Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vcbrT7SdH7ZcWrAh0bYH7lu_Bp0.roa
File: vcbrT7SdH7ZcWrAh0bYH7lu_Bp0.roa (raw, json)
Hash identifier: mYaD5qlTh/Ah9BdpebH9qWNDHLXzv9fIouTmtoO4lbc=
Subject key identifier: BD:C6:EB:4F:B4:9D:1F:B6:5C:5A:B0:21:D1:B6:07:EE:5B:BF:06:9D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192D85674CBAB3793788214FD297AA085E8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vcbrT7SdH7ZcWrAh0bYH7lu_Bp0.roa
Signing time: Tue 29 Oct 2024 12:53:17 +0000
ROA not before: Tue 29 Oct 2024 12:53:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215304
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:56:74:cb:ab:37:93:78:82:14:fd:29:7a:a0:85:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 29 12:53:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bdc6eb4fb49d1fb65c5ab021d1b607ee5bbf069d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4b:f2:3f:6d:de:07:a9:6f:b9:3e:05:13:0b:
85:21:3d:ba:48:22:54:40:7b:c9:66:f5:96:e1:79:
07:75:4e:7a:2e:4e:aa:91:39:83:ec:c2:68:2d:0f:
1a:23:0d:2a:65:b8:1f:b0:43:b4:b1:82:c9:00:48:
27:98:0c:1f:48:17:32:6e:a7:f4:63:62:a2:3f:76:
ef:e9:27:bf:70:cd:38:af:aa:58:c0:f8:f8:c8:60:
06:fe:d9:07:b9:f5:cc:9c:5d:cf:8b:1b:36:0e:d1:
ed:44:80:85:42:8b:5b:58:20:f6:95:95:4e:fc:22:
f8:8f:da:16:91:6d:a4:74:ef:ef:95:06:e4:3c:00:
db:8d:ed:e3:8c:91:60:d3:07:b3:7c:b0:4d:26:f6:
8a:2c:64:8f:62:d3:06:9a:7d:0a:dd:53:d8:9e:68:
5a:05:a5:ba:9c:df:4a:5b:f2:27:f3:88:6c:f2:68:
aa:f9:22:8b:c0:cc:fd:24:ae:55:41:eb:93:57:8d:
21:17:ce:5c:1c:22:dd:38:57:c4:7d:91:ec:1f:26:
c0:4d:ec:83:7b:4b:02:5e:31:23:7b:9b:2d:63:d7:
f0:c6:6b:22:de:0f:30:01:54:3e:e0:21:f3:92:1e:
03:0b:7b:59:93:b6:7d:44:f5:57:80:51:ca:87:87:
28:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C6:EB:4F:B4:9D:1F:B6:5C:5A:B0:21:D1:B6:07:EE:5B:BF:06:9D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vcbrT7SdH7ZcWrAh0bYH7lu_Bp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.104.0/24
89.213.123.0/24
212.38.81.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
56:d2:d8:1a:b4:2e:5f:1e:62:5b:c9:d7:97:10:3b:cb:11:eb:
06:f9:36:dd:4f:a2:81:39:52:49:bd:52:2f:6a:3f:a4:18:b8:
30:3a:b5:a4:43:3d:07:d0:d5:91:c9:38:c5:22:2c:51:b1:ac:
ea:93:9b:fc:e4:02:0c:95:a8:66:6e:84:60:7e:db:d2:7a:78:
e4:bd:13:2b:54:40:64:fc:46:01:6f:df:1f:6e:ef:b1:c7:56:
c7:98:a7:ab:3d:ca:bc:40:a6:26:a2:e5:2e:cd:f0:73:49:54:
06:af:00:42:e6:35:bb:c9:bc:2d:3c:79:c8:d8:b8:b2:12:61:
c1:7c:63:a7:98:a1:dc:6a:51:b0:7d:65:06:e6:04:85:9f:df:
2d:e1:30:49:3d:80:b9:8a:d1:35:ce:01:dc:98:e0:8b:83:f3:
6d:55:9e:19:73:4f:cc:68:99:9d:dd:e3:3c:ca:86:a3:69:d5:
b1:03:79:d2:64:31:9f:10:35:49:f8:d4:ec:77:05:1b:f6:55:
96:a5:27:9d:e2:ee:7d:96:84:3f:80:43:f1:16:ad:b4:79:0f:
9e:b4:35:89:69:2e:b2:87:03:d3:db:b3:1d:2f:68:59:6a:b4:
09:fe:82:fb:4e:c2:66:49:ac:a8:e4:79:cb:fc:f6:5c:b8:69:
91:1d:c5:06
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLYVnTLqzeTeIIU/Sl6oIXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDI5MTI1MzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGM2ZWI0ZmI0OWQxZmI2NWM1YWIwMjFkMWI2MDdlZTViYmYwNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUvyP23eB6lvuT4FEwuFIT26SCJU
QHvJZvWW4XkHdU56Lk6qkTmD7MJoLQ8aIw0qZbgfsEO0sYLJAEgnmAwfSBcybqf0
Y2KiP3bv6Se/cM04r6pYwPj4yGAG/tkHufXMnF3Pixs2DtHtRICFQotbWCD2lZVO
/CL4j9oWkW2kdO/vlQbkPADbje3jjJFg0wezfLBNJvaKLGSPYtMGmn0K3VPYnmha
BaW6nN9KW/In84hs8miq+SKLwMz9JK5VQeuTV40hF85cHCLdOFfEfZHsHybATeyD
e0sCXjEje5stY9fwxmsi3g8wAVQ+4CHzkh4DC3tZk7Z9RPVXgFHKh4couwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL3G60+0nR+2XFqwIdG2B+5bvwadMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdmNiclQ3U2RIN1pjV3JBaDBiWUg3bHVfQnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpiOAwQA
WdVoAwQAWdV7AwQA1CZRAwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQBW0tgatC5f
HmJbydeXEDvLEesG+TbdT6KBOVJJvVIvaj+kGLgwOrWkQz0H0NWRyTjFIixRsazq
k5v85AIMlahmboRgftvSenjkvRMrVEBk/EYBb98fbu+xx1bHmKerPcq8QKYmouUu
zfBzSVQGrwBC5jW7ybwtPHnI2LiyEmHBfGOnmKHcalGwfWUG5gSFn98t4TBJPYC5
itE1zgHcmOCLg/NtVZ4Zc0/MaJmd3eM8yoajadWxA3nSZDGfEDVJ+NTsdwUb9lWW
pSed4u59loQ/gEPxFq20eQ+etDWJaS6yhwPT27MdL2hZarQJ/oL7TsJmSayo5HnL
/PZcuGmRHcUG
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:45:01 2024 by rpki-client on console-fra.rpki-client.org