Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sdpUz4MRdmN2GaqX3b0OUy8_RfQ.roa
File: sdpUz4MRdmN2GaqX3b0OUy8_RfQ.roa (raw, json)
Hash identifier: x/Ui4U+F3BCEq6WXVgDK4+mpOnXiBpuMK2b0Wk/rVx8=
Subject key identifier: B1:DA:54:CF:83:11:76:63:76:19:AA:97:DD:BD:0E:53:2F:3F:45:F4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FA487F05B9A87EF377041F2ECF7CF0775
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sdpUz4MRdmN2GaqX3b0OUy8_RfQ.roa
Signing time: Thu 23 May 2024 08:18:43 +0000
ROA not before: Thu 23 May 2024 08:18:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201133
IP address blocks: 85.217.222.0/24 maxlen: 24
85.217.223.0/24 maxlen: 24
93.123.10.0/24 maxlen: 24
93.123.73.0/24 maxlen: 24
93.123.73.207/32 maxlen: 32
94.156.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:87:f0:5b:9a:87:ef:37:70:41:f2:ec:f7:cf:07:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 23 08:18:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1da54cf831176637619aa97ddbd0e532f3f45f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:26:a9:2c:16:73:69:0b:9e:7a:7e:99:f8:a3:
c6:c6:88:07:3f:7d:d6:9a:c4:d9:88:85:e6:7c:33:
f0:0a:f3:ee:28:75:63:6f:88:00:9b:93:92:f9:2f:
f8:40:88:1d:e9:64:a7:ad:d4:22:de:61:2d:a8:61:
a6:ee:f8:a3:37:76:f7:1f:78:0f:19:25:4f:ce:a7:
a1:48:7e:1c:2e:cd:fd:55:66:3b:36:3b:ea:8d:e3:
e2:52:f1:fc:ca:05:18:46:4f:5a:e8:9d:fe:29:57:
9e:d0:18:bf:b1:2e:29:4c:f2:38:c6:32:ad:a4:a5:
59:57:2a:a0:c9:69:a0:b0:e7:d8:c9:03:4a:72:30:
52:20:34:3e:e5:7a:d4:c1:93:d1:de:03:ae:91:b8:
05:33:fe:6f:43:3a:ca:b3:52:a6:d3:60:24:bf:c3:
57:04:f7:4c:cd:6b:5b:a6:6d:78:b8:af:e2:6b:a2:
f8:c6:2a:c7:c3:47:9c:f2:21:7b:d0:2b:df:80:6c:
3a:b4:cd:80:b9:53:43:2a:4b:6b:d3:f4:be:49:c9:
8d:3b:dc:c4:3b:f0:46:5f:b8:76:cd:92:20:ce:31:
fb:18:65:4a:6b:4a:35:50:e9:ba:dc:a5:39:c1:05:
b8:ee:19:b1:b6:79:13:58:a1:6f:37:5b:e5:5a:3e:
aa:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:DA:54:CF:83:11:76:63:76:19:AA:97:DD:BD:0E:53:2F:3F:45:F4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sdpUz4MRdmN2GaqX3b0OUy8_RfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.222.0/23
93.123.10.0/24
93.123.73.0/24
94.156.175.0/24
Signature Algorithm: sha256WithRSAEncryption
77:89:cd:a9:a2:26:50:0c:f9:70:48:da:cb:78:89:8f:98:f2:
8b:23:ec:6d:6b:52:13:7a:b5:41:bb:48:7e:08:99:d0:82:a1:
48:ed:05:e5:4a:81:e4:df:a8:3e:82:63:f2:17:d8:be:70:32:
21:d4:40:44:37:68:8c:97:57:c1:f0:b4:fb:61:8f:c4:00:40:
f9:b2:87:06:fb:d3:77:aa:14:9d:12:d6:e5:6f:9c:2a:ba:6a:
ee:a3:58:c6:b4:e2:c4:61:2e:2c:7e:63:88:26:bc:dd:be:a2:
41:ce:2d:30:12:35:36:e1:06:9d:3c:bf:4f:89:3f:1c:cb:fb:
9a:5e:8b:a5:f5:ed:74:2a:2e:e3:63:83:48:e1:9c:99:9c:ba:
55:30:1d:91:a6:d1:9a:fa:c1:f7:85:08:e7:0c:e1:5c:c7:c3:
8f:40:1d:95:2b:b0:91:19:f6:69:12:f2:18:65:f2:29:b4:fc:
6f:16:d6:93:fe:44:c7:80:33:25:ef:27:37:1c:7c:d1:ee:85:
6a:9c:dc:21:c0:fb:f9:8c:24:18:d2:83:ab:c5:48:7c:68:a8:
fd:a7:03:14:b0:69:10:4a:96:44:e8:56:4e:8c:ad:35:6d:13:
bc:64:ab:9f:8e:84:f6:61:22:cd:0d:c2:20:72:25:b9:ac:a9:
5f:9e:e5:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+kh/BbmofvN3BB8uz3zwd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTIzMDgxODQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWRhNTRjZjgzMTE3NjYzNzYxOWFhOTdkZGJkMGU1MzJmM2Y0NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SapLBZzaQueen6Z+KPGxogHP33W
msTZiIXmfDPwCvPuKHVjb4gAm5OS+S/4QIgd6WSnrdQi3mEtqGGm7vijN3b3H3gP
GSVPzqehSH4cLs39VWY7NjvqjePiUvH8ygUYRk9a6J3+KVee0Bi/sS4pTPI4xjKt
pKVZVyqgyWmgsOfYyQNKcjBSIDQ+5XrUwZPR3gOukbgFM/5vQzrKs1Km02Akv8NX
BPdMzWtbpm14uK/ia6L4xirHw0ec8iF70CvfgGw6tM2AuVNDKktr0/S+ScmNO9zE
O/BGX7h2zZIgzjH7GGVKa0o1UOm63KU5wQW47hmxtnkTWKFvN1vlWj6qzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLHaVM+DEXZjdhmql929DlMvP0X0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc2RwVXo0TVJkbU4yR2FxWDNiME9VeThfUmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVdneAwQA
XXsKAwQAXXtJAwQAXpyvMA0GCSqGSIb3DQEBCwUAA4IBAQB3ic2poiZQDPlwSNrL
eImPmPKLI+xta1ITerVBu0h+CJnQgqFI7QXlSoHk36g+gmPyF9i+cDIh1EBEN2iM
l1fB8LT7YY/EAED5socG+9N3qhSdEtblb5wqumruo1jGtOLEYS4sfmOIJrzdvqJB
zi0wEjU24QadPL9PiT8cy/uaXoul9e10Ki7jY4NI4ZyZnLpVMB2RptGa+sH3hQjn
DOFcx8OPQB2VK7CRGfZpEvIYZfIptPxvFtaT/kTHgDMl7yc3HHzR7oVqnNwhwPv5
jCQY0oOrxUh8aKj9pwMUsGkQSpZE6FZOjK01bRO8ZKufjoT2YSLNDcIgciW5rKlf
nuXN
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:08 2024 by rpki-client on console-fra.rpki-client.org