Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/0pq3_RjVbOLR3wab2RkMTrOIjUE.roa
File: 0pq3_RjVbOLR3wab2RkMTrOIjUE.roa (raw, json)
Hash identifier: ZHcf4Atqc0MQPSOcjaxzRosgvx9ICGC7QtNQKmI98jw=
Subject key identifier: D2:9A:B7:FD:18:D5:6C:E2:D1:DF:06:9B:D9:19:0C:4E:B3:88:8D:41
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01927A680CDD3242C90DD8F89AF8254CEB3F
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/0pq3_RjVbOLR3wab2RkMTrOIjUE.roa
Signing time: Fri 11 Oct 2024 07:08:12 +0000
ROA not before: Fri 11 Oct 2024 07:08:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:68:0c:dd:32:42:c9:0d:d8:f8:9a:f8:25:4c:eb:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Oct 11 07:08:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d29ab7fd18d56ce2d1df069bd9190c4eb3888d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:49:25:21:5b:74:89:e4:c4:f2:5c:bd:12:21:
77:79:6b:c4:b4:93:1f:76:39:f7:65:90:12:93:ea:
48:a7:d4:e4:c7:28:8d:44:0c:63:6d:a0:a4:f5:a9:
30:5d:03:60:4e:fd:03:00:af:56:e4:ba:53:4b:c7:
b8:15:94:83:c3:2c:4b:63:3a:09:d8:f7:12:c2:e1:
59:47:31:54:a2:a8:29:df:a5:30:f6:b1:77:c0:09:
38:81:62:b5:6b:10:2f:3c:08:f4:db:1f:67:36:5b:
28:7d:3a:c4:3e:02:f5:50:c5:d0:c0:e5:ea:0b:78:
99:f3:17:86:ac:f8:7f:91:60:46:4f:c2:f6:7e:94:
60:08:d1:bf:a1:b2:9e:7b:29:88:a0:5e:94:fd:6c:
dd:d5:7b:c7:27:5e:fe:b8:a8:3f:c0:e2:cd:f1:b1:
79:4b:cf:11:11:68:16:c3:92:17:fc:4d:9c:e7:c3:
0e:5d:4d:eb:df:fb:97:62:15:22:69:51:7e:f7:c3:
2e:6d:48:fb:c0:04:72:43:ae:46:b2:b9:8e:5a:5a:
e7:51:a0:57:2f:af:34:43:02:4c:60:d6:95:12:cd:
9b:3a:a1:36:8a:d1:67:e3:aa:fc:36:5e:d2:a9:c2:
59:69:cf:4e:d6:af:a9:90:b7:28:3c:a4:67:85:f9:
83:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9A:B7:FD:18:D5:6C:E2:D1:DF:06:9B:D9:19:0C:4E:B3:88:8D:41
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/0pq3_RjVbOLR3wab2RkMTrOIjUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.152.0/24
89.252.157.0/24
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:58:75:16:6f:12:08:d6:e8:1e:57:b8:83:04:80:8c:61:b9:
17:17:5e:59:ee:7d:92:08:28:5d:09:2e:20:eb:30:c3:ea:fd:
1a:32:73:5d:1c:b2:eb:ba:57:7f:2a:4c:bd:0e:b1:85:3c:70:
bc:53:b1:e9:87:3e:21:81:e6:65:08:24:a2:24:a7:8f:19:ce:
41:23:97:39:26:b2:1f:45:15:c8:64:8c:87:7a:38:28:6a:c5:
cf:cc:0f:81:ee:d8:d8:da:75:4d:77:40:5e:c8:81:ff:29:28:
18:6f:4b:dd:f8:00:6a:5a:67:c6:f2:0f:dc:93:47:09:cc:9f:
d8:3b:f0:8c:b8:e2:7d:f6:db:a7:0b:e5:07:3f:74:ec:d5:0e:
97:83:73:3d:2c:9c:2e:8a:c3:6c:f4:a2:8a:e3:d9:c9:2a:2b:
b0:ba:53:2a:da:00:4c:e6:14:15:1c:e5:bc:fa:d0:a2:bd:71:
1e:3c:e4:a2:a4:04:5b:45:da:16:f9:84:50:f8:55:a3:15:de:
5d:1f:5a:fb:37:00:31:b9:5c:a1:22:8e:9c:63:40:b8:cc:59:
cd:ee:5f:63:b0:b6:bc:21:15:56:29:7b:a9:ab:0c:b6:3c:17:
26:07:a2:70:d3:72:71:6c:24:dc:fe:c0:cd:e0:c1:56:2d:cf:
86:3c:fc:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJ6aAzdMkLJDdj4mvglTOs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjQxMDExMDcwODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjlhYjdmZDE4ZDU2Y2UyZDFkZjA2OWJkOTE5MGM0ZWIzODg4ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEklIVt0ieTE8ly9EiF3eWvEtJMf
djn3ZZASk+pIp9TkxyiNRAxjbaCk9akwXQNgTv0DAK9W5LpTS8e4FZSDwyxLYzoJ
2PcSwuFZRzFUoqgp36Uw9rF3wAk4gWK1axAvPAj02x9nNlsofTrEPgL1UMXQwOXq
C3iZ8xeGrPh/kWBGT8L2fpRgCNG/obKeeymIoF6U/Wzd1XvHJ17+uKg/wOLN8bF5
S88REWgWw5IX/E2c58MOXU3r3/uXYhUiaVF+98MubUj7wARyQ65GsrmOWlrnUaBX
L680QwJMYNaVEs2bOqE2itFn46r8Nl7SqcJZac9O1q+pkLcoPKRnhfmD9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNKat/0Y1Wzi0d8Gm9kZDE6ziI1BMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvMHBxM19SalZiT0xSM3dhYjJSa01Uck9JalVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfyOAwQA
WfyYAwQAWfydAwQAXmYMMA0GCSqGSIb3DQEBCwUAA4IBAQCMWHUWbxII1ugeV7iD
BICMYbkXF15Z7n2SCChdCS4g6zDD6v0aMnNdHLLruld/Kky9DrGFPHC8U7Hphz4h
geZlCCSiJKePGc5BI5c5JrIfRRXIZIyHejgoasXPzA+B7tjY2nVNd0BeyIH/KSgY
b0vd+ABqWmfG8g/ck0cJzJ/YO/CMuOJ99tunC+UHP3Ts1Q6Xg3M9LJwuisNs9KKK
49nJKiuwulMq2gBM5hQVHOW8+tCivXEePOSipARbRdoW+YRQ+FWjFd5dH1r7NwAx
uVyhIo6cY0C4zFnN7l9jsLa8IRVWKXupqwy2PBcmB6Jw03JxbCTc/sDN4MFWLc+G
PPym
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:10:29 2024 by rpki-client on console-fra.rpki-client.org