Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/L_PpkFgg-pKH-imdphvJSwTuI5E.roa
File: L_PpkFgg-pKH-imdphvJSwTuI5E.roa (raw, json)
Hash identifier: /3JuHEfB0KBiMfMJKlDXe+uGWXU2vfdUhi8a51pToxM=
Subject key identifier: 2F:F3:E9:90:58:20:FA:92:87:FA:29:9D:A6:1B:C9:4B:04:EE:23:91
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 01931F11A4A742D933B8ED44D835E039E8AB
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/L_PpkFgg-pKH-imdphvJSwTuI5E.roa
Signing time: Tue 12 Nov 2024 06:31:10 +0000
ROA not before: Tue 12 Nov 2024 06:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3758
IP address blocks: 85.203.24.0/24 maxlen: 24
85.203.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:11:a4:a7:42:d9:33:b8:ed:44:d8:35:e0:39:e8:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Nov 12 06:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ff3e9905820fa9287fa299da61bc94b04ee2391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:78:01:79:15:03:37:e8:e0:c0:0f:d1:27:fd:
b5:8f:19:79:12:94:ce:3a:ad:dd:00:94:e8:a2:73:
db:22:31:c0:6a:37:f5:39:ca:56:9d:04:1a:b0:8a:
6c:80:1d:34:28:83:e3:10:7f:8c:f7:36:0e:ee:60:
68:0f:37:23:e9:94:f1:c3:e0:ff:d9:29:eb:3c:f5:
28:9e:2f:1f:c5:e0:3e:b2:35:25:f1:da:4d:13:a6:
8a:dd:79:96:0f:56:ca:37:52:cc:bc:8c:21:d8:05:
aa:0e:12:fa:5c:9e:a5:e8:4d:82:f4:78:18:d9:8d:
11:83:84:3b:db:3e:83:2b:8e:c7:e3:00:11:6a:02:
c2:55:0c:97:d5:3f:b6:d0:0c:3a:f9:d4:ed:fa:bc:
0e:b7:05:c6:a0:bf:9d:e3:99:9f:fd:3e:aa:bb:6d:
4a:1e:e7:f5:cb:7b:48:38:55:1a:58:4a:9a:98:38:
fa:af:b5:6c:29:d9:cb:b1:22:98:f0:15:bf:c7:7a:
1c:cd:0a:47:40:7b:4c:d3:db:e1:93:5f:6e:7c:89:
0f:92:4d:ba:09:eb:79:1b:4c:70:35:ba:04:24:43:
5c:a7:fd:64:45:b4:b5:3b:2f:e8:0a:df:58:50:af:
b2:5d:b8:bc:8e:92:3a:4a:bc:8c:df:de:ba:95:df:
dd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F3:E9:90:58:20:FA:92:87:FA:29:9D:A6:1B:C9:4B:04:EE:23:91
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/L_PpkFgg-pKH-imdphvJSwTuI5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.24.0/24
85.203.35.0/24
Signature Algorithm: sha256WithRSAEncryption
96:66:04:85:9a:0f:0d:41:78:97:80:a8:2c:0f:36:2f:ca:72:
dd:c3:63:6b:25:45:4d:5d:75:18:d2:1b:a2:3f:cd:61:63:34:
7b:3a:46:d7:02:b0:0c:c5:4a:65:d7:4e:54:38:22:a5:42:2f:
57:c1:b4:53:bd:4e:38:d0:e5:bc:0b:e1:aa:70:d7:de:40:ea:
b2:74:bc:c9:43:02:5b:74:3f:aa:62:af:5f:50:d9:b0:7f:c9:
63:64:7c:93:ff:78:da:f7:85:04:ff:8c:e7:5d:a0:c8:81:23:
67:ad:eb:fb:07:a5:a6:5d:e5:97:17:30:29:ce:c1:5a:88:88:
47:7d:da:2a:f8:d4:61:a3:cf:c3:80:a3:2a:fa:29:d3:f1:9f:
ce:77:eb:1a:4c:ba:7f:0a:1f:4f:82:9b:a5:97:37:3e:ee:d7:
64:fc:ef:2c:6a:98:f2:2a:1c:b9:df:eb:18:ff:b4:98:63:86:
56:9c:7e:aa:11:37:9d:5b:30:12:e2:fb:f5:9f:a1:4a:c0:30:
c9:ab:c2:35:ec:d1:f8:43:5e:4d:39:3c:46:22:71:85:22:ef:
ef:ac:0f:1f:5b:53:61:16:bc:74:ca:d8:55:e7:fb:9b:b3:93:
e0:88:14:4e:5a:31:62:6c:08:8a:30:d7:68:7c:3e:5c:d8:00:
47:eb:f3:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMfEaSnQtkzuO1E2DXgOeirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQxMTEyMDYzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmYzZTk5MDU4MjBmYTkyODdmYTI5OWRhNjFiYzk0YjA0ZWUyMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3gBeRUDN+jgwA/RJ/21jxl5EpTO
Oq3dAJToonPbIjHAajf1OcpWnQQasIpsgB00KIPjEH+M9zYO7mBoDzcj6ZTxw+D/
2SnrPPUoni8fxeA+sjUl8dpNE6aK3XmWD1bKN1LMvIwh2AWqDhL6XJ6l6E2C9HgY
2Y0Rg4Q72z6DK47H4wARagLCVQyX1T+20Aw6+dTt+rwOtwXGoL+d45mf/T6qu21K
Huf1y3tIOFUaWEqamDj6r7VsKdnLsSKY8BW/x3oczQpHQHtM09vhk19ufIkPkk26
Cet5G0xwNboEJENcp/1kRbS1Oy/oCt9YUK+yXbi8jpI6SryM3966ld/dRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC/z6ZBYIPqSh/opnaYbyUsE7iORMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvTF9QcGtGZ2ctcEtILWltZHBodkpTd1R1STVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcsYAwQA
VcsjMA0GCSqGSIb3DQEBCwUAA4IBAQCWZgSFmg8NQXiXgKgsDzYvynLdw2NrJUVN
XXUY0huiP81hYzR7OkbXArAMxUpl105UOCKlQi9XwbRTvU440OW8C+GqcNfeQOqy
dLzJQwJbdD+qYq9fUNmwf8ljZHyT/3ja94UE/4znXaDIgSNnrev7B6WmXeWXFzAp
zsFaiIhHfdoq+NRho8/DgKMq+inT8Z/Od+saTLp/Ch9Pgpullzc+7tdk/O8sapjy
Khy53+sY/7SYY4ZWnH6qETedWzAS4vv1n6FKwDDJq8I17NH4Q15NOTxGInGFIu/v
rA8fW1NhFrx0ythV5/ubs5PgiBROWjFibAiKMNdofD5c2ABH6/OR
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:44:15 2024 by rpki-client on console-fra.rpki-client.org