Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/bSRavz531iDXgyDmegycAlmSi1A.roa
File: bSRavz531iDXgyDmegycAlmSi1A.roa (raw, json)
Hash identifier: 30/VTvTFxf6FwBl6PAApQuXQp4KL0lqvLPS6Ry6wNhE=
Subject key identifier: 6D:24:5A:BF:3E:77:D6:20:D7:83:20:E6:7A:0C:9C:02:59:92:8B:50
Certificate issuer: /CN=751483655b35a2b847185f689c8fd1601dcc7187
Certificate serial: 018CC3B67BEC52E1D1A27FD2B9DF6EB97650
Authority key identifier: 75:14:83:65:5B:35:A2:B8:47:18:5F:68:9C:8F:D1:60:1D:CC:71:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/bSRavz531iDXgyDmegycAlmSi1A.roa
Signing time: Mon 01 Jan 2024 06:29:25 +0000
ROA not before: Mon 01 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35171
IP address blocks: 85.118.245.0/24 maxlen: 24
85.118.246.0/24 maxlen: 24
85.118.241.0/24 maxlen: 24
85.118.240.0/21 maxlen: 21
85.118.242.0/24 maxlen: 24
85.118.243.0/24 maxlen: 24
85.118.244.0/24 maxlen: 24
85.118.247.0/24 maxlen: 24
85.118.240.0/24 maxlen: 24
45.143.34.0/24 maxlen: 24
45.143.35.0/24 maxlen: 24
45.143.32.0/22 maxlen: 22
45.143.32.0/24 maxlen: 24
45.143.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7b:ec:52:e1:d1:a2:7f:d2:b9:df:6e:b9:76:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=751483655b35a2b847185f689c8fd1601dcc7187
Validity
Not Before: Jan 1 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d245abf3e77d620d78320e67a0c9c0259928b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4d:f0:f4:f9:31:38:91:8c:81:ef:d6:a1:a0:
14:39:5b:88:5f:fd:54:94:ed:fe:be:77:5d:f0:d7:
68:da:75:c1:27:93:4a:38:71:ea:80:08:87:2f:0d:
7c:7c:8f:b4:17:7a:fb:66:7f:0d:60:00:3e:bc:56:
c6:3b:7c:2f:8a:34:94:34:e2:b3:07:54:59:6a:4a:
70:6c:81:10:3c:af:26:d9:91:c4:b0:56:42:a0:08:
9d:1b:85:f2:4c:48:4f:44:89:70:6b:2c:85:c5:3c:
d9:70:15:b1:33:cb:7b:a9:1e:c9:74:c4:54:b4:58:
83:d7:16:13:28:ab:02:26:d1:5c:37:c7:28:90:ea:
04:37:e2:02:7e:15:94:a6:87:5e:54:d5:e9:27:be:
d2:81:c0:4d:73:f5:3f:d6:5d:0f:ba:d3:17:d3:f3:
c8:c4:a9:b0:11:54:61:86:7a:25:79:98:b7:b7:a0:
4f:b7:86:1a:70:0b:ec:ec:0a:e4:bc:6e:99:72:e4:
3a:cc:cd:47:c3:fb:05:f3:f0:74:f6:f9:06:19:d9:
a2:e2:bc:a4:71:e3:6e:1c:57:d3:22:07:9b:01:93:
21:69:90:fd:7f:44:94:f4:36:37:01:36:79:28:d4:
1c:2b:36:4a:c1:18:ec:d4:55:71:39:7d:e8:63:df:
4d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:24:5A:BF:3E:77:D6:20:D7:83:20:E6:7A:0C:9C:02:59:92:8B:50
X509v3 Authority Key Identifier:
keyid:75:14:83:65:5B:35:A2:B8:47:18:5F:68:9C:8F:D1:60:1D:CC:71:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/bSRavz531iDXgyDmegycAlmSi1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.32.0/22
85.118.240.0/21
Signature Algorithm: sha256WithRSAEncryption
94:3c:52:c3:f6:a4:0d:d7:6f:91:f1:23:a9:bd:e1:58:32:d4:
7c:ac:e9:24:6c:f5:45:f6:e9:6f:c1:42:5d:a4:af:83:39:3f:
45:f8:c5:fc:f7:7b:b9:d4:39:c8:06:4d:70:25:ff:c0:b6:24:
f6:3c:78:33:d6:6c:30:0e:ee:bc:38:0c:86:f6:e9:a2:43:c0:
a2:fd:17:6c:c6:19:c0:c9:ff:cf:4f:77:f7:95:c4:13:42:ba:
52:2f:3e:e7:e2:7f:51:49:f8:92:7a:4d:da:59:d0:22:58:8d:
0c:06:0a:c4:d0:5f:40:10:06:09:ac:c2:78:97:94:30:dc:49:
7c:b4:6e:90:d1:fa:91:95:d5:30:29:20:85:26:90:e8:68:0e:
2e:0c:ad:12:a1:90:6a:d6:12:68:8d:ba:e8:fb:61:b5:c1:d1:
ca:de:b5:6f:eb:bf:f1:71:7a:f9:7c:49:03:b3:a4:61:26:96:
23:00:18:10:78:06:fc:a2:8a:6a:55:d4:b9:ba:33:fc:1d:97:
5c:7b:b5:fd:18:19:9d:62:6d:ed:00:db:23:22:51:33:e4:a5:
ba:20:10:82:55:7b:ee:7f:b0:d9:5a:82:a6:6c:d3:d9:2c:04:
fc:79:c9:9e:07:c3:8e:ba:97:ca:50:5f:5a:eb:1e:ea:0a:d4:
b7:34:49:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtnvsUuHRon/Sud9uuXZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MTQ4MzY1NWIzNWEyYjg0NzE4NWY2ODljOGZkMTYwMWRj
YzcxODcwHhcNMjQwMTAxMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDI0NWFiZjNlNzdkNjIwZDc4MzIwZTY3YTBjOWMwMjU5OTI4YjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv03w9PkxOJGMge/WoaAUOVuIX/1U
lO3+vndd8Ndo2nXBJ5NKOHHqgAiHLw18fI+0F3r7Zn8NYAA+vFbGO3wvijSUNOKz
B1RZakpwbIEQPK8m2ZHEsFZCoAidG4XyTEhPRIlwayyFxTzZcBWxM8t7qR7JdMRU
tFiD1xYTKKsCJtFcN8cokOoEN+ICfhWUpodeVNXpJ77SgcBNc/U/1l0PutMX0/PI
xKmwEVRhhnoleZi3t6BPt4YacAvs7ArkvG6ZcuQ6zM1Hw/sF8/B09vkGGdmi4ryk
ceNuHFfTIgebAZMhaZD9f0SU9DY3ATZ5KNQcKzZKwRjs1FVxOX3oY99N0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG0kWr8+d9Yg14Mg5noMnAJZkotQMB8GA1UdIwQY
MBaAFHUUg2VbNaK4RxhfaJyP0WAdzHGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFJTRFpWczFvcmhIR0Y5b25JX1JZQjNNY1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8xMjc5ZmMtMWIyNy00MDdjLTgxZjQt
YTdmYjM2Y2MyZmUzLzEvYlNSYXZ6NTMxaURYZ3lEbWVneWNBbG1TaTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8xMjc5ZmMtMWIyNy00MDdjLTgxZjQtYTdmYjM2Y2MyZmUz
LzEvZFJTRFpWczFvcmhIR0Y5b25JX1JZQjNNY1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY8gAwQD
VXbwMA0GCSqGSIb3DQEBCwUAA4IBAQCUPFLD9qQN12+R8SOpveFYMtR8rOkkbPVF
9ulvwUJdpK+DOT9F+MX893u51DnIBk1wJf/AtiT2PHgz1mwwDu68OAyG9umiQ8Ci
/RdsxhnAyf/PT3f3lcQTQrpSLz7n4n9RSfiSek3aWdAiWI0MBgrE0F9AEAYJrMJ4
l5Qw3El8tG6Q0fqRldUwKSCFJpDoaA4uDK0SoZBq1hJojbro+2G1wdHK3rVv67/x
cXr5fEkDs6RhJpYjABgQeAb8oopqVdS5ujP8HZdce7X9GBmdYm3tANsjIlEz5KW6
IBCCVXvuf7DZWoKmbNPZLAT8ecmeB8OOupfKUF9a6x7qCtS3NEmJ
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:52:39 2024 by rpki-client on console-fra.rpki-client.org