Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/pu8xCI9ZnCE9UlD31-cjFP-ImkU.roa
File: pu8xCI9ZnCE9UlD31-cjFP-ImkU.roa (raw, json)
Hash identifier: UI9hro+IvToeQyMY9qAZ3SMIqPgqkgvBIsOokzd6ddU=
Subject key identifier: A6:EF:31:08:8F:59:9C:21:3D:52:50:F7:D7:E7:23:14:FF:88:9A:45
Certificate issuer: /CN=95d9fc815e90ca87927907c5eab3fe79ca215eaa
Certificate serial: 01935321E376031F66375220C64676430C2C
Authority key identifier: 95:D9:FC:81:5E:90:CA:87:92:79:07:C5:EA:B3:FE:79:CA:21:5E:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldn8gV6QyoeSeQfF6rP-ecohXqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/pu8xCI9ZnCE9UlD31-cjFP-ImkU.roa
Signing time: Fri 22 Nov 2024 09:09:09 +0000
ROA not before: Fri 22 Nov 2024 09:09:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31382
IP address blocks: 185.85.65.0/24 maxlen: 24
185.85.66.0/24 maxlen: 24
185.85.67.0/24 maxlen: 24
185.140.84.0/22 maxlen: 22
193.41.41.0/24 maxlen: 24
2a04:c7c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/ldn8gV6QyoeSeQfF6rP-ecohXqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/ldn8gV6QyoeSeQfF6rP-ecohXqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ldn8gV6QyoeSeQfF6rP-ecohXqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:21:e3:76:03:1f:66:37:52:20:c6:46:76:43:0c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d9fc815e90ca87927907c5eab3fe79ca215eaa
Validity
Not Before: Nov 22 09:09:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6ef31088f599c213d5250f7d7e72314ff889a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dd:a2:5e:80:1e:e1:db:18:59:9d:0f:f0:7a:
55:ef:65:f3:d0:3c:72:ee:f5:8e:27:d9:82:df:88:
67:a1:60:34:0f:7b:ca:98:6a:de:97:6f:dd:dc:4f:
81:66:66:06:4b:a2:05:65:32:33:f8:14:58:57:26:
54:b8:8a:e4:74:34:63:ad:71:b5:d9:c3:d2:aa:60:
df:bb:83:78:18:66:82:5a:6a:07:b2:73:e0:ac:dc:
51:ea:b6:62:26:ec:ea:5e:aa:51:22:9a:58:75:07:
0f:cb:8d:02:c7:d1:f6:25:03:d6:8e:9e:7d:11:3c:
ae:04:61:2c:4e:31:69:c0:39:5f:a8:59:0f:58:b6:
c8:e6:43:e8:30:56:cc:cd:e4:f2:ec:2f:6e:ca:69:
60:d9:41:0d:9c:36:8a:2c:e4:01:03:39:82:b6:1d:
36:ad:ab:42:6d:a0:df:a3:4c:01:45:70:77:03:22:
f3:7a:4b:35:30:4a:54:29:40:27:45:b1:c2:f7:c7:
8a:84:72:22:22:79:b0:c0:5e:95:3a:c0:36:83:a3:
4b:45:e0:05:b2:87:41:92:45:93:64:40:57:31:6b:
15:3f:b7:68:e5:4e:64:fb:1d:b7:b6:6b:59:7d:5a:
7d:0d:3b:9c:3b:38:2a:bf:37:1a:82:4b:0d:f9:25:
4c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:EF:31:08:8F:59:9C:21:3D:52:50:F7:D7:E7:23:14:FF:88:9A:45
X509v3 Authority Key Identifier:
keyid:95:D9:FC:81:5E:90:CA:87:92:79:07:C5:EA:B3:FE:79:CA:21:5E:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldn8gV6QyoeSeQfF6rP-ecohXqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/pu8xCI9ZnCE9UlD31-cjFP-ImkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/ldn8gV6QyoeSeQfF6rP-ecohXqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.65.0-185.85.67.255
185.140.84.0/22
193.41.41.0/24
IPv6:
2a04:c7c0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:e7:13:fd:f2:32:53:41:7b:e9:9a:f2:0e:44:84:6f:ca:87:
95:38:6c:ed:8f:d6:33:35:3c:3d:ae:94:5c:80:a5:b9:20:fe:
43:2f:94:e5:cb:b9:06:b0:9a:6e:12:a4:a6:6b:3f:1e:1b:e5:
b7:62:e3:ea:35:eb:7b:d2:07:88:cc:33:61:b8:27:63:ee:3c:
43:ce:c8:03:85:d3:ec:d7:76:ea:39:8b:28:f0:9f:fc:ec:5e:
5a:f7:74:13:bc:bd:db:7e:9d:2d:1c:b2:15:8d:b8:90:c9:a7:
96:0d:ff:37:fc:e6:1f:cf:8a:fb:a3:7e:55:6f:1c:2a:ce:b6:
79:1f:1c:a1:4c:0a:43:ee:50:c1:7e:57:bd:28:be:fd:23:ff:
69:88:af:7f:59:2e:47:54:63:28:9d:7b:f3:64:df:be:ed:09:
c7:40:db:a9:56:b2:41:91:d8:e1:7e:2a:99:22:5f:e9:6c:8f:
ed:ed:20:ef:48:15:21:69:34:17:03:fc:6d:39:f3:ee:23:ea:
4c:1e:a0:02:ef:4d:18:8d:5d:10:d7:c1:73:05:f8:71:a7:e4:
78:04:b8:4c:15:c0:29:30:39:ed:6c:4a:ca:e9:25:0c:be:27:
4b:39:3b:f3:57:1c:60:bb:5d:90:dd:89:a4:a3:ed:b7:24:86:
d2:a7:a7:9c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZNTIeN2Ax9mN1IgxkZ2QwwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDlmYzgxNWU5MGNhODc5Mjc5MDdjNWVhYjNmZTc5Y2Ey
MTVlYWEwHhcNMjQxMTIyMDkwOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVmMzEwODhmNTk5YzIxM2Q1MjUwZjdkN2U3MjMxNGZmODg5YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN2iXoAe4dsYWZ0P8HpV72Xz0Dxy
7vWOJ9mC34hnoWA0D3vKmGrel2/d3E+BZmYGS6IFZTIz+BRYVyZUuIrkdDRjrXG1
2cPSqmDfu4N4GGaCWmoHsnPgrNxR6rZiJuzqXqpRIppYdQcPy40Cx9H2JQPWjp59
ETyuBGEsTjFpwDlfqFkPWLbI5kPoMFbMzeTy7C9uymlg2UENnDaKLOQBAzmCth02
ratCbaDfo0wBRXB3AyLzeks1MEpUKUAnRbHC98eKhHIiInmwwF6VOsA2g6NLReAF
sodBkkWTZEBXMWsVP7do5U5k+x23tmtZfVp9DTucOzgqvzcagksN+SVMawIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKbvMQiPWZwhPVJQ99fnIxT/iJpFMB8GA1UdIwQY
MBaAFJXZ/IFekMqHknkHxeqz/nnKIV6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRuOGdWNlF5b2VTZVFmRjZyUC1lY29oWHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85Y2FhNTAtYTUxMC00MTdhLWI1ODkt
OGNlNDE3OTIzMmM4LzEvcHU4eENJOVpuQ0U5VWxEMzEtY2pGUC1JbWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85Y2FhNTAtYTUxMC00MTdhLWI1ODktOGNlNDE3OTIzMmM4
LzEvbGRuOGdWNlF5b2VTZVFmRjZyUC1lY29oWHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAC5VUED
BAK5VUADBAK5jFQDBADBKSkwDQQCAAIwBwMFAyoEx8AwDQYJKoZIhvcNAQELBQAD
ggEBAEznE/3yMlNBe+ma8g5EhG/Kh5U4bO2P1jM1PD2ulFyApbkg/kMvlOXLuQaw
mm4SpKZrPx4b5bdi4+o163vSB4jMM2G4J2PuPEPOyAOF0+zXduo5iyjwn/zsXlr3
dBO8vdt+nS0cshWNuJDJp5YN/zf85h/PivujflVvHCrOtnkfHKFMCkPuUMF+V70o
vv0j/2mIr39ZLkdUYyide/Nk377tCcdA26lWskGR2OF+KpkiX+lsj+3tIO9IFSFp
NBcD/G058+4j6kweoALvTRiNXRDXwXMF+HGn5HgEuEwVwCkwOe1sSsrpJQy+J0s5
O/NXHGC7XZDdiaSj7bckhtKnp5w=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:38 2024 by rpki-client on console-fra.rpki-client.org