Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y-n7BZEZeGee5QTDjlW1IBRHrRU.roa
File: Y-n7BZEZeGee5QTDjlW1IBRHrRU.roa (raw, json)
Hash identifier: uIBjKEdD0Su5xfZvF4VOlKKBfdvQfuvhKb6IH9v6Wdo=
Subject key identifier: 63:E9:FB:05:91:19:78:67:9E:E5:04:C3:8E:55:B5:20:14:47:AD:15
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193448077FABA534F104DA8A8BF70412EA9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y-n7BZEZeGee5QTDjlW1IBRHrRU.roa
Signing time: Tue 19 Nov 2024 12:58:10 +0000
ROA not before: Tue 19 Nov 2024 12:58:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 82.153.255.0/24 maxlen: 24
82.163.10.0/23 maxlen: 24
89.213.127.0/24 maxlen: 24
109.176.14.0/24 maxlen: 24
109.176.30.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
213.218.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:80:77:fa:ba:53:4f:10:4d:a8:a8:bf:70:41:2e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 19 12:58:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63e9fb05911978679ee504c38e55b5201447ad15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ff:c4:33:28:51:f3:1d:f1:6d:fd:57:ac:8c:
ca:48:a1:53:bf:44:62:cb:38:34:97:1e:e8:8f:51:
3b:fb:ce:98:a6:e2:39:28:7b:05:0f:ea:82:70:7e:
a9:d6:25:69:98:f6:f3:72:67:79:88:e7:72:dd:38:
b0:b6:8e:fc:d2:04:f5:df:32:bc:77:7e:b2:d5:6a:
e0:57:b1:5d:05:01:01:75:6d:d2:0f:94:84:cb:56:
04:f5:87:f9:77:be:28:0a:21:96:90:e6:65:91:50:
2b:d5:40:7f:3d:ad:74:87:15:98:d4:65:7a:5d:27:
17:b4:cb:1a:0c:55:78:3c:1d:4d:79:b6:4f:b4:aa:
a8:e6:73:81:e0:c0:7d:1a:32:29:3d:b4:b8:73:c3:
bd:74:1c:26:30:1d:79:f9:21:46:fc:df:a5:fd:a4:
1a:bc:12:5c:bd:11:2f:24:19:3b:4a:7e:ea:7a:f5:
bb:1a:98:2a:96:f5:74:12:da:d2:a9:33:5e:9f:cc:
d8:e8:b1:76:35:56:aa:c0:37:e3:fe:38:c6:ba:c9:
18:1f:79:82:82:63:86:9e:4a:ca:76:0d:6f:9f:ad:
c7:b6:9c:b8:80:90:39:be:3f:d1:14:f1:90:82:ec:
a0:df:93:2e:dc:59:04:3b:59:f7:81:de:77:fd:b4:
d8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E9:FB:05:91:19:78:67:9E:E5:04:C3:8E:55:B5:20:14:47:AD:15
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Y-n7BZEZeGee5QTDjlW1IBRHrRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.255.0/24
82.163.10.0/23
89.213.127.0/24
109.176.14.0/24
109.176.30.0/24
109.176.208.0/24
213.218.248.0/24
Signature Algorithm: sha256WithRSAEncryption
36:fd:a2:60:7b:71:0d:9c:b9:23:e6:d1:e8:cb:3b:05:d6:00:
78:e1:e9:63:ef:fb:ed:e9:b3:8f:d3:2a:f4:6f:9f:d4:33:11:
90:c3:fb:98:94:2a:48:7c:4a:93:bc:c9:db:0b:13:6e:fb:93:
7a:e2:ee:e2:04:0b:b3:c8:4b:d5:74:a8:a2:02:66:b0:78:1f:
cb:e8:de:37:8f:4c:65:47:66:32:7c:2e:d3:79:c0:a6:4f:ce:
c7:41:84:52:2a:8e:0b:8c:4f:a2:5e:e7:68:f2:ed:de:be:37:
eb:9d:39:6b:2c:03:29:e1:ae:01:d6:7d:6d:ac:e8:42:22:12:
95:00:00:42:c3:f4:c5:a2:9c:2e:4d:f6:80:c4:8e:2e:37:cf:
f0:21:dd:a4:c1:61:23:c9:a4:57:8f:20:e4:6c:c1:a7:15:e7:
09:b2:fd:37:8f:62:0e:f4:76:41:96:46:30:e9:c9:17:73:5b:
45:5e:49:07:3b:ae:72:e9:b5:37:34:f9:c5:1e:72:ba:62:8a:
c2:68:8e:34:7c:e7:f1:9c:29:51:de:ff:ca:0d:b7:f8:21:bc:
83:4c:79:b4:3b:c5:16:30:47:39:a8:1f:6a:b8:a7:82:03:33:
46:99:a6:3c:5b:55:fc:4f:82:3f:ef:ff:a4:e1:99:28:b7:14:
9c:ba:da:89
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZNEgHf6ulNPEE2oqL9wQS6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTE5MTI1ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2U5ZmIwNTkxMTk3ODY3OWVlNTA0YzM4ZTU1YjUyMDE0NDdhZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf/EMyhR8x3xbf1XrIzKSKFTv0Ri
yzg0lx7oj1E7+86YpuI5KHsFD+qCcH6p1iVpmPbzcmd5iOdy3Tiwto780gT13zK8
d36y1WrgV7FdBQEBdW3SD5SEy1YE9Yf5d74oCiGWkOZlkVAr1UB/Pa10hxWY1GV6
XScXtMsaDFV4PB1NebZPtKqo5nOB4MB9GjIpPbS4c8O9dBwmMB15+SFG/N+l/aQa
vBJcvREvJBk7Sn7qevW7GpgqlvV0EtrSqTNen8zY6LF2NVaqwDfj/jjGuskYH3mC
gmOGnkrKdg1vn63Htpy4gJA5vj/RFPGQguyg35Mu3FkEO1n3gd53/bTYEwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGPp+wWRGXhnnuUEw45VtSAUR60VMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWS1uN0JaRVplR2VlNVFURGpsVzFJQlJIclJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpn/AwQB
UqMKAwQAWdV/AwQAbbAOAwQAbbAeAwQAbbDQAwQA1dr4MA0GCSqGSIb3DQEBCwUA
A4IBAQA2/aJge3ENnLkj5tHoyzsF1gB44elj7/vt6bOP0yr0b5/UMxGQw/uYlCpI
fEqTvMnbCxNu+5N64u7iBAuzyEvVdKiiAmaweB/L6N43j0xlR2YyfC7TecCmT87H
QYRSKo4LjE+iXudo8u3evjfrnTlrLAMp4a4B1n1trOhCIhKVAABCw/TFopwuTfaA
xI4uN8/wId2kwWEjyaRXjyDkbMGnFecJsv03j2IO9HZBlkYw6ckXc1tFXkkHO65y
6bU3NPnFHnK6YorCaI40fOfxnClR3v/KDbf4IbyDTHm0O8UWMEc5qB9quKeCAzNG
maY8W1X8T4I/7/+k4ZkotxScutqJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:42:33 2024 by rpki-client on console-fra.rpki-client.org