Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sHkUa7GyTgWaV-5fKbNiXwbW_fk.roa
File: sHkUa7GyTgWaV-5fKbNiXwbW_fk.roa (raw, json)
Hash identifier: qBozPjbtWygofti52GHweW5/02OHnOMexGxU7R8IX7o=
Subject key identifier: B0:79:14:6B:B1:B2:4E:05:9A:57:EE:5F:29:B3:62:5F:06:D6:FD:F9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190454B824E952BA1F5D5F4E9FF487E9CA1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sHkUa7GyTgWaV-5fKbNiXwbW_fk.roa
Signing time: Sun 23 Jun 2024 13:31:34 +0000
ROA not before: Sun 23 Jun 2024 13:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61112
IP address blocks: 82.152.90.0/23 maxlen: 24
82.153.55.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
82.153.135.0/24 maxlen: 24
82.163.16.0/24 maxlen: 24
89.213.40.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.219.0/24 maxlen: 24
89.213.239.0/24 maxlen: 24
194.105.81.0/24 maxlen: 24
213.218.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:45:4b:82:4e:95:2b:a1:f5:d5:f4:e9:ff:48:7e:9c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 23 13:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b079146bb1b24e059a57ee5f29b3625f06d6fdf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e2:1b:e3:de:8a:a7:5a:98:e8:eb:87:1c:67:
73:cb:4a:f5:90:d3:34:cc:95:55:42:18:be:05:65:
b3:26:d8:bc:ce:71:93:8d:1c:fa:b0:5c:71:1d:56:
3d:ae:89:d9:a2:bc:d4:61:7f:3a:a4:61:26:3f:31:
07:83:16:7f:db:6f:1d:23:e6:d9:96:8f:9d:a1:9b:
c1:88:6c:52:a4:75:25:ef:14:ab:d8:08:92:e3:b7:
b0:1a:2c:bc:88:14:4a:a7:4a:4f:88:3c:6c:6c:54:
09:14:41:bf:42:93:fa:69:60:2c:f3:3b:c3:aa:cc:
bc:c2:bd:a4:2e:81:f9:67:70:68:77:9b:9f:ac:9a:
91:8c:8f:c8:14:2c:8b:25:d5:07:ea:54:41:19:1c:
e6:de:4c:75:cd:e4:e8:1a:bd:f9:5f:43:44:ff:d6:
13:e5:0a:ec:58:4a:57:ab:88:90:96:bc:83:c1:ef:
ae:cd:d9:da:de:df:95:dd:62:f1:52:3b:c1:13:77:
10:79:1d:7f:b8:68:ad:cb:bd:1f:95:c7:94:99:19:
14:65:fa:b1:67:06:44:65:ae:08:ee:3b:63:7e:7f:
12:69:98:2e:57:f7:0c:12:d1:a3:9d:18:2b:5f:d4:
4d:b4:2b:f8:c9:73:53:c5:d7:c4:8d:d6:e7:2f:db:
69:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:79:14:6B:B1:B2:4E:05:9A:57:EE:5F:29:B3:62:5F:06:D6:FD:F9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sHkUa7GyTgWaV-5fKbNiXwbW_fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.90.0/23
82.153.55.0/24
82.153.65.0/24
82.153.135.0/24
82.163.16.0/24
89.213.40.0/24
89.213.164.0/24
89.213.182.0/24
89.213.184.0/24
89.213.219.0/24
89.213.239.0/24
194.105.81.0/24
213.218.254.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:7f:57:d8:49:91:3b:e9:30:f2:ad:2b:28:e4:0e:c8:32:55:
2b:b6:ea:b4:59:2c:98:71:71:12:d2:c9:ce:96:89:16:c7:ad:
c8:8d:e4:01:b6:b1:a7:21:99:66:cc:99:c2:a0:f6:2a:f9:62:
9d:38:eb:06:f0:5f:3a:f8:b4:47:aa:d7:44:b5:d9:70:8d:35:
4b:d8:2e:23:de:38:4f:d3:e7:7d:56:02:07:67:19:1d:9b:3b:
2f:a6:be:e6:2b:f7:14:dc:ad:f3:fc:7b:bc:fa:07:f2:9a:7c:
9b:6a:03:0f:8d:70:e2:46:79:a2:93:da:09:9d:c1:a9:96:2f:
72:c9:ec:d0:2c:9d:4a:83:40:97:97:29:70:60:c7:fc:49:98:
ff:79:80:b1:3f:78:d2:75:17:33:22:99:ab:42:ef:70:4d:88:
2b:69:f9:33:a2:9b:3d:81:51:0d:16:e7:00:a5:b4:75:7a:3f:
01:08:6c:57:b9:6c:77:99:6f:6f:93:55:0f:b1:7d:8f:29:1f:
25:6e:0d:21:24:f3:54:a4:32:c1:eb:4d:8e:1f:19:dd:ef:31:
35:e3:5c:dd:18:9c:36:65:6c:ca:08:78:c2:ba:1b:e1:6a:24:
be:33:7d:3c:b6:59:f7:cf:63:fb:4f:e3:6e:49:89:25:65:e7:
41:a3:3d:71
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZBFS4JOlSuh9dX06f9IfpyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjIzMTMzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDc5MTQ2YmIxYjI0ZTA1OWE1N2VlNWYyOWIzNjI1ZjA2ZDZmZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluIb496Kp1qY6OuHHGdzy0r1kNM0
zJVVQhi+BWWzJti8znGTjRz6sFxxHVY9ronZorzUYX86pGEmPzEHgxZ/228dI+bZ
lo+doZvBiGxSpHUl7xSr2AiS47ewGiy8iBRKp0pPiDxsbFQJFEG/QpP6aWAs8zvD
qsy8wr2kLoH5Z3Bod5ufrJqRjI/IFCyLJdUH6lRBGRzm3kx1zeToGr35X0NE/9YT
5QrsWEpXq4iQlryDwe+uzdna3t+V3WLxUjvBE3cQeR1/uGity70flceUmRkUZfqx
ZwZEZa4I7jtjfn8SaZguV/cMEtGjnRgrX9RNtCv4yXNTxdfEjdbnL9tpowIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLB5FGuxsk4FmlfuXymzYl8G1v35MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc0hrVWE3R3lUZ1dhVi01ZktiTmlYd2JXX2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBUphaAwQA
Upk3AwQAUplBAwQAUpmHAwQAUqMQAwQAWdUoAwQAWdWkAwQAWdW2AwQAWdW4AwQA
WdXbAwQAWdXvAwQAwmlRAwQA1dr+MA0GCSqGSIb3DQEBCwUAA4IBAQB6f1fYSZE7
6TDyrSso5A7IMlUrtuq0WSyYcXES0snOlokWx63IjeQBtrGnIZlmzJnCoPYq+WKd
OOsG8F86+LRHqtdEtdlwjTVL2C4j3jhP0+d9VgIHZxkdmzsvpr7mK/cU3K3z/Hu8
+gfymnybagMPjXDiRnmik9oJncGpli9yyezQLJ1Kg0CXlylwYMf8SZj/eYCxP3jS
dRczIpmrQu9wTYgrafkzops9gVENFucApbR1ej8BCGxXuWx3mW9vk1UPsX2PKR8l
bg0hJPNUpDLB602OHxnd7zE141zdGJw2ZWzKCHjCuhvhaiS+M308tln3z2P7T+Nu
SYklZedBoz1x
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:55:48 2024 by rpki-client on console-ams.rpki-client.org