Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0DEK_8f2aEeLD-pAZGaepEWg8XM.roa
File: 0DEK_8f2aEeLD-pAZGaepEWg8XM.roa (raw, json)
Hash identifier: ONsW78/L6dq3tMtlt/PRBi52hgFtpxAQDdmRsl/xV9s=
Subject key identifier: D0:31:0A:FF:C7:F6:68:47:8B:0F:EA:40:64:66:9E:A4:45:A0:F1:73
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192B4A926EF0C4510EFA7CFE48550E8F727
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0DEK_8f2aEeLD-pAZGaepEWg8XM.roa
Signing time: Tue 22 Oct 2024 14:37:17 +0000
ROA not before: Tue 22 Oct 2024 14:37:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61071
IP address blocks: 85.217.164.0/22 maxlen: 32
85.217.180.0/22 maxlen: 32
87.120.246.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:a9:26:ef:0c:45:10:ef:a7:cf:e4:85:50:e8:f7:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 22 14:37:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0310affc7f668478b0fea4064669ea445a0f173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4b:83:7c:0f:cd:14:54:61:5a:74:1f:39:c7:
7f:de:20:de:f2:35:f5:78:13:21:1d:f0:3c:79:e9:
13:72:13:b8:7a:44:56:7f:22:c6:87:07:92:47:91:
91:e6:ba:f7:04:9f:19:5e:11:78:3d:a1:02:87:f9:
0f:1d:3f:1b:5a:94:eb:24:fc:64:f8:bd:03:0a:d4:
61:f3:80:71:ff:00:63:9d:e6:60:23:a7:0e:85:49:
45:5a:ff:98:8e:a4:81:c6:33:64:79:b0:46:04:9a:
50:cc:e8:cd:3e:1a:02:97:d6:45:3f:28:5d:6e:bc:
4c:c7:81:5c:83:2d:a4:fe:12:69:36:1b:16:80:c6:
56:7e:1b:52:8b:95:ac:e3:4e:82:be:a8:96:50:2d:
a6:a5:60:07:6c:89:60:e1:47:b4:54:53:70:7f:17:
10:00:ae:0e:96:7c:b7:8f:e1:22:ba:30:73:57:ca:
df:fb:27:81:90:09:dd:b4:28:2b:92:09:ad:25:e2:
16:a6:e0:ad:fb:d1:82:63:13:0e:6b:92:64:d9:8a:
7d:0c:45:50:62:d7:f2:a4:71:94:38:07:a1:72:7b:
16:5e:4b:c9:4f:c1:6c:b4:a3:c2:91:94:09:85:f0:
42:66:e5:60:46:57:d7:f0:02:ca:23:a8:ec:a4:39:
88:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:31:0A:FF:C7:F6:68:47:8B:0F:EA:40:64:66:9E:A4:45:A0:F1:73
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0DEK_8f2aEeLD-pAZGaepEWg8XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.164.0/22
85.217.180.0/22
87.120.246.0/24
Signature Algorithm: sha256WithRSAEncryption
88:b3:f0:2c:e7:3b:b4:34:1a:b3:3f:d5:e6:54:f4:21:be:fe:
91:83:8b:29:b9:f9:87:ab:fd:f8:39:76:46:48:46:9e:df:96:
17:a2:27:1d:74:9c:bb:45:2a:1f:42:f1:8f:5b:11:c4:d8:d4:
62:5f:50:5c:a7:63:73:67:02:79:e6:fd:76:be:63:fa:19:43:
c2:1a:5e:ba:52:4c:09:8e:c9:90:df:c6:7e:bb:34:cd:3b:0b:
b8:61:89:01:75:bb:95:f2:be:36:8a:2f:80:ed:84:86:35:36:
61:fb:6e:b9:0c:d2:5a:22:0a:45:02:2f:93:81:5a:ae:ad:38:
93:cb:30:9c:43:91:89:ae:f2:9b:4c:7c:49:df:24:03:f8:95:
fe:f0:90:34:f0:29:66:10:1f:ce:36:65:64:74:92:56:74:a0:
b4:12:da:3c:8b:7a:dc:51:8b:4b:28:d4:f0:92:48:1f:63:db:
85:a3:c0:15:94:89:af:79:3b:9b:2f:0b:9e:9b:f5:89:cc:c9:
36:d4:bd:54:a8:4b:48:e5:80:f7:71:27:56:71:b4:35:56:7c:
58:08:e8:51:d6:54:31:fb:03:ad:78:bc:e8:33:45:20:9b:40:
68:40:75:35:ab:d7:4b:48:bc:86:06:6d:58:bb:61:be:25:69:
94:65:8b:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZK0qSbvDEUQ76fP5IVQ6PcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDIyMTQzNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDMxMGFmZmM3ZjY2ODQ3OGIwZmVhNDA2NDY2OWVhNDQ1YTBmMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUuDfA/NFFRhWnQfOcd/3iDe8jX1
eBMhHfA8eekTchO4ekRWfyLGhweSR5GR5rr3BJ8ZXhF4PaECh/kPHT8bWpTrJPxk
+L0DCtRh84Bx/wBjneZgI6cOhUlFWv+YjqSBxjNkebBGBJpQzOjNPhoCl9ZFPyhd
brxMx4Fcgy2k/hJpNhsWgMZWfhtSi5Ws406CvqiWUC2mpWAHbIlg4Ue0VFNwfxcQ
AK4Olny3j+EiujBzV8rf+yeBkAndtCgrkgmtJeIWpuCt+9GCYxMOa5Jk2Yp9DEVQ
YtfypHGUOAehcnsWXkvJT8FstKPCkZQJhfBCZuVgRlfX8ALKI6jspDmIpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNAxCv/H9mhHiw/qQGRmnqRFoPFzMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMERFS184ZjJhRWVMRC1wQVpHYWVwRVdnOFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVdmkAwQC
Vdm0AwQAV3j2MA0GCSqGSIb3DQEBCwUAA4IBAQCIs/As5zu0NBqzP9XmVPQhvv6R
g4spufmHq/34OXZGSEae35YXoicddJy7RSofQvGPWxHE2NRiX1Bcp2NzZwJ55v12
vmP6GUPCGl66UkwJjsmQ38Z+uzTNOwu4YYkBdbuV8r42ii+A7YSGNTZh+265DNJa
IgpFAi+TgVqurTiTyzCcQ5GJrvKbTHxJ3yQD+JX+8JA08ClmEB/ONmVkdJJWdKC0
Eto8i3rcUYtLKNTwkkgfY9uFo8AVlImveTubLwuem/WJzMk21L1UqEtI5YD3cSdW
cbQ1VnxYCOhR1lQx+wOteLzoM0Ugm0BoQHU1q9dLSLyGBm1Yu2G+JWmUZYuk
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:15:14 2024 by rpki-client on console-ams.rpki-client.org