Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dfsrRAeERBraoZj_90X5uXm0O7o.roa
File: dfsrRAeERBraoZj_90X5uXm0O7o.roa (raw, json)
Hash identifier: 74YvR1h6qUcwA6bjl+LM6Pr6hOPD8EgYOwMDfAwY/rM=
Subject key identifier: 75:FB:2B:44:07:84:44:1A:DA:A1:98:FF:F7:45:F9:B9:79:B4:3B:BA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E043CFA24465740264FD5D5FA9B8B8885
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dfsrRAeERBraoZj_90X5uXm0O7o.roa
Signing time: Sun 03 Mar 2024 12:14:48 +0000
ROA not before: Sun 03 Mar 2024 12:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.132.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
192.145.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:04:3c:fa:24:46:57:40:26:4f:d5:d5:fa:9b:8b:88:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 3 12:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75fb2b440784441adaa198fff745f9b979b43bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fe:c3:e7:88:f2:e8:08:d8:6a:68:d1:be:21:
a7:7d:24:f7:49:7e:49:f7:c1:09:20:34:f8:97:fc:
01:27:1c:1a:84:41:bd:49:89:67:be:be:00:5d:f4:
f1:3f:6a:21:25:a5:c5:cd:a9:e0:af:25:24:80:62:
fd:b1:96:81:b6:fb:2a:18:89:f2:23:0e:81:e4:26:
f6:a7:a0:b7:51:9a:d8:6f:8e:fc:e6:9c:c3:62:f2:
30:e0:92:1e:09:c8:8d:4f:49:b9:37:03:14:4a:36:
08:a4:b2:47:a7:16:4b:a3:20:4e:a0:9d:c8:51:47:
59:bc:f0:d5:0a:76:d3:c8:16:eb:7f:32:a1:fb:c9:
2a:31:9b:22:b6:50:cd:76:81:f9:60:76:37:4f:9c:
c2:67:44:86:c0:44:70:50:66:a1:fa:c8:08:b0:4a:
1c:5f:3f:ab:ca:a3:8c:25:06:2b:ae:0d:a0:aa:b7:
d6:df:e2:e5:d2:57:2f:e8:02:5b:c2:a4:95:f6:4e:
3a:d4:84:79:be:88:26:a1:09:5d:8e:5a:d3:90:5f:
e3:f9:46:e8:80:5c:79:01:dc:3f:50:38:29:87:1b:
26:98:1a:55:c0:52:4b:aa:06:61:71:64:6a:38:fd:
63:c8:67:1a:87:9d:ce:dd:41:9c:e2:bc:bb:a7:aa:
49:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FB:2B:44:07:84:44:1A:DA:A1:98:FF:F7:45:F9:B9:79:B4:3B:BA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dfsrRAeERBraoZj_90X5uXm0O7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.132.0/24
178.215.226.0/24
185.225.73.0/24
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:d9:82:87:06:e7:26:7b:f4:ff:e0:f7:54:5a:55:67:6b:c1:
36:ec:91:30:b8:74:fe:70:a1:05:78:b6:4b:7a:c9:e4:1f:54:
57:18:97:c5:43:39:96:af:c3:23:9d:57:d0:6b:8c:1b:43:68:
20:a3:29:a7:40:fc:56:81:4c:94:0c:a1:25:41:56:ab:6f:07:
4b:8a:b7:27:51:b7:ab:1f:af:12:30:01:a4:a9:6c:33:48:a7:
0c:96:06:73:ab:7e:5b:ec:f5:58:54:74:ad:13:4a:6d:d2:a7:
60:fc:a5:ad:8f:8b:bd:56:f4:2e:c1:bb:9c:da:cf:db:27:aa:
e6:25:b7:fc:10:0d:85:ef:2f:c6:ff:7e:41:86:d4:98:d4:00:
2a:65:4b:b3:b1:1b:46:f5:17:92:da:fa:98:ab:b3:10:66:81:
ff:e0:c4:00:46:22:4f:a6:9f:ca:b4:46:34:9f:b5:b4:46:6f:
4b:8b:f3:e2:80:a5:fa:3e:f7:1f:c4:ed:9a:a1:16:ea:ff:6c:
6d:15:0b:e2:dd:d1:5e:85:9c:c2:94:39:fe:5a:e5:00:75:e0:
b7:7a:54:d3:cd:cd:17:01:2a:80:38:d7:c6:54:4b:04:58:3c:
51:ea:e0:aa:9e:93:96:96:b3:6d:fb:03:8b:df:ff:5e:82:49:
18:c1:8b:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4EPPokRldAJk/V1fqbi4iFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzAzMTIxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZiMmI0NDA3ODQ0NDFhZGFhMTk4ZmZmNzQ1ZjliOTc5YjQzYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif7D54jy6AjYamjRviGnfST3SX5J
98EJIDT4l/wBJxwahEG9SYlnvr4AXfTxP2ohJaXFzangryUkgGL9sZaBtvsqGIny
Iw6B5Cb2p6C3UZrYb4785pzDYvIw4JIeCciNT0m5NwMUSjYIpLJHpxZLoyBOoJ3I
UUdZvPDVCnbTyBbrfzKh+8kqMZsitlDNdoH5YHY3T5zCZ0SGwERwUGah+sgIsEoc
Xz+ryqOMJQYrrg2gqrfW3+Ll0lcv6AJbwqSV9k461IR5vogmoQldjlrTkF/j+Ubo
gFx5Adw/UDgphxsmmBpVwFJLqgZhcWRqOP1jyGcah53O3UGc4ry7p6pJVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHX7K0QHhEQa2qGY//dF+bl5tDu6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZGZzclJBZUVSQnJhb1pqXzkwWDV1WG0wTzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVdGEAwQA
stfiAwQAueFJAwQCwJEcMA0GCSqGSIb3DQEBCwUAA4IBAQBt2YKHBucme/T/4PdU
WlVna8E27JEwuHT+cKEFeLZLesnkH1RXGJfFQzmWr8MjnVfQa4wbQ2ggoymnQPxW
gUyUDKElQVarbwdLircnUberH68SMAGkqWwzSKcMlgZzq35b7PVYVHStE0pt0qdg
/KWtj4u9VvQuwbuc2s/bJ6rmJbf8EA2F7y/G/35BhtSY1AAqZUuzsRtG9ReS2vqY
q7MQZoH/4MQARiJPpp/KtEY0n7W0Rm9Li/PigKX6PvcfxO2aoRbq/2xtFQvi3dFe
hZzClDn+WuUAdeC3elTTzc0XASqAONfGVEsEWDxR6uCqnpOWlrNt+wOL3/9egkkY
wYt+
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:28:45 2024 by rpki-client on console-ams.rpki-client.org