Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c5filOimcSHZuCmyOg5I3yW-g_M.roa
File: c5filOimcSHZuCmyOg5I3yW-g_M.roa (raw, json)
Hash identifier: rEyx9BvLz8YbDRwCN7a6Z+y9ce5hl5/s4kqznrVh9I0=
Subject key identifier: 73:97:E2:94:E8:A6:71:21:D9:B8:29:B2:3A:0E:48:DF:25:BE:83:F3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194740C8C50C10D7EB68706995C00EC0AC1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c5filOimcSHZuCmyOg5I3yW-g_M.roa
Signing time: Fri 17 Jan 2025 11:36:06 +0000
ROA not before: Fri 17 Jan 2025 11:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 82.152.142.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:74:0c:8c:50:c1:0d:7e:b6:87:06:99:5c:00:ec:0a:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 17 11:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7397e294e8a67121d9b829b23a0e48df25be83f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:de:00:de:02:ee:59:f6:70:25:cd:bf:cd:d1:
61:c5:3d:d6:00:70:9b:b6:13:db:2d:71:ec:76:50:
9c:49:3c:3c:9b:8a:9b:61:7a:e5:d1:4d:ad:b7:eb:
3b:84:f5:9b:a0:1f:e4:84:10:1d:da:57:b9:f7:a8:
ba:e1:35:73:a0:2a:ec:ed:cc:be:9a:4c:a8:dc:be:
c7:f8:a6:49:22:00:bc:79:17:b9:d4:9e:cd:01:49:
e5:fc:bf:f7:d7:30:0c:07:cc:35:dc:37:0b:f5:c9:
4f:b5:d6:8d:83:c9:c4:56:08:e9:89:80:b9:55:be:
bb:bb:50:38:37:6f:fd:b6:08:a2:72:9a:a9:fa:1f:
3a:41:d6:0d:04:dc:ce:70:06:a2:e5:e1:93:df:d9:
2e:2b:a3:42:8d:5c:a8:c2:b9:af:59:3b:5a:06:3f:
ed:93:e3:52:22:3c:0a:86:cb:82:c2:61:46:b8:e9:
36:72:0b:80:b5:07:67:e0:07:ef:5c:27:1c:a6:cb:
14:83:f8:9c:82:ca:c1:19:7b:3b:66:5d:90:bb:ba:
52:d6:10:b2:b1:82:34:5b:cf:0a:c8:94:9c:ee:b6:
6a:1b:0a:b7:84:00:95:a7:cb:f7:cc:e5:0f:19:4f:
20:65:7f:4b:6e:1e:80:cc:7c:62:75:3f:32:20:c5:
70:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:97:E2:94:E8:A6:71:21:D9:B8:29:B2:3A:0E:48:DF:25:BE:83:F3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c5filOimcSHZuCmyOg5I3yW-g_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
82.153.220.0/24
89.213.104.0/24
89.213.123.0/24
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
24:38:87:f4:a8:84:4f:89:e7:78:3c:ce:cb:ec:1f:69:0e:c0:
f2:bd:e9:55:19:71:25:8b:79:3a:d9:7b:cc:24:8f:7d:d9:e0:
35:c0:36:ae:44:cc:cf:9e:79:04:ed:ae:18:82:d7:d1:45:2d:
bf:ce:43:77:dc:8a:fc:79:2d:b8:d6:81:de:3f:e4:14:d3:94:
04:29:0d:3f:31:ff:bd:49:1c:06:2c:b5:11:62:9f:30:d4:2f:
4e:b6:4d:4b:f9:5d:26:2d:2b:32:8c:d7:88:f6:fc:4d:27:a3:
4e:ec:a3:15:92:77:1c:ea:2d:8c:8f:03:98:88:a3:47:c6:04:
37:bb:05:ad:8d:aa:47:57:5a:c1:39:02:b5:c5:59:8e:91:11:
c8:72:80:5f:19:99:b4:a4:12:b6:41:39:6e:83:c4:20:c2:11:
ad:b9:f9:12:d3:c2:c5:b5:43:f2:59:c4:18:c9:e4:a1:ea:36:
32:21:f2:46:a4:34:01:45:64:8c:8b:3c:27:1a:be:1e:8e:90:
86:5b:37:05:e4:6d:d2:7b:6e:42:69:13:df:ab:95:ea:e2:27:
97:f1:35:d4:2f:26:93:1b:0d:5d:9e:69:5d:df:bc:92:e7:04:
6d:9a:ec:b5:f5:34:54:fd:51:ff:18:a1:5e:16:d3:5d:c8:ad:
0f:43:73:27
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZR0DIxQwQ1+tocGmVwA7ArBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTE3MTEzNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzk3ZTI5NGU4YTY3MTIxZDliODI5YjIzYTBlNDhkZjI1YmU4M2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN4A3gLuWfZwJc2/zdFhxT3WAHCb
thPbLXHsdlCcSTw8m4qbYXrl0U2tt+s7hPWboB/khBAd2le596i64TVzoCrs7cy+
mkyo3L7H+KZJIgC8eRe51J7NAUnl/L/31zAMB8w13DcL9clPtdaNg8nEVgjpiYC5
Vb67u1A4N2/9tgiicpqp+h86QdYNBNzOcAai5eGT39kuK6NCjVyowrmvWTtaBj/t
k+NSIjwKhsuCwmFGuOk2cguAtQdn4AfvXCccpssUg/icgsrBGXs7Zl2Qu7pS1hCy
sYI0W88KyJSc7rZqGwq3hACVp8v3zOUPGU8gZX9Lbh6AzHxidT8yIMVwpQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHOX4pTopnEh2bgpsjoOSN8lvoPzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYzVmaWxPaW1jU0hadUNteU9nNUkzeVctZ19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUpiOAwQA
UpncAwQAWdVoAwQAWdV7AwQA1CZRAwQB1dI0AwQA1drvAwQA2ZFLMA0GCSqGSIb3
DQEBCwUAA4IBAQAkOIf0qIRPied4PM7L7B9pDsDyvelVGXEli3k62XvMJI992eA1
wDauRMzPnnkE7a4YgtfRRS2/zkN33Ir8eS241oHeP+QU05QEKQ0/Mf+9SRwGLLUR
Yp8w1C9Otk1L+V0mLSsyjNeI9vxNJ6NO7KMVkncc6i2MjwOYiKNHxgQ3uwWtjapH
V1rBOQK1xVmOkRHIcoBfGZm0pBK2QTlug8QgwhGtufkS08LFtUPyWcQYyeSh6jYy
IfJGpDQBRWSMizwnGr4ejpCGWzcF5G3Se25CaRPfq5Xq4ieX8TXULyaTGw1dnmld
37yS5wRtmuy19TRU/VH/GKFeFtNdyK0PQ3Mn
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:51:09 2025 by rpki-client