
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oSiAyxjLNuXDgdZJPkAI-diccd0.roa
File: oSiAyxjLNuXDgdZJPkAI-diccd0.roa (raw, json)
Hash identifier: A7wOXjPPECg7YFL2ZWkf0h+xHWBFViPnPEEo/bitJFU=
Subject key identifier: A1:28:80:CB:18:CB:36:E5:C3:81:D6:49:3E:40:08:F9:D8:9C:71:DD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942144032959339E46B7A487CCB68CA49C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oSiAyxjLNuXDgdZJPkAI-diccd0.roa
Signing time: Wed 01 Jan 2025 09:48:12 +0000
ROA not before: Wed 01 Jan 2025 09:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202704
IP address blocks: 82.153.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Feb 2025 08:00:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:03:29:59:33:9e:46:b7:a4:87:cc:b6:8c:a4:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a12880cb18cb36e5c381d6493e4008f9d89c71dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:d9:0b:8e:51:45:48:b0:c1:5b:ff:c4:48:2c:
d8:98:6c:e6:1f:d2:a5:7a:69:93:b4:31:4b:ee:79:
90:41:b8:ea:75:19:2f:2e:cd:c4:4a:66:f7:77:4e:
fd:fd:a5:2d:22:cf:24:6e:a5:7c:23:b9:07:d9:c3:
9d:3a:2a:e0:46:fc:5f:60:43:45:5c:7d:27:46:d6:
3f:1e:a3:ee:fb:c1:b8:66:0a:f4:99:6d:b9:07:e1:
70:b9:b2:f0:f1:e3:79:ca:69:6e:59:30:1e:8b:d6:
7f:7b:64:a1:22:86:f1:4e:69:8a:f3:f3:13:1c:bb:
e7:bb:77:7a:c1:28:e8:a3:96:4a:fb:d3:76:ee:dd:
74:49:8c:c1:46:08:66:65:3e:e3:f4:ee:a4:1b:e9:
d3:6a:1b:51:f1:ed:52:c2:90:70:a3:dc:a2:d9:07:
aa:0f:38:3e:81:5d:18:bf:7c:35:42:9a:54:c3:3b:
7d:38:73:9b:44:b2:b1:70:d9:fe:80:9b:b5:9d:bf:
f4:13:dd:b5:a9:cc:f4:35:8f:14:de:97:01:a1:99:
03:50:ea:ca:b3:3b:8c:bb:2e:8a:43:ec:1e:c9:ec:
00:83:c5:60:7d:7c:de:93:60:7c:53:34:ec:da:8a:
43:d5:56:9c:00:d4:3d:d5:42:23:25:33:c4:68:c0:
3a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:28:80:CB:18:CB:36:E5:C3:81:D6:49:3E:40:08:F9:D8:9C:71:DD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oSiAyxjLNuXDgdZJPkAI-diccd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.136.0/24
Signature Algorithm: sha256WithRSAEncryption
73:ee:74:0d:89:6a:19:72:43:c9:40:5c:be:0a:71:13:42:99:
49:a1:1f:e0:3b:b3:1a:15:39:4a:6f:74:92:4a:70:5a:26:ca:
c8:1a:ac:9f:d3:ff:26:68:56:fd:44:4d:42:c7:5f:96:ec:cd:
d9:5f:7d:65:16:2b:cd:35:58:56:37:e2:f0:3b:07:6b:9e:a7:
71:4c:cc:84:df:14:3a:03:8d:77:e3:aa:85:8a:72:5c:9f:e9:
20:b3:42:cd:37:9b:39:4a:a1:f9:1d:b3:09:ac:54:96:cf:1f:
c5:46:2e:49:62:8a:ed:43:80:ab:1b:de:d4:05:e1:d1:2f:ef:
cf:12:6d:1f:39:40:5a:68:14:c5:14:0f:79:55:e6:0c:d8:5e:
c8:c1:42:10:ed:0a:9a:de:7d:fa:8b:50:11:a1:30:bf:4e:bb:
9d:10:21:fc:31:c2:ce:de:57:8d:1d:3c:4f:71:76:56:40:8b:
e1:04:22:85:30:96:da:b1:64:73:58:3a:40:38:98:47:d8:06:
90:b3:18:e5:7e:92:83:e1:97:0d:68:9d:50:97:75:fd:38:fb:
ce:07:ec:e1:1e:13:1d:43:e7:8b:23:12:d6:c0:61:26:c9:fc:
5a:59:ef:bb:b9:8c:76:76:73:8b:ef:4c:4f:53:32:95:75:98:
75:84:2f:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRAMpWTOeRrekh8y2jKScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTI4ODBjYjE4Y2IzNmU1YzM4MWQ2NDkzZTQwMDhmOWQ4OWM3MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tkLjlFFSLDBW//ESCzYmGzmH9Kl
emmTtDFL7nmQQbjqdRkvLs3ESmb3d079/aUtIs8kbqV8I7kH2cOdOirgRvxfYENF
XH0nRtY/HqPu+8G4Zgr0mW25B+FwubLw8eN5ymluWTAei9Z/e2ShIobxTmmK8/MT
HLvnu3d6wSjoo5ZK+9N27t10SYzBRghmZT7j9O6kG+nTahtR8e1SwpBwo9yi2Qeq
Dzg+gV0Yv3w1QppUwzt9OHObRLKxcNn+gJu1nb/0E921qcz0NY8U3pcBoZkDUOrK
szuMuy6KQ+weyewAg8VgfXzek2B8UzTs2opD1VacANQ91UIjJTPEaMA61QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKEogMsYyzblw4HWST5ACPnYnHHdMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb1NpQXl4akxOdVhEZ2RaSlBrQUktZGljY2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpmIMA0G
CSqGSIb3DQEBCwUAA4IBAQBz7nQNiWoZckPJQFy+CnETQplJoR/gO7MaFTlKb3SS
SnBaJsrIGqyf0/8maFb9RE1Cx1+W7M3ZX31lFivNNVhWN+LwOwdrnqdxTMyE3xQ6
A41346qFinJcn+kgs0LNN5s5SqH5HbMJrFSWzx/FRi5JYortQ4CrG97UBeHRL+/P
Em0fOUBaaBTFFA95VeYM2F7IwUIQ7Qqa3n36i1ARoTC/TrudECH8McLO3leNHTxP
cXZWQIvhBCKFMJbasWRzWDpAOJhH2AaQsxjlfpKD4ZcNaJ1Ql3X9OPvOB+zhHhMd
Q+eLIxLWwGEmyfxaWe+7uYx2dnOL70xPUzKVdZh1hC/d
-----END CERTIFICATE-----
Generated at Tue Feb 11 15:37:22 2025 by rpki-client