Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/s8ytTNRDlOTY6HsNbng9wGVCGI0.roa
File: s8ytTNRDlOTY6HsNbng9wGVCGI0.roa (raw, json)
Hash identifier: SdNcNQ0xoa7W1OJJGVj4ixk6pe6AJqkJTai1XCozrSo=
Subject key identifier: B3:CC:AD:4C:D4:43:94:E4:D8:E8:7B:0D:6E:78:3D:C0:65:42:18:8D
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 018CF830406AE0B39B3202974B5B846F5DCD
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/s8ytTNRDlOTY6HsNbng9wGVCGI0.roa
Signing time: Thu 11 Jan 2024 11:02:40 +0000
ROA not before: Thu 11 Jan 2024 11:02:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206564
IP address blocks: 82.98.80.0/24 maxlen: 32
212.19.40.0/24 maxlen: 32
82.98.90.0/24 maxlen: 24
82.98.91.0/24 maxlen: 32
212.19.48.0/24 maxlen: 32
213.83.48.0/24 maxlen: 32
212.19.47.0/24 maxlen: 32
213.83.52.0/24 maxlen: 24
82.98.93.0/24 maxlen: 24
212.19.61.0/24 maxlen: 24
82.98.105.0/24 maxlen: 32
82.98.126.0/24 maxlen: 24
82.98.127.0/24 maxlen: 24
213.83.1.0/24 maxlen: 32
213.83.5.0/24 maxlen: 32
213.83.17.0/24 maxlen: 32
82.98.67.0/24 maxlen: 32
82.98.78.0/24 maxlen: 32
82.98.74.0/24 maxlen: 32
2a02:2e0:417::/48 maxlen: 48
2a02:2e0:cd4d::/48 maxlen: 48
2a02:2e0:3e8::/48 maxlen: 128
2a02:2e0:1::/48 maxlen: 48
2a02:2e0:41c::/48 maxlen: 128
2a02:2e0:a::/48 maxlen: 48
2a02:2e0:3e5::/48 maxlen: 128
2a02:2e0:fffe::/48 maxlen: 128
2a02:2e0:41b::/48 maxlen: 128
2a02:2e0:431::/48 maxlen: 48
2a02:2e0:3f5::/48 maxlen: 128
2a02:2e0:3ee::/48 maxlen: 128
2a02:2e0:cd4e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 06:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:30:40:6a:e0:b3:9b:32:02:97:4b:5b:84:6f:5d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 11 11:02:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3ccad4cd44394e4d8e87b0d6e783dc06542188d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:45:d9:42:17:6f:ba:02:02:05:48:12:f0:a3:
17:96:1a:cd:1a:b6:f4:76:d1:6a:b0:a1:fd:6b:8f:
d0:e6:ec:0d:1a:22:18:39:56:3e:1e:d5:62:67:91:
10:48:18:5e:db:d0:bc:fb:0b:21:ff:2e:64:01:16:
c3:fc:29:c5:c9:cf:47:25:77:31:ff:92:c9:8b:6d:
10:b8:85:eb:42:16:e1:a0:0c:3c:2b:74:42:3e:10:
bf:56:9b:7d:44:72:16:75:eb:ad:af:c6:8e:03:1e:
b8:eb:0a:0c:0e:12:ff:3e:94:36:bd:c0:99:ea:9c:
6a:04:b5:35:ca:9c:51:f1:63:01:57:14:64:4b:fe:
eb:f7:57:62:e4:48:37:a8:67:a3:ec:bc:9a:6c:20:
53:5a:99:57:de:bd:be:91:1d:8d:32:d4:45:1f:2e:
cd:60:f6:08:6a:6b:d4:ea:78:44:13:bc:81:fe:78:
8b:53:77:04:52:22:2f:59:cf:3b:d0:d4:81:d6:d6:
c5:ab:80:36:6b:00:40:57:dc:bb:bb:ed:f4:25:f0:
f8:98:78:b3:cb:6a:3e:8e:72:0b:d4:35:00:2f:c5:
72:0f:ba:7b:cf:50:2b:44:60:c6:b6:7d:da:95:33:
a1:25:7e:04:f1:8a:cd:1d:79:4f:3c:90:50:06:69:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:CC:AD:4C:D4:43:94:E4:D8:E8:7B:0D:6E:78:3D:C0:65:42:18:8D
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/s8ytTNRDlOTY6HsNbng9wGVCGI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.67.0/24
82.98.74.0/24
82.98.78.0/24
82.98.80.0/24
82.98.90.0/23
82.98.93.0/24
82.98.105.0/24
82.98.126.0/23
212.19.40.0/24
212.19.47.0-212.19.48.255
212.19.61.0/24
213.83.1.0/24
213.83.5.0/24
213.83.17.0/24
213.83.48.0/24
213.83.52.0/24
IPv6:
2a02:2e0:1::/48
2a02:2e0:a::/48
2a02:2e0:3e5::/48
2a02:2e0:3e8::/48
2a02:2e0:3ee::/48
2a02:2e0:3f5::/48
2a02:2e0:417::/48
2a02:2e0:41b::-2a02:2e0:41c:ffff:ffff:ffff:ffff:ffff
2a02:2e0:431::/48
2a02:2e0:cd4d::-2a02:2e0:cd4e:ffff:ffff:ffff:ffff:ffff
2a02:2e0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
86:73:c1:93:80:fc:7c:79:a4:7e:3a:9a:2f:f6:e1:50:ba:f2:
38:79:72:26:b7:b0:6c:c2:43:ae:a3:2e:19:f6:8e:ae:7b:b4:
82:9a:8c:b1:da:d4:41:36:f7:ee:56:5a:3f:da:74:fc:e4:7f:
e3:04:80:4d:1a:1a:e3:bc:02:6a:95:7f:46:4f:92:b8:e7:df:
6a:a4:f8:48:ad:1c:f8:69:90:33:4c:e3:ce:e3:d6:f2:a5:43:
27:87:1b:5f:87:75:b8:d2:d2:a0:38:72:15:95:1b:9d:cd:43:
8a:bf:fa:41:88:94:d9:de:32:6c:af:07:fe:03:00:e2:34:23:
81:62:ed:2c:9c:d6:36:65:ad:73:2e:e1:98:cd:98:45:78:bb:
05:84:fd:16:a0:f0:cd:69:7f:e2:b0:b3:b4:fe:ef:82:c4:ae:
39:21:5e:3c:43:4a:87:39:25:e3:96:ca:84:e0:bf:21:09:58:
94:bd:f6:2b:f3:de:f4:ce:41:a0:c1:ad:0a:11:c3:d6:88:56:
e7:1f:66:1b:f9:76:16:bc:af:17:ba:09:70:0b:4a:80:80:08:
06:fe:a4:8b:4d:d6:a2:ba:29:c6:a0:9c:9e:bd:7f:ef:85:e0:
41:ba:ca:2f:77:5f:44:a5:84:bd:58:2d:48:de:4e:bb:33:63:
af:b8:0d:26
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAYz4MEBq4LObMgKXS1uEb13NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjQwMTExMTEwMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2NjYWQ0Y2Q0NDM5NGU0ZDhlODdiMGQ2ZTc4M2RjMDY1NDIxODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkXZQhdvugICBUgS8KMXlhrNGrb0
dtFqsKH9a4/Q5uwNGiIYOVY+HtViZ5EQSBhe29C8+wsh/y5kARbD/CnFyc9HJXcx
/5LJi20QuIXrQhbhoAw8K3RCPhC/Vpt9RHIWdeutr8aOAx646woMDhL/PpQ2vcCZ
6pxqBLU1ypxR8WMBVxRkS/7r91di5Eg3qGej7LyabCBTWplX3r2+kR2NMtRFHy7N
YPYIamvU6nhEE7yB/niLU3cEUiIvWc870NSB1tbFq4A2awBAV9y7u+30JfD4mHiz
y2o+jnIL1DUAL8VyD7p7z1ArRGDGtn3alTOhJX4E8YrNHXlPPJBQBmk7IwIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFLPMrUzUQ5Tk2Oh7DW54PcBlQhiNMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvczh5dFROUkRsT1RZNkhzTmJuZzl3R1ZDR0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwbgQCAAEwaAMEAFJi
QwMEAFJiSgMEAFJiTgMEAFJiUAMEAVJiWgMEAFJiXQMEAFJiaQMEAVJifgMEANQT
KDAMAwQA1BMvAwQA1BMwAwQA1BM9AwQA1VMBAwQA1VMFAwQA1VMRAwQA1VMwAwQA
1VM0MH8EAgACMHkDBwAqAgLgAAEDBwAqAgLgAAoDBwAqAgLgA+UDBwAqAgLgA+gD
BwAqAgLgA+4DBwAqAgLgA/UDBwAqAgLgBBcwEgMHACoCAuAEGwMHACoCAuAEHAMH
ACoCAuAEMTASAwcAKgIC4M1NAwcAKgIC4M1OAwcAKgIC4P/+MA0GCSqGSIb3DQEB
CwUAA4IBAQCGc8GTgPx8eaR+Opov9uFQuvI4eXImt7BswkOuoy4Z9o6ue7SCmoyx
2tRBNvfuVlo/2nT85H/jBIBNGhrjvAJqlX9GT5K4599qpPhIrRz4aZAzTOPO49by
pUMnhxtfh3W40tKgOHIVlRudzUOKv/pBiJTZ3jJsrwf+AwDiNCOBYu0snNY2Za1z
LuGYzZhFeLsFhP0WoPDNaX/isLO0/u+CxK45IV48Q0qHOSXjlsqE4L8hCViUvfYr
8970zkGgwa0KEcPWiFbnH2Yb+XYWvK8XuglwC0qAgAgG/qSLTdaiuinGoJyevX/v
heBBusovd19EpYS9WC1I3k67M2OvuA0m
-----END CERTIFICATE-----
Generated at Tue Nov 26 14:52:16 2024 by rpki-client on console-ams.rpki-client.org