Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/x30jarAqN5N1PN111L5PJijPz58.roa
File: x30jarAqN5N1PN111L5PJijPz58.roa (raw, json)
Hash identifier: c6UjOCW4dC0MjJcNHihgZj1dJFA8Q4wkiBsgKAr3WuY=
Subject key identifier: C7:7D:23:6A:B0:2A:37:93:75:3C:DD:75:D4:BE:4F:26:28:CF:CF:9F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC34968B1B2D62300579B95E2E08665EC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/x30jarAqN5N1PN111L5PJijPz58.roa
Signing time: Mon 01 Jan 2024 04:30:17 +0000
ROA not before: Mon 01 Jan 2024 04:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.140.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.153.250.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
81.168.41.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:68:b1:b2:d6:23:00:57:9b:95:e2:e0:86:65:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c77d236ab02a3793753cdd75d4be4f2628cfcf9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3b:a2:c5:43:55:5f:4f:d0:a0:32:db:87:06:
00:15:7d:f0:12:ac:19:5c:d7:9e:80:e0:ff:19:96:
05:7e:0d:57:38:04:05:2a:2a:f0:5c:df:af:f6:24:
e5:2b:02:e5:67:1b:28:9b:59:13:9a:d0:ab:a3:26:
70:32:0d:10:28:1c:1e:5f:fd:da:99:d6:8b:41:49:
37:f0:2e:6e:b7:77:83:bf:5a:9f:24:41:dd:d2:90:
20:cb:a1:3b:c1:3c:9a:7e:03:60:5a:40:6b:b1:bd:
16:e2:cf:fc:5e:d6:c0:56:35:92:9d:bb:a2:b8:2b:
f2:7e:b6:6d:b3:34:64:c0:b4:bc:09:25:34:89:14:
6c:a2:42:3c:8f:fe:9a:d0:7c:8f:51:2d:7b:5a:77:
02:f4:b9:01:e3:e9:53:fc:ce:dd:5b:a4:9f:b4:d9:
31:bc:b5:da:c4:e5:c6:7a:2f:42:89:27:ab:3c:99:
48:46:c9:9f:bc:43:19:94:ff:f5:2b:82:2e:78:95:
f6:0f:bc:1f:6e:e2:f2:ab:7e:55:cc:0a:d6:1d:d6:
1e:84:bb:47:3f:9c:f0:8b:ff:82:36:77:b5:6d:51:
3e:98:a2:4a:96:57:fb:ef:87:92:f5:99:56:e4:ad:
8f:1c:31:da:4e:e1:91:24:34:ac:fb:e6:be:dc:64:
62:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7D:23:6A:B0:2A:37:93:75:3C:DD:75:D4:BE:4F:26:28:CF:CF:9F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/x30jarAqN5N1PN111L5PJijPz58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
82.152.252.0/23
82.152.255.0/24
82.153.137.0/24
82.153.139.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.240.0/24
82.153.249.0-82.153.250.255
89.213.136.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:ed:f3:16:e4:23:06:a7:7d:39:8d:63:33:60:d2:af:7a:16:
b6:7f:8c:98:cb:e7:93:24:2c:35:dd:c6:bd:d1:c8:a2:9b:a0:
74:99:25:9b:c8:a7:55:25:71:b8:5e:f3:b4:a7:cf:88:04:05:
dd:56:a0:ef:1f:11:c3:0b:07:43:6a:fa:8f:82:3f:3f:56:d7:
32:a7:90:fb:36:31:10:88:55:c1:29:46:61:e5:6c:44:79:fa:
97:6c:b1:d3:d6:df:ff:d4:eb:3d:5b:ae:fb:c9:02:58:14:1d:
bd:10:56:7b:63:8d:5b:19:fe:7b:b4:fc:48:6e:67:c8:98:cc:
55:e5:17:5e:7c:ca:1c:34:05:2d:65:aa:93:8c:56:be:ba:80:
51:80:dd:65:d5:6f:8d:df:80:22:d6:e0:fa:e5:5d:42:08:9e:
58:f7:eb:33:bd:a7:ff:0d:36:b3:8a:0a:7c:f0:7e:a5:59:a5:
09:c0:38:9f:dd:33:ff:4d:03:3b:05:43:dc:78:8e:9a:54:cc:
d4:0e:49:91:7f:08:a5:4c:88:a7:21:cc:5a:07:b4:de:de:86:
d6:5a:87:66:f8:a6:f8:0c:ed:2c:c4:19:17:d3:97:86:a7:ba:
97:87:f8:07:af:87:9d:de:b1:47:4a:18:ca:63:06:a1:e1:9a:
3c:5b:15:96
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYzDSWixstYjAFebleLghmXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzdkMjM2YWIwMmEzNzkzNzUzY2RkNzVkNGJlNGYyNjI4Y2ZjZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozuixUNVX0/QoDLbhwYAFX3wEqwZ
XNeegOD/GZYFfg1XOAQFKirwXN+v9iTlKwLlZxsom1kTmtCroyZwMg0QKBweX/3a
mdaLQUk38C5ut3eDv1qfJEHd0pAgy6E7wTyafgNgWkBrsb0W4s/8XtbAVjWSnbui
uCvyfrZtszRkwLS8CSU0iRRsokI8j/6a0HyPUS17WncC9LkB4+lT/M7dW6SftNkx
vLXaxOXGei9CiSerPJlIRsmfvEMZlP/1K4IueJX2D7wfbuLyq35VzArWHdYehLtH
P5zwi/+CNne1bVE+mKJKllf774eS9ZlW5K2PHDHaTuGRJDSs++a+3GRiGQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFMd9I2qwKjeTdTzdddS+TyYoz8+fMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveDMwamFyQXFONU4xUE4xMTFMNVBKaWpQejU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAUQWcAwQA
UagpAwQBUpj8AwQAUpj/AwQAUpmJMAwDBABSmYsDBABSmYwDBABSmd0DBABSmd8D
BABSmfAwDAMEAFKZ+QMEAFKZ+gMEAFnViDANBgkqhkiG9w0BAQsFAAOCAQEAbu3z
FuQjBqd9OY1jM2DSr3oWtn+MmMvnkyQsNd3GvdHIopugdJklm8inVSVxuF7ztKfP
iAQF3Vag7x8RwwsHQ2r6j4I/P1bXMqeQ+zYxEIhVwSlGYeVsRHn6l2yx09bf/9Tr
PVuu+8kCWBQdvRBWe2ONWxn+e7T8SG5nyJjMVeUXXnzKHDQFLWWqk4xWvrqAUYDd
ZdVvjd+AItbg+uVdQgieWPfrM72n/w02s4oKfPB+pVmlCcA4n90z/00DOwVD3HiO
mlTM1A5JkX8IpUyIpyHMWge03t6G1lqHZvim+AztLMQZF9OXhqe6l4f4B6+Hnd6x
R0oYymMGoeGaPFsVlg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:42:34 2024 by rpki-client on console-fra.rpki-client.org