Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/Cdm0tbVr0VFUPcAcRDvb-0F0DoI.roa
File: Cdm0tbVr0VFUPcAcRDvb-0F0DoI.roa (raw, json)
Hash identifier: Lges3tv0EBll8aC8F6y0P5a88vTpPWXFnXRzn3Y5LLQ=
Subject key identifier: 09:D9:B4:B5:B5:6B:D1:51:54:3D:C0:1C:44:3B:DB:FB:41:74:0E:82
Certificate issuer: /CN=b986028c9feb6f142b3fecb64667f48874ba9c37
Certificate serial: 018CCA2B8971D67F138B45135187E6168B7E
Authority key identifier: B9:86:02:8C:9F:EB:6F:14:2B:3F:EC:B6:46:67:F4:88:74:BA:9C:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/Cdm0tbVr0VFUPcAcRDvb-0F0DoI.roa
Signing time: Tue 02 Jan 2024 12:34:59 +0000
ROA not before: Tue 02 Jan 2024 12:34:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34362
IP address blocks: 85.94.84.0/22 maxlen: 22
85.94.80.0/22 maxlen: 22
85.94.88.0/22 maxlen: 22
85.94.92.0/22 maxlen: 22
176.62.30.0/24 maxlen: 24
176.62.28.0/24 maxlen: 24
176.62.29.0/24 maxlen: 24
176.62.32.0/22 maxlen: 22
176.62.36.0/22 maxlen: 22
176.62.40.0/22 maxlen: 22
176.62.44.0/22 maxlen: 22
85.94.64.0/22 maxlen: 22
85.94.68.0/22 maxlen: 22
85.94.76.0/22 maxlen: 22
85.94.72.0/22 maxlen: 22
176.62.4.0/22 maxlen: 22
176.62.0.0/22 maxlen: 22
176.62.8.0/22 maxlen: 22
176.62.12.0/22 maxlen: 22
176.62.16.0/22 maxlen: 22
176.62.20.0/22 maxlen: 22
176.62.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:89:71:d6:7f:13:8b:45:13:51:87:e6:16:8b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b986028c9feb6f142b3fecb64667f48874ba9c37
Validity
Not Before: Jan 2 12:34:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09d9b4b5b56bd151543dc01c443bdbfb41740e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:13:bb:dd:d4:5f:fd:ad:f3:a6:95:54:d9:cc:
03:2d:71:b5:35:31:97:31:2b:1d:85:e3:e2:bd:23:
03:a3:ef:59:1d:7c:b6:e6:37:79:ca:36:6f:89:a4:
af:1d:72:34:a2:bc:3f:36:64:e2:db:15:6c:29:c1:
e5:ef:c1:42:83:fd:ec:11:77:61:21:bb:cb:ed:92:
37:cb:a3:e7:c0:65:c5:3b:be:fe:af:e4:7e:be:da:
29:36:92:57:87:f1:d2:16:46:3b:59:90:07:c7:dd:
e9:48:ca:b1:ba:b2:ad:74:44:ce:a3:fe:4c:5e:2b:
a1:c0:d3:47:8b:79:56:c0:2a:63:20:9f:85:a9:97:
61:b8:9a:29:a4:3d:cc:e2:2a:03:c1:2d:e7:3a:ea:
07:e3:30:19:6e:6f:eb:1f:98:d7:88:36:87:7d:ba:
dd:cb:05:3b:11:2c:40:0c:96:e8:0e:b0:fd:56:9a:
bc:77:73:e9:43:37:df:b4:62:03:5f:c0:4e:5a:fb:
05:5e:51:85:82:e2:81:ef:df:05:be:b4:43:95:50:
3c:5f:8d:91:6f:3c:29:7a:16:d7:59:1a:89:8d:29:
83:51:2b:bc:f2:0a:cd:58:50:c7:75:77:e0:62:ea:
d4:ab:da:7f:9e:86:36:74:a7:0f:c6:f2:db:0c:25:
e1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D9:B4:B5:B5:6B:D1:51:54:3D:C0:1C:44:3B:DB:FB:41:74:0E:82
X509v3 Authority Key Identifier:
keyid:B9:86:02:8C:9F:EB:6F:14:2B:3F:EC:B6:46:67:F4:88:74:BA:9C:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/Cdm0tbVr0VFUPcAcRDvb-0F0DoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/285850-7551-4229-87b6-3a4468c4dfdf/1/uYYCjJ_rbxQrP-y2Rmf0iHS6nDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.94.64.0/19
176.62.0.0-176.62.30.255
176.62.32.0/20
Signature Algorithm: sha256WithRSAEncryption
8c:6c:cd:2c:c6:d9:f5:16:f8:27:16:30:0d:48:5c:20:30:bd:
c8:30:64:ae:ac:f6:8a:95:58:f0:d4:62:c1:72:b2:ff:36:da:
23:35:7f:94:b5:1e:35:60:1d:5d:e1:2b:e1:c1:1a:67:5e:c2:
5b:99:42:cc:11:5a:08:96:e3:29:7a:a1:c8:db:b5:b8:7d:f7:
f3:56:b3:b3:cc:cb:45:a0:10:1d:c8:13:10:ed:b4:07:ae:36:
ff:62:26:07:e6:60:d3:5c:11:f7:16:7a:8f:72:ff:89:24:76:
e4:b5:27:f5:35:2d:4d:07:9f:03:ff:60:84:9b:04:58:d1:8b:
5d:b0:cc:ba:23:3c:43:36:8e:d6:4c:a2:c0:4a:61:16:b6:30:
c3:30:be:63:50:49:a6:44:52:ae:b2:6c:b5:5f:c8:68:4a:3d:
ec:f7:04:2e:5f:f9:86:44:3c:c7:46:55:e5:9b:57:0f:61:a7:
37:5e:13:b9:0c:cd:33:a5:db:c7:79:74:f1:f8:2f:7a:83:de:
22:1a:b2:22:25:62:59:48:b7:a3:75:50:96:13:68:92:1b:c2:
d8:37:3d:af:cd:f0:da:99:e2:b5:91:af:93:9c:19:42:38:65:
bb:0d:52:a9:58:df:f1:ee:48:10:1d:44:e4:b8:46:c5:e5:e7:
a0:93:57:b6
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzKK4lx1n8Ti0UTUYfmFot+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ODYwMjhjOWZlYjZmMTQyYjNmZWNiNjQ2NjdmNDg4NzRi
YTljMzcwHhcNMjQwMTAyMTIzNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ5YjRiNWI1NmJkMTUxNTQzZGMwMWM0NDNiZGJmYjQxNzQwZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxO73dRf/a3zppVU2cwDLXG1NTGX
MSsdhePivSMDo+9ZHXy25jd5yjZviaSvHXI0orw/NmTi2xVsKcHl78FCg/3sEXdh
IbvL7ZI3y6PnwGXFO77+r+R+vtopNpJXh/HSFkY7WZAHx93pSMqxurKtdETOo/5M
XiuhwNNHi3lWwCpjIJ+FqZdhuJoppD3M4ioDwS3nOuoH4zAZbm/rH5jXiDaHfbrd
ywU7ESxADJboDrD9Vpq8d3PpQzfftGIDX8BOWvsFXlGFguKB798FvrRDlVA8X42R
bzwpehbXWRqJjSmDUSu88grNWFDHdXfgYurUq9p/noY2dKcPxvLbDCXhMQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFAnZtLW1a9FRVD3AHEQ72/tBdA6CMB8GA1UdIwQY
MBaAFLmGAoyf628UKz/stkZn9Ih0upw3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVlZQ2pKX3JieFFyUC15MlJtZjBpSFM2bkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODU4NTAtNzU1MS00MjI5LTg3YjYt
M2E0NDY4YzRkZmRmLzEvQ2RtMHRiVnIwVkZVUGNBY1JEdmItMEYwRG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODU4NTAtNzU1MS00MjI5LTg3YjYtM2E0NDY4YzRkZmRm
LzEvdVlZQ2pKX3JieFFyUC15MlJtZjBpSFM2bkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQFVV5AMAsD
AwGwPgMEALA+HgMEBLA+IDANBgkqhkiG9w0BAQsFAAOCAQEAjGzNLMbZ9Rb4JxYw
DUhcIDC9yDBkrqz2ipVY8NRiwXKy/zbaIzV/lLUeNWAdXeEr4cEaZ17CW5lCzBFa
CJbjKXqhyNu1uH3381azs8zLRaAQHcgTEO20B642/2ImB+Zg01wR9xZ6j3L/iSR2
5LUn9TUtTQefA/9ghJsEWNGLXbDMuiM8QzaO1kyiwEphFrYwwzC+Y1BJpkRSrrJs
tV/IaEo97PcELl/5hkQ8x0ZV5ZtXD2GnN14TuQzNM6Xbx3l08fgveoPeIhqyIiVi
WUi3o3VQlhNokhvC2Dc9r83w2pnitZGvk5wZQjhluw1SqVjf8e5IEB1E5LhGxeXn
oJNXtg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:22:59 2024 by rpki-client on console-ams.rpki-client.org