Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/tdyqThyHZ9UfUI7RfxAkjPjCpP0.roa
File: tdyqThyHZ9UfUI7RfxAkjPjCpP0.roa (raw, json)
Hash identifier: 33lwhvj8NXSTiyEUhblemoQldOmJVCGannC26ZWMw6w=
Subject key identifier: B5:DC:AA:4E:1C:87:67:D5:1F:50:8E:D1:7F:10:24:8C:F8:C2:A4:FD
Certificate issuer: /CN=e909ee3d618974da0cbd805a2da80410a4989881
Certificate serial: 018CC64B54E1D08CFB4065059D269F038E1C
Authority key identifier: E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/tdyqThyHZ9UfUI7RfxAkjPjCpP0.roa
Signing time: Mon 01 Jan 2024 18:31:14 +0000
ROA not before: Mon 01 Jan 2024 18:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39444
IP address blocks: 85.31.211.0/24 maxlen: 24
85.31.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:54:e1:d0:8c:fb:40:65:05:9d:26:9f:03:8e:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e909ee3d618974da0cbd805a2da80410a4989881
Validity
Not Before: Jan 1 18:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5dcaa4e1c8767d51f508ed17f10248cf8c2a4fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ac:80:a2:50:cd:e2:49:0e:b0:88:d9:6a:12:
4f:a2:c0:95:f5:0c:f4:e5:90:a2:0c:b6:8e:77:0e:
a5:5d:b0:17:56:57:0f:70:b5:30:1c:27:1d:3c:2f:
13:52:fb:f5:90:78:20:00:55:48:75:75:0b:69:cf:
29:96:c2:13:be:2b:b1:d8:91:29:99:1b:b2:1b:ab:
4e:27:dc:6e:d7:0a:53:2e:76:80:83:96:6e:c9:eb:
3f:0d:38:ac:31:0d:29:49:80:72:5b:19:ea:ce:ba:
c1:cb:d2:bc:e2:72:b4:a7:fb:a8:99:bd:a2:de:27:
60:fa:52:73:c5:27:9e:1a:63:1d:e1:a6:d4:4d:62:
e9:00:8b:68:4b:e7:20:13:70:f2:b0:09:74:17:31:
81:55:cc:52:93:15:01:4f:9c:7a:47:98:d8:ee:a0:
81:f2:46:b4:c4:76:55:90:47:e9:8a:ed:36:d7:5e:
05:bb:3e:76:09:1e:a6:96:47:f3:4e:5e:fc:3e:93:
89:e8:3f:1a:83:5d:7d:2b:8f:7b:2c:90:2d:e8:05:
f4:8b:87:74:de:84:ec:fb:26:82:5f:aa:72:32:96:
b7:5f:e3:ea:f7:6c:52:ea:2c:6e:3a:9b:11:82:8f:
a0:c4:43:66:d5:b6:32:c3:26:d2:c2:3e:de:3b:2a:
30:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DC:AA:4E:1C:87:67:D5:1F:50:8E:D1:7F:10:24:8C:F8:C2:A4:FD
X509v3 Authority Key Identifier:
keyid:E9:09:EE:3D:61:89:74:DA:0C:BD:80:5A:2D:A8:04:10:A4:98:98:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6QnuPWGJdNoMvYBaLagEEKSYmIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/tdyqThyHZ9UfUI7RfxAkjPjCpP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2b5f5f-bb96-4b31-8a6a-dd115f9e3301/1/6QnuPWGJdNoMvYBaLagEEKSYmIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.211.0-85.31.212.255
Signature Algorithm: sha256WithRSAEncryption
b4:1a:0b:76:15:f7:68:c7:93:e9:3f:f5:5f:44:c9:71:f7:a6:
07:01:f5:d3:5b:97:32:09:0d:6f:f6:e8:f9:95:d3:18:91:0e:
a7:36:9b:89:1f:2a:0a:bb:54:bd:f5:3b:3c:ca:7f:c6:b0:99:
41:38:9d:1c:08:d7:53:5f:b1:fe:71:fe:8c:0d:2c:a1:bc:2a:
00:39:a9:37:79:ff:aa:89:81:2e:b1:7d:51:35:f3:43:32:d5:
6e:59:dd:3e:c9:0e:51:39:3f:ba:a0:1e:bd:2d:0b:81:8e:cb:
5e:09:fe:40:15:5e:3f:2f:29:88:9d:a0:12:7c:1e:28:b8:20:
04:39:2e:46:1c:c3:07:3e:a4:b5:4c:17:36:67:7c:f2:9c:a4:
20:2c:ad:c8:35:e3:3b:a8:9b:6f:7c:af:bf:ab:6b:68:38:5a:
a6:6d:4a:f5:a9:e1:df:89:06:30:28:be:12:ac:42:9e:e7:2e:
41:4d:a5:df:0a:8f:e9:a1:f6:c3:fb:c0:39:9b:09:e5:b3:63:
ee:21:38:c8:75:f5:b4:6a:f5:48:a1:fd:c2:a3:44:cc:1d:2e:
54:a8:9f:b0:81:88:7f:d9:f7:de:3f:74:38:9b:24:07:fb:98:
59:89:de:cd:0e:92:09:28:95:76:c6:45:d8:fe:0e:3e:06:ff:
e8:fa:ec:1a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGS1Th0Iz7QGUFnSafA44cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MDllZTNkNjE4OTc0ZGEwY2JkODA1YTJkYTgwNDEwYTQ5
ODk4ODEwHhcNMjQwMTAxMTgzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRjYWE0ZTFjODc2N2Q1MWY1MDhlZDE3ZjEwMjQ4Y2Y4YzJhNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApayAolDN4kkOsIjZahJPosCV9Qz0
5ZCiDLaOdw6lXbAXVlcPcLUwHCcdPC8TUvv1kHggAFVIdXULac8plsITviux2JEp
mRuyG6tOJ9xu1wpTLnaAg5Zuyes/DTisMQ0pSYByWxnqzrrBy9K84nK0p/uomb2i
3idg+lJzxSeeGmMd4abUTWLpAItoS+cgE3DysAl0FzGBVcxSkxUBT5x6R5jY7qCB
8ka0xHZVkEfpiu02114Fuz52CR6mlkfzTl78PpOJ6D8ag119K497LJAt6AX0i4d0
3oTs+yaCX6pyMpa3X+Pq92xS6ixuOpsRgo+gxENm1bYywybSwj7eOyowMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLXcqk4ch2fVH1CO0X8QJIz4wqT9MB8GA1UdIwQY
MBaAFOkJ7j1hiXTaDL2AWi2oBBCkmJiBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEt
ZGQxMTVmOWUzMzAxLzEvdGR5cVRoeUhaOVVmVUk3UmZ4QWtqUGpDcFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yYjVmNWYtYmI5Ni00YjMxLThhNmEtZGQxMTVmOWUzMzAx
LzEvNlFudVBXR0pkTm9NdllCYUxhZ0VFS1NZbUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABVH9MD
BABVH9QwDQYJKoZIhvcNAQELBQADggEBALQaC3YV92jHk+k/9V9EyXH3pgcB9dNb
lzIJDW/26PmV0xiRDqc2m4kfKgq7VL31OzzKf8awmUE4nRwI11Nfsf5x/owNLKG8
KgA5qTd5/6qJgS6xfVE180My1W5Z3T7JDlE5P7qgHr0tC4GOy14J/kAVXj8vKYid
oBJ8Hii4IAQ5LkYcwwc+pLVMFzZnfPKcpCAsrcg14zuom298r7+ra2g4WqZtSvWp
4d+JBjAovhKsQp7nLkFNpd8Kj+mh9sP7wDmbCeWzY+4hOMh19bRq9Uih/cKjRMwd
LlSon7CBiH/Z994/dDibJAf7mFmJ3s0OkgkolXbGRdj+Dj4G/+j67Bo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:55 2024 by rpki-client on console-fra.rpki-client.org