Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/tGYULjnIUUKt4Wh6EHEtyMCUEkQ.roa
File: tGYULjnIUUKt4Wh6EHEtyMCUEkQ.roa (raw, json)
Hash identifier: O7N9R/fPnZZ38Rfkgujs7iUQpydGEha6JKZc0yvRTjE=
Subject key identifier: B4:66:14:2E:39:C8:51:42:AD:E1:68:7A:10:71:2D:C8:C0:94:12:44
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 01932A3EA9FA9600E0E2D5DC0D1E7AD00322
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/tGYULjnIUUKt4Wh6EHEtyMCUEkQ.roa
Signing time: Thu 14 Nov 2024 10:36:10 +0000
ROA not before: Thu 14 Nov 2024 10:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398373
IP address blocks: 85.115.207.0/24 maxlen: 24
85.153.4.0/24 maxlen: 24
85.153.29.0/24 maxlen: 24
85.153.32.0/24 maxlen: 24
85.153.34.0/24 maxlen: 24
85.153.68.0/22 maxlen: 22
85.153.80.0/24 maxlen: 24
85.153.81.0/24 maxlen: 24
85.153.82.0/24 maxlen: 24
85.153.84.0/22 maxlen: 22
85.153.92.0/24 maxlen: 24
85.153.94.0/24 maxlen: 24
85.153.95.0/24 maxlen: 24
85.153.108.0/22 maxlen: 22
85.153.113.0/24 maxlen: 24
85.153.118.0/24 maxlen: 24
85.153.119.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
85.153.124.0/24 maxlen: 24
85.153.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.mft
rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:3e:a9:fa:96:00:e0:e2:d5:dc:0d:1e:7a:d0:03:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Nov 14 10:36:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b466142e39c85142ade1687a10712dc8c0941244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:73:0a:c8:c1:02:e0:47:e8:fe:41:0c:a8:a9:
50:4f:88:89:2c:c4:8f:d3:77:7d:42:50:a9:09:43:
b3:db:b4:ec:6e:25:3c:14:c7:32:af:bd:d6:30:bb:
1b:5e:2c:31:60:41:a0:02:fa:9d:27:2c:0b:0d:41:
ef:05:e5:86:e3:da:51:bf:2b:2f:cd:69:f5:de:c1:
38:27:80:d1:55:ad:47:6d:a5:60:71:b3:1e:af:1a:
77:fd:94:9c:77:96:10:43:9c:28:c9:d9:ba:28:41:
a1:0c:83:b3:f3:dc:cb:6d:cf:22:17:e3:00:d1:a3:
f4:9f:03:22:0b:d9:00:c5:e8:f2:be:8c:6a:80:94:
78:94:3a:0f:6f:e7:84:9c:53:9b:d1:73:05:37:07:
65:02:59:69:b9:b4:74:04:86:18:7d:10:f2:99:36:
e7:97:d5:0e:a8:d8:27:8e:42:08:8e:ab:ee:a8:81:
9a:fe:3e:e3:01:2e:0f:92:ba:ae:72:c0:e1:bd:74:
b4:10:60:f4:ac:7b:bd:1a:1f:cc:b3:f5:24:96:5e:
85:b6:ea:bf:af:2d:79:14:d3:d8:4a:cf:76:d5:f0:
77:ea:ce:11:4a:93:0c:bc:ca:d4:03:4d:fe:36:e6:
c3:25:63:6d:22:d7:53:28:d7:6e:82:95:01:7d:fd:
f5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:66:14:2E:39:C8:51:42:AD:E1:68:7A:10:71:2D:C8:C0:94:12:44
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/tGYULjnIUUKt4Wh6EHEtyMCUEkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.207.0/24
85.153.4.0/24
85.153.29.0/24
85.153.32.0/24
85.153.34.0/24
85.153.68.0/22
85.153.80.0-85.153.82.255
85.153.84.0/22
85.153.92.0/24
85.153.94.0/23
85.153.108.0/22
85.153.113.0/24
85.153.118.0-85.153.125.255
Signature Algorithm: sha256WithRSAEncryption
9b:57:00:45:4c:4c:3a:36:2f:64:18:ec:71:38:45:34:78:d7:
c3:fd:94:4e:99:d8:40:c5:49:25:25:e9:eb:dd:84:58:1f:5c:
95:f2:ae:95:90:4b:0a:ad:11:8c:bf:77:26:b9:07:71:f8:3b:
ff:a4:b1:d7:d7:aa:22:87:28:21:a0:bc:42:23:92:cb:71:41:
26:cf:4d:e9:6c:d3:97:73:e5:f5:6f:99:ad:2c:1f:f5:d3:c6:
bb:68:fb:c9:e5:fa:4e:5c:72:8c:a6:f9:ac:d1:3e:59:b5:c2:
34:51:3c:4c:98:7d:15:65:21:3a:43:fc:8e:fb:a5:e6:52:c8:
5b:68:07:a9:9e:76:fb:e0:96:55:25:83:98:63:24:06:9e:5d:
87:97:c2:78:86:c7:9c:2f:14:a9:cb:d8:92:66:62:5f:5f:32:
1d:4f:6c:25:60:7f:0c:43:1d:04:f3:d7:bd:dd:05:68:ad:7e:
1f:a0:b1:a2:70:98:52:79:d2:9f:57:1b:f8:fb:34:c7:df:e9:
19:e0:92:10:1d:00:8a:0e:58:89:e9:af:ed:8d:1f:84:d7:37:
68:41:d3:b8:a7:48:bf:af:52:3a:61:fc:ed:34:36:ed:d4:c3:
9f:5d:65:61:f9:ff:6f:d0:0d:08:47:32:19:a9:4c:b7:aa:c5:
47:ca:61:22
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZMqPqn6lgDg4tXcDR560AMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjQxMTE0MTAzNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDY2MTQyZTM5Yzg1MTQyYWRlMTY4N2ExMDcxMmRjOGMwOTQxMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3MKyMEC4Efo/kEMqKlQT4iJLMSP
03d9QlCpCUOz27TsbiU8FMcyr73WMLsbXiwxYEGgAvqdJywLDUHvBeWG49pRvysv
zWn13sE4J4DRVa1HbaVgcbMerxp3/ZScd5YQQ5woydm6KEGhDIOz89zLbc8iF+MA
0aP0nwMiC9kAxejyvoxqgJR4lDoPb+eEnFOb0XMFNwdlAllpubR0BIYYfRDymTbn
l9UOqNgnjkIIjqvuqIGa/j7jAS4PkrqucsDhvXS0EGD0rHu9Gh/Ms/Ukll6Ftuq/
ry15FNPYSs921fB36s4RSpMMvMrUA03+NubDJWNtItdTKNdugpUBff319wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFLRmFC45yFFCreFoehBxLcjAlBJEMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvdEdZVUxqbklVVUt0NFdoNkVIRXR5TUNVRWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAVXPPAwQA
VZkEAwQAVZkdAwQAVZkgAwQAVZkiAwQCVZlEMAwDBARVmVADBABVmVIDBAJVmVQD
BABVmVwDBAFVmV4DBAJVmWwDBABVmXEwDAMEAVWZdgMEAVWZfDANBgkqhkiG9w0B
AQsFAAOCAQEAm1cARUxMOjYvZBjscThFNHjXw/2UTpnYQMVJJSXp692EWB9clfKu
lZBLCq0RjL93JrkHcfg7/6Sx19eqIocoIaC8QiOSy3FBJs9N6WzTl3Pl9W+ZrSwf
9dPGu2j7yeX6TlxyjKb5rNE+WbXCNFE8TJh9FWUhOkP8jvul5lLIW2gHqZ52++CW
VSWDmGMkBp5dh5fCeIbHnC8UqcvYkmZiX18yHU9sJWB/DEMdBPPXvd0FaK1+H6Cx
onCYUnnSn1cb+Ps0x9/pGeCSEB0Aig5Yiemv7Y0fhNc3aEHTuKdIv69SOmH87TQ2
7dTDn11lYfn/b9ANCEcyGalMt6rFR8phIg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:50:20 2024 by rpki-client on console-fra.rpki-client.org