Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/271Xb15_ycGsna0PY4U7eYb8Z2g.roa
File: 271Xb15_ycGsna0PY4U7eYb8Z2g.roa (raw, json)
Hash identifier: ZmtJzCRQa/7wxj2debEsrqsQCk8kZ5QrocFzKKyeJ0M=
Subject key identifier: DB:BD:57:6F:5E:7F:C9:C1:AC:9D:AD:0F:63:85:3B:79:86:FC:67:68
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA2981A2BD514D6D7D8AF4D0B297FDAA
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/271Xb15_ycGsna0PY4U7eYb8Z2g.roa
Signing time: Tue 02 Jan 2024 12:32:46 +0000
ROA not before: Tue 02 Jan 2024 12:32:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 85.203.46.0/24 maxlen: 24
85.203.23.0/24 maxlen: 24
85.203.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:81:a2:bd:51:4d:6d:7d:8a:f4:d0:b2:97:fd:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbbd576f5e7fc9c1ac9dad0f63853b7986fc6768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:47:11:dd:eb:b5:ba:4a:48:e2:50:2e:0c:6f:
9e:82:a1:63:03:89:e7:b3:1d:0b:43:46:60:61:75:
dc:05:7d:84:ad:07:37:b8:fe:c2:de:92:03:70:3b:
3b:2d:06:42:e2:b6:ce:a8:7f:47:95:df:cc:8f:95:
e7:0c:27:51:75:1c:64:ba:a9:70:4a:6e:67:18:60:
59:ac:06:04:8e:c6:12:ae:5a:82:81:59:87:f9:fe:
c1:0a:3a:8b:36:c2:c4:a7:c3:2f:14:e7:20:86:fb:
70:5d:fd:8d:d2:7d:11:47:ba:86:06:97:00:12:89:
94:df:67:50:a6:15:22:43:4d:69:b9:2a:1f:e8:ca:
ee:d7:c4:46:61:3f:94:e6:26:e2:16:88:b7:81:8e:
aa:04:3b:10:f2:77:9f:c2:83:9b:60:43:69:50:a1:
76:d7:b1:68:a6:db:96:53:8d:71:ea:78:ef:e5:33:
78:af:a1:16:cd:73:11:d0:b5:dd:ab:ab:67:4d:fc:
53:eb:e1:43:1c:e1:bf:15:2f:2a:4c:d6:cf:b7:ce:
73:e1:6d:cb:d1:47:01:55:47:5d:60:e0:f9:f2:ad:
f1:01:46:d9:67:03:86:74:5d:d4:f6:fe:cb:79:19:
2c:c3:ac:09:63:17:01:a0:3b:c4:08:64:93:f0:00:
61:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:BD:57:6F:5E:7F:C9:C1:AC:9D:AD:0F:63:85:3B:79:86:FC:67:68
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/271Xb15_ycGsna0PY4U7eYb8Z2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.22.0/23
85.203.46.0/24
Signature Algorithm: sha256WithRSAEncryption
41:70:00:3e:cc:df:59:87:de:a1:1c:a8:d2:f4:8d:62:64:52:
2c:a9:76:14:aa:0c:67:32:f7:69:47:0e:4c:b5:3b:49:3e:10:
60:54:6f:3f:be:c9:55:e2:80:e1:43:8e:ce:3f:80:7e:d0:17:
8f:8c:5a:e7:f7:62:a1:06:56:2c:40:a7:85:7a:91:ba:21:5e:
e2:06:e7:97:63:85:66:ca:d1:34:0f:c4:20:b6:83:03:1f:61:
58:cc:8c:c4:97:83:5b:0d:fb:0e:c6:bc:10:bc:a5:3f:52:fc:
98:f1:eb:7b:ed:26:46:b4:16:e3:47:72:bb:19:65:a4:1f:24:
0b:48:31:2f:ae:f7:db:01:a8:83:8f:76:58:42:49:7d:18:d8:
c2:37:a0:3b:bc:bd:bd:0b:e7:cf:12:83:37:13:39:71:03:99:
a4:1c:5f:52:87:00:14:63:f0:33:ad:58:f2:32:09:8b:f3:6a:
bf:a9:4c:a7:b5:c9:95:58:d9:08:f4:00:a8:df:ea:cd:e2:ee:
e1:e1:a0:c9:c7:65:94:e6:10:2b:ed:0e:22:1e:12:c5:48:8b:
7a:11:41:bf:b7:fd:81:1c:aa:c0:26:0d:b6:3d:0a:53:0c:38:
14:11:14:5d:7b:45:b5:d5:11:06:78:8a:9e:3a:53:63:81:54:
d4:b5:4c:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKYGivVFNbX2K9NCyl/2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmJkNTc2ZjVlN2ZjOWMxYWM5ZGFkMGY2Mzg1M2I3OTg2ZmM2NzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00cR3eu1ukpI4lAuDG+egqFjA4nn
sx0LQ0ZgYXXcBX2ErQc3uP7C3pIDcDs7LQZC4rbOqH9Hld/Mj5XnDCdRdRxkuqlw
Sm5nGGBZrAYEjsYSrlqCgVmH+f7BCjqLNsLEp8MvFOcghvtwXf2N0n0RR7qGBpcA
EomU32dQphUiQ01puSof6Mru18RGYT+U5ibiFoi3gY6qBDsQ8nefwoObYENpUKF2
17FoptuWU41x6njv5TN4r6EWzXMR0LXdq6tnTfxT6+FDHOG/FS8qTNbPt85z4W3L
0UcBVUddYOD58q3xAUbZZwOGdF3U9v7LeRksw6wJYxcBoDvECGST8ABh9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNu9V29ef8nBrJ2tD2OFO3mG/GdoMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvMjcxWGIxNV95Y0dzbmEwUFk0VTdlWWI4WjJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVcsWAwQA
VcsuMA0GCSqGSIb3DQEBCwUAA4IBAQBBcAA+zN9Zh96hHKjS9I1iZFIsqXYUqgxn
MvdpRw5MtTtJPhBgVG8/vslV4oDhQ47OP4B+0BePjFrn92KhBlYsQKeFepG6IV7i
BueXY4VmytE0D8QgtoMDH2FYzIzEl4NbDfsOxrwQvKU/UvyY8et77SZGtBbjR3K7
GWWkHyQLSDEvrvfbAaiDj3ZYQkl9GNjCN6A7vL29C+fPEoM3EzlxA5mkHF9ShwAU
Y/AzrVjyMgmL82q/qUyntcmVWNkI9ACo3+rN4u7h4aDJx2WU5hAr7Q4iHhLFSIt6
EUG/t/2BHKrAJg22PQpTDDgUERRde0W11REGeIqeOlNjgVTUtUz/
-----END CERTIFICATE-----
Generated at Fri May 3 01:16:43 2024 by rpki-client on console-ams.rpki-client.org