Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/JEIwkTNMmBjLUiyeM2zBVw4x6zw.roa
File: JEIwkTNMmBjLUiyeM2zBVw4x6zw.roa (raw, json)
Hash identifier: NBC6efD7q5TKSysNBquyA+01wXsmQ0Omz1p/vPjZbwU=
Subject key identifier: 24:42:30:91:33:4C:98:18:CB:52:2C:9E:33:6C:C1:57:0E:31:EB:3C
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E7FDDD4C5A13C9DA0FFC1B87178CA7261
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/JEIwkTNMmBjLUiyeM2zBVw4x6zw.roa
Signing time: Wed 27 Mar 2024 12:23:48 +0000
ROA not before: Wed 27 Mar 2024 12:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 85.254.47.0/24 maxlen: 24
85.254.62.0/24 maxlen: 24
85.254.104.0/24 maxlen: 24
85.254.105.0/24 maxlen: 24
85.254.106.0/24 maxlen: 24
85.254.107.0/24 maxlen: 24
85.254.108.0/24 maxlen: 24
85.254.109.0/24 maxlen: 24
85.254.110.0/24 maxlen: 24
85.254.111.0/24 maxlen: 24
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 09:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:dd:d4:c5:a1:3c:9d:a0:ff:c1:b8:71:78:ca:72:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 27 12:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24423091334c9818cb522c9e336cc1570e31eb3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:02:a1:0c:54:3f:0c:f1:b4:99:d9:c0:d2:4a:
bc:57:aa:7a:f9:82:6f:2a:a2:22:d2:2b:b2:0c:d1:
b4:ce:c7:6a:92:55:c5:00:e2:9f:fc:14:63:3e:81:
4b:05:cd:c6:c5:e0:99:8a:4c:da:12:14:4a:d9:32:
c6:3f:ff:26:10:34:61:6b:49:7a:0a:ca:93:75:58:
7c:45:28:d4:6c:89:3b:74:2a:b1:4a:5c:d3:e1:e8:
76:5d:d9:79:16:0d:3f:97:54:6c:09:30:d5:71:8e:
b8:0d:d6:c6:e0:a5:ee:67:ed:d6:d4:a0:70:49:fb:
cb:24:e0:55:a3:8b:f4:92:22:98:6f:b9:a0:a6:a7:
32:99:06:5d:54:05:62:0a:73:55:6a:ac:f5:6e:4e:
d1:8b:13:63:07:d2:53:c0:a5:a4:0b:f4:43:c9:83:
81:20:f2:8a:fa:22:b3:af:57:2c:64:9f:9a:6f:fd:
11:7f:e5:ce:42:fe:b7:ed:58:1e:ba:6e:81:df:09:
e9:e4:f3:6f:86:25:6a:b0:4d:da:09:f7:10:20:1f:
21:65:76:0d:1c:04:1d:bb:8a:88:92:7e:15:a1:59:
c2:2a:13:21:e1:cb:b3:e6:93:ab:52:82:15:e3:04:
b5:50:6e:5b:1d:7a:90:b6:fb:c5:e5:01:da:92:8d:
03:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:42:30:91:33:4C:98:18:CB:52:2C:9E:33:6C:C1:57:0E:31:EB:3C
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/JEIwkTNMmBjLUiyeM2zBVw4x6zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.47.0/24
85.254.62.0/24
85.254.104.0/21
85.254.116.0/24
85.254.122.0/24
159.148.125.0/24
159.148.138.0/24
159.148.150.0/24
159.148.222.0/24
Signature Algorithm: sha256WithRSAEncryption
43:99:19:80:30:62:5b:98:b0:78:2e:4f:33:1e:9e:34:59:69:
ce:fc:4a:80:fe:14:a4:0e:73:6a:87:0d:64:72:7f:31:bb:1a:
8c:7a:d3:f8:98:87:d9:9e:3f:78:7b:b5:57:7d:a0:b9:57:04:
4d:d2:23:00:30:ee:3a:71:3e:da:1d:e3:fe:f6:58:5d:90:c7:
82:84:c0:d2:aa:4b:f0:48:68:b8:ea:81:ed:ba:85:42:5e:c4:
31:e4:88:0d:b9:1d:da:2b:df:b0:5c:56:79:0c:5d:a2:98:ae:
fc:2d:03:53:67:ba:65:c0:5b:3f:db:79:ac:a0:25:de:ed:ad:
3e:de:9e:44:92:c2:80:03:8d:ee:cb:41:b7:46:02:85:97:15:
65:a9:25:4c:20:f9:98:4d:86:ab:b5:a7:54:9c:1e:dc:e8:4e:
34:ec:3c:90:05:e5:e2:9f:f2:58:b6:44:a8:c1:f1:d0:b4:37:
68:16:29:8b:ce:d0:b5:29:e3:fd:68:1e:7d:18:87:bd:de:02:
33:cb:78:05:d7:f2:99:2f:94:b3:e7:c2:42:37:3e:96:ae:6c:
de:f2:45:f8:a7:21:f2:19:90:3f:e3:c4:85:a9:8d:71:b3:cb:
09:61:b5:ee:64:f7:5d:cb:41:31:66:75:74:97:ea:da:48:3b:
2c:a9:c8:e3
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY5/3dTFoTydoP/BuHF4ynJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzI3MTIyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQyMzA5MTMzNGM5ODE4Y2I1MjJjOWUzMzZjYzE1NzBlMzFlYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+gKhDFQ/DPG0mdnA0kq8V6p6+YJv
KqIi0iuyDNG0zsdqklXFAOKf/BRjPoFLBc3GxeCZikzaEhRK2TLGP/8mEDRha0l6
CsqTdVh8RSjUbIk7dCqxSlzT4eh2Xdl5Fg0/l1RsCTDVcY64DdbG4KXuZ+3W1KBw
SfvLJOBVo4v0kiKYb7mgpqcymQZdVAViCnNVaqz1bk7RixNjB9JTwKWkC/RDyYOB
IPKK+iKzr1csZJ+ab/0Rf+XOQv637Vgeum6B3wnp5PNvhiVqsE3aCfcQIB8hZXYN
HAQdu4qIkn4VoVnCKhMh4cuz5pOrUoIV4wS1UG5bHXqQtvvF5QHako0DfwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCRCMJEzTJgYy1IsnjNswVcOMes8MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvSkVJd2tUTk1tQmpMVWl5ZU0yekJWdzR4Nnp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVf4vAwQA
Vf4+AwQDVf5oAwQAVf50AwQAVf56AwQAn5R9AwQAn5SKAwQAn5SWAwQAn5TeMA0G
CSqGSIb3DQEBCwUAA4IBAQBDmRmAMGJbmLB4Lk8zHp40WWnO/EqA/hSkDnNqhw1k
cn8xuxqMetP4mIfZnj94e7VXfaC5VwRN0iMAMO46cT7aHeP+9lhdkMeChMDSqkvw
SGi46oHtuoVCXsQx5IgNuR3aK9+wXFZ5DF2imK78LQNTZ7plwFs/23msoCXe7a0+
3p5EksKAA43uy0G3RgKFlxVlqSVMIPmYTYartadUnB7c6E407DyQBeXin/JYtkSo
wfHQtDdoFimLztC1KeP9aB59GIe93gIzy3gF1/KZL5Sz58JCNz6Wrmze8kX4pyHy
GZA/48SFqY1xs8sJYbXuZPddy0ExZnV0l+raSDssqcjj
-----END CERTIFICATE-----
Generated at Wed May 1 18:30:38 2024 by rpki-client on console-ams.rpki-client.org