Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/RIjEtAgDzMAjBuDaBW8lDvBRgJ0.roa
File: RIjEtAgDzMAjBuDaBW8lDvBRgJ0.roa (raw, json)
Hash identifier: Qow8gSHe9p3dxJ7TQtkGiheYjQ1ml+R3pUDg61lZD4g=
Subject key identifier: 44:88:C4:B4:08:03:CC:C0:23:06:E0:DA:05:6F:25:0E:F0:51:80:9D
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0193504A0B778A4FEB760C2CC3CE746CBC29
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/RIjEtAgDzMAjBuDaBW8lDvBRgJ0.roa
Signing time: Thu 21 Nov 2024 19:54:09 +0000
ROA not before: Thu 21 Nov 2024 19:54:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
85.235.75.0/24 maxlen: 24
93.190.8.0/24 maxlen: 24
93.190.10.0/24 maxlen: 24
93.190.11.0/24 maxlen: 24
185.254.52.0/24 maxlen: 24
193.17.4.0/24 maxlen: 24
193.17.5.0/24 maxlen: 24
193.17.6.0/24 maxlen: 24
193.17.7.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.77.0/24 maxlen: 24
193.111.78.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.209.0/24 maxlen: 24
217.18.210.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:4a:0b:77:8a:4f:eb:76:0c:2c:c3:ce:74:6c:bc:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Nov 21 19:54:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4488c4b40803ccc02306e0da056f250ef051809d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0e:e7:d2:52:37:fe:62:af:95:cb:96:0b:91:
d5:77:72:b9:e2:20:6d:fb:a9:51:29:d7:bc:40:e5:
26:99:5c:2e:3b:5e:bd:37:0b:7d:68:26:41:5a:97:
81:8d:4e:8d:a7:7f:d6:4c:d3:c3:3c:63:14:79:c8:
cf:5b:ad:ee:4b:44:6c:b6:2e:ff:bb:dd:68:d2:65:
ca:65:62:6c:1b:1e:9d:b0:37:dc:e9:7e:33:8c:b4:
d1:32:ec:b7:24:2e:76:86:6b:ca:e8:e5:e4:94:16:
f6:a9:17:df:50:52:38:21:7d:28:d4:2d:1b:8a:2e:
63:fb:35:f2:06:04:96:87:6d:2b:4c:48:ca:d1:56:
91:f4:e1:00:c2:41:fe:4f:3b:2a:75:df:08:f9:55:
81:71:c0:7c:f3:e2:06:0b:67:85:a1:f9:78:a4:c5:
f5:76:a3:67:f6:46:36:c0:d9:89:97:06:f5:0c:6d:
c4:42:95:9b:30:73:9e:ce:76:ac:c6:8c:b8:11:a9:
08:b0:96:69:3c:98:20:77:3a:4a:16:c1:c9:2c:9b:
49:cd:16:3d:f3:a5:e2:2e:f6:73:a1:db:07:3a:52:
67:60:7e:7c:a1:da:fe:ca:ac:3f:0a:6e:cb:16:0e:
9d:eb:eb:18:58:37:92:78:d3:2f:f8:c3:5d:4e:47:
2f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:88:C4:B4:08:03:CC:C0:23:06:E0:DA:05:6F:25:0E:F0:51:80:9D
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/RIjEtAgDzMAjBuDaBW8lDvBRgJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.72.0/22
93.190.8.0/24
93.190.10.0/23
185.254.52.0/24
193.17.4.0/22
193.111.76.0/22
217.18.208.0/22
Signature Algorithm: sha256WithRSAEncryption
14:e9:57:b7:b1:7d:ae:94:ca:0c:06:a2:5d:29:35:9c:79:86:
aa:3b:a3:07:75:1f:57:3a:33:c7:64:b3:a9:b0:18:95:80:2e:
c0:3e:8d:48:f0:fe:c6:9c:2e:a7:d7:c3:5d:2e:f2:58:03:de:
4e:c5:30:04:38:2d:60:27:50:db:5c:0e:7b:72:9e:75:74:13:
ee:d4:68:30:5f:a5:5b:ea:91:32:30:3d:ef:30:9d:f5:6f:d1:
84:5a:0f:c4:cc:6f:7e:e1:8a:0e:2f:94:21:06:80:8e:4d:21:
df:64:9d:1a:fe:bf:a9:3e:e0:9a:bf:a2:9d:68:92:93:32:3b:
92:e3:fb:c6:4d:2b:07:b7:61:9e:b9:56:07:56:db:13:09:4a:
e5:03:e2:e7:17:ab:19:4d:f1:02:70:c3:65:f1:3f:83:cd:9f:
62:b2:17:07:6d:28:01:56:5b:07:23:30:7c:f4:90:86:75:24:
f3:4c:ac:8e:89:76:34:29:bc:56:d7:d6:d0:26:97:11:f8:ec:
59:be:4e:be:d3:f8:28:98:7e:4c:9f:5b:e9:78:74:53:44:7f:
42:f0:a4:8b:8c:e2:1c:12:e3:63:02:41:ae:ce:15:3c:f3:84:
7d:1d:58:76:0c:ee:52:75:2f:32:48:cb:80:6f:41:11:11:a9:
78:04:4c:d7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZNQSgt3ik/rdgwsw850bLwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQxMTIxMTk1NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg4YzRiNDA4MDNjY2MwMjMwNmUwZGEwNTZmMjUwZWYwNTE4MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw7n0lI3/mKvlcuWC5HVd3K54iBt
+6lRKde8QOUmmVwuO169Nwt9aCZBWpeBjU6Np3/WTNPDPGMUecjPW63uS0Rsti7/
u91o0mXKZWJsGx6dsDfc6X4zjLTRMuy3JC52hmvK6OXklBb2qRffUFI4IX0o1C0b
ii5j+zXyBgSWh20rTEjK0VaR9OEAwkH+Tzsqdd8I+VWBccB88+IGC2eFofl4pMX1
dqNn9kY2wNmJlwb1DG3EQpWbMHOeznasxoy4EakIsJZpPJggdzpKFsHJLJtJzRY9
86XiLvZzodsHOlJnYH58odr+yqw/Cm7LFg6d6+sYWDeSeNMv+MNdTkcvJQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFESIxLQIA8zAIwbg2gVvJQ7wUYCdMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvUklqRXRBZ0R6TUFqQnVEYUJXOGxEdkJSZ0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVetIAwQA
Xb4IAwQBXb4KAwQAuf40AwQCwREEAwQCwW9MAwQC2RLQMA0GCSqGSIb3DQEBCwUA
A4IBAQAU6Ve3sX2ulMoMBqJdKTWceYaqO6MHdR9XOjPHZLOpsBiVgC7APo1I8P7G
nC6n18NdLvJYA95OxTAEOC1gJ1DbXA57cp51dBPu1GgwX6Vb6pEyMD3vMJ31b9GE
Wg/EzG9+4YoOL5QhBoCOTSHfZJ0a/r+pPuCav6KdaJKTMjuS4/vGTSsHt2GeuVYH
VtsTCUrlA+LnF6sZTfECcMNl8T+DzZ9ishcHbSgBVlsHIzB89JCGdSTzTKyOiXY0
KbxW19bQJpcR+OxZvk6+0/gomH5Mn1vpeHRTRH9C8KSLjOIcEuNjAkGuzhU884R9
HVh2DO5SdS8ySMuAb0EREal4BEzX
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:25 2024 by rpki-client on console-ams.rpki-client.org