Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jpQYkevyQncf_k3WDylrKBBS4co.roa
File: jpQYkevyQncf_k3WDylrKBBS4co.roa (raw, json)
Hash identifier: nWEoo/tqQPxRg0D/n41ctluuutK7rGGXY6MdfWWWaKE=
Subject key identifier: 8E:94:18:91:EB:F2:42:77:1F:FE:4D:D6:0F:29:6B:28:10:52:E1:CA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191B35BCCD9D099E1469BCEA1CBAE493370
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jpQYkevyQncf_k3WDylrKBBS4co.roa
Signing time: Mon 02 Sep 2024 15:30:23 +0000
ROA not before: Mon 02 Sep 2024 15:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400909
IP address blocks: 82.153.32.0/24 maxlen: 24
89.213.124.0/23 maxlen: 23
89.213.224.0/23 maxlen: 23
109.176.204.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:5b:cc:d9:d0:99:e1:46:9b:ce:a1:cb:ae:49:33:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 2 15:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e941891ebf242771ffe4dd60f296b281052e1ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b0:f7:98:b1:bf:38:95:7d:89:ac:8c:00:54:
37:81:fb:f5:71:6b:d3:b9:fa:64:ae:b9:e1:f7:66:
a9:8e:1c:1a:f9:b5:ff:48:a1:56:e2:26:57:e0:50:
44:c6:49:fa:7b:87:a3:93:88:c9:93:ed:7e:dd:2a:
b7:e7:40:8d:05:05:07:bb:a5:f0:6d:a8:57:29:68:
4f:8a:2a:02:7a:81:ee:e4:38:cd:1e:93:bf:89:c6:
26:7e:44:45:4a:34:35:d8:70:5d:64:66:3b:4a:cc:
c3:b5:91:ed:b4:72:16:bd:64:c4:b2:a6:4a:e5:9a:
c7:7a:30:52:79:95:11:0b:59:78:a3:87:5e:72:54:
79:ef:bc:ea:97:7b:91:d2:d0:a5:c3:45:3f:5a:b4:
2c:7b:8b:d6:3e:be:a3:76:6b:cf:ea:12:1a:67:35:
89:66:65:b4:3b:d0:e2:c3:ce:0c:a1:78:6d:87:da:
35:50:22:92:4d:09:47:d8:d4:1a:56:1e:8e:0b:81:
09:5c:03:d0:5a:11:18:b1:01:9a:98:a5:07:81:13:
1d:2e:7d:4d:86:e8:2a:9f:7c:c5:f4:94:57:9e:0e:
6b:9d:cf:44:ef:f5:75:98:28:f2:f6:58:29:ff:4f:
8a:18:5d:f3:02:5d:b6:25:5f:b0:6f:9b:47:c5:e2:
a0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:94:18:91:EB:F2:42:77:1F:FE:4D:D6:0F:29:6B:28:10:52:E1:CA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jpQYkevyQncf_k3WDylrKBBS4co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.32.0/24
89.213.124.0/23
89.213.224.0/23
109.176.204.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:4d:c0:24:3c:79:b5:8b:d3:d2:36:49:f9:e5:ae:df:c1:a0:
86:d7:0d:87:94:be:55:57:93:8f:78:8c:d6:56:b5:21:18:a3:
11:cb:94:11:55:ea:db:6b:a6:6d:ee:29:da:83:53:f1:8b:72:
c5:59:57:38:55:16:a4:f9:07:4d:96:94:6c:9f:b2:1e:a1:63:
eb:1c:8a:a2:6d:19:1d:26:94:e8:e3:dd:3c:09:c0:da:60:66:
ec:40:83:00:d6:6d:18:17:07:7d:89:51:de:62:0e:66:c9:a8:
85:4a:32:a6:77:90:28:94:63:8d:2f:6d:22:d3:34:ef:4a:46:
dd:84:bc:05:ca:1c:34:32:e8:87:7a:76:0f:47:99:f0:82:67:
74:d9:09:d7:d6:7b:56:84:8a:f9:9b:ae:72:78:8b:95:19:0d:
ee:dc:84:1a:4b:44:14:21:d5:09:5a:90:c9:f4:ce:98:4c:26:
bc:8d:8e:1b:3f:fb:45:92:a6:24:5e:5d:28:18:be:64:4e:9e:
63:bf:2c:c9:19:7c:e9:08:68:ef:54:8d:2d:d3:21:bc:46:c8:
9c:49:c3:57:c2:78:70:f7:69:5e:fd:93:28:a9:02:50:d2:75:
ce:1c:dd:ea:23:d7:2c:ec:ce:50:f0:3f:c4:32:28:67:8f:19:
78:16:c9:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGzW8zZ0JnhRpvOocuuSTNwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTAyMTUzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTk0MTg5MWViZjI0Mjc3MWZmZTRkZDYwZjI5NmIyODEwNTJlMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbD3mLG/OJV9iayMAFQ3gfv1cWvT
ufpkrrnh92apjhwa+bX/SKFW4iZX4FBExkn6e4ejk4jJk+1+3Sq350CNBQUHu6Xw
bahXKWhPiioCeoHu5DjNHpO/icYmfkRFSjQ12HBdZGY7SszDtZHttHIWvWTEsqZK
5ZrHejBSeZURC1l4o4declR577zql3uR0tClw0U/WrQse4vWPr6jdmvP6hIaZzWJ
ZmW0O9Diw84MoXhth9o1UCKSTQlH2NQaVh6OC4EJXAPQWhEYsQGamKUHgRMdLn1N
hugqn3zF9JRXng5rnc9E7/V1mCjy9lgp/0+KGF3zAl22JV+wb5tHxeKgkwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI6UGJHr8kJ3H/5N1g8paygQUuHKMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvanBRWWtldnlRbmNmX2szV0R5bHJLQkJTNGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpkgAwQB
WdV8AwQBWdXgAwQBbbDMMA0GCSqGSIb3DQEBCwUAA4IBAQALTcAkPHm1i9PSNkn5
5a7fwaCG1w2HlL5VV5OPeIzWVrUhGKMRy5QRVerba6Zt7inag1Pxi3LFWVc4VRak
+QdNlpRsn7IeoWPrHIqibRkdJpTo4908CcDaYGbsQIMA1m0YFwd9iVHeYg5myaiF
SjKmd5AolGONL20i0zTvSkbdhLwFyhw0MuiHenYPR5nwgmd02QnX1ntWhIr5m65y
eIuVGQ3u3IQaS0QUIdUJWpDJ9M6YTCa8jY4bP/tFkqYkXl0oGL5kTp5jvyzJGXzp
CGjvVI0t0yG8RsicScNXwnhw92le/ZMoqQJQ0nXOHN3qI9cs7M5Q8D/EMihnjxl4
Fsnr
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:16 2024 by rpki-client on console-fra.rpki-client.org