Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/cxArnqwBdXlzUrF_mVRW6EyEXb4.roa
File: cxArnqwBdXlzUrF_mVRW6EyEXb4.roa (raw, json)
Hash identifier: Pas2pz3QHcemnqFf6lKUgpoTZky8D9o6J8ReHgJKl84=
Subject key identifier: 73:10:2B:9E:AC:01:75:79:73:52:B1:7F:99:54:56:E8:4C:84:5D:BE
Certificate issuer: /CN=81df1fe520354dd3bb3e9264a76cf53eb07db072
Certificate serial: 018CC2DB337E3870CBCB398489A063CF8B85
Authority key identifier: 81:DF:1F:E5:20:35:4D:D3:BB:3E:92:64:A7:6C:F5:3E:B0:7D:B0:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gd8f5SA1TdO7PpJkp2z1PrB9sHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/cxArnqwBdXlzUrF_mVRW6EyEXb4.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210086
IP address blocks: 85.117.250.0/24 maxlen: 24
85.117.249.0/24 maxlen: 24
85.117.251.0/24 maxlen: 24
85.117.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/gd8f5SA1TdO7PpJkp2z1PrB9sHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/gd8f5SA1TdO7PpJkp2z1PrB9sHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/gd8f5SA1TdO7PpJkp2z1PrB9sHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:33:7e:38:70:cb:cb:39:84:89:a0:63:cf:8b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81df1fe520354dd3bb3e9264a76cf53eb07db072
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73102b9eac0175797352b17f995456e84c845dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5b:82:40:54:18:d2:d5:83:17:f0:f2:51:b5:
ec:99:a2:0e:7c:98:b5:be:94:3a:b4:0f:1d:85:9c:
a4:12:ce:ad:93:94:b8:b9:35:c2:f3:5a:29:ee:ab:
52:8f:6c:f9:73:12:f5:a3:66:3f:85:81:94:11:f9:
f0:2b:fd:9d:ab:03:fe:10:9d:b8:cf:1e:71:fb:82:
a0:f6:03:e2:9b:06:73:e7:9b:39:75:bd:42:c0:eb:
84:16:50:ec:d1:45:dd:91:1c:5f:23:83:05:57:b8:
26:a9:53:dc:cb:94:61:a6:c6:06:e2:b5:c5:cb:75:
d5:d7:cb:c2:4e:b8:ea:9b:0f:1e:76:96:29:d3:bc:
31:5f:d8:bc:14:cb:d2:d3:1e:9a:bf:35:d9:10:b9:
7c:fb:e6:53:ee:ff:fc:ac:85:c1:49:ce:37:5b:8e:
40:d4:d3:74:7f:32:52:62:1f:ea:e2:69:49:57:6f:
70:41:53:00:e5:0a:77:10:21:78:c2:22:a2:f8:01:
2c:d6:b5:1a:78:38:f4:65:ab:cd:87:03:5f:9f:36:
af:65:e5:2b:74:fc:62:35:f3:f1:85:c0:98:d8:d9:
b9:de:fd:bc:67:87:bc:33:70:15:f2:c7:d3:63:eb:
33:45:87:f4:f3:bd:c9:46:0b:99:fc:86:f5:18:b1:
76:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:10:2B:9E:AC:01:75:79:73:52:B1:7F:99:54:56:E8:4C:84:5D:BE
X509v3 Authority Key Identifier:
keyid:81:DF:1F:E5:20:35:4D:D3:BB:3E:92:64:A7:6C:F5:3E:B0:7D:B0:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gd8f5SA1TdO7PpJkp2z1PrB9sHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/cxArnqwBdXlzUrF_mVRW6EyEXb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ad975c-2011-4b9c-ad3e-53f07b1f621e/1/gd8f5SA1TdO7PpJkp2z1PrB9sHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.248.0/22
Signature Algorithm: sha256WithRSAEncryption
51:79:e4:af:36:0b:6b:27:fa:27:ad:69:3e:b4:a5:5f:2b:56:
41:34:b6:d3:08:13:f7:68:53:40:eb:40:4f:11:bf:dd:a5:0f:
e0:df:7e:1f:28:5d:1a:cb:aa:11:64:87:2f:c3:06:44:aa:77:
75:3a:30:b7:7e:67:3d:08:ea:df:71:77:55:b1:62:4a:80:b6:
09:57:c8:e1:9f:01:8d:fb:5f:ae:23:a7:ed:0b:2c:21:7e:69:
00:3d:8c:d9:99:eb:98:7e:19:ec:d1:3f:31:2d:6a:d4:f2:ce:
94:0c:0e:2d:42:ac:7f:51:c8:04:f4:f7:c9:55:a1:1e:6a:ba:
01:63:f0:b4:ce:d0:23:60:a5:99:dc:be:2e:1b:cc:00:45:57:
ed:6b:8b:9d:7d:83:78:cc:db:9a:f3:d3:22:8c:d3:66:25:cb:
09:5c:a3:22:84:90:64:10:11:d6:25:53:97:a8:b1:48:5c:38:
1b:1a:bc:ce:f0:96:2f:a3:52:67:b1:2e:16:ca:7d:42:89:c7:
a3:17:37:93:8b:2d:56:71:9e:36:be:b5:61:e4:14:3e:4e:70:
79:16:f7:f2:7d:c3:b8:d5:33:38:13:d8:bf:ae:64:97:3a:fb:
ae:2e:e8:26:7b:20:6e:07:35:0e:b5:48:92:a7:b7:3f:50:fe:
1d:04:74:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zN+OHDLyzmEiaBjz4uFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZGYxZmU1MjAzNTRkZDNiYjNlOTI2NGE3NmNmNTNlYjA3
ZGIwNzIwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzEwMmI5ZWFjMDE3NTc5NzM1MmIxN2Y5OTU0NTZlODRjODQ1ZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVuCQFQY0tWDF/DyUbXsmaIOfJi1
vpQ6tA8dhZykEs6tk5S4uTXC81op7qtSj2z5cxL1o2Y/hYGUEfnwK/2dqwP+EJ24
zx5x+4Kg9gPimwZz55s5db1CwOuEFlDs0UXdkRxfI4MFV7gmqVPcy5RhpsYG4rXF
y3XV18vCTrjqmw8edpYp07wxX9i8FMvS0x6avzXZELl8++ZT7v/8rIXBSc43W45A
1NN0fzJSYh/q4mlJV29wQVMA5Qp3ECF4wiKi+AEs1rUaeDj0ZavNhwNfnzavZeUr
dPxiNfPxhcCY2Nm53v28Z4e8M3AV8sfTY+szRYf0873JRguZ/Ib1GLF2bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMQK56sAXV5c1Kxf5lUVuhMhF2+MB8GA1UdIwQY
MBaAFIHfH+UgNU3Tuz6SZKds9T6wfbByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2Q4ZjVTQTFUZE83UHBKa3AyejFQckI5c0hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hZDk3NWMtMjAxMS00YjljLWFkM2Ut
NTNmMDdiMWY2MjFlLzEvY3hBcm5xd0JkWGx6VXJGX21WUlc2RXlFWGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hZDk3NWMtMjAxMS00YjljLWFkM2UtNTNmMDdiMWY2MjFl
LzEvZ2Q4ZjVTQTFUZE83UHBKa3AyejFQckI5c0hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVXX4MA0G
CSqGSIb3DQEBCwUAA4IBAQBReeSvNgtrJ/onrWk+tKVfK1ZBNLbTCBP3aFNA60BP
Eb/dpQ/g334fKF0ay6oRZIcvwwZEqnd1OjC3fmc9COrfcXdVsWJKgLYJV8jhnwGN
+1+uI6ftCywhfmkAPYzZmeuYfhns0T8xLWrU8s6UDA4tQqx/UcgE9PfJVaEearoB
Y/C0ztAjYKWZ3L4uG8wARVfta4udfYN4zNua89MijNNmJcsJXKMihJBkEBHWJVOX
qLFIXDgbGrzO8JYvo1JnsS4Wyn1CicejFzeTiy1WcZ42vrVh5BQ+TnB5FvfyfcO4
1TM4E9i/rmSXOvuuLugmeyBuBzUOtUiSp7c/UP4dBHSC
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:46:44 2024 by rpki-client on console-fra.rpki-client.org