Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/jUOXgJN4M930IKv8TlMrOtgPNDQ.roa
File: jUOXgJN4M930IKv8TlMrOtgPNDQ.roa (raw, json)
Hash identifier: GDPbdxUWF0Ip8LM1LQwPOXgkLXyqCsF4B8IcfQsqvM0=
Subject key identifier: 8D:43:97:80:93:78:33:DD:F4:20:AB:FC:4E:53:2B:3A:D8:0F:34:34
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 018CCA29D98AB8DF5BB52499EE315EA635D7
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/jUOXgJN4M930IKv8TlMrOtgPNDQ.roa
Signing time: Tue 02 Jan 2024 12:33:09 +0000
ROA not before: Tue 02 Jan 2024 12:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24620
IP address blocks: 85.254.216.0/21 maxlen: 21
85.254.214.0/23 maxlen: 23
85.254.224.0/22 maxlen: 22
85.254.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d9:8a:b8:df:5b:b5:24:99:ee:31:5e:a6:35:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 2 12:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d439780937833ddf420abfc4e532b3ad80f3434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b4:f2:22:8d:16:16:1d:57:e6:f9:c8:8c:e7:
42:45:5a:60:32:82:76:5f:d3:ba:f4:25:ad:bd:23:
fa:1e:64:4e:09:83:d2:82:62:3d:da:1e:0a:ed:55:
15:4f:ed:a7:ac:12:93:e7:fc:d3:5f:a3:9d:d8:39:
52:99:4d:93:8f:98:8a:5d:01:fb:5d:be:05:71:2f:
a5:2a:54:76:ec:9c:69:12:63:61:b2:25:c1:0e:3e:
ac:96:46:1e:13:9f:9a:56:5b:98:9a:5b:fd:79:cf:
78:5f:c3:d2:f4:62:87:89:00:bb:ea:26:f2:49:28:
d4:aa:87:69:b5:2e:a8:5f:a0:3c:b5:21:76:13:3a:
f2:04:eb:1a:28:64:90:45:5d:84:87:0b:17:dc:b2:
48:6b:97:7d:ca:3b:2a:02:92:66:74:2d:12:18:8c:
eb:b3:40:54:f4:ba:6f:18:84:bf:87:1b:8e:cc:2d:
13:89:2d:c4:c2:72:a8:29:98:0e:64:e0:80:1c:b5:
13:32:17:41:fe:8c:ea:ab:d1:6c:0a:52:f4:ba:1f:
77:da:ea:13:34:60:85:cd:82:a8:41:f4:85:ba:26:
6e:c3:26:84:c9:d1:99:d0:31:c1:db:03:23:d6:79:
f1:32:b2:ec:7a:4d:83:bd:89:b7:e8:85:76:49:b0:
cd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:43:97:80:93:78:33:DD:F4:20:AB:FC:4E:53:2B:3A:D8:0F:34:34
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/jUOXgJN4M930IKv8TlMrOtgPNDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.214.0-85.254.228.255
Signature Algorithm: sha256WithRSAEncryption
0a:87:d0:86:3c:bb:07:61:75:be:c4:99:55:97:25:d4:8f:43:
1c:ff:69:3a:27:00:e8:41:d1:b0:91:45:e5:5b:9d:7a:b3:b7:
65:44:d8:83:97:85:c8:0d:21:7c:04:5d:03:19:a7:9a:aa:af:
ed:64:49:12:82:cd:6b:24:7a:26:5c:18:69:da:a1:c9:d1:60:
c7:66:a4:f3:31:12:5b:f2:9a:cd:5d:22:3d:d1:1c:24:67:17:
ee:80:10:a4:34:d2:5c:f1:d5:46:3c:69:ca:25:b0:6b:78:3c:
a5:de:94:ad:d1:14:a2:88:fd:2f:25:1b:0a:4b:c3:21:2c:98:
5a:e8:e7:6a:05:b8:fd:ae:75:40:45:ad:7d:1a:58:b9:f3:e8:
b1:8d:f6:55:1b:26:bb:12:e4:d6:17:b9:09:d1:9d:5b:e4:15:
6b:c2:63:28:4a:22:d5:52:df:d6:32:3c:0d:93:e7:5d:17:07:
e0:a7:ae:a2:32:66:27:c9:b2:dc:6d:47:b4:8d:5a:48:7f:4b:
a2:1b:5a:0d:18:69:f1:bf:9e:0b:24:31:53:4f:d7:75:07:5a:
32:7c:64:37:3c:2c:b0:aa:40:d9:62:5c:98:5f:74:a1:17:05:
0f:0f:12:bf:21:ef:f1:d3:fd:8b:34:a7:5f:b0:9d:dc:99:35:
69:54:9a:aa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKKdmKuN9btSSZ7jFepjXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjQwMTAyMTIzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDQzOTc4MDkzNzgzM2RkZjQyMGFiZmM0ZTUzMmIzYWQ4MGYzNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bTyIo0WFh1X5vnIjOdCRVpgMoJ2
X9O69CWtvSP6HmROCYPSgmI92h4K7VUVT+2nrBKT5/zTX6Od2DlSmU2Tj5iKXQH7
Xb4FcS+lKlR27JxpEmNhsiXBDj6slkYeE5+aVluYmlv9ec94X8PS9GKHiQC76iby
SSjUqodptS6oX6A8tSF2EzryBOsaKGSQRV2EhwsX3LJIa5d9yjsqApJmdC0SGIzr
s0BU9LpvGIS/hxuOzC0TiS3EwnKoKZgOZOCAHLUTMhdB/ozqq9FsClL0uh932uoT
NGCFzYKoQfSFuiZuwyaEydGZ0DHB2wMj1nnxMrLsek2DvYm36IV2SbDNZwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFI1Dl4CTeDPd9CCr/E5TKzrYDzQ0MB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEvalVPWGdKTjRNOTMwSUt2OFRsTXJPdGdQTkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFV/tYD
BABV/uQwDQYJKoZIhvcNAQELBQADggEBAAqH0IY8uwdhdb7EmVWXJdSPQxz/aTon
AOhB0bCRReVbnXqzt2VE2IOXhcgNIXwEXQMZp5qqr+1kSRKCzWskeiZcGGnaocnR
YMdmpPMxElvyms1dIj3RHCRnF+6AEKQ00lzx1UY8acolsGt4PKXelK3RFKKI/S8l
GwpLwyEsmFro52oFuP2udUBFrX0aWLnz6LGN9lUbJrsS5NYXuQnRnVvkFWvCYyhK
ItVS39YyPA2T510XB+CnrqIyZifJstxtR7SNWkh/S6IbWg0YafG/ngskMVNP13UH
WjJ8ZDc8LLCqQNliXJhfdKEXBQ8PEr8h7/HT/Ys0p1+wndyZNWlUmqo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:10:15 2024 by rpki-client on console-fra.rpki-client.org