Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/49Xa_PnTt_sZ7RJDHGtdkk6rAPg.roa
File: 49Xa_PnTt_sZ7RJDHGtdkk6rAPg.roa (raw, json)
Hash identifier: JwZjgtCDlyD0QU0lYkwga7fGTSQL5Dk1x3CM6yNhTp4=
Subject key identifier: E3:D5:DA:FC:F9:D3:B7:FB:19:ED:12:43:1C:6B:5D:92:4E:AB:00:F8
Certificate issuer: /CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Certificate serial: 018CC7276910A7C9E7536E3D9D6566C18C80
Authority key identifier: 7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/49Xa_PnTt_sZ7RJDHGtdkk6rAPg.roa
Signing time: Mon 01 Jan 2024 22:31:37 +0000
ROA not before: Mon 01 Jan 2024 22:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 82.192.97.0/24 maxlen: 24
82.192.96.0/24 maxlen: 24
82.192.100.0/24 maxlen: 24
82.192.103.0/24 maxlen: 24
82.192.101.0/24 maxlen: 24
82.192.102.0/24 maxlen: 24
82.192.110.0/24 maxlen: 24
82.192.108.0/24 maxlen: 24
82.192.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.mft
rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 16:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:69:10:a7:c9:e7:53:6e:3d:9d:65:66:c1:8c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7beca4012bf7b5056e2e0a161eb4618876c9112a
Validity
Not Before: Jan 1 22:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3d5dafcf9d3b7fb19ed12431c6b5d924eab00f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bc:42:64:8b:6e:10:8f:75:42:fd:1b:00:a8:
16:9e:04:1b:ed:4c:78:79:91:da:a8:8b:a0:26:f3:
01:fd:a5:16:2a:0c:9c:f0:9e:37:2f:9d:65:2d:3a:
86:15:51:43:57:91:17:c2:2c:38:16:6b:6e:15:b3:
a8:15:58:3a:a3:25:74:7a:2f:37:d7:71:e8:71:9b:
98:52:01:5c:2c:0b:02:b3:9b:30:26:28:b2:44:75:
ff:8b:a9:f1:fc:9e:7a:85:f0:9e:71:01:4f:71:5a:
ed:41:8b:5e:61:6e:7b:8e:d9:4b:26:47:51:a8:be:
88:a7:a7:2d:88:c2:a2:ed:a1:a2:4a:43:95:4c:ae:
ec:59:66:6a:b2:31:26:39:76:19:66:38:62:c2:0e:
21:0b:cf:40:e0:b6:8a:22:91:70:5e:b1:3c:5d:84:
58:ee:32:d2:9b:2b:4b:e8:be:f6:09:05:2d:bd:84:
68:b7:45:79:e0:50:51:7c:d7:76:44:3f:30:4b:1f:
63:88:80:30:56:6e:89:54:42:63:e0:4b:c1:53:9a:
3b:2e:c5:1e:97:f2:7e:52:72:f5:ba:1b:75:d4:3e:
0e:6c:6a:82:4c:8b:7c:46:d6:5c:07:3a:4d:93:6c:
7b:42:57:62:e1:8a:29:dd:12:22:47:ea:ce:82:d2:
38:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D5:DA:FC:F9:D3:B7:FB:19:ED:12:43:1C:6B:5D:92:4E:AB:00:F8
X509v3 Authority Key Identifier:
keyid:7B:EC:A4:01:2B:F7:B5:05:6E:2E:0A:16:1E:B4:61:88:76:C9:11:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e-ykASv3tQVuLgoWHrRhiHbJESo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/49Xa_PnTt_sZ7RJDHGtdkk6rAPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9488d5-a8d3-44b5-92df-58caf4701be3/1/e-ykASv3tQVuLgoWHrRhiHbJESo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.192.96.0/23
82.192.100.0/22
82.192.108.0-82.192.110.255
Signature Algorithm: sha256WithRSAEncryption
3d:8a:ff:a6:b1:6e:1a:2d:e1:4a:95:69:fd:5d:71:48:fc:07:
72:e4:bc:6f:4d:63:e1:e6:85:47:a1:5e:bd:96:46:e6:6d:0f:
9a:8e:bb:ea:49:8e:f0:cd:28:06:2d:80:75:92:a0:eb:f1:7f:
46:41:95:cc:6f:de:48:75:d9:24:f2:6c:49:b8:d3:55:c1:77:
ad:38:e8:e7:c8:ac:cb:e5:d8:e6:3e:d1:1a:8e:62:9c:64:f8:
ef:11:b3:1e:45:1f:16:41:f8:a8:d9:7f:11:11:6a:98:38:a2:
1b:ed:35:c8:13:04:28:36:11:3d:95:41:16:3f:9c:9a:bc:02:
e3:eb:1a:2f:87:13:8d:9f:80:13:35:e5:73:b5:79:28:03:99:
84:62:7e:b7:0d:8c:3d:65:05:fd:ce:aa:fc:94:3b:c0:57:0b:
d4:14:ae:2a:11:f9:1c:50:d6:e4:d5:43:45:7f:7a:29:6e:e0:
77:c6:85:51:5e:ee:33:07:bd:0e:c6:50:d1:49:a9:ec:63:45:
84:aa:02:28:2e:ca:f9:5c:a8:d2:c5:b8:32:37:8f:bc:08:d1:
33:33:94:4c:80:70:26:9f:f5:d7:00:3d:a3:de:96:de:7f:60:
58:3a:94:26:48:f4:af:20:0b:d7:22:5a:41:c0:e0:89:36:fb:
c8:fa:62:7c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHJ2kQp8nnU249nWVmwYyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZWNhNDAxMmJmN2I1MDU2ZTJlMGExNjFlYjQ2MTg4NzZj
OTExMmEwHhcNMjQwMTAxMjIzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Q1ZGFmY2Y5ZDNiN2ZiMTllZDEyNDMxYzZiNWQ5MjRlYWIwMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrxCZItuEI91Qv0bAKgWngQb7Ux4
eZHaqIugJvMB/aUWKgyc8J43L51lLTqGFVFDV5EXwiw4FmtuFbOoFVg6oyV0ei83
13HocZuYUgFcLAsCs5swJiiyRHX/i6nx/J56hfCecQFPcVrtQYteYW57jtlLJkdR
qL6Ip6ctiMKi7aGiSkOVTK7sWWZqsjEmOXYZZjhiwg4hC89A4LaKIpFwXrE8XYRY
7jLSmytL6L72CQUtvYRot0V54FBRfNd2RD8wSx9jiIAwVm6JVEJj4EvBU5o7LsUe
l/J+UnL1uht11D4ObGqCTIt8RtZcBzpNk2x7Qldi4Yop3RIiR+rOgtI4eQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOPV2vz507f7Ge0SQxxrXZJOqwD4MB8GA1UdIwQY
MBaAFHvspAEr97UFbi4KFh60YYh2yREqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYt
NThjYWY0NzAxYmUzLzEvNDlYYV9QblR0X3NaN1JKREhHdGRrazZyQVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85NDg4ZDUtYThkMy00NGI1LTkyZGYtNThjYWY0NzAxYmUz
LzEvZS15a0FTdjN0UVZ1TGdvV0hyUmhpSGJKRVNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUsBgAwQC
UsBkMAwDBAJSwGwDBABSwG4wDQYJKoZIhvcNAQELBQADggEBAD2K/6axbhot4UqV
af1dcUj8B3LkvG9NY+HmhUehXr2WRuZtD5qOu+pJjvDNKAYtgHWSoOvxf0ZBlcxv
3kh12STybEm401XBd6046OfIrMvl2OY+0RqOYpxk+O8Rsx5FHxZB+KjZfxERapg4
ohvtNcgTBCg2ET2VQRY/nJq8AuPrGi+HE42fgBM15XO1eSgDmYRifrcNjD1lBf3O
qvyUO8BXC9QUrioR+RxQ1uTVQ0V/eilu4HfGhVFe7jMHvQ7GUNFJqexjRYSqAigu
yvlcqNLFuDI3j7wI0TMzlEyAcCaf9dcAPaPelt5/YFg6lCZI9K8gC9ciWkHA4Ik2
+8j6Ynw=
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:41:51 2024 by rpki-client on console-ams.rpki-client.org