Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/m6Wwf5QngzdzVmSiXC4R41oqXPk.roa
File: m6Wwf5QngzdzVmSiXC4R41oqXPk.roa (raw, json)
Hash identifier: cIXq2DSvZAoA2SFSLc8AB9lnA5D1Xs7tuFu9IMG9r4Y=
Subject key identifier: 9B:A5:B0:7F:94:27:83:37:73:56:64:A2:5C:2E:11:E3:5A:2A:5C:F9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194214400DD21FFEA0127E3CB6BDC5C3E18
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/m6Wwf5QngzdzVmSiXC4R41oqXPk.roa
Signing time: Wed 01 Jan 2025 09:48:12 +0000
ROA not before: Wed 01 Jan 2025 09:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199707
IP address blocks: 77.93.157.0/24 maxlen: 24
79.99.78.0/24 maxlen: 24
89.28.239.0/24 maxlen: 24
109.176.19.0/24 maxlen: 24
213.210.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:00:dd:21:ff:ea:01:27:e3:cb:6b:dc:5c:3e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ba5b07f94278337735664a25c2e11e35a2a5cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7e:5d:18:95:35:ee:16:b1:89:7a:19:5a:1d:
37:f3:0e:fa:9b:7f:c7:91:81:4a:10:b5:5c:33:23:
01:ad:cc:fd:1e:ee:ea:a0:fc:db:50:9d:a9:e5:47:
53:b1:14:0a:6a:c7:a1:cc:c9:0f:75:07:a1:f7:3a:
e5:ce:1f:52:c6:03:01:72:df:8b:71:3e:c7:a8:14:
f5:e5:09:ea:b6:e4:1f:30:3e:05:cc:d2:63:62:a5:
28:49:30:3c:22:81:fa:7f:1b:55:1e:cf:3d:7a:e7:
a7:4f:13:46:ca:06:07:62:af:d5:91:69:0d:47:be:
56:d0:ff:f3:0f:98:47:7d:a9:80:27:fb:ec:23:92:
68:64:af:06:0a:52:68:e2:60:36:d4:4b:a9:6d:91:
e7:bb:ff:93:cb:5a:6a:00:99:e0:26:93:8e:05:60:
6e:57:25:6b:5a:c8:c4:df:47:d7:25:8d:28:ac:3c:
4f:1c:9a:ad:56:ea:66:db:19:d5:fa:e6:2a:29:8a:
ed:61:e4:9e:d3:d0:4c:44:a3:6b:73:bc:fb:fe:35:
c0:5c:c2:ad:18:2c:56:a1:29:e0:91:c0:6b:d3:e4:
56:09:83:9b:02:05:ac:e2:da:98:18:92:18:2d:68:
a4:31:32:b9:cc:e4:ba:82:8a:29:38:4c:71:04:1f:
61:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A5:B0:7F:94:27:83:37:73:56:64:A2:5C:2E:11:E3:5A:2A:5C:F9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/m6Wwf5QngzdzVmSiXC4R41oqXPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.157.0/24
79.99.78.0/24
89.28.239.0/24
109.176.19.0/24
213.210.4.0/23
Signature Algorithm: sha256WithRSAEncryption
13:b2:3b:41:aa:1b:a4:51:1a:25:31:48:1b:29:1c:19:22:ef:
55:0c:31:21:19:79:61:5b:be:d2:46:f6:d5:1e:f6:9d:d7:c3:
02:fd:cd:f0:ce:18:76:fb:50:0d:18:e7:a3:7b:92:db:69:da:
cb:c3:5d:bd:0c:07:99:88:40:04:71:9c:80:e8:eb:ce:f6:8b:
75:79:8d:7f:93:9e:1d:86:dc:19:b9:70:69:25:78:a4:dd:97:
5b:52:c3:5e:c3:83:07:95:ba:21:74:5f:1c:90:67:9f:4b:0c:
7d:73:9b:53:d9:68:66:2f:1c:35:3b:1d:83:be:6d:e2:2f:a3:
96:81:6c:c1:ae:de:8a:39:52:6a:1a:d3:28:b9:84:b0:95:c3:
2c:0e:58:17:84:ed:dd:23:21:c0:39:c1:eb:25:dc:1d:1f:2e:
61:8d:68:ed:09:d9:3e:bf:97:4e:4f:b5:e2:7e:2f:c9:b5:ad:
25:38:32:f7:39:07:6a:be:30:bf:92:3b:fd:a2:3e:f4:af:59:
1a:4c:96:6e:18:92:e2:b2:9c:4e:34:9c:48:ed:88:50:28:29:
94:3c:39:3f:13:40:d0:f4:70:7d:03:4a:6e:1b:d3:c6:ad:2c:
d7:21:a5:43:b1:17:d9:36:4c:d4:78:65:db:b1:a5:4f:e5:57:
cb:3f:16:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhRADdIf/qASfjy2vcXD4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmE1YjA3Zjk0Mjc4MzM3NzM1NjY0YTI1YzJlMTFlMzVhMmE1Y2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn5dGJU17haxiXoZWh038w76m3/H
kYFKELVcMyMBrcz9Hu7qoPzbUJ2p5UdTsRQKasehzMkPdQeh9zrlzh9SxgMBct+L
cT7HqBT15QnqtuQfMD4FzNJjYqUoSTA8IoH6fxtVHs89euenTxNGygYHYq/VkWkN
R75W0P/zD5hHfamAJ/vsI5JoZK8GClJo4mA21EupbZHnu/+Ty1pqAJngJpOOBWBu
VyVrWsjE30fXJY0orDxPHJqtVupm2xnV+uYqKYrtYeSe09BMRKNrc7z7/jXAXMKt
GCxWoSngkcBr0+RWCYObAgWs4tqYGJIYLWikMTK5zOS6goopOExxBB9hOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJulsH+UJ4M3c1ZkolwuEeNaKlz5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbTZXd2Y1UW5nemR6Vm1TaVhDNFI0MW9xWFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATV2dAwQA
T2NOAwQAWRzvAwQAbbATAwQB1dIEMA0GCSqGSIb3DQEBCwUAA4IBAQATsjtBqhuk
URolMUgbKRwZIu9VDDEhGXlhW77SRvbVHvad18MC/c3wzhh2+1ANGOeje5LbadrL
w129DAeZiEAEcZyA6OvO9ot1eY1/k54dhtwZuXBpJXik3ZdbUsNew4MHlbohdF8c
kGefSwx9c5tT2WhmLxw1Ox2Dvm3iL6OWgWzBrt6KOVJqGtMouYSwlcMsDlgXhO3d
IyHAOcHrJdwdHy5hjWjtCdk+v5dOT7Xifi/Jta0lODL3OQdqvjC/kjv9oj70r1ka
TJZuGJLispxONJxI7YhQKCmUPDk/E0DQ9HB9A0puG9PGrSzXIaVDsRfZNkzUeGXb
saVP5VfLPxbw
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:45:52 2025 by rpki-client