41B85kgtgelpzwo.roa (raw, json)
Hash identifier: OVz4ygEK01FUIcvwrHKZWNdkHxAfaIl332BsCg/l6AU=
Subject key identifier: 4E:83:1A:A5:15:35:FE:8F:82:E3:50:7C:E6:48:2D:81:E9:69:CF:0A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018EC70E149C47738E419B804492D09680E6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ToMapRU1_o-C41B85kgtgelpzwo.roa
Signing time: Wed 10 Apr 2024 08:09:32 +0000
ROA not before: Wed 10 Apr 2024 08:09:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 82.152.52.0/23 maxlen: 24
82.152.55.0/24 maxlen: 24
82.163.22.0/23 maxlen: 24
89.213.210.0/23 maxlen: 24
89.213.248.0/23 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.25.0/24 maxlen: 24
109.176.27.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.210.40.0/23 maxlen: 24
213.210.48.0/23 maxlen: 24
213.210.62.0/23 maxlen: 24
213.218.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:0e:14:9c:47:73:8e:41:9b:80:44:92:d0:96:80:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 10 08:09:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e831aa51535fe8f82e3507ce6482d81e969cf0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3f:75:93:dc:5a:40:f7:c6:c6:3f:78:02:7b:
7d:16:0e:d5:62:2c:64:dc:84:c1:ee:32:42:3a:0b:
99:2a:9e:db:9d:13:59:5c:c7:b1:18:94:60:e5:e9:
f7:51:d8:95:cf:de:a4:12:1e:84:1e:35:80:ec:43:
5a:09:65:79:6b:9f:9d:6f:01:60:90:b6:6a:f5:cc:
a6:22:77:b7:00:c4:c7:73:60:d5:aa:8c:ac:78:a6:
b0:ad:dc:50:2d:2c:b5:a0:6d:e1:3a:a8:2d:56:3b:
d3:b1:0b:80:aa:e0:48:22:88:56:05:a6:da:d1:00:
78:15:9d:3e:b8:fa:d3:d6:d7:9c:0b:77:31:96:04:
90:97:1a:fa:92:a8:c3:fc:53:4f:c2:44:1b:bb:58:
6e:4f:52:52:42:eb:91:d0:41:90:9f:b6:f5:90:79:
6f:5f:5a:5a:d5:d0:3a:ba:04:f1:ab:8c:b2:c8:d6:
17:89:fa:01:41:9c:1f:be:30:bb:37:a0:02:74:b0:
65:39:c3:aa:33:44:de:3c:5d:cc:3f:91:77:be:d6:
ff:69:98:ce:31:90:76:79:f3:55:a2:f8:34:48:8a:
4e:8b:c4:2f:e6:e7:ad:7f:b9:aa:29:83:d1:92:52:
09:e5:e3:77:97:32:a7:f9:ff:c6:04:16:e4:99:71:
a6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:83:1A:A5:15:35:FE:8F:82:E3:50:7C:E6:48:2D:81:E9:69:CF:0A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ToMapRU1_o-C41B85kgtgelpzwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.52.0/23
82.152.55.0/24
82.163.22.0/23
89.213.210.0/23
89.213.248.0/23
109.176.16.0/21
109.176.25.0/24
109.176.27.0/24
212.38.88.0/23
213.210.40.0/23
213.210.48.0/23
213.210.62.0/23
213.218.226.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ff:31:79:64:34:54:f6:ad:e3:9e:46:ba:4f:c4:bf:7b:a8:
bd:9f:ce:a4:ef:bd:59:be:58:41:83:e4:6e:d4:42:05:4c:ab:
59:07:cf:f3:40:39:f3:46:2a:2e:01:32:d3:74:fa:6b:67:94:
b8:bd:03:f6:7a:96:e5:83:eb:b7:41:2f:34:f6:34:5e:65:e5:
67:e7:fa:10:70:66:69:cc:79:15:90:b5:a5:b3:50:fc:4b:89:
37:40:5c:f0:e0:aa:e3:10:1b:df:f5:b7:5b:cb:2c:16:ab:64:
5b:82:b5:bb:29:d1:bf:70:c7:99:a4:d5:21:aa:44:6c:91:c8:
e6:10:7a:28:9c:6d:34:46:be:78:ec:09:9a:03:65:ec:21:be:
37:df:22:00:28:19:65:7d:e6:13:4e:ce:cd:c0:de:c0:21:0e:
6a:fc:89:56:f4:92:f9:53:e7:02:17:ca:7d:90:3f:7a:dd:8e:
44:d5:e4:2e:06:cb:31:19:22:5d:56:2a:a6:06:a7:f6:eb:26:
c8:04:03:19:e2:4f:b7:63:1d:e7:37:05:0e:5a:f1:0e:ce:7b:
62:97:d8:1b:4f:d7:a7:21:83:5b:27:8b:bb:c4:48:c4:7c:8a:
c5:a7:06:fc:a1:67:f8:d3:17:18:b6:c4:8d:cc:a8:dd:26:0d:
41:23:e6:12
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY7HDhScR3OOQZuARJLQloDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDEwMDgwOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTgzMWFhNTE1MzVmZThmODJlMzUwN2NlNjQ4MmQ4MWU5NjljZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj91k9xaQPfGxj94Ant9Fg7VYixk
3ITB7jJCOguZKp7bnRNZXMexGJRg5en3UdiVz96kEh6EHjWA7ENaCWV5a5+dbwFg
kLZq9cymIne3AMTHc2DVqoyseKawrdxQLSy1oG3hOqgtVjvTsQuAquBIIohWBaba
0QB4FZ0+uPrT1tecC3cxlgSQlxr6kqjD/FNPwkQbu1huT1JSQuuR0EGQn7b1kHlv
X1pa1dA6ugTxq4yyyNYXifoBQZwfvjC7N6ACdLBlOcOqM0TePF3MP5F3vtb/aZjO
MZB2efNVovg0SIpOi8Qv5uetf7mqKYPRklIJ5eN3lzKn+f/GBBbkmXGm6wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFE6DGqUVNf6PguNQfOZILYHpac8KMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVG9NYXBSVTFfby1DNDFCODVrZ3RnZWxwendvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBUpg0AwQA
Upg3AwQBUqMWAwQBWdXSAwQBWdX4AwQDbbAQAwQAbbAZAwQAbbAbAwQB1CZYAwQB
1dIoAwQB1dIwAwQB1dI+AwQA1driMA0GCSqGSIb3DQEBCwUAA4IBAQBW/zF5ZDRU
9q3jnka6T8S/e6i9n86k771ZvlhBg+Ru1EIFTKtZB8/zQDnzRiouATLTdPprZ5S4
vQP2epblg+u3QS809jReZeVn5/oQcGZpzHkVkLWls1D8S4k3QFzw4KrjEBvf9bdb
yywWq2RbgrW7KdG/cMeZpNUhqkRskcjmEHoonG00Rr547AmaA2XsIb433yIAKBll
feYTTs7NwN7AIQ5q/IlW9JL5U+cCF8p9kD963Y5E1eQuBssxGSJdViqmBqf26ybI
BAMZ4k+3Yx3nNwUOWvEOzntil9gbT9enIYNbJ4u7xEjEfIrFpwb8oWf40xcYtsSN
zKjdJg1BI+YS
-----END CERTIFICATE-----
Generated at Fri Apr 26 06:49:24 2024 by rpki-client on console-ams.rpki-client.org