Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ieVNIYYU5dVB6T3ZadzjtRtbItE.roa
File: ieVNIYYU5dVB6T3ZadzjtRtbItE.roa (raw, json)
Hash identifier: 8aNoc9k1mmU5Fv5KC+s2LHMOTnMsiBiM1o1epgeedJo=
Subject key identifier: 89:E5:4D:21:86:14:E5:D5:41:E9:3D:D9:69:DC:E3:B5:1B:5B:22:D1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F75E61C665A58698ADB2F41EDE0C14CA4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ieVNIYYU5dVB6T3ZadzjtRtbItE.roa
Signing time: Tue 14 May 2024 06:59:25 +0000
ROA not before: Tue 14 May 2024 06:59:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 81.168.96.0/24 maxlen: 24
82.153.51.0/24 maxlen: 24
82.153.148.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.114.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
213.130.153.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:75:e6:1c:66:5a:58:69:8a:db:2f:41:ed:e0:c1:4c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 14 06:59:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89e54d218614e5d541e93dd969dce3b51b5b22d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:34:2e:df:08:b2:af:1f:44:94:1b:44:e4:d0:
37:b6:b8:0b:1a:fd:89:d6:dd:e4:e2:df:e0:55:28:
38:17:79:ad:fb:87:54:4d:c5:d5:ae:20:1c:03:c3:
df:62:01:69:58:9c:69:3b:ac:d2:de:f4:c9:a7:87:
39:c2:00:25:2e:e8:75:2c:48:84:a6:06:2e:a6:99:
17:19:d0:40:8b:10:7b:81:39:ed:96:e8:9a:81:b0:
76:33:52:be:86:ac:8b:1f:b5:4f:fc:22:17:48:3b:
0f:79:73:30:c7:f8:91:65:dd:0f:76:b0:93:81:9f:
24:5f:0b:e1:ce:3a:99:bd:f1:88:46:d3:a9:88:fb:
2f:e3:78:65:2f:8c:2f:ff:a1:a9:8f:64:f1:bf:b4:
c3:85:e0:c7:83:61:e4:70:c8:d2:0d:96:77:15:83:
28:7a:76:9b:78:9e:d3:94:a6:87:e6:d9:97:b3:f4:
08:43:11:53:ba:c3:a7:cf:59:d5:af:11:92:30:6c:
95:c5:a4:43:21:6e:35:ab:0b:35:b7:af:5a:93:42:
7b:5f:67:8f:f9:f7:9f:54:b9:ba:fb:53:a0:0c:c8:
b1:ad:97:e3:80:df:ab:eb:8d:29:fe:78:d8:1f:a6:
64:a1:7a:df:dd:79:b1:14:0d:e6:fb:c8:58:3c:b1:
94:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E5:4D:21:86:14:E5:D5:41:E9:3D:D9:69:DC:E3:B5:1B:5B:22:D1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ieVNIYYU5dVB6T3ZadzjtRtbItE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.96.0/24
82.153.51.0/24
82.153.148.0/24
89.213.107.0/24
89.213.112.0-89.213.114.255
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
213.130.137.0/24
213.130.152.0-213.130.154.255
Signature Algorithm: sha256WithRSAEncryption
15:82:0d:4d:69:42:46:1f:8e:dc:6c:00:68:88:3d:7c:4a:ab:
13:63:67:c0:d6:06:6f:0f:62:3e:ee:bc:99:fb:94:f0:72:5f:
f8:78:7b:43:12:74:7c:ce:85:19:9a:d8:60:d7:3b:ca:e6:4d:
de:5d:7b:57:49:c3:21:ca:2e:04:c4:c8:6c:80:75:d6:5c:7c:
6d:69:97:a2:1c:63:21:b7:25:7a:8b:b0:dd:93:63:60:3c:0c:
5e:1d:47:29:32:d7:3f:7c:9b:45:82:ab:97:32:81:f8:a2:53:
4e:68:98:f7:80:c7:bc:71:85:83:63:ab:f8:ea:1f:71:2a:3e:
3d:13:2d:12:8d:73:5d:b9:40:97:61:4c:88:8b:11:f8:c3:2b:
4d:03:86:fe:fa:bd:16:76:2a:93:99:c8:32:81:1a:b5:f3:f8:
33:4b:1e:ee:81:97:78:c7:5b:54:2b:9a:4a:11:8f:57:a9:8f:
4e:54:dd:c2:f2:da:c5:a0:86:32:6b:97:b3:82:6d:e9:4b:60:
dd:36:0c:ae:63:ef:55:01:bd:72:f9:38:ae:08:fb:05:53:ff:
3f:a8:97:13:1b:c7:10:8f:c3:88:71:3c:54:72:a9:49:53:8e:
82:4b:c1:f4:41:2b:0c:1d:f1:0c:30:b3:8a:bc:68:14:f3:a2:
30:08:47:20
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY915hxmWlhpitsvQe3gwUykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE0MDY1OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWU1NGQyMTg2MTRlNWQ1NDFlOTNkZDk2OWRjZTNiNTFiNWIyMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTQu3wiyrx9ElBtE5NA3trgLGv2J
1t3k4t/gVSg4F3mt+4dUTcXVriAcA8PfYgFpWJxpO6zS3vTJp4c5wgAlLuh1LEiE
pgYuppkXGdBAixB7gTntluiagbB2M1K+hqyLH7VP/CIXSDsPeXMwx/iRZd0PdrCT
gZ8kXwvhzjqZvfGIRtOpiPsv43hlL4wv/6Gpj2Txv7TDheDHg2HkcMjSDZZ3FYMo
enabeJ7TlKaH5tmXs/QIQxFTusOnz1nVrxGSMGyVxaRDIW41qws1t69ak0J7X2eP
+fefVLm6+1OgDMixrZfjgN+r640p/njYH6ZkoXrf3XmxFA3m+8hYPLGUDwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFInlTSGGFOXVQek92Wnc47UbWyLRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaWVWTklZWVU1ZFZCNlQzWmFkemp0UnRiSXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAUahgAwQA
UpkzAwQAUpmUAwQAWdVrMAwDBARZ1XADBABZ1XIDBABZ1XQDBABZ1XkDBABZ1Z0D
BABZ1eMDBADVgokwDAMEA9WCmAMEANWCmjANBgkqhkiG9w0BAQsFAAOCAQEAFYIN
TWlCRh+O3GwAaIg9fEqrE2NnwNYGbw9iPu68mfuU8HJf+Hh7QxJ0fM6FGZrYYNc7
yuZN3l17V0nDIcouBMTIbIB11lx8bWmXohxjIbcleouw3ZNjYDwMXh1HKTLXP3yb
RYKrlzKB+KJTTmiY94DHvHGFg2Or+OofcSo+PRMtEo1zXblAl2FMiIsR+MMrTQOG
/vq9FnYqk5nIMoEatfP4M0se7oGXeMdbVCuaShGPV6mPTlTdwvLaxaCGMmuXs4Jt
6Utg3TYMrmPvVQG9cvk4rgj7BVP/P6iXExvHEI/DiHE8VHKpSVOOgkvB9EErDB3x
DDCzirxoFPOiMAhHIA==
-----END CERTIFICATE-----
Generated at Mon Jun 10 20:01:16 2024 by rpki-client on console-ams.rpki-client.org