Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/_nkZ2SxyUZ5irx5ZmV9AAz-asPE.roa
File: _nkZ2SxyUZ5irx5ZmV9AAz-asPE.roa (raw, json)
Hash identifier: rmzcTh4wNyMMRZe8mTL2tRBCQ15NKCo9QXsAHdHRKbE=
Subject key identifier: FE:79:19:D9:2C:72:51:9E:62:AF:1E:59:99:5F:40:03:3F:9A:B0:F1
Certificate issuer: /CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Certificate serial: 018CC8DEA2A09D33EBC011C1932CE2DDF680
Authority key identifier: CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/_nkZ2SxyUZ5irx5ZmV9AAz-asPE.roa
Signing time: Tue 02 Jan 2024 06:31:23 +0000
ROA not before: Tue 02 Jan 2024 06:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21233
IP address blocks: 85.113.85.0/24 maxlen: 24
85.113.80.0/24 maxlen: 24
85.113.81.0/24 maxlen: 24
85.113.82.0/24 maxlen: 24
85.113.83.0/24 maxlen: 24
85.113.89.0/24 maxlen: 24
2001:be7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/zpE13-0LtjNdGd3W1-mfSK--PAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/zpE13-0LtjNdGd3W1-mfSK--PAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a2:a0:9d:33:eb:c0:11:c1:93:2c:e2:dd:f6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce9135dfed0bb6335d19ddd6d7e99f48afbe3c01
Validity
Not Before: Jan 2 06:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe7919d92c72519e62af1e59995f40033f9ab0f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:11:d0:eb:11:15:ea:a8:e9:31:ba:73:d3:93:
80:e2:ae:66:3e:43:85:ee:4c:72:23:9f:19:dc:43:
97:65:71:a7:ac:40:66:fd:46:b1:1d:9f:7c:0f:9f:
a0:89:8b:22:ad:aa:f0:7b:56:70:c7:34:05:dc:4f:
b0:fa:6a:78:10:fa:5f:85:99:d4:14:51:14:e3:1b:
e1:54:a9:56:c8:2c:7c:a4:f2:fb:eb:a3:be:80:48:
5e:29:cf:58:85:c7:e0:3f:bc:48:d3:d3:ea:13:e9:
9e:f5:d2:99:2b:19:2f:ff:4d:df:52:b8:82:0c:9b:
5d:b6:95:93:94:fa:0e:87:58:01:3d:47:5a:76:8e:
8c:f4:f3:ec:3a:cc:4a:96:70:58:c9:6b:24:1d:62:
da:cf:5c:05:fb:10:54:bf:0b:69:11:45:e6:aa:ee:
36:4d:e8:77:e3:5c:d6:a9:ab:db:54:dc:47:d1:3b:
75:8c:47:5d:ba:e6:a0:8e:79:a7:4f:ac:40:19:4c:
42:b0:fc:33:0f:9d:b9:a1:82:2d:51:14:54:e1:57:
b8:06:41:72:b5:33:e0:eb:9e:4d:89:03:11:79:79:
77:cd:1a:74:df:05:1b:47:58:58:31:0a:54:65:57:
42:5a:f4:ed:d8:c7:ef:fd:52:96:ad:e8:91:44:af:
66:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:79:19:D9:2C:72:51:9E:62:AF:1E:59:99:5F:40:03:3F:9A:B0:F1
X509v3 Authority Key Identifier:
keyid:CE:91:35:DF:ED:0B:B6:33:5D:19:DD:D6:D7:E9:9F:48:AF:BE:3C:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpE13-0LtjNdGd3W1-mfSK--PAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/_nkZ2SxyUZ5irx5ZmV9AAz-asPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3c9c3c-d608-4ea2-9a28-c11ec6ea86b8/1/zpE13-0LtjNdGd3W1-mfSK--PAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.113.80.0/22
85.113.85.0/24
85.113.89.0/24
IPv6:
2001:be7::/32
Signature Algorithm: sha256WithRSAEncryption
33:39:88:c2:32:75:25:73:b9:dd:f5:0e:97:5d:ee:fb:0a:f0:
ab:95:66:05:9c:c1:cd:b0:af:38:81:e7:c7:9b:07:00:c7:1a:
e8:70:af:af:d0:3a:84:46:91:46:23:e1:12:a5:88:51:ce:dc:
f3:cc:64:46:34:a8:1e:23:93:b0:05:1a:99:af:11:31:d8:e6:
aa:cf:14:3f:ce:94:c2:fa:3e:79:4a:2e:d8:5f:dc:93:c7:ea:
49:b0:84:6f:7d:ef:3b:ff:2c:5a:79:40:78:e3:97:7b:16:90:
46:7e:68:bf:0e:53:be:4e:05:0b:41:94:5a:36:80:fe:64:36:
23:f0:65:52:5d:20:15:52:f8:61:e1:78:43:1d:31:2c:fc:3e:
e6:b3:6e:de:c9:02:0d:31:81:44:8d:98:d6:d5:ae:dc:cf:ce:
5a:df:a8:a1:0b:9b:d8:40:d9:17:de:da:a2:2f:8a:7a:b6:eb:
42:57:92:59:cd:4a:f9:be:ee:1a:a9:23:f1:0a:b4:c3:a0:26:
ea:d0:4e:cd:3b:48:77:09:e6:ce:5f:44:3f:de:c7:0a:be:5b:
2a:af:c0:bc:d0:94:4f:42:12:ce:06:16:3d:63:bb:d1:1f:7b:
15:2e:22:71:09:85:48:75:89:a6:4b:9f:b3:91:7b:1d:df:9a:
bc:a7:20:fa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzI3qKgnTPrwBHBkyzi3faAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOTEzNWRmZWQwYmI2MzM1ZDE5ZGRkNmQ3ZTk5ZjQ4YWZi
ZTNjMDEwHhcNMjQwMTAyMDYzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTc5MTlkOTJjNzI1MTllNjJhZjFlNTk5OTVmNDAwMzNmOWFiMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBHQ6xEV6qjpMbpz05OA4q5mPkOF
7kxyI58Z3EOXZXGnrEBm/UaxHZ98D5+giYsirarwe1ZwxzQF3E+w+mp4EPpfhZnU
FFEU4xvhVKlWyCx8pPL766O+gEheKc9YhcfgP7xI09PqE+me9dKZKxkv/03fUriC
DJtdtpWTlPoOh1gBPUdado6M9PPsOsxKlnBYyWskHWLaz1wF+xBUvwtpEUXmqu42
Teh341zWqavbVNxH0Tt1jEdduuagjnmnT6xAGUxCsPwzD525oYItURRU4Ve4BkFy
tTPg655NiQMReXl3zRp03wUbR1hYMQpUZVdCWvTt2Mfv/VKWreiRRK9mXQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP55GdksclGeYq8eWZlfQAM/mrDxMB8GA1UdIwQY
MBaAFM6RNd/tC7YzXRnd1tfpn0ivvjwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenBFMTMtMEx0ak5kR2QzVzEtbWZTSy0tUEFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zYzljM2MtZDYwOC00ZWEyLTlhMjgt
YzExZWM2ZWE4NmI4LzEvX25rWjJTeHlVWjVpcng1Wm1WOUFBei1hc1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zYzljM2MtZDYwOC00ZWEyLTlhMjgtYzExZWM2ZWE4NmI4
LzEvenBFMTMtMEx0ak5kR2QzVzEtbWZTSy0tUEFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVXFQAwQA
VXFVAwQAVXFZMA0EAgACMAcDBQAgAQvnMA0GCSqGSIb3DQEBCwUAA4IBAQAzOYjC
MnUlc7nd9Q6XXe77CvCrlWYFnMHNsK84gefHmwcAxxrocK+v0DqERpFGI+ESpYhR
ztzzzGRGNKgeI5OwBRqZrxEx2OaqzxQ/zpTC+j55Si7YX9yTx+pJsIRvfe87/yxa
eUB445d7FpBGfmi/DlO+TgULQZRaNoD+ZDYj8GVSXSAVUvhh4XhDHTEs/D7ms27e
yQINMYFEjZjW1a7cz85a36ihC5vYQNkX3tqiL4p6tutCV5JZzUr5vu4aqSPxCrTD
oCbq0E7NO0h3CebOX0Q/3scKvlsqr8C80JRPQhLOBhY9Y7vRH3sVLiJxCYVIdYmm
S5+zkXsd35q8pyD6
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:54:07 2024 by rpki-client on console-fra.rpki-client.org