Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/AujhMNNcrhlnuiuB4SwbrfosL9Q.roa
File: AujhMNNcrhlnuiuB4SwbrfosL9Q.roa (raw, json)
Hash identifier: vet9IY1YJ4+bTJfXENDOMT4rBDyc1QeT2mFXeuEidyM=
Subject key identifier: 02:E8:E1:30:D3:5C:AE:19:67:BA:2B:81:E1:2C:1B:AD:FA:2C:2F:D4
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01930BD0511929E2226F9524550E9FEDE592
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/AujhMNNcrhlnuiuB4SwbrfosL9Q.roa
Signing time: Fri 08 Nov 2024 12:47:01 +0000
ROA not before: Fri 08 Nov 2024 12:47:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50340
IP address blocks: 85.142.144.0/22 maxlen: 24
85.143.52.0/23 maxlen: 24
85.143.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:d0:51:19:29:e2:22:6f:95:24:55:0e:9f:ed:e5:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Nov 8 12:47:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02e8e130d35cae1967ba2b81e12c1badfa2c2fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b0:8d:f0:37:df:c0:ff:ab:76:35:45:7c:0d:
29:cb:e1:96:fe:e5:a5:c9:4f:90:18:90:59:be:e0:
6e:d8:71:06:66:bf:50:c0:d2:d3:8c:af:41:da:c8:
3b:5c:72:99:b5:d8:4b:9a:da:b0:17:3e:fb:c9:2e:
4a:51:86:03:61:d9:e2:1e:b5:08:e5:c0:55:e8:b5:
cd:fa:27:77:b3:dc:3f:5b:73:28:27:16:d7:15:8c:
e4:31:14:0a:b1:91:f1:f8:7c:c6:24:86:0f:48:6d:
8a:f6:a7:e3:75:59:28:6e:b5:82:8a:10:84:fb:95:
90:7f:2f:be:6b:39:5f:07:7f:4e:cc:ba:aa:9f:db:
9f:5f:ee:21:65:cf:1f:62:4b:ec:27:a8:4b:87:56:
cb:47:16:1f:bf:49:10:b1:68:83:99:05:0e:45:03:
34:4c:74:66:4a:38:4d:82:65:77:26:66:fd:1a:3e:
be:bb:53:3f:35:3f:88:e4:04:84:6b:6e:f6:92:83:
90:9b:a4:dc:df:1a:0d:3f:4f:a2:26:57:fd:78:c2:
a9:d4:2a:c8:aa:31:de:aa:74:b7:69:6b:05:12:29:
fa:e1:77:46:c5:f8:a3:56:a6:e2:2c:ab:09:7a:3a:
d5:cc:ba:ff:6f:2b:8d:0f:09:28:07:d9:66:b4:8d:
0c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E8:E1:30:D3:5C:AE:19:67:BA:2B:81:E1:2C:1B:AD:FA:2C:2F:D4
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/AujhMNNcrhlnuiuB4SwbrfosL9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.144.0/22
85.143.52.0-85.143.54.255
Signature Algorithm: sha256WithRSAEncryption
7c:5b:a6:12:9c:5e:5d:63:f6:5e:ef:07:9f:7e:65:7c:6c:40:
34:8e:dd:fb:3c:4d:81:c7:cd:d1:ae:56:be:f6:62:91:ca:06:
6a:b4:43:c1:91:a1:ee:66:cc:24:8d:c4:08:12:78:d7:2e:d2:
6d:4c:36:b1:19:ba:f0:b0:3d:1f:7a:8b:fa:4f:e0:d1:21:e1:
80:f6:12:22:47:2c:52:92:9a:09:27:99:84:cb:e3:18:bd:aa:
dc:28:77:da:77:d4:6b:56:61:6a:ca:a0:38:f8:2b:7d:40:71:
86:4e:c5:0f:74:5c:e5:ed:ae:6d:fc:6a:02:da:82:9c:54:c6:
20:0c:b5:4a:26:45:c7:a1:48:f8:6e:76:3d:82:a4:6d:eb:d2:
c3:bf:34:6a:b1:a1:38:a6:28:85:56:93:33:27:0d:0f:ea:4a:
5b:85:63:37:fc:47:e3:5f:df:05:ad:9a:10:9e:74:77:1e:e4:
c9:4b:8c:53:45:63:9e:d3:c5:a8:dd:ac:a4:b8:5a:0c:65:21:
14:8b:00:f0:ef:1c:f6:b8:b1:ef:cf:63:78:23:9f:5b:52:9b:
51:e0:35:f4:ae:f4:a1:d0:54:0b:68:bf:83:12:a2:28:5d:a8:
fe:05:c1:d6:3a:dc:c8:6b:9d:ed:32:68:40:30:ce:d4:b2:bf:
7d:34:f0:8f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZML0FEZKeIib5UkVQ6f7eWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQxMTA4MTI0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmU4ZTEzMGQzNWNhZTE5NjdiYTJiODFlMTJjMWJhZGZhMmMyZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrCN8DffwP+rdjVFfA0py+GW/uWl
yU+QGJBZvuBu2HEGZr9QwNLTjK9B2sg7XHKZtdhLmtqwFz77yS5KUYYDYdniHrUI
5cBV6LXN+id3s9w/W3MoJxbXFYzkMRQKsZHx+HzGJIYPSG2K9qfjdVkobrWCihCE
+5WQfy++azlfB39OzLqqn9ufX+4hZc8fYkvsJ6hLh1bLRxYfv0kQsWiDmQUORQM0
THRmSjhNgmV3Jmb9Gj6+u1M/NT+I5ASEa272koOQm6Tc3xoNP0+iJlf9eMKp1CrI
qjHeqnS3aWsFEin64XdGxfijVqbiLKsJejrVzLr/byuNDwkoB9lmtI0MjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFALo4TDTXK4ZZ7orgeEsG636LC/UMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvQXVqaE1OTmNyaGxudWl1QjRTd2JyZm9zTDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCVY6QMAwD
BAJVjzQDBABVjzYwDQYJKoZIhvcNAQELBQADggEBAHxbphKcXl1j9l7vB59+ZXxs
QDSO3fs8TYHHzdGuVr72YpHKBmq0Q8GRoe5mzCSNxAgSeNcu0m1MNrEZuvCwPR96
i/pP4NEh4YD2EiJHLFKSmgknmYTL4xi9qtwod9p31GtWYWrKoDj4K31AcYZOxQ90
XOXtrm38agLagpxUxiAMtUomRcehSPhudj2CpG3r0sO/NGqxoTimKIVWkzMnDQ/q
SluFYzf8R+Nf3wWtmhCedHce5MlLjFNFY57TxajdrKS4WgxlIRSLAPDvHPa4se/P
Y3gjn1tSm1HgNfSu9KHQVAtov4MSoihdqP4FwdY63Mhrne0yaEAwztSyv3008I8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:59:57 2024 by rpki-client on console-fra.rpki-client.org