Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XgAN66xFBPAcczWNJ6J8WekkK2o.roa
File: XgAN66xFBPAcczWNJ6J8WekkK2o.roa (raw, json)
Hash identifier: IAaFW74oWhNgXe7mTLAZrh4eDiaXi3en5CYIVkiZk4g=
Subject key identifier: 5E:00:0D:EB:AC:45:04:F0:1C:73:35:8D:27:A2:7C:59:E9:24:2B:6A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01933E7DA0BE6A529B460EBB5F211AD78C1F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XgAN66xFBPAcczWNJ6J8WekkK2o.roa
Signing time: Mon 18 Nov 2024 08:57:20 +0000
ROA not before: Mon 18 Nov 2024 08:57:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:7d:a0:be:6a:52:9b:46:0e:bb:5f:21:1a:d7:8c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 18 08:57:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e000debac4504f01c73358d27a27c59e9242b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1e:03:1a:13:1d:8d:47:e0:bb:34:07:a6:d0:
67:04:7d:d9:e2:14:40:24:26:d7:08:74:fd:26:f1:
87:2a:65:09:84:a0:9c:59:c8:63:95:e8:7a:4c:2e:
01:09:58:b7:8b:27:96:4a:fd:d6:c1:a5:46:cd:01:
45:44:20:f6:95:49:e8:4d:0d:f7:f6:29:6a:ad:38:
27:26:ac:89:20:8e:a8:fa:22:ea:a9:64:b0:b6:f7:
08:63:0a:a5:e0:f0:80:81:b3:51:21:22:c4:4f:a4:
27:56:c4:95:5c:6b:17:d7:47:a5:8f:e6:c8:fe:74:
de:66:be:16:43:d4:80:11:a6:3e:d6:20:f3:0d:95:
34:27:37:16:60:17:4a:a5:ac:98:eb:d6:ed:f9:af:
7b:c2:cf:39:47:39:13:0d:ad:d3:d4:d2:48:3b:52:
00:8d:22:3c:72:21:9c:02:c1:5e:03:24:02:c7:75:
5d:ff:e4:f1:1c:87:bc:4c:2e:27:9a:10:5f:ae:91:
cf:51:57:dc:53:11:41:5e:0c:8d:70:d3:59:7d:f3:
29:3d:8e:a1:ed:22:fd:e4:4f:d5:26:1b:4a:0e:bd:
7d:1b:9b:43:05:8c:8f:56:f2:ee:66:17:af:18:80:
6d:23:0e:2f:86:8d:4c:42:cf:e2:53:e5:d5:c7:f5:
fc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:00:0D:EB:AC:45:04:F0:1C:73:35:8D:27:A2:7C:59:E9:24:2B:6A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XgAN66xFBPAcczWNJ6J8WekkK2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.98.0/24
82.153.205.0/24
82.153.222.0/24
82.153.243.0/24
89.213.50.0/24
109.176.244.0/24
213.218.234.0/24
213.218.238.0/24
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
39:32:24:33:e0:6b:47:6d:1a:88:90:f7:0c:98:50:e2:7d:29:
6f:7d:15:9d:db:78:55:cf:9f:ba:ea:11:db:c4:fc:b8:fe:bd:
c4:83:25:56:62:6d:3b:52:dd:4c:21:cf:d2:bb:82:0b:9f:3d:
f9:19:a0:5e:b7:f1:b7:fa:b0:ae:7c:c7:3d:26:b5:ee:cd:d6:
13:21:d2:67:90:43:40:b4:30:17:b5:2a:65:5c:79:97:ee:2d:
df:7d:93:34:19:cc:b6:24:38:b7:24:2a:51:b7:a3:24:28:bf:
bb:e4:7e:b3:53:df:2d:64:22:29:17:4f:65:de:c5:8d:b5:e4:
d9:c9:8f:a6:1f:46:e3:3c:ae:e8:5c:d7:bc:b3:5a:d3:b9:49:
df:36:3f:43:49:70:26:5a:05:62:e0:3c:c9:7c:50:33:78:d1:
88:a9:f4:e6:eb:9e:68:0a:17:e4:3e:d6:cd:09:42:a6:91:c3:
ae:cb:df:55:54:66:c2:7d:00:88:dd:1d:28:85:f0:55:56:b9:
8f:c7:5b:fe:fc:56:1a:78:86:b4:57:7a:56:b0:39:9c:aa:a9:
1a:6c:3e:17:57:50:99:af:55:42:f4:89:bd:11:64:4b:78:09:
1a:20:83:84:0c:22:35:c2:7d:40:02:0b:d1:a8:90:ad:b9:a8:
2c:4a:1c:cd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZM+faC+alKbRg67XyEa14wfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTE4MDg1NzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTAwMGRlYmFjNDUwNGYwMWM3MzM1OGQyN2EyN2M1OWU5MjQyYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph4DGhMdjUfguzQHptBnBH3Z4hRA
JCbXCHT9JvGHKmUJhKCcWchjleh6TC4BCVi3iyeWSv3WwaVGzQFFRCD2lUnoTQ33
9ilqrTgnJqyJII6o+iLqqWSwtvcIYwql4PCAgbNRISLET6QnVsSVXGsX10elj+bI
/nTeZr4WQ9SAEaY+1iDzDZU0JzcWYBdKpayY69bt+a97ws85RzkTDa3T1NJIO1IA
jSI8ciGcAsFeAyQCx3Vd/+TxHIe8TC4nmhBfrpHPUVfcUxFBXgyNcNNZffMpPY6h
7SL95E/VJhtKDr19G5tDBYyPVvLuZhevGIBtIw4vho1MQs/iU+XVx/X81wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFF4ADeusRQTwHHM1jSeifFnpJCtqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWGdBTjY2eEZCUEFjY3pXTko2SjhXZWtrSzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUpgIAwQA
UphiAwQAUpnNAwQAUpneAwQAUpnzAwQAWdUyAwQAbbD0AwQA1drqAwQA1druAwQA
2ZFEMA0GCSqGSIb3DQEBCwUAA4IBAQA5MiQz4GtHbRqIkPcMmFDifSlvfRWd23hV
z5+66hHbxPy4/r3EgyVWYm07Ut1MIc/Su4ILnz35GaBet/G3+rCufMc9JrXuzdYT
IdJnkENAtDAXtSplXHmX7i3ffZM0Gcy2JDi3JCpRt6MkKL+75H6zU98tZCIpF09l
3sWNteTZyY+mH0bjPK7oXNe8s1rTuUnfNj9DSXAmWgVi4DzJfFAzeNGIqfTm655o
ChfkPtbNCUKmkcOuy99VVGbCfQCI3R0ohfBVVrmPx1v+/FYaeIa0V3pWsDmcqqka
bD4XV1CZr1VC9Im9EWRLeAkaIIOEDCI1wn1AAgvRqJCtuagsShzN
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:00 2024 by rpki-client on console-fra.rpki-client.org