Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_T2b78xpPldjJXWJJtpUMI4nOtk.roa
File: _T2b78xpPldjJXWJJtpUMI4nOtk.roa (raw, json)
Hash identifier: GzuAXNGVYjoJbKZnv2nRNnXt5E3rMR4CLKIhzZweq/Q=
Subject key identifier: FD:3D:9B:EF:CC:69:3E:57:63:25:75:89:26:DA:54:30:8E:27:3A:D9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143E28C4026AA3AA9D591F177C6A972
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_T2b78xpPldjJXWJJtpUMI4nOtk.roa
Signing time: Wed 01 Jan 2025 09:48:04 +0000
ROA not before: Wed 01 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 37.98.151.0/24 maxlen: 24
109.176.196.0/24 maxlen: 24
109.176.197.0/24 maxlen: 24
109.176.198.0/24 maxlen: 24
109.176.199.0/24 maxlen: 24
212.38.94.0/24 maxlen: 24
212.38.95.0/24 maxlen: 24
213.130.144.0/24 maxlen: 24
213.130.145.0/24 maxlen: 24
213.130.146.0/24 maxlen: 24
213.130.147.0/24 maxlen: 24
213.210.13.0/24 maxlen: 24
213.210.20.0/24 maxlen: 24
213.210.21.0/24 maxlen: 24
213.210.36.0/24 maxlen: 24
213.210.37.0/24 maxlen: 24
213.210.57.0/24 maxlen: 24
213.218.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e2:8c:40:26:aa:3a:a9:d5:91:f1:77:c6:a9:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd3d9befcc693e576325758926da54308e273ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:29:e3:7b:f7:47:5d:b0:40:24:55:64:f7:53:
3c:25:02:43:8a:11:7d:e7:47:24:72:18:48:98:36:
38:c5:ff:04:b0:91:66:fa:ac:d9:78:90:23:7a:82:
0d:48:ff:71:cd:4a:3a:1f:aa:c0:32:ed:03:4a:70:
74:f9:28:d5:c7:18:eb:40:75:f3:93:72:2d:47:11:
50:13:d5:71:4c:fd:31:13:63:39:18:a6:38:4a:e7:
92:82:db:c5:a2:ba:98:5c:66:b3:d5:ad:1b:bf:91:
44:e6:52:0d:61:72:35:9a:d7:84:bb:3a:fb:0d:c9:
21:7f:92:59:a7:d2:ef:54:2d:8b:ff:cc:41:83:b3:
71:03:8d:bc:c4:e3:88:91:bb:34:a7:39:89:90:c5:
e9:ce:01:70:e5:df:ca:c2:f7:bf:3c:e4:64:b2:1d:
a0:aa:86:32:04:c6:86:5c:8a:5d:ff:d5:39:29:ae:
72:ed:6d:e8:b9:f0:89:f5:21:fb:14:56:cf:12:ab:
c9:ec:4f:ad:b1:13:fd:08:76:87:6d:12:c6:06:57:
e9:dc:4a:8b:46:21:75:be:ce:b1:ff:9c:5f:c0:f2:
e5:ac:5f:3a:e7:45:0f:f8:f8:24:3f:0c:68:69:d8:
e4:38:ba:0e:f5:63:e2:76:f0:16:3a:a9:6e:0b:04:
1b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3D:9B:EF:CC:69:3E:57:63:25:75:89:26:DA:54:30:8E:27:3A:D9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_T2b78xpPldjJXWJJtpUMI4nOtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.151.0/24
109.176.196.0/22
212.38.94.0/23
213.130.144.0/22
213.210.13.0/24
213.210.20.0/23
213.210.36.0/23
213.210.57.0/24
213.218.240.0/24
Signature Algorithm: sha256WithRSAEncryption
77:36:f3:60:72:60:3a:53:04:aa:35:5a:80:25:7c:52:33:21:
00:bf:a8:eb:8a:69:6c:5e:1f:1a:6c:1d:3c:77:f2:04:26:33:
8b:00:24:d6:81:a8:b4:c4:1c:22:c1:42:19:5d:94:a2:0e:0b:
26:af:70:56:fa:2e:b8:21:24:64:24:6e:c2:3f:3b:ac:09:5b:
c7:f3:22:bf:01:ab:47:8b:dc:a7:af:89:51:58:96:3d:52:d7:
fa:d5:35:e7:7a:b7:49:05:84:ef:38:47:f1:5c:40:65:5d:f5:
76:b7:87:65:4c:4d:62:33:83:6c:9a:3b:4d:d5:d0:71:19:92:
a5:b3:3c:17:eb:a0:5a:d9:44:f6:a2:d9:fd:5a:f3:be:af:04:
0a:ad:66:2f:89:be:0b:9d:2e:f2:c4:ed:21:61:b5:46:c3:b6:
7d:e0:1e:f8:d4:7d:cd:54:ff:5c:64:30:db:85:9d:5a:a2:b0:
f5:60:95:6e:49:5a:47:47:eb:89:82:e2:b1:bc:df:e2:61:39:
95:1c:72:23:57:85:73:f9:40:94:d4:23:e4:56:b3:2c:8e:76:
85:42:51:c0:d2:d7:38:c3:8a:e9:13:75:f8:93:1a:95:ef:02:
88:0e:cb:76:39:69:40:4f:71:c1:37:5d:54:f0:0a:c5:ae:cc:
17:61:c8:db
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQhQ+KMQCaqOqnVkfF3xqlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDNkOWJlZmNjNjkzZTU3NjMyNTc1ODkyNmRhNTQzMDhlMjczYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSnje/dHXbBAJFVk91M8JQJDihF9
50ckchhImDY4xf8EsJFm+qzZeJAjeoINSP9xzUo6H6rAMu0DSnB0+SjVxxjrQHXz
k3ItRxFQE9VxTP0xE2M5GKY4SueSgtvForqYXGaz1a0bv5FE5lINYXI1mteEuzr7
Dckhf5JZp9LvVC2L/8xBg7NxA428xOOIkbs0pzmJkMXpzgFw5d/Kwve/PORksh2g
qoYyBMaGXIpd/9U5Ka5y7W3oufCJ9SH7FFbPEqvJ7E+tsRP9CHaHbRLGBlfp3EqL
RiF1vs6x/5xfwPLlrF8650UP+PgkPwxoadjkOLoO9WPidvAWOqluCwQbNQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFP09m+/MaT5XYyV1iSbaVDCOJzrZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvX1QyYjc4eHBQbGRqSlhXSkp0cFVNSTRuT3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAJWKXAwQC
bbDEAwQB1CZeAwQC1YKQAwQA1dINAwQB1dIUAwQB1dIkAwQA1dI5AwQA1drwMA0G
CSqGSIb3DQEBCwUAA4IBAQB3NvNgcmA6UwSqNVqAJXxSMyEAv6jrimlsXh8abB08
d/IEJjOLACTWgai0xBwiwUIZXZSiDgsmr3BW+i64ISRkJG7CPzusCVvH8yK/AatH
i9ynr4lRWJY9Utf61TXnerdJBYTvOEfxXEBlXfV2t4dlTE1iM4NsmjtN1dBxGZKl
szwX66Ba2UT2otn9WvO+rwQKrWYvib4LnS7yxO0hYbVGw7Z94B741H3NVP9cZDDb
hZ1aorD1YJVuSVpHR+uJguKxvN/iYTmVHHIjV4Vz+UCU1CPkVrMsjnaFQlHA0tc4
w4rpE3X4kxqV7wKIDst2OWlAT3HBN11U8ArFrswXYcjb
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:53:20 2025 by rpki-client