Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/lTM-aafnjZCMyrPW7tN7yXgtNzo.roa
File: lTM-aafnjZCMyrPW7tN7yXgtNzo.roa (raw, json)
Hash identifier: SXjeWp1dyjLVrsF3eDoU1XL2JkuDnoENSTjNLjEE15k=
Subject key identifier: 95:33:3E:69:A7:E7:8D:90:8C:CA:B3:D6:EE:D3:7B:C9:78:2D:37:3A
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0192A97B35460EDFF41D8E6BCE1174972010
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/lTM-aafnjZCMyrPW7tN7yXgtNzo.roa
Signing time: Sun 20 Oct 2024 10:31:17 +0000
ROA not before: Sun 20 Oct 2024 10:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 85.203.13.0/24 maxlen: 24
85.203.21.0/24 maxlen: 24
85.203.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a9:7b:35:46:0e:df:f4:1d:8e:6b:ce:11:74:97:20:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Oct 20 10:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95333e69a7e78d908ccab3d6eed37bc9782d373a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:17:eb:47:8b:88:5a:8d:87:96:a8:e9:ce:b8:
8a:9d:a1:49:bf:9c:b4:43:b0:2d:98:e0:3e:55:fc:
f5:4a:c8:ad:9a:9b:16:19:26:a3:f7:0f:dc:38:72:
c6:3a:6a:26:13:39:77:28:20:1f:f3:e2:88:a6:f6:
79:01:bd:ad:2b:05:2f:28:44:0d:76:58:3f:7c:71:
84:57:c5:df:cd:ab:19:9d:61:23:c9:0e:ff:99:9e:
11:7e:5d:18:91:19:6b:76:c5:1a:1e:63:25:83:ba:
9b:e5:97:fb:4f:d3:81:93:c2:eb:b2:6c:86:32:cb:
1f:e9:5a:04:e9:6a:ad:ec:de:41:f9:b2:f4:b7:e2:
71:80:1f:27:aa:75:73:73:5d:b4:6d:66:4b:53:ad:
b5:dc:97:9c:e0:42:36:c3:3a:1b:4e:82:62:e5:ab:
d0:60:48:52:65:26:69:88:da:65:18:a1:36:2c:44:
ba:4e:89:6e:9d:78:e3:58:87:8e:2c:b1:52:61:36:
dc:95:6f:20:5b:34:c3:af:bf:43:2d:94:28:9b:13:
38:f6:b9:2c:42:c5:81:01:aa:c0:a2:bc:0f:8b:ae:
72:38:4e:56:93:e7:b9:44:f5:6f:7d:0c:c3:e9:4c:
3c:2b:73:86:d7:ac:80:df:9b:76:8c:9d:d4:c5:0c:
14:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:33:3E:69:A7:E7:8D:90:8C:CA:B3:D6:EE:D3:7B:C9:78:2D:37:3A
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/lTM-aafnjZCMyrPW7tN7yXgtNzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.13.0/24
85.203.21.0/24
85.203.34.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:95:0e:b4:ac:3e:54:77:5a:bb:ee:95:4d:ce:e2:cc:37:ea:
21:45:92:16:6f:24:2f:86:32:ed:7b:8a:a2:fd:aa:a6:88:dc:
c3:c6:f9:f9:1f:0d:35:8d:01:83:de:65:34:ec:8d:28:b9:32:
53:55:f7:04:08:14:2c:15:81:68:e9:2d:0e:df:ff:c7:0b:b3:
8a:af:90:7b:13:04:74:60:3d:de:70:82:a5:e9:ba:62:79:60:
b2:d8:ab:e6:1d:c5:2b:65:54:e1:0c:f1:6c:3e:37:4b:5d:e8:
fb:be:95:ca:c4:87:37:26:fc:e9:31:03:62:06:86:b7:e3:a3:
f4:e1:4c:5e:91:cc:bd:aa:6b:e3:5c:e7:76:b6:52:4c:a6:ee:
4d:39:13:56:f3:58:25:d5:c0:2e:b3:e1:41:e5:65:50:05:18:
ac:f7:cd:8d:09:c3:3e:50:a8:f2:d8:14:31:27:55:5c:b4:3e:
69:65:b5:32:70:5b:8c:0e:03:3b:55:cd:d6:74:8c:64:e5:ba:
0d:34:40:80:a4:ae:d4:bf:36:c9:e9:0a:f4:96:91:c0:42:72:
fd:21:52:fa:15:f9:6a:02:89:be:5b:5d:b7:a4:54:fc:09:fd:
a3:e9:07:5d:6a:14:70:5a:9b:e0:23:53:ef:1a:e7:0e:9f:f9:
e2:f6:f4:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKpezVGDt/0HY5rzhF0lyAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQxMDIwMTAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTMzM2U2OWE3ZTc4ZDkwOGNjYWIzZDZlZWQzN2JjOTc4MmQzNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxfrR4uIWo2HlqjpzriKnaFJv5y0
Q7AtmOA+Vfz1SsitmpsWGSaj9w/cOHLGOmomEzl3KCAf8+KIpvZ5Ab2tKwUvKEQN
dlg/fHGEV8XfzasZnWEjyQ7/mZ4Rfl0YkRlrdsUaHmMlg7qb5Zf7T9OBk8LrsmyG
Mssf6VoE6Wqt7N5B+bL0t+JxgB8nqnVzc120bWZLU6213Jec4EI2wzobToJi5avQ
YEhSZSZpiNplGKE2LES6TolunXjjWIeOLLFSYTbclW8gWzTDr79DLZQomxM49rks
QsWBAarAorwPi65yOE5Wk+e5RPVvfQzD6Uw8K3OG16yA35t2jJ3UxQwU/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJUzPmmn542QjMqz1u7Te8l4LTc6MB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvbFRNLWFhZm5qWkNNeXJQVzd0Tjd5WGd0TnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcsNAwQA
VcsVAwQAVcsiMA0GCSqGSIb3DQEBCwUAA4IBAQCOlQ60rD5Ud1q77pVNzuLMN+oh
RZIWbyQvhjLte4qi/aqmiNzDxvn5Hw01jQGD3mU07I0ouTJTVfcECBQsFYFo6S0O
3//HC7OKr5B7EwR0YD3ecIKl6bpieWCy2KvmHcUrZVThDPFsPjdLXej7vpXKxIc3
JvzpMQNiBoa346P04Uxekcy9qmvjXOd2tlJMpu5NORNW81gl1cAus+FB5WVQBRis
982NCcM+UKjy2BQxJ1VctD5pZbUycFuMDgM7Vc3WdIxk5boNNECApK7UvzbJ6Qr0
lpHAQnL9IVL6FflqAom+W123pFT8Cf2j6QddahRwWpvgI1PvGucOn/ni9vSK
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:31:22 2024 by rpki-client on console-fra.rpki-client.org