Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/t-9pK-zFA0AXTfKwxTlrIZlh9Iw.roa
File: t-9pK-zFA0AXTfKwxTlrIZlh9Iw.roa (raw, json)
Hash identifier: eh+pOxdpgg4BFa8PsS6NBbwCxjK3ekFSRlSWzosCtOI=
Subject key identifier: B7:EF:69:2B:EC:C5:03:40:17:4D:F2:B0:C5:39:6B:21:99:61:F4:8C
Certificate issuer: /CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Certificate serial: 018CC9BCB2FF5290FB7D6FB85525DD8B8430
Authority key identifier: B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/t-9pK-zFA0AXTfKwxTlrIZlh9Iw.roa
Signing time: Tue 02 Jan 2024 10:33:56 +0000
ROA not before: Tue 02 Jan 2024 10:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35019
IP address blocks: 85.158.134.0/24 maxlen: 24
85.158.135.0/24 maxlen: 24
85.158.133.0/24 maxlen: 24
185.156.239.0/24 maxlen: 24
185.156.238.0/24 maxlen: 24
185.156.236.0/24 maxlen: 24
185.156.237.0/24 maxlen: 24
85.158.132.0/24 maxlen: 24
85.158.131.0/24 maxlen: 24
85.158.129.0/24 maxlen: 24
85.158.128.0/21 maxlen: 21
85.158.130.0/24 maxlen: 24
85.158.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b2:ff:52:90:fb:7d:6f:b8:55:25:dd:8b:84:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Validity
Not Before: Jan 2 10:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7ef692becc50340174df2b0c5396b219961f48c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:76:95:86:8d:40:a2:96:66:82:75:8f:68:8e:
9b:e4:16:93:cd:d0:cd:74:90:ce:39:3a:31:6d:0c:
f4:52:04:41:37:44:b9:c7:73:6d:84:d7:ca:9d:f4:
95:cc:4b:08:7c:04:fe:ea:e6:a0:8d:3f:dd:29:65:
61:5b:bb:b7:2b:83:4b:a8:59:65:24:e4:99:0b:bd:
b7:72:d8:df:a3:9b:66:51:b9:0c:16:94:b4:57:be:
9b:b4:65:86:2f:bc:78:03:63:56:3e:85:d3:c8:86:
9f:fe:e4:aa:6b:7e:92:52:e4:49:71:9c:73:e9:a9:
7d:c6:5b:15:e5:b8:51:7e:b0:03:e0:fc:8c:96:fa:
86:06:19:63:1f:7c:c0:d5:48:28:45:aa:b6:e0:06:
18:79:55:34:56:06:7c:79:c3:bd:51:6a:21:2d:61:
d1:4e:f8:01:7a:df:cf:c3:8a:cb:e7:38:59:a2:9c:
83:b5:01:5c:7c:5c:3e:e7:63:8f:04:44:9d:98:13:
8b:27:f5:bb:55:83:7a:bb:39:f7:e1:ff:42:fb:87:
b4:87:55:a3:0d:f5:b7:95:62:e0:e3:6b:bf:c1:b2:
8e:63:bc:86:2d:5f:21:a2:41:8f:aa:3b:16:ab:c8:
81:92:bf:c6:60:89:78:34:4f:5f:44:ca:1a:c6:a7:
8f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:EF:69:2B:EC:C5:03:40:17:4D:F2:B0:C5:39:6B:21:99:61:F4:8C
X509v3 Authority Key Identifier:
keyid:B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/t-9pK-zFA0AXTfKwxTlrIZlh9Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.128.0/21
185.156.236.0/22
Signature Algorithm: sha256WithRSAEncryption
31:f2:d2:99:83:85:02:e2:8c:63:5d:19:43:dd:f7:e2:3d:3f:
96:9e:a1:88:33:cd:24:c2:3d:d6:5a:a4:3c:a1:b0:42:62:d0:
19:e3:77:aa:e1:86:db:73:f3:19:ef:35:47:19:ac:28:5d:1c:
88:d4:1e:89:97:52:30:46:42:40:19:ea:40:dc:f8:c6:ef:ab:
87:83:59:19:77:5d:7d:cd:84:7b:f5:c9:8d:c7:a2:1c:60:dc:
2d:0e:e1:fe:a1:cd:65:5e:2d:82:74:12:b1:df:16:08:b5:ab:
cf:f3:43:f0:1d:2b:c5:2f:c2:de:9f:78:a4:89:8d:d2:b5:b7:
84:72:2f:99:19:56:c9:18:04:fb:d0:7b:27:1f:b4:0e:3b:4d:
c9:38:e4:d4:38:ee:f5:ca:a6:48:c5:97:d2:91:3f:4a:a0:b8:
29:58:22:ab:46:f6:9a:c1:65:c7:9f:00:ec:9f:88:2f:e1:eb:
45:48:ef:ba:dd:56:34:79:4d:90:d8:00:90:52:6f:0e:76:15:
58:58:42:12:a4:13:be:df:fc:da:93:4e:41:13:fc:dd:70:15:
af:f1:3f:4a:33:79:bc:3a:2a:2f:ce:11:35:1b:b5:cb:17:45:
41:eb:8b:ff:0c:12:66:dd:89:3f:e4:d5:47:79:4f:7f:14:ba:
75:81:a1:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvLL/UpD7fW+4VSXdi4QwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2Y2Y0ZTU3Y2JjMTVjZTRlY2VmNDRmNTBlNWI4NTkyZmJl
ZWVlYTAwHhcNMjQwMTAyMTAzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2VmNjkyYmVjYzUwMzQwMTc0ZGYyYjBjNTM5NmIyMTk5NjFmNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXaVho1AopZmgnWPaI6b5BaTzdDN
dJDOOToxbQz0UgRBN0S5x3NthNfKnfSVzEsIfAT+6uagjT/dKWVhW7u3K4NLqFll
JOSZC723ctjfo5tmUbkMFpS0V76btGWGL7x4A2NWPoXTyIaf/uSqa36SUuRJcZxz
6al9xlsV5bhRfrAD4PyMlvqGBhljH3zA1UgoRaq24AYYeVU0VgZ8ecO9UWohLWHR
TvgBet/Pw4rL5zhZopyDtQFcfFw+52OPBESdmBOLJ/W7VYN6uzn34f9C+4e0h1Wj
DfW3lWLg42u/wbKOY7yGLV8hokGPqjsWq8iBkr/GYIl4NE9fRMoaxqeP7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfvaSvsxQNAF03ysMU5ayGZYfSMMB8GA1UdIwQY
MBaAFLbPTlfLwVzk7O9E9Q5bhZL77u6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUt
ODViZTQyNWQzMTk5LzEvdC05cEstekZBMEFYVGZLd3hUbHJJWmxoOUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5
LzEvdHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ6AAwQC
uZzsMA0GCSqGSIb3DQEBCwUAA4IBAQAx8tKZg4UC4oxjXRlD3ffiPT+WnqGIM80k
wj3WWqQ8obBCYtAZ43eq4Ybbc/MZ7zVHGawoXRyI1B6Jl1IwRkJAGepA3PjG76uH
g1kZd119zYR79cmNx6IcYNwtDuH+oc1lXi2CdBKx3xYItavP80PwHSvFL8Len3ik
iY3StbeEci+ZGVbJGAT70HsnH7QOO03JOOTUOO71yqZIxZfSkT9KoLgpWCKrRvaa
wWXHnwDsn4gv4etFSO+63VY0eU2Q2ACQUm8OdhVYWEISpBO+3/zak05BE/zdcBWv
8T9KM3m8OiovzhE1G7XLF0VB64v/DBJm3Yk/5NVHeU9/FLp1gaHk
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:43:45 2024 by rpki-client on console-ams.rpki-client.org