Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/Dj-COfMyZAvuVXXwU0cw9tT1w6s.roa
File: Dj-COfMyZAvuVXXwU0cw9tT1w6s.roa (raw, json)
Hash identifier: 9dflWcUdnPEZ2iRZeoFOZkKpQa3arrLEMjNCGxfXGdQ=
Subject key identifier: 0E:3F:82:39:F3:32:64:0B:EE:55:75:F0:53:47:30:F6:D4:F5:C3:AB
Certificate issuer: /CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Certificate serial: 019294FEAFF97D43EF687127BC2FB1ACD2C2
Authority key identifier: 6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/Dj-COfMyZAvuVXXwU0cw9tT1w6s.roa
Signing time: Wed 16 Oct 2024 11:02:52 +0000
ROA not before: Wed 16 Oct 2024 11:02:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 85.116.196.0/22 maxlen: 22
85.116.220.0/22 maxlen: 22
89.238.117.0/24 maxlen: 24
89.238.118.0/24 maxlen: 24
89.238.119.0/24 maxlen: 24
89.238.124.0/24 maxlen: 24
89.238.125.0/24 maxlen: 24
89.238.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:fe:af:f9:7d:43:ef:68:71:27:bc:2f:b1:ac:d2:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Validity
Not Before: Oct 16 11:02:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e3f8239f332640bee5575f0534730f6d4f5c3ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:45:04:67:fb:6b:83:fe:56:4f:ae:23:77:8d:
e8:fa:f9:88:56:a0:dc:86:ca:91:5f:26:ab:42:c8:
cf:72:dc:52:a5:ae:51:b9:c1:4e:bc:7d:93:58:40:
18:29:df:f1:4d:14:95:b2:b2:1d:42:bc:cd:d8:b0:
f0:d0:90:c2:60:6c:5f:ca:db:8b:8a:cf:4e:07:1f:
db:d8:2f:9c:e7:61:cf:f0:5d:b9:ce:63:c2:bb:9b:
13:39:f6:d6:76:7a:3c:1c:71:5e:5c:37:da:43:91:
32:d2:65:e5:d1:75:08:b2:c2:fc:28:be:58:92:a3:
c9:e4:35:55:8e:78:6f:ae:32:f0:2e:fd:5d:c8:27:
92:32:22:2d:30:73:67:da:3a:f7:ab:ff:fc:70:c5:
18:e9:fd:66:0e:53:ac:86:1a:fb:ac:b1:64:2d:0e:
de:6e:35:35:cd:79:1d:96:e4:51:bb:d5:df:ce:08:
35:43:e7:69:f3:f8:47:fb:1f:5c:f6:2c:76:28:8d:
6a:82:44:4f:cf:e6:e5:2c:86:1c:4e:4e:dd:61:fc:
31:e3:65:ae:a1:45:ab:2a:76:78:c8:8b:1c:2a:8d:
25:13:5e:7a:5d:7d:56:b8:d9:46:2e:0a:12:96:42:
52:6c:11:55:7d:ce:b1:03:13:7d:c9:78:1f:a5:50:
46:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:3F:82:39:F3:32:64:0B:EE:55:75:F0:53:47:30:F6:D4:F5:C3:AB
X509v3 Authority Key Identifier:
keyid:6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/Dj-COfMyZAvuVXXwU0cw9tT1w6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.196.0/22
85.116.220.0/22
89.238.117.0-89.238.119.255
89.238.124.0-89.238.126.255
Signature Algorithm: sha256WithRSAEncryption
3f:3b:da:96:88:2c:6c:55:1c:ff:e0:e5:ef:b4:6f:1c:7f:3f:
be:0d:05:36:92:f4:74:12:ae:78:17:fb:80:95:01:6c:e1:3a:
a3:e7:09:55:0e:6c:e6:59:f4:79:0d:56:1a:b2:9f:ab:8f:c9:
9d:19:54:d1:d1:7d:98:49:67:98:c2:c9:c8:ca:31:ea:ce:1b:
72:0f:54:1f:c0:c6:db:28:af:df:03:3e:1b:25:0a:f4:d8:5f:
3c:04:22:46:93:12:e1:d5:34:dd:ac:d3:e0:77:36:15:09:8a:
8a:fa:9c:6e:65:45:d4:c4:88:c5:18:39:94:44:92:1c:ab:f5:
1e:28:b1:33:49:58:37:e9:8a:ed:3b:64:80:27:29:16:a7:64:
9a:9a:64:39:3b:2b:d1:05:d1:bf:f4:d9:28:d0:80:1e:5a:bb:
a9:79:6c:0f:d9:12:39:a3:8f:3b:2e:6e:91:23:94:57:62:92:
af:2f:da:04:ba:bd:ce:10:6b:74:6d:03:aa:8d:e7:45:71:3e:
e3:ed:1f:04:42:e7:ef:53:0a:3d:6a:4e:97:e6:53:5c:a6:0a:
a7:d4:08:12:99:7a:9f:77:16:4b:e3:52:f7:5f:ce:05:25:f1:
47:5b:80:30:68:61:af:c2:84:77:2a:e7:06:07:3a:a8:ac:81:
c2:46:71:19
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZKU/q/5fUPvaHEnvC+xrNLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZDAzOTJhYzc2NjBiZDE0NjBmYTFkNTAzMWQxODQwZDAx
Yjk0MTIwHhcNMjQxMDE2MTEwMjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTNmODIzOWYzMzI2NDBiZWU1NTc1ZjA1MzQ3MzBmNmQ0ZjVjM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUUEZ/trg/5WT64jd43o+vmIVqDc
hsqRXyarQsjPctxSpa5RucFOvH2TWEAYKd/xTRSVsrIdQrzN2LDw0JDCYGxfytuL
is9OBx/b2C+c52HP8F25zmPCu5sTOfbWdno8HHFeXDfaQ5Ey0mXl0XUIssL8KL5Y
kqPJ5DVVjnhvrjLwLv1dyCeSMiItMHNn2jr3q//8cMUY6f1mDlOshhr7rLFkLQ7e
bjU1zXkdluRRu9Xfzgg1Q+dp8/hH+x9c9ix2KI1qgkRPz+blLIYcTk7dYfwx42Wu
oUWrKnZ4yIscKo0lE156XX1WuNlGLgoSlkJSbBFVfc6xAxN9yXgfpVBGVwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFA4/gjnzMmQL7lV18FNHMPbU9cOrMB8GA1UdIwQY
MBaAFG7QOSrHZgvRRg+h1QMdGEDQG5QSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQt
ZThiYWY5ZmZhZGY4LzEvRGotQ09mTXlaQXZ1VlhYd1UwY3c5dFQxdzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQtZThiYWY5ZmZhZGY4
LzEvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCVXTEAwQC
VXTcMAwDBABZ7nUDBANZ7nAwDAMEAlnufAMEAFnufjANBgkqhkiG9w0BAQsFAAOC
AQEAPzvalogsbFUc/+Dl77RvHH8/vg0FNpL0dBKueBf7gJUBbOE6o+cJVQ5s5ln0
eQ1WGrKfq4/JnRlU0dF9mElnmMLJyMox6s4bcg9UH8DG2yiv3wM+GyUK9NhfPAQi
RpMS4dU03azT4Hc2FQmKivqcbmVF1MSIxRg5lESSHKv1HiixM0lYN+mK7TtkgCcp
FqdkmppkOTsr0QXRv/TZKNCAHlq7qXlsD9kSOaOPOy5ukSOUV2KSry/aBLq9zhBr
dG0Dqo3nRXE+4+0fBELn71MKPWpOl+ZTXKYKp9QIEpl6n3cWS+NS91/OBSXxR1uA
MGhhr8KEdyrnBgc6qKyBwkZxGQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:13:19 2024 by rpki-client on console-ams.rpki-client.org