Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OmDs3m6ma_iv5JDcK4kFkY4fNDU.roa
File: OmDs3m6ma_iv5JDcK4kFkY4fNDU.roa (raw, json)
Hash identifier: kV+icNG6l0VbBAe1aE+ISxo2B4oAAvtwEoTXt3VYnGo=
Subject key identifier: 3A:60:EC:DE:6E:A6:6B:F8:AF:E4:90:DC:2B:89:05:91:8E:1F:34:35
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01926C91E0E8A210AA8484A24BC22EF56569
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OmDs3m6ma_iv5JDcK4kFkY4fNDU.roa
Signing time: Tue 08 Oct 2024 14:39:12 +0000
ROA not before: Tue 08 Oct 2024 14:39:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34368
IP address blocks: 85.217.192.0/24 maxlen: 32
85.217.193.0/24 maxlen: 32
85.217.194.0/24 maxlen: 32
85.217.195.0/24 maxlen: 32
85.217.196.0/23 maxlen: 32
85.217.198.0/24 maxlen: 32
85.217.199.0/24 maxlen: 32
85.217.200.0/22 maxlen: 32
85.217.204.0/22 maxlen: 32
2a00:1728:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:91:e0:e8:a2:10:aa:84:84:a2:4b:c2:2e:f5:65:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 8 14:39:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a60ecde6ea66bf8afe490dc2b8905918e1f3435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6b:c6:27:aa:06:0a:0c:91:fc:fd:7b:00:6a:
3e:25:ed:8c:f6:89:6d:0d:ca:cf:e6:2d:7f:45:37:
3c:83:d5:0a:fb:c9:ea:37:5a:e6:06:73:f3:b7:58:
14:ba:40:c5:c3:9f:3a:da:bb:8a:0a:8f:93:83:8f:
be:c2:1e:22:87:53:bb:f3:9a:b1:7d:4b:58:9d:c5:
f1:83:d6:c4:62:64:a8:e9:49:d8:99:16:b1:7d:68:
cc:fd:3d:db:e1:28:5b:94:87:1a:ab:84:2b:ac:19:
6b:bb:90:41:88:e7:e0:23:99:a1:df:f1:a3:a6:d6:
46:4f:e0:4d:1d:cd:70:97:c4:f0:13:66:5a:00:c4:
92:ef:c0:c6:8a:26:fc:41:e5:c9:26:25:79:e9:74:
b4:16:d3:36:2d:9a:6e:14:cd:95:7c:ec:f6:42:0a:
91:e7:8c:98:c3:01:90:09:9b:e6:19:0b:1f:5a:10:
c9:bc:79:bb:57:3b:0b:b1:80:60:fe:ff:ef:ec:c1:
91:9b:f1:08:94:89:0b:d1:7c:01:bb:f0:58:c9:a3:
93:04:2b:a6:bb:61:44:36:24:22:2f:bb:29:46:50:
2a:65:b6:2c:da:4f:8e:55:bc:ee:c4:53:9e:5f:d4:
51:8e:5e:83:76:6d:45:64:ea:2c:4c:d8:3e:60:4e:
85:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:60:EC:DE:6E:A6:6B:F8:AF:E4:90:DC:2B:89:05:91:8E:1F:34:35
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OmDs3m6ma_iv5JDcK4kFkY4fNDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.192.0/20
IPv6:
2a00:1728:18::/48
Signature Algorithm: sha256WithRSAEncryption
b4:09:5b:15:78:49:30:a2:52:f4:f9:3a:7e:4e:a0:92:d4:bd:
44:da:d6:cc:42:9c:46:a4:85:26:86:b5:91:84:b1:86:61:79:
fb:70:8d:13:dd:4d:58:b0:03:e0:3b:25:98:5e:1f:f6:e4:58:
53:28:ff:19:82:f6:ae:30:fb:05:f4:ac:5d:a8:ab:a4:35:97:
ef:b2:aa:f6:b0:51:50:5b:a0:3a:37:73:85:13:c3:e7:34:f3:
c3:8b:c0:fd:9e:b1:dc:f0:35:2f:fd:b8:1d:df:c7:9c:fe:a5:
d9:c5:07:43:bc:9c:95:98:c6:09:92:1b:d9:df:ee:49:5b:a4:
9f:13:45:e7:01:ee:34:2c:82:e9:21:42:0a:b9:ed:66:f2:25:
bd:64:ed:cd:7a:89:5b:27:5a:5c:8e:ee:fa:ac:a8:f7:9d:3e:
c5:51:79:cc:56:0d:df:4b:4a:d9:bc:b7:f9:f8:48:eb:88:b9:
72:db:3b:79:a1:36:e7:87:3a:ec:ae:95:f1:81:af:db:57:a1:
26:02:38:45:e8:41:a2:fd:a7:56:60:2a:10:a5:97:05:32:ba:
e2:ef:9b:eb:9f:fd:be:c7:26:1a:4d:dc:b1:65:b4:d3:0e:38:
24:2a:fe:c7:fb:f5:6d:b3:f4:ca:3e:a6:25:e3:61:4e:06:d3:
75:f5:a5:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJskeDoohCqhISiS8Iu9WVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDA4MTQzOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTYwZWNkZTZlYTY2YmY4YWZlNDkwZGMyYjg5MDU5MThlMWYzNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGvGJ6oGCgyR/P17AGo+Je2M9olt
DcrP5i1/RTc8g9UK+8nqN1rmBnPzt1gUukDFw5862ruKCo+Tg4++wh4ih1O785qx
fUtYncXxg9bEYmSo6UnYmRaxfWjM/T3b4ShblIcaq4QrrBlru5BBiOfgI5mh3/Gj
ptZGT+BNHc1wl8TwE2ZaAMSS78DGiib8QeXJJiV56XS0FtM2LZpuFM2VfOz2QgqR
54yYwwGQCZvmGQsfWhDJvHm7VzsLsYBg/v/v7MGRm/EIlIkL0XwBu/BYyaOTBCum
u2FENiQiL7spRlAqZbYs2k+OVbzuxFOeX9RRjl6Ddm1FZOosTNg+YE6F5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDpg7N5upmv4r+SQ3CuJBZGOHzQ1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT21EczNtNm1hX2l2NUpEY0s0a0ZrWTRmTkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEVdnAMA8E
AgACMAkDBwAqABcoABgwDQYJKoZIhvcNAQELBQADggEBALQJWxV4STCiUvT5On5O
oJLUvUTa1sxCnEakhSaGtZGEsYZheftwjRPdTViwA+A7JZheH/bkWFMo/xmC9q4w
+wX0rF2oq6Q1l++yqvawUVBboDo3c4UTw+c088OLwP2esdzwNS/9uB3fx5z+pdnF
B0O8nJWYxgmSG9nf7klbpJ8TRecB7jQsgukhQgq57WbyJb1k7c16iVsnWlyO7vqs
qPedPsVRecxWDd9LStm8t/n4SOuIuXLbO3mhNueHOuyulfGBr9tXoSYCOEXoQaL9
p1ZgKhCllwUyuuLvm+uf/b7HJhpN3LFltNMOOCQq/sf79W2z9Mo+piXjYU4G03X1
paM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:05 2024 by rpki-client on console-fra.rpki-client.org