Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/05XFvVhR8TAyvncyhIzDpMIBLtc.roa
File: 05XFvVhR8TAyvncyhIzDpMIBLtc.roa (raw, json)
Hash identifier: BAnbFuAeqXYg37/XuyH5td19R33t8rAQTjiDtiU3zfc=
Subject key identifier: D3:95:C5:BD:58:51:F1:30:32:BE:77:32:84:8C:C3:A4:C2:01:2E:D7
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018E868FA732B3019391EA2625B82C05CA3D
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/05XFvVhR8TAyvncyhIzDpMIBLtc.roa
Signing time: Thu 28 Mar 2024 19:35:45 +0000
ROA not before: Thu 28 Mar 2024 19:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 85.203.32.0/24 maxlen: 24
85.203.45.0/24 maxlen: 24
85.203.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:8f:a7:32:b3:01:93:91:ea:26:25:b8:2c:05:ca:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Mar 28 19:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d395c5bd5851f13032be7732848cc3a4c2012ed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:eb:e3:20:db:ae:c5:44:8a:3e:74:55:31:dc:
e1:fd:69:94:84:8c:1d:81:9b:7b:0b:ba:4d:f1:93:
4a:7a:ad:fd:99:bd:3b:d5:1d:0e:fb:a8:d4:3a:c2:
51:38:f2:8b:96:b6:bb:6d:ee:79:af:0d:71:f2:d8:
20:53:2b:d1:3a:4f:71:21:90:c3:81:27:e0:6a:25:
12:2b:ed:3f:ef:e7:32:5e:23:91:84:56:08:93:53:
30:81:09:27:5c:70:e0:f4:f6:07:2e:f3:a1:53:cb:
2e:5b:9a:3e:a2:e0:6f:f2:f1:6c:0a:af:f7:ac:fe:
88:55:16:9f:4f:74:96:02:5d:48:49:55:c7:88:42:
82:a2:7f:42:73:5a:38:0f:27:94:3a:cc:c8:d4:13:
98:33:1c:68:6e:d0:0d:63:b7:b0:18:42:04:54:96:
f7:31:ce:fb:c9:00:d9:9b:c0:82:13:14:05:9b:44:
81:a9:09:a0:62:07:6b:ba:9e:94:44:ed:d2:03:85:
c4:da:41:1d:0f:b9:bc:7c:53:15:2e:b8:a5:82:1b:
0c:ca:9a:bc:f1:5c:95:06:62:ab:d5:b0:5d:a6:a5:
a8:cc:a0:12:2b:48:18:1b:9a:d3:ba:3c:b4:28:30:
46:eb:3e:99:1b:3c:17:84:77:17:63:0c:5e:84:f9:
21:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:95:C5:BD:58:51:F1:30:32:BE:77:32:84:8C:C3:A4:C2:01:2E:D7
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/05XFvVhR8TAyvncyhIzDpMIBLtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.32.0/24
85.203.45.0/24
85.203.54.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:b9:a3:37:5d:30:ed:ce:c5:7d:1d:65:bb:c5:80:6a:1a:73:
45:ec:b6:83:38:05:02:56:b8:a9:d7:c5:1c:f9:31:b7:95:91:
e2:76:2b:15:da:17:df:18:98:9c:80:05:81:73:cc:ca:2f:15:
da:1b:78:2f:a3:da:83:90:c0:76:d8:4d:fe:bb:aa:e9:a4:95:
bb:fa:c4:5f:8a:b3:8b:85:53:69:7b:88:3c:88:12:fe:bd:a2:
51:96:cf:4e:98:5f:62:99:87:bc:c2:47:62:1c:be:d5:03:fa:
47:f8:72:e8:ed:77:5e:22:01:04:2a:10:08:89:d7:a2:88:f1:
76:49:b3:84:2c:44:aa:dc:15:c8:02:a9:d2:f9:06:c4:aa:c3:
38:2a:e5:a5:0e:99:1b:40:d1:db:5a:e4:73:08:2b:51:24:38:
1c:05:9a:cd:e6:bd:05:6d:6b:2d:f4:b5:1d:df:7a:d2:44:42:
a4:ff:31:2f:d7:f1:62:37:6d:44:d5:3a:07:ec:f6:68:73:e5:
01:5c:76:cb:8e:ee:d9:9e:71:22:5b:21:0e:65:fb:7f:37:e9:
7e:04:c4:c7:05:d2:49:45:48:8d:4d:52:6f:e5:a4:ac:24:8c:
eb:8f:b7:ac:75:91:81:cb:3c:77:7e:da:b8:42:6a:0c:a9:d4:
fd:52:76:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6Gj6cyswGTkeomJbgsBco9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMzI4MTkzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzk1YzViZDU4NTFmMTMwMzJiZTc3MzI4NDhjYzNhNGMyMDEyZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOvjINuuxUSKPnRVMdzh/WmUhIwd
gZt7C7pN8ZNKeq39mb071R0O+6jUOsJROPKLlra7be55rw1x8tggUyvROk9xIZDD
gSfgaiUSK+0/7+cyXiORhFYIk1MwgQknXHDg9PYHLvOhU8suW5o+ouBv8vFsCq/3
rP6IVRafT3SWAl1ISVXHiEKCon9Cc1o4DyeUOszI1BOYMxxobtANY7ewGEIEVJb3
Mc77yQDZm8CCExQFm0SBqQmgYgdrup6URO3SA4XE2kEdD7m8fFMVLrilghsMypq8
8VyVBmKr1bBdpqWozKASK0gYG5rTujy0KDBG6z6ZGzwXhHcXYwxehPkhRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNOVxb1YUfEwMr53MoSMw6TCAS7XMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvMDVYRnZWaFI4VEF5dm5jeWhJekRwTUlCTHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcsgAwQA
VcstAwQAVcs2MA0GCSqGSIb3DQEBCwUAA4IBAQAbuaM3XTDtzsV9HWW7xYBqGnNF
7LaDOAUCVrip18Uc+TG3lZHidisV2hffGJicgAWBc8zKLxXaG3gvo9qDkMB22E3+
u6rppJW7+sRfirOLhVNpe4g8iBL+vaJRls9OmF9imYe8wkdiHL7VA/pH+HLo7Xde
IgEEKhAIideiiPF2SbOELESq3BXIAqnS+QbEqsM4KuWlDpkbQNHbWuRzCCtRJDgc
BZrN5r0FbWst9LUd33rSREKk/zEv1/FiN21E1ToH7PZoc+UBXHbLju7ZnnEiWyEO
Zft/N+l+BMTHBdJJRUiNTVJv5aSsJIzrj7esdZGByzx3ftq4QmoMqdT9UnZw
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:49:07 2024 by rpki-client on console-ams.rpki-client.org