Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xszuew767f5-7Xpn8ZGzkuJHlG4.roa
File: Xszuew767f5-7Xpn8ZGzkuJHlG4.roa (raw, json)
Hash identifier: JeXjIeMR7L/fKvkG0YUy0FNW2/zrWONEgCmk9A0RhMg=
Subject key identifier: 5E:CC:EE:7B:0E:FA:ED:FE:7E:ED:7A:67:F1:91:B3:92:E2:47:94:6E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942CAE7CADD13241B97AFAF1EA6BBA0C6B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xszuew767f5-7Xpn8ZGzkuJHlG4.roa
Signing time: Fri 03 Jan 2025 15:00:20 +0000
ROA not before: Fri 03 Jan 2025 15:00:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
82.163.0.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
213.210.54.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2c:ae:7c:ad:d1:32:41:b9:7a:fa:f1:ea:6b:ba:0c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 3 15:00:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5eccee7b0efaedfe7eed7a67f191b392e247946e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:10:15:e9:6c:01:97:68:9d:c7:fc:e6:85:a7:
f6:d6:8a:9c:4b:d2:54:a0:10:99:ef:81:bc:00:ca:
ca:90:0e:15:b8:e7:db:90:4c:aa:91:69:ed:c9:8b:
cb:dd:43:8a:e5:57:be:7b:16:7f:58:94:77:a3:3d:
d5:e1:22:04:58:46:8b:a2:fe:19:12:16:ff:3e:77:
56:71:af:cb:d0:70:f2:6a:42:31:d6:6a:f1:72:fb:
f2:d9:92:ce:9d:e5:e9:37:d4:8d:96:03:a6:a7:35:
e8:e2:3e:ca:c6:8d:43:b1:be:21:22:44:72:a5:9c:
ae:a0:21:71:6e:10:e6:93:4f:23:41:3f:d3:34:6e:
ab:5a:1f:92:29:f6:b7:99:76:dd:b1:df:d9:16:fa:
73:8f:3b:b9:bd:6a:fc:c6:d8:dc:33:d7:fb:99:5e:
a7:07:ff:50:f9:c6:2f:e8:d1:25:94:51:51:3e:35:
2c:74:ce:e6:fc:ef:52:72:e1:50:a0:69:47:a5:a5:
aa:63:77:96:83:42:a1:49:f3:61:3d:f7:06:56:c7:
af:e3:ea:be:ee:fe:a3:64:19:a1:96:52:7c:c6:8b:
5e:a8:e5:f2:a3:93:00:c8:e1:c3:f4:40:cd:d3:ba:
94:19:ae:c2:e9:f1:08:cf:1b:eb:c5:f2:9c:0d:a2:
eb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CC:EE:7B:0E:FA:ED:FE:7E:ED:7A:67:F1:91:B3:92:E2:47:94:6E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xszuew767f5-7Xpn8ZGzkuJHlG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
82.163.0.0/24
89.213.43.0/24
89.213.98.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.27.0/24
109.176.32.0/19
109.176.201.0/24
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.41.0/24
213.210.54.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
03:35:60:89:55:b3:5b:f2:4c:1a:1e:56:a9:3c:04:c4:7d:e5:
ce:af:20:a7:6c:b4:f3:f5:5b:41:7b:41:77:d5:dd:74:b5:98:
70:12:1a:a3:f2:46:bd:01:e5:ff:8d:29:83:90:88:c7:0e:cd:
90:30:30:d1:3b:ea:b6:56:95:b0:b8:25:df:cb:72:d3:e6:61:
c1:71:b4:d7:2d:5e:e8:b6:8f:39:aa:65:a5:03:50:4d:bf:3d:
fc:0b:5a:02:54:70:81:c5:ab:f5:57:44:a8:5a:fb:d9:58:55:
9b:21:db:4c:2d:b3:a2:06:ea:3c:7c:84:21:94:ce:da:be:c0:
24:a5:41:87:10:22:a2:dc:3f:d7:5c:47:eb:b3:17:cd:52:94:
64:8d:40:5f:26:4b:26:e7:fb:dc:0f:40:46:1c:aa:3e:96:60:
67:d0:28:6e:00:14:38:d8:07:2b:08:f2:71:6d:be:19:28:55:
e6:e5:67:07:76:ea:b5:cb:24:21:2f:c5:3b:73:4d:b4:d2:85:
f1:fd:74:74:88:d0:07:56:67:c9:52:fd:90:41:f6:02:51:2c:
21:44:76:a9:20:61:38:2e:dd:f6:0a:4b:5b:77:e5:93:9b:a6:
b6:a5:af:88:63:6e:3a:6d:e2:be:05:18:05:18:ea:1a:b6:4e:
64:5d:0f:ac
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZQsrnyt0TJBuXr68eprugxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAzMTUwMDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWNjZWU3YjBlZmFlZGZlN2VlZDdhNjdmMTkxYjM5MmUyNDc5NDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BAV6WwBl2idx/zmhaf21oqcS9JU
oBCZ74G8AMrKkA4VuOfbkEyqkWntyYvL3UOK5Ve+exZ/WJR3oz3V4SIEWEaLov4Z
Ehb/PndWca/L0HDyakIx1mrxcvvy2ZLOneXpN9SNlgOmpzXo4j7Kxo1Dsb4hIkRy
pZyuoCFxbhDmk08jQT/TNG6rWh+SKfa3mXbdsd/ZFvpzjzu5vWr8xtjcM9f7mV6n
B/9Q+cYv6NEllFFRPjUsdM7m/O9ScuFQoGlHpaWqY3eWg0KhSfNhPfcGVsev4+q+
7v6jZBmhllJ8xoteqOXyo5MAyOHD9EDN07qUGa7C6fEIzxvrxfKcDaLrTQIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFF7M7nsO+u3+fu16Z/GRs5LiR5RuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWHN6dWV3NzY3ZjUtN1hwbjhaR3prdUpIbEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoMAwD
BABSmDkDBABSmDoDBABSmEkwDAMEAFKYSwMEAVKYTAMEAFKYTzAMAwQBUphWAwQA
UphYAwQAUphtAwQAUpjiAwQAUpjwAwQAUpjzAwQAUpkmAwQAUpk4AwQAUpk9MAwD
BABSmVMDBABSmVQDBABSmZgDBABSmboDBABSmckDBABSme8DBABSowADBABZ1SsD
BABZ1WIDBABZ1aEwDAMEA1nV6AMEAVnV7AMEAG2wGwMEBW2wIAMEAG2wyQMEAG2w
6wMEANWCggMEANWClQMEANXSKQMEANXSNgMEANXa1gMEANXa5zANBgkqhkiG9w0B
AQsFAAOCAQEAAzVgiVWzW/JMGh5WqTwExH3lzq8gp2y08/VbQXtBd9XddLWYcBIa
o/JGvQHl/40pg5CIxw7NkDAw0TvqtlaVsLgl38ty0+ZhwXG01y1e6LaPOaplpQNQ
Tb89/AtaAlRwgcWr9VdEqFr72VhVmyHbTC2zogbqPHyEIZTO2r7AJKVBhxAiotw/
11xH67MXzVKUZI1AXyZLJuf73A9ARhyqPpZgZ9AobgAUONgHKwjycW2+GShV5uVn
B3bqtcskIS/FO3NNtNKF8f10dIjQB1ZnyVL9kEH2AlEsIUR2qSBhOC7d9gpLW3fl
k5umtqWviGNuOm3ivgUYBRjqGrZOZF0PrA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:39:44 2025 by rpki-client