Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/biWjhnZe1saWLUxQF_yXoxWaFJg.roa
File: biWjhnZe1saWLUxQF_yXoxWaFJg.roa (raw, json)
Hash identifier: OX33yz0/IW5csF9MmZM2IlMSNMNkjdgfr1tUYDP37rY=
Subject key identifier: 6E:25:A3:86:76:5E:D6:C6:96:2D:4C:50:17:FC:97:A3:15:9A:14:98
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 018CCA2B0B20C48F1B2E4A9252962F891728
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/biWjhnZe1saWLUxQF_yXoxWaFJg.roa
Signing time: Tue 02 Jan 2024 12:34:27 +0000
ROA not before: Tue 02 Jan 2024 12:34:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47846
IP address blocks: 82.98.86.0/24 maxlen: 24
213.83.58.0/24 maxlen: 24
82.98.99.0/24 maxlen: 24
82.98.109.192/27 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:0b:20:c4:8f:1b:2e:4a:92:52:96:2f:89:17:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 2 12:34:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e25a386765ed6c6962d4c5017fc97a3159a1498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:75:86:7a:c9:01:58:7e:bb:e8:91:c6:f3:7b:
5c:e1:53:0e:96:7c:1c:d2:ce:52:21:c3:e4:c2:25:
4a:dd:dd:b8:29:35:ec:c8:8c:63:08:f4:82:fb:ad:
37:3b:61:4c:3b:98:f3:1a:e7:4c:ab:54:eb:85:d5:
d3:3d:2b:b6:89:47:bb:62:40:b5:4c:40:54:60:07:
69:d1:c6:29:fb:9d:ac:3e:c0:1b:d6:c9:77:24:f8:
a8:59:3c:3a:6d:e1:dd:85:d2:5b:1a:61:d1:92:e2:
18:5c:50:49:97:ad:cd:d1:54:68:7d:10:11:ba:0a:
18:43:6d:da:be:87:76:ac:7c:fe:9a:f6:9f:78:55:
c5:fc:2a:2a:6e:ab:8d:cb:d9:84:96:92:df:f6:3b:
2c:ca:ab:cf:e1:a4:ba:72:fa:dc:45:28:97:c3:38:
40:2b:dc:8f:71:00:55:62:42:4c:0e:7c:96:ef:97:
43:68:2d:4f:f5:ec:c0:e2:3f:62:3a:4a:37:41:ef:
98:97:2e:a6:2e:dd:ba:12:44:cc:5a:16:bd:60:7d:
0f:60:c3:53:bf:fb:80:55:53:98:cb:e7:0f:ec:f9:
a7:58:40:d4:89:49:03:09:bb:49:72:26:74:5b:8b:
58:29:f8:ac:08:96:77:f5:cc:e7:ff:de:5c:0a:1e:
3e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:25:A3:86:76:5E:D6:C6:96:2D:4C:50:17:FC:97:A3:15:9A:14:98
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/biWjhnZe1saWLUxQF_yXoxWaFJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.86.0/24
82.98.99.0/24
82.98.109.192/27
213.83.58.0/24
Signature Algorithm: sha256WithRSAEncryption
64:52:c5:f2:09:e7:a5:42:06:64:b3:f8:68:e3:09:30:b6:1c:
28:4f:72:e5:b4:5d:d0:28:be:b7:b6:03:5a:67:51:d3:14:a1:
26:0c:79:c1:5a:a0:8a:67:eb:78:05:0e:19:2c:08:18:00:6a:
42:b7:ee:73:ef:de:5c:7d:b3:24:56:7e:60:3d:3a:63:7f:65:
e3:40:99:95:c9:ee:5a:22:ee:14:12:98:f5:ea:ab:8a:90:88:
e8:73:38:fb:90:85:c6:4c:ee:76:80:51:cf:f8:1d:20:b1:ad:
bd:61:a0:9c:36:88:41:a7:07:bb:7c:73:eb:87:ec:16:60:b1:
49:4c:e3:40:8a:e4:4f:fc:a9:66:ac:44:4b:42:6e:dc:06:b0:
4c:72:0f:58:e1:db:af:40:e6:47:9c:15:68:68:72:59:39:ac:
3b:68:1b:1b:59:68:1c:1e:2d:63:15:5c:9c:90:89:61:62:92:
02:41:03:69:9c:90:34:33:53:50:45:05:9b:3c:f2:c0:fc:36:
3e:86:25:e4:29:89:2c:28:02:b4:a4:90:f8:75:48:84:29:33:
04:46:83:27:27:12:3d:d4:bc:eb:68:8d:91:b7:ea:a1:94:29:
f2:88:8e:c9:66:a2:30:bf:78:16:ae:42:15:d2:af:23:df:d9:
8a:2c:13:d5
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzKKwsgxI8bLkqSUpYviRcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjQwMTAyMTIzNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI1YTM4Njc2NWVkNmM2OTYyZDRjNTAxN2ZjOTdhMzE1OWExNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3WGeskBWH676JHG83tc4VMOlnwc
0s5SIcPkwiVK3d24KTXsyIxjCPSC+603O2FMO5jzGudMq1TrhdXTPSu2iUe7YkC1
TEBUYAdp0cYp+52sPsAb1sl3JPioWTw6beHdhdJbGmHRkuIYXFBJl63N0VRofRAR
ugoYQ23avod2rHz+mvafeFXF/CoqbquNy9mElpLf9jssyqvP4aS6cvrcRSiXwzhA
K9yPcQBVYkJMDnyW75dDaC1P9ezA4j9iOko3Qe+Yly6mLt26EkTMWha9YH0PYMNT
v/uAVVOYy+cP7PmnWEDUiUkDCbtJciZ0W4tYKfisCJZ39czn/95cCh4+IQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFG4lo4Z2XtbGli1MUBf8l6MVmhSYMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvYmlXamhuWmUxc2FXTFV4UUZfeVhveFdhRkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQAUmJWAwQA
UmJjAwUFUmJtwAMEANVTOjANBgkqhkiG9w0BAQsFAAOCAQEAZFLF8gnnpUIGZLP4
aOMJMLYcKE9y5bRd0Ci+t7YDWmdR0xShJgx5wVqgimfreAUOGSwIGABqQrfuc+/e
XH2zJFZ+YD06Y39l40CZlcnuWiLuFBKY9eqripCI6HM4+5CFxkzudoBRz/gdILGt
vWGgnDaIQacHu3xz64fsFmCxSUzjQIrkT/ypZqxES0Ju3AawTHIPWOHbr0DmR5wV
aGhyWTmsO2gbG1loHB4tYxVcnJCJYWKSAkEDaZyQNDNTUEUFmzzywPw2PoYl5CmJ
LCgCtKSQ+HVIhCkzBEaDJycSPdS862iNkbfqoZQp8oiOyWaiML94Fq5CFdKvI9/Z
iiwT1Q==
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:00:15 2024 by rpki-client on console-fra.rpki-client.org