Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/g-TO2bQr0Q6UpqJpBmkW-JgTxRs.roa
File: g-TO2bQr0Q6UpqJpBmkW-JgTxRs.roa (raw, json)
Hash identifier: 0njP8Wt6nVTj59VAg5psX1cZWZWmJv5XJHja9+Jc0pc=
Subject key identifier: 83:E4:CE:D9:B4:2B:D1:0E:94:A6:A2:69:06:69:16:F8:98:13:C5:1B
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 01921DF37B0F6BA93BBDF3C9DA0BC68867F6
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/g-TO2bQr0Q6UpqJpBmkW-JgTxRs.roa
Signing time: Mon 23 Sep 2024 08:15:48 +0000
ROA not before: Mon 23 Sep 2024 08:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203963
IP address blocks: 85.153.47.0/24 maxlen: 24
85.153.112.0/24 maxlen: 24
85.153.115.0/24 maxlen: 24
85.153.116.0/24 maxlen: 24
85.153.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.mft
rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1d:f3:7b:0f:6b:a9:3b:bd:f3:c9:da:0b:c6:88:67:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Sep 23 08:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83e4ced9b42bd10e94a6a269066916f89813c51b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:05:eb:b1:53:a2:e3:f6:0f:6c:a6:4e:65:08:
f8:d8:35:de:1a:86:60:f1:9b:41:77:0e:92:5d:a7:
05:84:21:e4:fd:4b:53:5e:c3:22:3d:9e:a1:b5:46:
5c:7e:f1:8b:05:dc:91:9f:39:9f:b1:87:39:36:39:
23:fa:eb:d3:b8:7f:53:e5:23:8f:f6:ec:7f:dd:fa:
d8:c2:2c:78:3b:75:13:82:66:b0:03:5d:32:ce:67:
ed:a7:9f:2a:1d:21:ec:6b:1b:73:bb:25:e9:7a:70:
f1:c5:7b:29:f0:36:50:69:a3:28:c0:06:17:b3:22:
e7:9e:f3:48:11:b9:a0:58:7a:cd:59:6d:c5:08:3e:
f1:36:75:35:33:10:44:d8:51:30:a0:d1:ee:15:92:
73:ff:ad:87:87:09:aa:a1:73:2e:4d:55:03:23:93:
c0:3b:32:62:02:b3:af:2b:49:df:83:81:14:18:3c:
82:a2:05:18:eb:c1:59:8b:b2:13:f2:9c:ce:c3:92:
8c:12:70:b5:ba:ea:3f:55:18:9c:02:6d:a8:0d:87:
28:8a:1f:56:1b:08:67:68:d2:ef:d6:9f:93:07:42:
9f:6c:44:47:1d:bd:73:28:ec:52:49:7a:a3:4b:5e:
94:ef:d3:3b:b8:10:16:0e:1b:98:e5:69:b8:3b:8e:
ad:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E4:CE:D9:B4:2B:D1:0E:94:A6:A2:69:06:69:16:F8:98:13:C5:1B
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/g-TO2bQr0Q6UpqJpBmkW-JgTxRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.47.0/24
85.153.112.0/24
85.153.115.0-85.153.117.255
Signature Algorithm: sha256WithRSAEncryption
30:80:88:5d:95:3f:6a:27:4d:b3:f5:c0:17:22:00:0a:9b:50:
aa:0e:f4:75:75:5f:c3:65:4f:83:93:3d:37:db:97:e1:f3:7a:
87:cb:0f:e9:3e:4c:3c:a0:06:48:b1:46:2c:81:78:f2:48:4f:
2c:3d:47:e2:c2:1e:e4:04:29:d0:69:2a:ef:fb:92:33:b8:7f:
20:5a:0a:47:fe:7c:22:c8:19:e9:d4:bd:47:37:06:2e:a5:f3:
22:05:ba:8f:3e:ce:13:f3:cf:91:d4:27:a0:b9:39:e3:41:3e:
fb:93:9d:22:48:00:d2:33:b0:ae:f0:9a:1a:24:73:b9:e2:ae:
b9:b1:b3:ce:3c:9a:7e:b1:81:17:2b:32:ea:5b:71:09:10:b3:
63:80:64:1b:26:d1:52:9f:f6:13:9f:31:51:c7:4b:ed:e7:0b:
81:b3:32:b5:a4:9e:1f:d1:82:55:c4:6d:80:ee:a9:b7:1a:79:
2f:aa:3c:e7:09:14:29:74:e1:4f:c7:dc:4e:af:d7:2d:ae:11:
53:4f:f0:75:37:55:3c:fe:72:85:c5:74:8e:4e:fc:5c:ed:4f:
e5:1e:dd:84:85:15:2f:07:97:c2:4a:82:a9:00:c1:8d:66:73:
be:fe:92:f2:41:1c:54:e4:bb:c0:09:89:ec:4f:ca:96:21:16:
5b:fa:50:a8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZId83sPa6k7vfPJ2gvGiGf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjQwOTIzMDgxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2U0Y2VkOWI0MmJkMTBlOTRhNmEyNjkwNjY5MTZmODk4MTNjNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwXrsVOi4/YPbKZOZQj42DXeGoZg
8ZtBdw6SXacFhCHk/UtTXsMiPZ6htUZcfvGLBdyRnzmfsYc5Njkj+uvTuH9T5SOP
9ux/3frYwix4O3UTgmawA10yzmftp58qHSHsaxtzuyXpenDxxXsp8DZQaaMowAYX
syLnnvNIEbmgWHrNWW3FCD7xNnU1MxBE2FEwoNHuFZJz/62HhwmqoXMuTVUDI5PA
OzJiArOvK0nfg4EUGDyCogUY68FZi7IT8pzOw5KMEnC1uuo/VRicAm2oDYcoih9W
GwhnaNLv1p+TB0KfbERHHb1zKOxSSXqjS16U79M7uBAWDhuY5Wm4O46t+wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIPkztm0K9EOlKaiaQZpFviYE8UbMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvZy1UTzJiUXIwUTZVcHFKcEJta1ctSmdUeFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVZkvAwQA
VZlwMAwDBABVmXMDBAFVmXQwDQYJKoZIhvcNAQELBQADggEBADCAiF2VP2onTbP1
wBciAAqbUKoO9HV1X8NlT4OTPTfbl+HzeofLD+k+TDygBkixRiyBePJITyw9R+LC
HuQEKdBpKu/7kjO4fyBaCkf+fCLIGenUvUc3Bi6l8yIFuo8+zhPzz5HUJ6C5OeNB
PvuTnSJIANIzsK7wmhokc7nirrmxs848mn6xgRcrMupbcQkQs2OAZBsm0VKf9hOf
MVHHS+3nC4GzMrWknh/RglXEbYDuqbcaeS+qPOcJFCl04U/H3E6v1y2uEVNP8HU3
VTz+coXFdI5O/FztT+Ue3YSFFS8Hl8JKgqkAwY1mc77+kvJBHFTku8AJiexPypYh
Flv6UKg=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:35:47 2024 by rpki-client on console-ams.rpki-client.org