Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/ChifnVJN9kS8lweouUR_Zu0f6eQ.roa
File: ChifnVJN9kS8lweouUR_Zu0f6eQ.roa (raw, json)
Hash identifier: YekYNRz1yaMFTWyzcoMs4efFlC8D8wn6OJljwojzo74=
Subject key identifier: 0A:18:9F:9D:52:4D:F6:44:BC:97:07:A8:B9:44:7F:66:ED:1F:E9:E4
Certificate issuer: /CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Certificate serial: 018F7BEBDB46FFF0C5956DE49D1C230F297A
Authority key identifier: 1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/ChifnVJN9kS8lweouUR_Zu0f6eQ.roa
Signing time: Wed 15 May 2024 11:03:25 +0000
ROA not before: Wed 15 May 2024 11:03:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25135
IP address blocks: 85.255.224.0/20 maxlen: 20
85.255.232.0/23 maxlen: 23
85.255.234.0/23 maxlen: 23
85.255.236.0/23 maxlen: 23
88.82.0.0/19 maxlen: 19
148.252.128.0/19 maxlen: 19
148.252.128.0/23 maxlen: 23
148.252.132.0/23 maxlen: 23
148.252.136.0/22 maxlen: 22
148.252.140.0/23 maxlen: 23
148.252.144.0/23 maxlen: 23
148.252.146.0/23 maxlen: 23
148.252.148.0/23 maxlen: 23
148.252.150.0/24 maxlen: 24
148.252.152.0/24 maxlen: 24
148.252.156.0/23 maxlen: 23
148.252.158.0/23 maxlen: 23
148.252.160.0/19 maxlen: 19
185.69.144.0/23 maxlen: 23
185.69.146.0/23 maxlen: 23
194.62.232.0/24 maxlen: 24
194.62.238.0/24 maxlen: 24
212.183.128.0/19 maxlen: 19
212.183.128.0/20 maxlen: 20
212.183.152.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.mft
rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:eb:db:46:ff:f0:c5:95:6d:e4:9d:1c:23:0f:29:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Validity
Not Before: May 15 11:03:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a189f9d524df644bc9707a8b9447f66ed1fe9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:78:86:ae:59:cd:8a:6b:ce:fb:3a:e8:ac:69:
22:fd:c0:84:be:3b:7c:e2:a6:66:84:c4:04:43:61:
a8:27:bd:aa:4e:87:6a:68:7d:14:5c:b7:98:3a:4c:
70:78:e7:d8:1b:b9:19:02:10:71:00:f7:d5:e7:14:
f8:63:3b:b4:b7:bb:45:ea:8b:18:a7:86:41:c9:73:
bd:1a:60:af:cf:49:8a:6f:01:0c:d4:8a:d5:8c:68:
30:40:49:2a:b2:2d:1a:69:f8:cb:b1:7f:7f:e7:7e:
90:14:08:c4:e5:83:d1:43:bd:8b:84:97:95:06:d3:
07:da:db:4d:eb:06:58:20:a5:21:d0:dd:f6:eb:95:
8f:4e:1c:d5:d0:23:84:57:32:06:8c:1f:a6:a8:ed:
54:e7:78:f8:90:a4:9a:b4:2f:5c:6e:b1:5f:99:53:
41:11:61:67:dc:25:78:94:8f:71:41:d6:bf:98:e1:
5b:b5:1f:ad:7c:2e:52:e5:a0:48:e7:bf:4f:61:28:
f5:2f:7c:59:df:d1:94:39:b9:49:a0:af:e5:8a:25:
84:5b:80:32:fa:f3:42:a2:06:e7:5c:ee:ee:4c:e7:
f7:7d:0b:57:2a:7f:08:4e:47:dc:1d:cc:56:dc:ec:
09:d2:e8:49:e7:7a:61:fa:3d:bf:02:37:79:3a:1f:
20:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:18:9F:9D:52:4D:F6:44:BC:97:07:A8:B9:44:7F:66:ED:1F:E9:E4
X509v3 Authority Key Identifier:
keyid:1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/ChifnVJN9kS8lweouUR_Zu0f6eQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.224.0/20
88.82.0.0/19
148.252.128.0/18
185.69.144.0/22
194.62.232.0/24
194.62.238.0/24
212.183.128.0/19
Signature Algorithm: sha256WithRSAEncryption
c6:62:be:75:8f:93:91:5c:7d:08:64:8b:ef:b3:2d:87:b4:66:
08:df:a9:c9:23:cc:c8:bf:de:b6:82:7b:95:91:2e:d2:48:d3:
43:d7:63:98:77:de:e8:c7:19:d3:29:75:32:2a:83:ee:87:c3:
0e:74:b2:1b:f4:41:c4:16:88:93:b9:92:75:34:54:97:36:68:
aa:c9:ec:bf:56:78:2c:6e:01:8f:84:6d:ba:ca:49:78:f5:c9:
c6:ff:e4:90:01:f7:11:0d:3b:96:01:4e:ec:dd:88:01:07:c8:
bd:99:8d:e0:03:14:17:d5:b6:bd:38:0c:0f:fd:e3:91:4d:e4:
14:61:91:07:db:f0:cc:9e:69:b4:90:5e:77:d7:46:92:61:c5:
85:0d:a3:cd:b2:91:14:57:57:b3:6a:6f:42:b8:10:6f:44:3c:
39:64:1a:f5:1b:78:89:27:08:37:60:2e:8d:61:f5:65:0c:6c:
cf:2c:75:f5:07:03:62:64:81:43:b8:36:f2:5d:26:47:94:40:
b1:a5:d3:93:f7:ff:15:80:e1:71:f5:ff:30:59:55:a6:73:4d:
91:32:b2:f5:61:53:4c:7e:f6:ee:46:6d:15:8c:ed:38:94:bb:
5b:5b:2e:e1:28:c7:cb:15:11:07:06:44:f8:2b:5c:1f:2b:68:
0e:5b:5c:d4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY9769tG//DFlW3knRwjDyl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZGEyMjVjYjdmMjk0MTZlNzUzNDY5NWZiZmIyMTc2MmZl
ZTkzYzgwHhcNMjQwNTE1MTEwMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE4OWY5ZDUyNGRmNjQ0YmM5NzA3YThiOTQ0N2Y2NmVkMWZlOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXiGrlnNimvO+zrorGki/cCEvjt8
4qZmhMQEQ2GoJ72qTodqaH0UXLeYOkxweOfYG7kZAhBxAPfV5xT4Yzu0t7tF6osY
p4ZByXO9GmCvz0mKbwEM1IrVjGgwQEkqsi0aafjLsX9/536QFAjE5YPRQ72LhJeV
BtMH2ttN6wZYIKUh0N3265WPThzV0COEVzIGjB+mqO1U53j4kKSatC9cbrFfmVNB
EWFn3CV4lI9xQda/mOFbtR+tfC5S5aBI579PYSj1L3xZ39GUOblJoK/liiWEW4Ay
+vNCogbnXO7uTOf3fQtXKn8ITkfcHcxW3OwJ0uhJ53ph+j2/Ajd5Oh8gIQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAoYn51STfZEvJcHqLlEf2btH+nkMB8GA1UdIwQY
MBaAFBraIly38pQW51NGlfv7IXYv7pPIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUt
NzUyNWQ0ZDQwOGI1LzEvQ2hpZm5WSk45a1M4bHdlb3VVUl9adTBmNmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUtNzUyNWQ0ZDQwOGI1
LzEvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQEVf/gAwQF
WFIAAwQGlPyAAwQCuUWQAwQAwj7oAwQAwj7uAwQF1LeAMA0GCSqGSIb3DQEBCwUA
A4IBAQDGYr51j5ORXH0IZIvvsy2HtGYI36nJI8zIv962gnuVkS7SSNND12OYd97o
xxnTKXUyKoPuh8MOdLIb9EHEFoiTuZJ1NFSXNmiqyey/VngsbgGPhG26ykl49cnG
/+SQAfcRDTuWAU7s3YgBB8i9mY3gAxQX1ba9OAwP/eORTeQUYZEH2/DMnmm0kF53
10aSYcWFDaPNspEUV1ezam9CuBBvRDw5ZBr1G3iJJwg3YC6NYfVlDGzPLHX1BwNi
ZIFDuDbyXSZHlECxpdOT9/8VgOFx9f8wWVWmc02RMrL1YVNMfvbuRm0VjO04lLtb
Wy7hKMfLFREHBkT4K1wfK2gOW1zU
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:08:16 2024 by rpki-client on console-ams.rpki-client.org