Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tbhN6QfagMyVTLTmz0VssqnlWt8.roa
File: tbhN6QfagMyVTLTmz0VssqnlWt8.roa (raw, json)
Hash identifier: d9c/JgBGTJX5vA84U9ZxPI0IWdUpHXRkhXDIYDNFlTY=
Subject key identifier: B5:B8:4D:E9:07:DA:80:CC:95:4C:B4:E6:CF:45:6C:B2:A9:E5:5A:DF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F2FB170289CCA899F5E54860F5C965B50
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tbhN6QfagMyVTLTmz0VssqnlWt8.roa
Signing time: Tue 30 Apr 2024 15:48:28 +0000
ROA not before: Tue 30 Apr 2024 15:48:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49608
IP address blocks: 213.218.208.0/24 maxlen: 24
213.218.212.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
213.218.232.0/24 maxlen: 24
213.218.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:b1:70:28:9c:ca:89:9f:5e:54:86:0f:5c:96:5b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 30 15:48:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5b84de907da80cc954cb4e6cf456cb2a9e55adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2e:d9:ca:24:a9:34:9e:c2:c0:c5:9b:78:70:
af:81:e6:66:08:bd:f8:db:c4:e3:fe:89:a9:a8:2a:
6a:1e:b0:41:92:24:3a:86:ea:03:e1:2c:29:90:a6:
92:9a:62:e1:6e:6b:4c:6a:c1:4a:16:2b:c0:5a:40:
d9:50:aa:5b:79:ad:23:7f:dd:d9:9a:10:5c:73:65:
f2:54:60:25:9d:e0:d8:69:85:df:2c:b7:71:ee:ad:
73:ab:b8:c0:56:56:fd:18:a7:6c:01:df:67:87:04:
de:2b:8a:43:98:64:32:29:94:f0:1e:1f:8b:67:d5:
19:c3:0e:cc:b6:e5:4e:cc:74:7c:09:ac:d6:d5:bc:
8d:69:29:0a:9b:b4:47:44:7a:72:2f:72:76:b5:cd:
e7:c1:1c:0f:a3:22:b3:1e:7a:3e:93:a1:30:89:52:
9b:de:78:bd:26:c2:37:de:9b:82:fa:2e:c7:ef:26:
39:d3:0b:49:79:0e:17:49:a3:08:aa:90:5a:e5:71:
8f:48:9a:fa:b9:74:4a:4a:2f:c5:c7:4a:12:96:d7:
af:b5:ae:34:bc:35:86:36:34:c8:5b:c9:74:c0:1c:
3c:a1:7b:d3:1d:b7:6d:2f:43:53:69:82:95:72:e7:
da:cf:f7:81:0a:ff:77:b9:70:57:d6:b0:3a:77:86:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B8:4D:E9:07:DA:80:CC:95:4C:B4:E6:CF:45:6C:B2:A9:E5:5A:DF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tbhN6QfagMyVTLTmz0VssqnlWt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.208.0/24
213.218.212.0/24
213.218.215.0/24
213.218.232.0/24
213.218.235.0/24
Signature Algorithm: sha256WithRSAEncryption
58:81:4c:f0:ad:66:09:a6:53:35:58:74:24:59:40:f3:98:4b:
58:87:0a:4a:03:4e:e8:e7:f7:eb:80:c3:5e:27:36:43:db:73:
ac:20:38:70:17:c4:80:21:00:76:4f:17:1d:fa:63:79:c0:ff:
77:a2:8a:4f:42:c4:04:0a:64:ed:8f:ea:75:a2:43:94:71:a8:
11:bc:04:be:ae:1b:ef:5d:74:8e:dd:60:79:e1:75:7a:a5:59:
2f:7d:d2:7c:d6:05:bc:08:d3:1c:c8:7c:ad:d2:bd:98:19:0c:
90:1e:86:1b:f4:70:0d:69:cb:d3:cd:95:d8:d2:f3:12:7a:33:
0b:2c:95:af:6a:23:27:fa:b4:4a:80:96:e1:1a:2a:5e:93:17:
3c:2f:3f:b5:7f:26:c0:fd:5c:ce:34:9b:33:06:83:23:a8:4c:
ac:9e:bd:b4:48:94:3b:b1:57:03:f8:f4:2a:e3:da:f0:c7:0d:
84:d8:1d:c1:93:0b:7b:2e:41:d2:ef:4e:e0:7f:0c:61:f6:56:
0b:83:e0:58:63:31:14:e9:10:10:93:9f:55:43:01:17:af:7d:
55:ca:09:3e:e6:40:c0:68:d1:9a:1c:fb:93:a4:96:c1:ca:05:
47:14:f8:f3:33:18:e1:1f:5d:f7:b1:dd:2a:aa:fe:9f:c1:80:
67:d6:fd:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8vsXAonMqJn15Uhg9clltQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDMwMTU0ODI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWI4NGRlOTA3ZGE4MGNjOTU0Y2I0ZTZjZjQ1NmNiMmE5ZTU1YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApS7ZyiSpNJ7CwMWbeHCvgeZmCL34
28Tj/ompqCpqHrBBkiQ6huoD4SwpkKaSmmLhbmtMasFKFivAWkDZUKpbea0jf93Z
mhBcc2XyVGAlneDYaYXfLLdx7q1zq7jAVlb9GKdsAd9nhwTeK4pDmGQyKZTwHh+L
Z9UZww7MtuVOzHR8CazW1byNaSkKm7RHRHpyL3J2tc3nwRwPoyKzHno+k6EwiVKb
3ni9JsI33puC+i7H7yY50wtJeQ4XSaMIqpBa5XGPSJr6uXRKSi/Fx0oSltevta40
vDWGNjTIW8l0wBw8oXvTHbdtL0NTaYKVcufaz/eBCv93uXBX1rA6d4YI+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLW4TekH2oDMlUy05s9FbLKp5VrfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdGJoTjZRZmFnTXlWVExUbXowVnNzcW5sV3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA1drQAwQA
1drUAwQA1drXAwQA1droAwQA1drrMA0GCSqGSIb3DQEBCwUAA4IBAQBYgUzwrWYJ
plM1WHQkWUDzmEtYhwpKA07o5/frgMNeJzZD23OsIDhwF8SAIQB2Txcd+mN5wP93
oopPQsQECmTtj+p1okOUcagRvAS+rhvvXXSO3WB54XV6pVkvfdJ81gW8CNMcyHyt
0r2YGQyQHoYb9HANacvTzZXY0vMSejMLLJWvaiMn+rRKgJbhGipekxc8Lz+1fybA
/VzONJszBoMjqEysnr20SJQ7sVcD+PQq49rwxw2E2B3Bkwt7LkHS707gfwxh9lYL
g+BYYzEU6RAQk59VQwEXr31Vygk+5kDAaNGaHPuTpJbBygVHFPjzMxjhH133sd0q
qv6fwYBn1v09
-----END CERTIFICATE-----
Generated at Wed May 29 09:46:55 2024 by rpki-client on console-fra.rpki-client.org