Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aPuNHz52XpqSMxjnsnCnVF0_1aM.roa
File: aPuNHz52XpqSMxjnsnCnVF0_1aM.roa (raw, json)
Hash identifier: xEGN74TwUSg/wTE4eQfilyq+s6d5Qx8chfsw1ejSV3c=
Subject key identifier: 68:FB:8D:1F:3E:76:5E:9A:92:33:18:E7:B2:70:A7:54:5D:3F:D5:A3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01916F12B7534143A6710593A1B706FCC83F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aPuNHz52XpqSMxjnsnCnVF0_1aM.roa
Signing time: Tue 20 Aug 2024 09:16:23 +0000
ROA not before: Tue 20 Aug 2024 09:16:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 82.153.224.0/24 maxlen: 24
89.213.217.0/24 maxlen: 24
89.213.220.0/24 maxlen: 24
89.213.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6f:12:b7:53:41:43:a6:71:05:93:a1:b7:06:fc:c8:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 20 09:16:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68fb8d1f3e765e9a923318e7b270a7545d3fd5a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5d:ca:9d:f0:e1:19:a7:76:27:24:e3:8e:9e:
45:eb:8e:09:bf:ba:bb:a4:7a:22:5e:24:cb:82:7b:
d1:26:f7:51:ec:e8:8a:d5:17:78:df:28:60:38:73:
06:3c:33:af:f1:e2:3c:94:8b:ac:5a:6d:91:46:fa:
0f:f0:2c:4e:8d:e5:46:0b:44:5a:76:62:2c:34:53:
d2:6d:f2:4a:09:63:eb:17:d1:30:ec:66:cc:88:ee:
ff:f5:97:dd:a1:29:24:d2:7c:68:b6:c9:75:8d:84:
4b:b5:1b:74:cb:18:02:a3:a9:b4:7a:40:a0:83:d9:
f2:65:e3:6d:cb:d1:c9:eb:7b:64:b6:4c:b7:dd:e5:
25:83:df:9b:5a:89:5c:7a:47:1a:10:1e:67:35:24:
bc:12:d9:8f:47:05:4d:01:17:c8:71:f4:be:04:5c:
ae:e6:70:a4:43:52:ad:92:80:11:66:4d:11:00:8d:
21:57:d9:3f:41:19:00:71:60:02:56:0f:a7:77:b6:
6f:a0:78:5f:d2:5f:4c:71:98:dd:43:db:4b:95:ba:
14:45:98:9e:b4:20:8c:5c:cb:56:ac:72:6e:77:96:
15:99:9f:e6:27:58:87:d7:e4:c7:26:66:c4:c8:b6:
4a:ed:7f:95:d8:fd:c5:27:06:e2:86:7e:55:6c:e3:
ec:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FB:8D:1F:3E:76:5E:9A:92:33:18:E7:B2:70:A7:54:5D:3F:D5:A3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aPuNHz52XpqSMxjnsnCnVF0_1aM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.224.0/24
89.213.217.0/24
89.213.220.0/24
89.213.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:c5:fc:d0:32:72:6b:94:2f:2b:bf:c8:6c:37:61:5b:ca:49:
b7:0d:8c:ba:c7:34:d9:fa:c9:75:d9:b1:b3:7a:ec:ed:65:91:
e9:23:04:3e:7e:01:c4:32:be:49:b0:3b:fa:24:95:b1:33:d1:
6a:20:87:d0:61:48:da:ad:8b:e9:e9:2d:d5:33:d7:4e:1a:49:
88:a8:2e:b9:21:12:58:4f:b1:d0:ad:f4:8d:ab:c4:d8:5e:21:
b5:fc:87:45:d3:b2:0b:16:f1:b4:a8:68:2f:11:f5:68:8d:03:
ef:44:87:dd:ef:8b:c8:37:d5:0a:e3:56:9c:8b:80:de:85:6e:
45:08:4d:a1:89:e8:58:5d:c6:e5:36:09:72:25:17:e4:09:cf:
6f:a3:b3:80:bd:a5:3d:24:25:db:9a:36:e2:51:2d:a8:e6:f5:
e3:a3:66:02:a5:66:5f:30:ae:96:52:c6:2c:a8:c6:2d:8f:da:
c7:1a:c6:3a:45:a9:d8:fe:d3:be:39:15:b8:08:c1:1d:47:19:
24:7a:38:7f:26:f2:d8:fd:13:6e:c7:39:93:00:d8:b6:80:2f:
f3:f7:a3:4a:18:24:93:99:07:f2:29:e9:cf:3f:34:80:6a:4e:
d0:47:62:e2:03:50:9a:7d:2e:ce:ca:1f:b1:85:20:88:92:c0:
ca:2d:cc:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZFvErdTQUOmcQWTobcG/Mg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODIwMDkxNjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZiOGQxZjNlNzY1ZTlhOTIzMzE4ZTdiMjcwYTc1NDVkM2ZkNWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV3KnfDhGad2JyTjjp5F644Jv7q7
pHoiXiTLgnvRJvdR7OiK1Rd43yhgOHMGPDOv8eI8lIusWm2RRvoP8CxOjeVGC0Ra
dmIsNFPSbfJKCWPrF9Ew7GbMiO7/9ZfdoSkk0nxotsl1jYRLtRt0yxgCo6m0ekCg
g9nyZeNty9HJ63tktky33eUlg9+bWolcekcaEB5nNSS8EtmPRwVNARfIcfS+BFyu
5nCkQ1KtkoARZk0RAI0hV9k/QRkAcWACVg+nd7ZvoHhf0l9McZjdQ9tLlboURZie
tCCMXMtWrHJud5YVmZ/mJ1iH1+THJmbEyLZK7X+V2P3FJwbihn5VbOPscwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGj7jR8+dl6akjMY57Jwp1RdP9WjMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYVB1Tkh6NTJYcHFTTXhqbnNuQ25WRjBfMWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpngAwQA
WdXZAwQAWdXcAwQAWdXeMA0GCSqGSIb3DQEBCwUAA4IBAQBqxfzQMnJrlC8rv8hs
N2Fbykm3DYy6xzTZ+sl12bGzeuztZZHpIwQ+fgHEMr5JsDv6JJWxM9FqIIfQYUja
rYvp6S3VM9dOGkmIqC65IRJYT7HQrfSNq8TYXiG1/IdF07ILFvG0qGgvEfVojQPv
RIfd74vIN9UK41aci4DehW5FCE2hiehYXcblNglyJRfkCc9vo7OAvaU9JCXbmjbi
US2o5vXjo2YCpWZfMK6WUsYsqMYtj9rHGsY6RanY/tO+ORW4CMEdRxkkejh/JvLY
/RNuxzmTANi2gC/z96NKGCSTmQfyKenPPzSAak7QR2LiA1CafS7Oyh+xhSCIksDK
LczA
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:54:23 2024 by rpki-client on console-ams.rpki-client.org