Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zmTXaOUEDfYJTl24Hmgnp95jJUA.roa
File: zmTXaOUEDfYJTl24Hmgnp95jJUA.roa (raw, json)
Hash identifier: F7Bgn8EXSGIkfygJX6kPRamg95F3jhw4tGxauUPBvWU=
Subject key identifier: CE:64:D7:68:E5:04:0D:F6:09:4E:5D:B8:1E:68:27:A7:DE:63:25:40
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01921DE9D0CACB26ED4AEBD32E1542F6A615
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zmTXaOUEDfYJTl24Hmgnp95jJUA.roa
Signing time: Mon 23 Sep 2024 08:05:15 +0000
ROA not before: Mon 23 Sep 2024 08:05:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 89.213.43.0/24 maxlen: 24
89.213.99.0/24 maxlen: 24
109.176.200.0/24 maxlen: 24
213.130.155.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.225.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1d:e9:d0:ca:cb:26:ed:4a:eb:d3:2e:15:42:f6:a6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 23 08:05:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce64d768e5040df6094e5db81e6827a7de632540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3a:b2:a1:de:9d:5a:4e:9a:0d:ea:4d:95:18:
b3:c7:8f:1f:83:a1:6c:8c:9b:ea:4b:1e:8e:7b:9c:
fb:d5:61:91:63:cf:1d:34:ea:ba:ae:ec:5c:df:25:
bc:55:43:67:09:7e:e0:c7:7b:15:b7:73:09:42:64:
9f:c7:a5:58:88:41:55:0a:c4:d4:1f:a7:4c:f9:ed:
bd:92:2b:17:7f:a4:50:56:f7:e8:09:50:04:4d:9b:
8a:2b:69:11:0f:3f:8f:18:fc:a2:b1:28:c0:f2:3c:
73:42:ca:6f:1e:db:a5:a8:99:f4:9a:ce:79:b7:d1:
b1:15:2a:c8:54:39:16:5f:27:c8:c5:80:24:37:d3:
c6:03:b5:23:52:4f:6f:2b:1b:6a:8c:c8:cd:1b:e1:
fb:1c:ab:50:34:0a:16:e1:40:3b:2c:74:75:e2:b9:
4a:6b:79:2d:1e:0f:b7:b8:a1:75:1e:d1:4a:1e:c9:
44:14:54:be:01:04:28:da:cf:75:37:9e:f5:60:3e:
2d:b0:3f:c0:25:54:8b:9b:80:41:a6:8a:7a:cb:c0:
09:0c:f0:65:43:45:94:d9:fa:cf:17:99:64:ca:7f:
2b:e0:1e:4e:8c:0c:28:e6:67:cb:c4:15:d5:80:1f:
e1:f2:b9:e0:70:0f:80:79:d6:4b:b0:31:04:e6:bc:
be:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:64:D7:68:E5:04:0D:F6:09:4E:5D:B8:1E:68:27:A7:DE:63:25:40
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zmTXaOUEDfYJTl24Hmgnp95jJUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.43.0/24
89.213.99.0/24
109.176.200.0/24
213.130.155.0/24
213.218.213.0/24
213.218.225.0/24
213.218.227.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:57:d9:ff:16:66:d7:5a:61:44:9d:f0:d5:d6:86:62:ad:cc:
6e:87:27:cb:d4:0f:72:71:a1:4f:38:47:ab:df:fa:88:34:43:
62:53:6a:43:4f:47:a7:45:7f:76:7e:07:80:75:ae:1f:bf:43:
3c:e5:8b:6f:ce:e4:d2:ef:2d:3e:4a:b6:c0:81:e6:d2:82:bc:
62:39:92:ab:cf:66:76:4f:74:8a:c7:7d:04:af:76:3b:ad:c1:
f6:09:39:8d:7d:ec:54:37:f1:c6:63:1e:5e:01:e2:e0:e8:53:
a6:f9:6c:e0:33:0e:1a:83:40:8c:6a:91:36:73:94:a6:a3:cf:
4a:39:89:bb:cf:68:7b:4d:86:7f:0e:b6:26:61:7e:5a:66:d7:
ff:6f:0d:19:f5:62:64:7c:2c:35:19:28:d1:b3:a0:47:61:5b:
16:0e:47:bc:16:03:52:47:43:67:6f:ac:35:19:d0:d0:89:fd:
bd:f2:38:9c:7a:db:89:a4:8a:2a:e5:53:52:fc:a7:e2:24:c2:
8d:64:5e:9b:85:54:30:f4:72:c7:50:6c:1e:0c:6b:59:29:8b:
58:6a:09:8f:be:c0:d9:a0:87:4a:12:a3:5c:37:27:15:71:85:
54:f7:8a:f3:a1:66:5c:88:a8:5d:63:39:49:44:47:f6:8b:5e:
74:96:91:42
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZId6dDKyybtSuvTLhVC9qYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTIzMDgwNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTY0ZDc2OGU1MDQwZGY2MDk0ZTVkYjgxZTY4MjdhN2RlNjMyNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojqyod6dWk6aDepNlRizx48fg6Fs
jJvqSx6Oe5z71WGRY88dNOq6ruxc3yW8VUNnCX7gx3sVt3MJQmSfx6VYiEFVCsTU
H6dM+e29kisXf6RQVvfoCVAETZuKK2kRDz+PGPyisSjA8jxzQspvHtulqJn0ms55
t9GxFSrIVDkWXyfIxYAkN9PGA7UjUk9vKxtqjMjNG+H7HKtQNAoW4UA7LHR14rlK
a3ktHg+3uKF1HtFKHslEFFS+AQQo2s91N571YD4tsD/AJVSLm4BBpop6y8AJDPBl
Q0WU2frPF5lkyn8r4B5OjAwo5mfLxBXVgB/h8rngcA+AedZLsDEE5ry+ZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM5k12jlBA32CU5duB5oJ6feYyVAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvem1UWGFPVUVEZllKVGwyNEhtZ25wOTVqSlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWdUrAwQA
WdVjAwQAbbDIAwQA1YKbAwQA1drVAwQA1drhAwQA1drjMA0GCSqGSIb3DQEBCwUA
A4IBAQCPV9n/FmbXWmFEnfDV1oZircxuhyfL1A9ycaFPOEer3/qINENiU2pDT0en
RX92fgeAda4fv0M85YtvzuTS7y0+SrbAgebSgrxiOZKrz2Z2T3SKx30Er3Y7rcH2
CTmNfexUN/HGYx5eAeLg6FOm+WzgMw4ag0CMapE2c5Smo89KOYm7z2h7TYZ/DrYm
YX5aZtf/bw0Z9WJkfCw1GSjRs6BHYVsWDke8FgNSR0Nnb6w1GdDQif298jicetuJ
pIoq5VNS/KfiJMKNZF6bhVQw9HLHUGweDGtZKYtYagmPvsDZoIdKEqNcNycVcYVU
94rzoWZciKhdYzlJREf2i150lpFC
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:42:34 2024 by rpki-client on console-fra.rpki-client.org