
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hLi9Ri0kk7tZ-WNrwhLXRYYx_sw.roa
File: hLi9Ri0kk7tZ-WNrwhLXRYYx_sw.roa (raw, json)
Hash identifier: 0vsGzEdMpkPnyE4qg3mQ2pA4/ECQPRQ/Ih3qZyu5i1M=
Subject key identifier: 84:B8:BD:46:2D:24:93:BB:59:F9:63:6B:C2:12:D7:45:86:31:FE:CC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421443D87C2811A917F8AFD0C6692E788
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hLi9Ri0kk7tZ-WNrwhLXRYYx_sw.roa
Signing time: Wed 01 Jan 2025 09:48:27 +0000
ROA not before: Wed 01 Jan 2025 09:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400866
IP address blocks: 82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Feb 2025 12:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3d:87:c2:81:1a:91:7f:8a:fd:0c:66:92:e7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84b8bd462d2493bb59f9636bc212d7458631fecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:c0:b0:60:c1:a7:ea:54:74:6f:6b:6e:f4:
4b:2d:3c:7a:1f:84:39:aa:ea:4f:2a:44:ec:e9:28:
d9:c6:63:ba:f1:e0:5a:3c:a7:e4:89:f8:f0:2a:e7:
41:41:c3:d7:b5:e3:93:a5:62:12:12:a0:c6:90:ca:
0b:07:2f:05:a4:ca:c8:7c:36:7c:d2:8e:c7:29:f6:
9f:fb:c8:f0:80:7e:9e:55:95:a1:df:76:e3:57:fb:
f7:cf:a2:cd:3c:c2:ae:73:79:26:8f:07:6e:be:b4:
03:39:fc:05:50:e0:f8:7b:b8:22:cd:6b:32:97:7d:
fa:f6:f0:06:0a:e0:ef:23:20:e1:da:67:54:eb:f6:
8d:3c:07:33:33:00:3f:3e:59:c1:bc:24:c4:90:cc:
11:04:9c:cd:f5:cb:c3:27:b3:fa:5a:2d:00:1b:73:
27:b3:24:05:41:f4:5a:ff:64:65:58:32:f7:01:a1:
90:a6:b8:5f:52:4d:20:75:e3:f2:a0:91:3d:7e:9e:
cd:64:37:21:3b:71:45:74:56:b2:1c:0b:06:23:3e:
6d:71:6a:e5:28:68:38:ab:58:18:2a:e8:f4:e2:7c:
a3:8c:25:17:ae:a1:fa:bb:f6:d7:c8:a4:3a:c0:2a:
a3:1d:6b:6d:60:38:1a:53:84:d1:82:ae:21:c5:cd:
76:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B8:BD:46:2D:24:93:BB:59:F9:63:6B:C2:12:D7:45:86:31:FE:CC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hLi9Ri0kk7tZ-WNrwhLXRYYx_sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.4.0/23
82.153.153.0/24
82.153.156.0/24
82.153.200.0/24
213.210.63.0/24
213.218.211.0/24
213.218.233.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b6:6a:b5:38:36:3a:6d:71:0a:f3:e1:2e:44:51:49:b3:ae:
a5:f1:36:45:1a:33:c1:31:09:5a:3b:3d:86:9d:db:8a:33:08:
c6:4b:01:e7:50:f0:97:75:a7:74:2c:01:df:eb:29:cc:d7:06:
63:6a:bb:75:39:90:ad:86:2a:37:af:24:21:e2:3c:40:f6:f0:
9b:98:a2:96:11:e3:01:45:bf:de:ce:67:70:2f:6b:57:d7:a7:
9d:19:26:3a:14:55:1b:d5:4a:ec:06:cb:b1:cd:18:7a:75:f2:
94:38:5c:f3:7a:2b:df:ea:e7:09:66:a7:42:d5:6f:8a:d2:65:
64:60:0b:53:1a:35:d5:56:99:82:c9:9a:36:aa:f2:fd:85:01:
e6:d3:af:33:5b:fb:a8:36:7e:12:9e:17:0f:46:c6:3c:f5:dd:
5a:0c:67:1f:4b:86:5e:5f:df:67:18:b7:32:4d:49:81:8f:78:
27:70:28:c0:85:ab:42:df:8f:68:66:1f:b2:10:8a:16:54:3f:
04:7c:8e:fc:e7:f6:c0:c2:6c:79:52:70:8f:ab:24:74:c3:7a:
9d:8b:90:54:c2:57:d8:7b:35:2d:7c:a0:98:19:74:94:1a:fd:
d7:99:53:64:59:56:8b:21:01:7e:f8:1a:a0:93:16:5e:8b:aa:
76:a1:78:de
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQhRD2HwoEakX+K/QxmkueIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGI4YmQ0NjJkMjQ5M2JiNTlmOTYzNmJjMjEyZDc0NTg2MzFmZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/3AsGDBp+pUdG9rbvRLLTx6H4Q5
qupPKkTs6SjZxmO68eBaPKfkifjwKudBQcPXteOTpWISEqDGkMoLBy8FpMrIfDZ8
0o7HKfaf+8jwgH6eVZWh33bjV/v3z6LNPMKuc3kmjwduvrQDOfwFUOD4e7gizWsy
l3369vAGCuDvIyDh2mdU6/aNPAczMwA/PlnBvCTEkMwRBJzN9cvDJ7P6Wi0AG3Mn
syQFQfRa/2RlWDL3AaGQprhfUk0gdePyoJE9fp7NZDchO3FFdFayHAsGIz5tcWrl
KGg4q1gYKuj04nyjjCUXrqH6u/bXyKQ6wCqjHWttYDgaU4TRgq4hxc12iQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIS4vUYtJJO7Wflja8IS10WGMf7MMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaExpOVJpMGtrN3RaLVdOcndoTFhSWVl4X3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBUpgEAwQA
UpmZAwQAUpmcAwQAUpnIAwQA1dI/AwQA1drTAwQA1drpMA0GCSqGSIb3DQEBCwUA
A4IBAQB+tmq1ODY6bXEK8+EuRFFJs66l8TZFGjPBMQlaOz2GnduKMwjGSwHnUPCX
dad0LAHf6ynM1wZjart1OZCthio3ryQh4jxA9vCbmKKWEeMBRb/ezmdwL2tX16ed
GSY6FFUb1UrsBsuxzRh6dfKUOFzzeivf6ucJZqdC1W+K0mVkYAtTGjXVVpmCyZo2
qvL9hQHm068zW/uoNn4SnhcPRsY89d1aDGcfS4ZeX99nGLcyTUmBj3gncCjAhatC
349oZh+yEIoWVD8EfI785/bAwmx5UnCPqyR0w3qdi5BUwlfYezUtfKCYGXSUGv3X
mVNkWVaLIQF++BqgkxZei6p2oXje
-----END CERTIFICATE-----
Generated at Thu Feb 13 16:48:20 2025 by rpki-client