Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pSe_RIpPMPrVkcwHTBIUIe9J1L8.roa
File: pSe_RIpPMPrVkcwHTBIUIe9J1L8.roa (raw, json)
Hash identifier: TEvvhCPMRLDiKazADcAhP3zKIgS0g1hgS5cOFby6XtU=
Subject key identifier: A5:27:BF:44:8A:4F:30:FA:D5:91:CC:07:4C:12:14:21:EF:49:D4:BF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019330DE39D4FC47857A7D24A8E2E3731C43
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pSe_RIpPMPrVkcwHTBIUIe9J1L8.roa
Signing time: Fri 15 Nov 2024 17:28:10 +0000
ROA not before: Fri 15 Nov 2024 17:28:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 82.153.246.0/24 maxlen: 24
109.176.21.0/24 maxlen: 24
109.176.23.0/24 maxlen: 24
109.176.206.0/24 maxlen: 24
213.218.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:de:39:d4:fc:47:85:7a:7d:24:a8:e2:e3:73:1c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 15 17:28:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a527bf448a4f30fad591cc074c121421ef49d4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:31:63:dd:ae:dd:51:4a:d9:1b:4d:11:94:b8:
e4:3d:78:bc:5e:17:aa:d6:1c:86:26:4d:f3:dd:c3:
c9:87:e6:0b:d9:c2:13:bc:5c:aa:4f:00:d7:cd:a7:
07:2c:71:b0:27:50:18:2a:ae:da:ad:c2:a5:01:f7:
bc:32:8a:96:14:6a:74:e9:8a:e5:b6:76:58:b2:3a:
66:b9:c6:f5:df:b4:b0:1f:bb:11:95:39:86:a0:2a:
ab:56:7a:2a:19:a8:0d:bf:74:6d:ea:52:90:66:c3:
e0:cb:78:6a:20:86:2d:b6:a0:7e:fe:4d:ed:e1:b7:
7f:4f:5c:e2:ff:6f:0d:5c:12:10:4d:d3:a1:61:1e:
59:c1:56:02:e9:4a:cd:9e:45:e4:88:e6:10:17:dd:
97:4c:a7:e7:a9:00:37:d6:b3:7f:5d:cf:10:4e:ae:
76:83:78:3f:30:21:13:34:c4:55:29:45:4d:7d:ac:
38:4a:14:15:98:83:6e:d1:eb:00:08:b2:98:50:31:
07:1e:28:94:9d:37:cf:5d:31:2b:73:35:ac:9b:f6:
d5:c2:a3:71:09:8b:96:18:89:8d:16:6a:40:52:52:
f5:9c:7d:73:2e:36:78:ec:ed:0d:50:a4:74:26:b5:
56:65:35:61:c6:3c:aa:4d:a1:2f:38:01:c5:f0:bc:
bf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:27:BF:44:8A:4F:30:FA:D5:91:CC:07:4C:12:14:21:EF:49:D4:BF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pSe_RIpPMPrVkcwHTBIUIe9J1L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.246.0/24
109.176.21.0/24
109.176.23.0/24
109.176.206.0/24
213.218.243.0/24
Signature Algorithm: sha256WithRSAEncryption
49:53:dc:34:ad:93:50:2c:d6:11:f2:49:b3:15:4f:26:58:43:
06:d4:59:a3:0c:8e:ce:3b:cb:ac:a3:55:a1:02:3c:0c:fd:e5:
20:40:0a:08:c5:b8:79:04:3a:90:21:4d:06:c0:0b:4e:5f:71:
a7:91:39:50:88:d8:82:30:d6:12:b1:01:90:29:76:5b:dd:a3:
b8:ed:7f:80:f7:66:b7:65:cf:c4:27:12:7a:28:99:cc:f6:53:
a9:0c:73:6e:1c:16:d9:e7:ca:8c:eb:d2:be:0b:3e:a3:76:fe:
6a:71:88:0e:8b:09:fa:ce:bb:21:51:31:86:4d:35:46:a9:e4:
16:f2:1f:f7:3f:c7:62:80:8e:b2:a9:b5:b2:4c:25:de:80:ab:
7d:ee:e1:e9:93:a0:bb:e9:af:90:71:2b:4d:00:50:51:a0:b4:
b4:bd:be:84:74:74:6a:93:db:ac:df:17:91:86:8e:a1:ce:c6:
54:52:b9:da:1e:04:f4:4f:54:3a:57:af:d4:83:6f:8e:15:e7:
cd:f3:66:e1:87:59:a9:a0:84:b7:d3:0b:8b:00:e5:27:59:98:
e8:b9:75:11:cf:59:d5:04:e0:80:25:cb:cc:54:e4:90:76:7f:
80:be:9c:cf:4f:b9:44:f4:77:c3:65:42:54:99:da:77:ca:18:
6d:ad:1c:fb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZMw3jnU/EeFen0kqOLjcxxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTE1MTcyODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTI3YmY0NDhhNGYzMGZhZDU5MWNjMDc0YzEyMTQyMWVmNDlkNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTFj3a7dUUrZG00RlLjkPXi8Xheq
1hyGJk3z3cPJh+YL2cITvFyqTwDXzacHLHGwJ1AYKq7arcKlAfe8MoqWFGp06Yrl
tnZYsjpmucb137SwH7sRlTmGoCqrVnoqGagNv3Rt6lKQZsPgy3hqIIYttqB+/k3t
4bd/T1zi/28NXBIQTdOhYR5ZwVYC6UrNnkXkiOYQF92XTKfnqQA31rN/Xc8QTq52
g3g/MCETNMRVKUVNfaw4ShQVmINu0esACLKYUDEHHiiUnTfPXTErczWsm/bVwqNx
CYuWGImNFmpAUlL1nH1zLjZ47O0NUKR0JrVWZTVhxjyqTaEvOAHF8Ly/JwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKUnv0SKTzD61ZHMB0wSFCHvSdS/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcFNlX1JJcFBNUHJWa2N3SFRCSVVJZTlKMUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpn2AwQA
bbAVAwQAbbAXAwQAbbDOAwQA1drzMA0GCSqGSIb3DQEBCwUAA4IBAQBJU9w0rZNQ
LNYR8kmzFU8mWEMG1FmjDI7OO8uso1WhAjwM/eUgQAoIxbh5BDqQIU0GwAtOX3Gn
kTlQiNiCMNYSsQGQKXZb3aO47X+A92a3Zc/EJxJ6KJnM9lOpDHNuHBbZ58qM69K+
Cz6jdv5qcYgOiwn6zrshUTGGTTVGqeQW8h/3P8digI6yqbWyTCXegKt97uHpk6C7
6a+QcStNAFBRoLS0vb6EdHRqk9us3xeRho6hzsZUUrnaHgT0T1Q6V6/Ug2+OFefN
82bhh1mpoIS30wuLAOUnWZjouXURz1nVBOCAJcvMVOSQdn+AvpzPT7lE9HfDZUJU
mdp3yhhtrRz7
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:42:34 2024 by rpki-client on console-fra.rpki-client.org