Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/lPfuFm9-OC41SZt2yQW5Gehxif8.roa
File: lPfuFm9-OC41SZt2yQW5Gehxif8.roa (raw, json)
Hash identifier: CFwKjbhWpB0UOrIjGhcdNGKOistk9uQ083B6zywqij8=
Subject key identifier: 94:F7:EE:16:6F:7E:38:2E:35:49:9B:76:C9:05:B9:19:E8:71:89:FF
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 018D650E5BABD5B849DF6EEE7445965E3174
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/lPfuFm9-OC41SZt2yQW5Gehxif8.roa
Signing time: Thu 01 Feb 2024 14:24:16 +0000
ROA not before: Thu 01 Feb 2024 14:24:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34305
IP address blocks: 85.12.28.0/22 maxlen: 24
85.12.32.0/20 maxlen: 20
85.12.48.0/21 maxlen: 21
85.12.58.0/23 maxlen: 24
85.12.60.0/22 maxlen: 22
91.148.208.0/20 maxlen: 20
185.91.28.0/24 maxlen: 24
193.138.220.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788::/32 maxlen: 48
2a01:788:1000::/48 maxlen: 48
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:0e:5b:ab:d5:b8:49:df:6e:ee:74:45:96:5e:31:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Feb 1 14:24:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94f7ee166f7e382e35499b76c905b919e87189ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bb:dc:63:3a:76:92:0c:ce:50:45:88:84:90:
f5:ec:f0:88:f7:91:bb:75:05:53:30:24:cb:ff:77:
d1:61:0e:7e:df:db:e7:c5:58:73:5b:ff:17:2f:35:
73:36:d5:b1:41:f6:23:08:ae:95:99:d0:34:bd:da:
db:48:a0:a2:15:43:86:4f:16:31:0c:94:8b:32:e5:
0c:1b:89:bd:10:db:8d:80:82:3c:f6:59:2d:dd:f4:
df:78:e6:2d:4a:f9:b1:02:24:a0:d8:cf:1c:46:d2:
08:49:95:03:2a:af:f9:8f:e5:47:45:3d:b5:b1:ff:
fb:0e:d4:d2:03:f4:3e:34:14:74:ae:20:3e:60:7a:
63:38:f0:f3:1f:ce:b0:15:f2:f3:8f:7e:27:58:3e:
2a:63:87:7f:47:e2:7d:e6:7f:04:56:9f:6c:6d:80:
84:48:3e:e2:ba:16:6e:f6:a2:5c:e9:ff:4e:a2:04:
e3:8a:fd:47:60:39:91:6d:19:23:82:17:0d:41:9d:
1d:70:64:a4:77:31:94:f0:00:2d:26:74:02:90:f8:
ba:4e:f3:fe:aa:7d:a9:4d:cd:d7:d4:85:4c:54:a5:
36:d1:fa:77:f5:17:91:c0:32:b3:2a:23:a8:47:15:
c8:b4:e8:eb:3b:76:3f:76:7f:f1:81:eb:e1:54:a6:
86:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F7:EE:16:6F:7E:38:2E:35:49:9B:76:C9:05:B9:19:E8:71:89:FF
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/lPfuFm9-OC41SZt2yQW5Gehxif8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.28.0-85.12.55.255
85.12.58.0-85.12.63.255
91.148.208.0/20
185.91.28.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788::/32
Signature Algorithm: sha256WithRSAEncryption
45:f4:fa:77:2a:fd:11:39:89:da:47:71:9a:71:6f:df:a8:af:
0a:b8:9e:f3:43:88:60:8b:99:ac:85:b1:7b:c1:7f:1d:d2:a1:
a0:a7:c5:b8:6e:86:7a:a7:9d:15:86:cd:2e:b4:26:76:73:5f:
ed:45:ae:ca:3a:cf:54:7a:ee:15:46:8a:ba:f6:04:33:ac:31:
1c:a3:58:70:71:78:5b:b1:33:e5:d6:3c:ce:cb:14:66:f5:55:
59:64:e6:0f:e5:30:eb:ee:21:39:54:37:2e:c8:23:13:28:8f:
1b:ef:6b:cc:8e:a6:86:36:bf:1c:42:6c:3c:96:3b:cd:a9:af:
d4:75:9b:c4:66:7b:21:9e:96:ba:ba:fc:cc:65:a8:b8:69:83:
a7:6b:8b:39:3c:86:62:39:ab:61:9b:c4:18:1c:a6:6d:2a:e5:
86:06:d8:3f:69:a2:3a:5b:8c:2f:3c:67:ef:f7:f9:a7:69:54:
72:af:b2:11:27:37:02:f4:6d:a7:ae:5d:bc:30:b8:84:33:0c:
35:36:53:fe:9c:d5:2e:4b:46:34:34:18:0a:0a:43:35:bf:a9:
7a:3b:b6:6d:6c:b3:9a:b2:78:c4:ff:b7:fe:f0:7a:3a:67:a0:
27:ad:65:dd:9e:99:5b:7e:a0:29:6e:db:65:d4:17:2b:33:e8:
99:9d:ba:da
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAY1lDlur1bhJ327udEWWXjF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjQwMjAxMTQyNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGY3ZWUxNjZmN2UzODJlMzU0OTliNzZjOTA1YjkxOWU4NzE4OWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrvcYzp2kgzOUEWIhJD17PCI95G7
dQVTMCTL/3fRYQ5+39vnxVhzW/8XLzVzNtWxQfYjCK6VmdA0vdrbSKCiFUOGTxYx
DJSLMuUMG4m9ENuNgII89lkt3fTfeOYtSvmxAiSg2M8cRtIISZUDKq/5j+VHRT21
sf/7DtTSA/Q+NBR0riA+YHpjOPDzH86wFfLzj34nWD4qY4d/R+J95n8EVp9sbYCE
SD7iuhZu9qJc6f9OogTjiv1HYDmRbRkjghcNQZ0dcGSkdzGU8AAtJnQCkPi6TvP+
qn2pTc3X1IVMVKU20fp39ReRwDKzKiOoRxXItOjrO3Y/dn/xgevhVKaG9QIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFJT37hZvfjguNUmbdskFuRnocYn/MB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvbFBmdUZtOS1PQzQxU1p0MnlRVzVHZWh4aWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0MAwDBAJVDBwD
BANVDDAwDAMEAVUMOgMEBlUMAAMEBFuU0AMEALlbHAMEAMGK3AMEAcPIVDANBAIA
AjAHAwUAKgEHiDANBgkqhkiG9w0BAQsFAAOCAQEARfT6dyr9ETmJ2kdxmnFv36iv
Crie80OIYIuZrIWxe8F/HdKhoKfFuG6GeqedFYbNLrQmdnNf7UWuyjrPVHruFUaK
uvYEM6wxHKNYcHF4W7Ez5dY8zssUZvVVWWTmD+Uw6+4hOVQ3LsgjEyiPG+9rzI6m
hja/HEJsPJY7zamv1HWbxGZ7IZ6Wurr8zGWouGmDp2uLOTyGYjmrYZvEGBymbSrl
hgbYP2miOluMLzxn7/f5p2lUcq+yESc3AvRtp65dvDC4hDMMNTZT/pzVLktGNDQY
CgpDNb+peju2bWyzmrJ4xP+3/vB6OmegJ61l3Z6ZW36gKW7bZdQXKzPomZ262g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:09:31 2024 by rpki-client on console-fra.rpki-client.org