Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/m_1A_rBTf5hNqbUFn3JWVYqdhUU.roa
File: m_1A_rBTf5hNqbUFn3JWVYqdhUU.roa (raw, json)
Hash identifier: YulXz9MF8n86K++L84iDPH/xg3WlgluIIT6fXGfZuAE=
Subject key identifier: 9B:FD:40:FE:B0:53:7F:98:4D:A9:B5:05:9F:72:56:55:8A:9D:85:45
Certificate issuer: /CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Certificate serial: 018E7FAC58DCE1AA6F9DDB759CF3FCFD58B8
Authority key identifier: 85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/m_1A_rBTf5hNqbUFn3JWVYqdhUU.roa
Signing time: Wed 27 Mar 2024 11:29:45 +0000
ROA not before: Wed 27 Mar 2024 11:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29505
IP address blocks: 85.233.0.0/19 maxlen: 19
85.233.8.0/24 maxlen: 24
149.249.64.0/18 maxlen: 18
149.249.127.0/24 maxlen: 24
2a07:6c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:ac:58:dc:e1:aa:6f:9d:db:75:9c:f3:fc:fd:58:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Validity
Not Before: Mar 27 11:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bfd40feb0537f984da9b5059f7256558a9d8545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:61:fc:d6:b3:45:68:cc:00:41:c3:70:91:c1:
4e:7a:30:78:64:54:3f:83:1c:73:14:e7:31:8a:74:
13:a6:fd:32:4e:f3:d9:23:9c:6b:c6:df:f3:cf:e7:
aa:60:c7:68:d5:aa:8d:a2:16:e3:b7:31:ad:b4:0d:
9a:ad:17:1f:f5:b7:24:1e:8b:5f:8d:c4:c5:ac:26:
58:c0:f0:1e:b0:1b:e6:ed:1b:54:5a:86:dd:4a:cb:
36:9b:b1:ad:9d:6a:a3:f6:6d:03:4f:4c:dd:9f:ec:
e5:10:37:90:7b:0c:27:a5:ed:db:00:62:b9:93:dc:
aa:7e:fc:42:eb:40:07:3c:0f:bf:18:03:e3:45:8e:
86:25:88:7c:38:b3:46:2b:99:f7:3e:2b:de:c8:1f:
64:e5:53:f9:2b:7f:9b:c9:13:85:d0:01:31:95:12:
1e:3b:84:46:7b:3b:16:de:ba:f5:66:9d:bc:5c:86:
1b:df:f5:f0:b6:6a:c6:4a:e6:87:65:4d:bc:9c:e0:
73:be:65:4b:11:e5:90:e6:44:d6:56:b5:9e:8e:86:
cd:0d:39:34:f0:cd:48:fd:78:d8:d4:4a:db:7a:d4:
7e:15:1b:91:9b:2c:f8:72:5d:f7:3f:b1:ce:59:14:
21:b3:8f:b3:60:95:2e:95:76:af:10:ed:a1:f4:4c:
6a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FD:40:FE:B0:53:7F:98:4D:A9:B5:05:9F:72:56:55:8A:9D:85:45
X509v3 Authority Key Identifier:
keyid:85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/m_1A_rBTf5hNqbUFn3JWVYqdhUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.233.0.0/19
149.249.64.0/18
IPv6:
2a07:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
01:ad:74:bc:3f:cd:aa:c7:5f:8f:6a:65:a9:ef:58:0d:4f:79:
a4:3e:31:10:71:8a:50:8f:40:b4:ae:04:08:aa:ac:16:67:f8:
d6:94:c8:8d:26:90:f3:48:e1:80:cc:af:7a:7b:17:27:b4:36:
d3:43:34:8c:be:4d:6c:4e:a9:05:8a:cb:c6:f8:6e:1d:9e:12:
7a:1a:4c:d2:35:e4:ec:f7:2d:c4:f5:05:29:6f:87:7c:99:77:
32:c8:8a:87:8b:aa:0c:48:6f:c7:bf:ed:bf:cf:7c:56:ce:c4:
68:17:66:45:71:5b:08:e0:1e:77:19:a2:71:9f:ab:c4:3f:71:
aa:6a:44:2f:05:29:dd:94:b6:98:4b:29:73:8b:e6:36:06:f8:
e8:ee:fa:f1:62:d2:91:ce:ee:fa:42:74:d8:8f:09:a9:4b:34:
41:a8:a4:7b:d5:64:7c:f8:47:60:ad:8f:19:70:22:c8:e4:ca:
54:ec:a4:b0:ac:dc:bd:24:47:91:1b:0c:d5:e6:b8:3c:0d:82:
9f:49:10:b7:eb:6f:a0:e4:67:8f:0b:08:0a:8a:fb:9e:ee:d3:
64:8a:4f:9c:4a:c1:b2:a3:77:80:4d:75:d4:df:f1:a9:1e:e6:
80:a2:44:bd:b1:d4:cd:35:8d:a8:1c:30:8f:be:c0:12:b6:56:
88:4c:ad:bc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY5/rFjc4apvndt1nPP8/Vi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjBiNzdkMDM1YjkxMmZmYTQwNmRmZGRmMjllM2EyOTYz
ZTY5MDQwHhcNMjQwMzI3MTEyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmZkNDBmZWIwNTM3Zjk4NGRhOWI1MDU5ZjcyNTY1NThhOWQ4NTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmH81rNFaMwAQcNwkcFOejB4ZFQ/
gxxzFOcxinQTpv0yTvPZI5xrxt/zz+eqYMdo1aqNohbjtzGttA2arRcf9bckHotf
jcTFrCZYwPAesBvm7RtUWobdSss2m7GtnWqj9m0DT0zdn+zlEDeQewwnpe3bAGK5
k9yqfvxC60AHPA+/GAPjRY6GJYh8OLNGK5n3PiveyB9k5VP5K3+byROF0AExlRIe
O4RGezsW3rr1Zp28XIYb3/XwtmrGSuaHZU28nOBzvmVLEeWQ5kTWVrWejobNDTk0
8M1I/XjY1ErbetR+FRuRmyz4cl33P7HOWRQhs4+zYJUulXavEO2h9ExqAwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJv9QP6wU3+YTam1BZ9yVlWKnYVFMB8GA1UdIwQY
MBaAFIUgt30DW5Ev+kBt/d8p46KWPmkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAt
MWFmMjc5NjI1ZmQwLzEvbV8xQV9yQlRmNWhOcWJVRm4zSldWWXFkaFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAtMWFmMjc5NjI1ZmQw
LzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFVekAAwQG
lflAMA0EAgACMAcDBQMqB2xAMA0GCSqGSIb3DQEBCwUAA4IBAQABrXS8P82qx1+P
amWp71gNT3mkPjEQcYpQj0C0rgQIqqwWZ/jWlMiNJpDzSOGAzK96excntDbTQzSM
vk1sTqkFisvG+G4dnhJ6GkzSNeTs9y3E9QUpb4d8mXcyyIqHi6oMSG/Hv+2/z3xW
zsRoF2ZFcVsI4B53GaJxn6vEP3GqakQvBSndlLaYSylzi+Y2Bvjo7vrxYtKRzu76
QnTYjwmpSzRBqKR71WR8+EdgrY8ZcCLI5MpU7KSwrNy9JEeRGwzV5rg8DYKfSRC3
62+g5GePCwgKivue7tNkik+cSsGyo3eATXXU3/GpHuaAokS9sdTNNY2oHDCPvsAS
tlaITK28
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:19 2024 by rpki-client on console-ams.rpki-client.org