Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sgsfjjJea4kPl6zpa5xM-O1wapY.roa
File: sgsfjjJea4kPl6zpa5xM-O1wapY.roa (raw, json)
Hash identifier: Gy5MfQUbF4UlMIudeGAw3MvZW17YtYvpnR5J/CvIpJw=
Subject key identifier: B2:0B:1F:8E:32:5E:6B:89:0F:97:AC:E9:6B:9C:4C:F8:ED:70:6A:96
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01930C481351413497EE2FE167A163B17555
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sgsfjjJea4kPl6zpa5xM-O1wapY.roa
Signing time: Fri 08 Nov 2024 14:57:50 +0000
ROA not before: Fri 08 Nov 2024 14:57:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 82.153.216.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.218.0/24 maxlen: 24
82.153.219.0/24 maxlen: 24
194.105.76.0/22 maxlen: 24
213.130.132.0/22 maxlen: 22
213.218.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0c:48:13:51:41:34:97:ee:2f:e1:67:a1:63:b1:75:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 8 14:57:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b20b1f8e325e6b890f97ace96b9c4cf8ed706a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3f:75:2e:cc:45:8e:76:9a:48:6a:f4:79:88:
4f:5a:10:2b:80:95:a1:5b:41:38:5c:b0:4d:47:79:
d4:f6:0c:27:a0:04:28:27:cd:42:5f:2d:d2:9d:15:
ff:a8:f4:b6:9d:c0:bf:ef:86:ad:8b:db:f3:ea:c5:
fd:99:75:ca:46:ac:5d:70:99:89:a3:00:80:9a:e2:
fa:0e:7c:36:95:bb:57:ad:29:f0:75:68:3e:11:6c:
08:0e:cd:bb:c5:e4:35:21:f0:9b:88:02:04:4d:c4:
9e:28:e8:73:8d:3d:33:9c:f1:8e:18:bd:68:01:fc:
06:21:c5:6d:61:c1:d8:6e:3a:ad:9e:b9:85:54:e1:
d4:d7:1b:25:22:fc:42:90:58:10:42:67:f7:68:53:
90:59:4a:6a:6b:f8:5a:ed:ab:ec:dd:37:e1:73:97:
43:2b:54:45:c2:0c:2f:92:b1:03:af:fc:12:4c:34:
d4:50:c7:bf:e3:e1:86:f2:9a:52:aa:5d:93:e5:95:
db:88:48:58:c5:37:8b:9c:72:3b:68:db:2f:1b:0e:
1b:34:d5:7b:46:14:3a:e6:90:d5:94:81:e5:65:85:
bf:5d:57:3c:b2:5f:63:7f:76:cb:f8:08:1a:e4:1f:
f3:42:b0:1f:d2:ee:74:a7:8b:f2:ce:66:17:67:db:
61:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0B:1F:8E:32:5E:6B:89:0F:97:AC:E9:6B:9C:4C:F8:ED:70:6A:96
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sgsfjjJea4kPl6zpa5xM-O1wapY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.216.0/22
194.105.76.0/22
213.130.132.0/22
213.218.244.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:b1:bf:b3:db:7a:83:9d:53:e2:f9:db:9a:5a:66:3a:7d:b2:
b4:81:4b:a4:c1:63:e3:7d:8a:76:05:95:d5:97:0e:30:08:16:
f9:90:5c:6c:c5:9e:fd:5b:3c:06:0e:7d:91:7c:87:93:05:d1:
dd:8b:29:4f:a5:bc:83:74:6d:5d:57:1f:6a:6a:14:e5:da:d6:
ef:60:53:5f:ca:f0:ae:84:cd:d6:dc:b5:33:08:98:91:bc:3a:
6f:39:e6:43:fe:54:69:f9:bc:97:5d:d8:21:31:48:58:b8:d4:
4c:00:cb:6d:23:58:66:d6:f1:ff:9d:05:9d:3c:b6:9d:3b:66:
a4:91:ad:28:00:2a:5e:2e:7f:8a:52:15:16:7f:a5:65:93:82:
13:6b:f9:55:93:a9:26:46:e6:93:ae:4d:6f:b7:7f:75:c6:32:
96:06:f6:3b:ef:23:b7:30:72:66:50:12:d5:62:47:c8:70:53:
6d:ed:9b:93:d9:a9:cc:1c:4b:a1:4f:dd:d5:df:b0:bc:74:d9:
bc:d7:f0:8f:74:74:6d:90:bd:a8:e4:b6:d9:49:fe:af:48:a9:
48:d0:93:ac:11:13:d0:57:08:6c:a0:c3:84:3c:b0:f0:9f:ea:
ee:2a:b3:7e:66:67:a6:d0:ec:90:eb:ee:9b:0e:48:94:b9:dd:
43:f5:e4:ed
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMMSBNRQTSX7i/hZ6FjsXVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTA4MTQ1NzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBiMWY4ZTMyNWU2Yjg5MGY5N2FjZTk2YjljNGNmOGVkNzA2YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz91LsxFjnaaSGr0eYhPWhArgJWh
W0E4XLBNR3nU9gwnoAQoJ81CXy3SnRX/qPS2ncC/74ati9vz6sX9mXXKRqxdcJmJ
owCAmuL6Dnw2lbtXrSnwdWg+EWwIDs27xeQ1IfCbiAIETcSeKOhzjT0znPGOGL1o
AfwGIcVtYcHYbjqtnrmFVOHU1xslIvxCkFgQQmf3aFOQWUpqa/ha7avs3Tfhc5dD
K1RFwgwvkrEDr/wSTDTUUMe/4+GG8ppSql2T5ZXbiEhYxTeLnHI7aNsvGw4bNNV7
RhQ65pDVlIHlZYW/XVc8sl9jf3bL+Aga5B/zQrAf0u50p4vyzmYXZ9th/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLILH44yXmuJD5es6WucTPjtcGqWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc2dzZmpqSmVhNGtQbDZ6cGE1eE0tTzF3YXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUpnYAwQC
wmlMAwQC1YKEAwQC1dr0MA0GCSqGSIb3DQEBCwUAA4IBAQBqsb+z23qDnVPi+dua
WmY6fbK0gUukwWPjfYp2BZXVlw4wCBb5kFxsxZ79WzwGDn2RfIeTBdHdiylPpbyD
dG1dVx9qahTl2tbvYFNfyvCuhM3W3LUzCJiRvDpvOeZD/lRp+byXXdghMUhYuNRM
AMttI1hm1vH/nQWdPLadO2akka0oACpeLn+KUhUWf6Vlk4ITa/lVk6kmRuaTrk1v
t391xjKWBvY77yO3MHJmUBLVYkfIcFNt7ZuT2anMHEuhT93V37C8dNm81/CPdHRt
kL2o5LbZSf6vSKlI0JOsERPQVwhsoMOEPLDwn+ruKrN+Zmem0OyQ6+6bDkiUud1D
9eTt
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:29 2024 by rpki-client on console-ams.rpki-client.org