Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/lE33y0I9gqx1Vkfz4XrxfNgi6Z0.roa
File: lE33y0I9gqx1Vkfz4XrxfNgi6Z0.roa (raw, json)
Hash identifier: Z5fHNACO8DFW57otkzB+lw/mqNGQy0PdOPuDTxm/8ns=
Subject key identifier: 94:4D:F7:CB:42:3D:82:AC:75:56:47:F3:E1:7A:F1:7C:D8:22:E9:9D
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0192052AE07654342719BF05C0DD2C1AFA4F
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/lE33y0I9gqx1Vkfz4XrxfNgi6Z0.roa
Signing time: Wed 18 Sep 2024 12:45:48 +0000
ROA not before: Wed 18 Sep 2024 12:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 85.203.9.0/24 maxlen: 24
85.203.16.0/24 maxlen: 24
85.203.25.0/24 maxlen: 24
85.203.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:2a:e0:76:54:34:27:19:bf:05:c0:dd:2c:1a:fa:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Sep 18 12:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=944df7cb423d82ac755647f3e17af17cd822e99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c2:2a:e5:93:aa:a9:ff:fc:e7:c2:7d:8c:9c:
42:57:1c:70:7d:27:20:95:ee:b7:64:97:ab:7c:d3:
bc:f2:91:a7:98:da:18:23:43:29:92:4d:a0:7e:90:
1e:86:e6:b9:78:36:93:d8:30:c0:7a:ee:37:7c:03:
86:b6:98:01:49:f3:ec:09:4a:16:47:08:ca:23:9c:
10:8e:69:06:8d:09:67:5c:91:3c:c4:70:57:72:77:
3d:c1:0d:05:8a:c0:8b:d3:a4:08:88:19:a6:47:e9:
d3:d5:49:e0:56:f5:7a:b8:2c:f9:cd:4c:ec:a2:e3:
75:74:e7:6f:ba:ce:aa:65:cc:a2:45:5b:b0:44:9f:
0f:fb:4e:ec:22:d8:e0:0e:9a:9d:5d:4c:3f:c5:81:
45:42:af:d5:07:73:75:83:51:32:b4:33:d1:0e:2c:
91:a9:8b:12:4a:72:32:ce:64:95:f6:97:ba:e7:a5:
5f:23:bf:f6:e4:7b:ef:2d:bd:1f:04:b2:16:7d:50:
89:5a:9a:90:1c:11:85:aa:1b:16:3e:2e:5b:28:36:
f7:fc:cc:a7:2f:8b:ea:2a:fc:2f:56:40:e8:72:2c:
ab:53:96:a2:86:00:75:87:74:09:f8:cf:ec:4f:d7:
6b:39:ee:32:d3:89:bd:5e:18:f7:43:80:eb:68:b8:
af:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:4D:F7:CB:42:3D:82:AC:75:56:47:F3:E1:7A:F1:7C:D8:22:E9:9D
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/lE33y0I9gqx1Vkfz4XrxfNgi6Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.9.0/24
85.203.16.0/24
85.203.25.0/24
85.203.38.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:83:c8:05:4a:3c:f5:39:01:75:48:bd:b7:19:8d:96:2b:28:
e4:1b:ba:22:93:ca:58:87:aa:b3:a4:a7:95:5d:c6:e3:a3:84:
13:df:f2:d0:79:74:d7:9b:a5:de:96:c2:2b:57:87:ec:92:94:
ae:02:6d:13:32:c5:b0:a5:cb:31:46:7c:bd:82:03:f7:fa:c4:
21:23:74:e0:a9:a8:fc:b3:74:7f:d3:ba:48:fc:f9:f4:d6:24:
3f:0f:cb:17:6e:12:ed:61:c4:a5:d1:71:d7:85:ab:df:c2:77:
4b:87:06:b2:50:c4:be:9b:fd:d7:df:3d:ed:41:b6:39:2b:60:
fc:17:21:40:04:02:94:96:88:56:ee:44:30:e4:a4:b8:2a:34:
5b:4d:78:b1:a4:02:44:5c:ad:8a:1c:4b:86:2f:fa:bb:1a:2d:
50:8a:3d:ee:8a:1a:ca:6d:fd:ed:33:2d:79:28:71:25:e3:d4:
98:9f:31:17:ac:0f:f9:61:f4:e0:ea:40:ef:9e:fa:86:80:d6:
be:ff:05:5e:26:e6:0f:dc:e2:10:71:e1:b5:f1:e2:ea:09:12:
40:c3:0e:12:8e:30:36:2e:1b:3f:6f:e8:c0:01:91:8c:00:e3:
3b:93:0a:7c:8d:63:d8:32:8f:18:a9:4f:98:35:ee:8e:fd:a7:
8f:69:67:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIFKuB2VDQnGb8FwN0sGvpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwOTE4MTI0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDRkZjdjYjQyM2Q4MmFjNzU1NjQ3ZjNlMTdhZjE3Y2Q4MjJlOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMIq5ZOqqf/858J9jJxCVxxwfScg
le63ZJerfNO88pGnmNoYI0Mpkk2gfpAehua5eDaT2DDAeu43fAOGtpgBSfPsCUoW
RwjKI5wQjmkGjQlnXJE8xHBXcnc9wQ0FisCL06QIiBmmR+nT1UngVvV6uCz5zUzs
ouN1dOdvus6qZcyiRVuwRJ8P+07sItjgDpqdXUw/xYFFQq/VB3N1g1EytDPRDiyR
qYsSSnIyzmSV9pe656VfI7/25HvvLb0fBLIWfVCJWpqQHBGFqhsWPi5bKDb3/Myn
L4vqKvwvVkDociyrU5aihgB1h3QJ+M/sT9drOe4y04m9Xhj3Q4DraLivwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJRN98tCPYKsdVZH8+F68XzYIumdMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvbEUzM3kwSTlncXgxVmtmejRYcnhmTmdpNlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVcsJAwQA
VcsQAwQAVcsZAwQAVcsmMA0GCSqGSIb3DQEBCwUAA4IBAQAsg8gFSjz1OQF1SL23
GY2WKyjkG7oik8pYh6qzpKeVXcbjo4QT3/LQeXTXm6XelsIrV4fskpSuAm0TMsWw
pcsxRny9ggP3+sQhI3Tgqaj8s3R/07pI/Pn01iQ/D8sXbhLtYcSl0XHXhavfwndL
hwayUMS+m/3X3z3tQbY5K2D8FyFABAKUlohW7kQw5KS4KjRbTXixpAJEXK2KHEuG
L/q7Gi1Qij3uihrKbf3tMy15KHEl49SYnzEXrA/5YfTg6kDvnvqGgNa+/wVeJuYP
3OIQceG18eLqCRJAww4SjjA2Lhs/b+jAAZGMAOM7kwp8jWPYMo8YqU+YNe6O/aeP
aWfB
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:38:09 2024 by rpki-client on console-ams.rpki-client.org