Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/dEliJhVJzQneZgnaLR1-o6xXq1s.roa
File: dEliJhVJzQneZgnaLR1-o6xXq1s.roa (raw, json)
Hash identifier: EXBHfSQkg1DIOyYt3SSj7X7dWfmR891hgqNUY7jyLlw=
Subject key identifier: 74:49:62:26:15:49:CD:09:DE:66:09:DA:2D:1D:7E:A3:AC:57:AB:5B
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01930BD050A3FF498B8219DBDFE105E3F7E0
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/dEliJhVJzQneZgnaLR1-o6xXq1s.roa
Signing time: Fri 08 Nov 2024 12:47:01 +0000
ROA not before: Fri 08 Nov 2024 12:47:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 85.142.0.0/21 maxlen: 24
85.142.40.0/21 maxlen: 24
85.142.48.0/22 maxlen: 24
85.142.64.0/22 maxlen: 24
85.142.72.0/24 maxlen: 24
85.142.76.0/24 maxlen: 24
85.142.81.0/24 maxlen: 24
85.142.82.0/24 maxlen: 24
85.142.84.0/23 maxlen: 24
85.142.87.0/24 maxlen: 24
85.142.88.0/21 maxlen: 24
85.142.99.0/24 maxlen: 24
85.142.100.0/23 maxlen: 24
85.142.112.0/22 maxlen: 24
85.142.128.0/20 maxlen: 24
85.142.212.0/23 maxlen: 24
85.142.215.0/24 maxlen: 24
85.142.240.0/24 maxlen: 24
85.142.242.0/24 maxlen: 24
85.142.244.0/24 maxlen: 24
85.142.246.0/24 maxlen: 24
85.142.250.0/24 maxlen: 24
85.142.252.0/22 maxlen: 24
85.143.41.0/24 maxlen: 24
85.143.42.0/23 maxlen: 24
85.143.44.0/24 maxlen: 24
85.143.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:d0:50:a3:ff:49:8b:82:19:db:df:e1:05:e3:f7:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Nov 8 12:47:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=744962261549cd09de6609da2d1d7ea3ac57ab5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:bd:76:b1:a2:50:ff:d6:2d:8b:73:0e:7e:b8:
76:dd:2e:67:59:82:c4:2f:6e:be:98:c6:cd:f5:fa:
bf:aa:01:e3:81:f6:b8:83:8e:93:2e:d0:47:65:38:
0e:39:f5:0b:dd:f2:19:5b:e7:32:54:5e:ee:54:9c:
e8:86:47:63:84:90:82:66:9b:af:a2:fb:f3:71:0c:
2d:5c:bc:83:50:a6:2d:ba:b8:f2:1f:d9:28:3f:71:
ca:2d:41:88:6f:b9:f0:72:52:17:ce:00:4c:d6:d2:
68:54:46:87:71:0b:6a:41:d5:7f:32:54:ba:bc:50:
76:ca:97:16:68:e3:33:f2:bd:8c:b1:fa:04:9b:89:
b1:b3:70:92:da:75:53:b6:da:2c:a3:55:ba:f6:19:
1a:52:bc:84:13:d6:eb:a3:46:61:01:62:aa:99:d1:
d5:84:f6:92:5d:a9:06:d1:86:4b:85:e2:a3:bf:43:
5c:e2:79:fc:e6:35:f7:04:2b:df:a2:c4:49:f3:99:
74:27:04:4a:c4:0d:c9:b5:d2:fe:c6:fc:e1:c4:1e:
bf:a5:c7:cc:bf:f7:50:73:4a:3c:ab:67:be:bd:4b:
2c:7b:96:b7:84:a8:e0:04:72:e0:25:f2:77:f5:fd:
17:2b:76:8a:8b:c3:72:14:a4:2a:ba:1a:79:a3:4e:
07:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:49:62:26:15:49:CD:09:DE:66:09:DA:2D:1D:7E:A3:AC:57:AB:5B
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/dEliJhVJzQneZgnaLR1-o6xXq1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.0.0/21
85.142.40.0-85.142.51.255
85.142.64.0/22
85.142.72.0/24
85.142.76.0/24
85.142.81.0-85.142.82.255
85.142.84.0/23
85.142.87.0-85.142.95.255
85.142.99.0-85.142.101.255
85.142.112.0/22
85.142.128.0/20
85.142.212.0/23
85.142.215.0/24
85.142.240.0/24
85.142.242.0/24
85.142.244.0/24
85.142.246.0/24
85.142.250.0/24
85.142.252.0/22
85.143.41.0-85.143.44.255
85.143.48.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:92:86:3d:53:d2:7d:a2:b9:10:f5:60:8f:58:74:e9:c1:3a:
e6:c6:dc:a9:9c:08:e8:bc:f3:a9:be:e7:56:d7:14:31:0c:0c:
ee:34:c7:1c:75:37:31:c8:33:7f:cd:26:ce:2f:a6:d1:8c:fe:
76:f1:a0:4e:58:02:da:39:8e:31:26:a9:b9:2f:f2:2a:63:31:
fd:bc:33:34:ee:77:7f:2f:a4:4c:5c:13:59:ab:48:0a:f4:56:
f0:7c:d2:d7:a0:47:af:15:31:85:b6:4c:e3:8d:71:89:25:0b:
7d:98:d5:c2:2d:0a:d5:91:ba:fd:dc:c8:01:36:12:92:ce:cb:
2d:ea:09:87:16:e2:c5:22:58:f7:01:f5:5e:41:af:79:81:0e:
b9:35:79:70:cc:70:09:67:3c:d4:5e:69:21:84:54:40:37:6f:
e6:54:0c:2d:8c:75:0c:bb:82:82:14:a1:a3:b5:bb:44:84:85:
de:1d:b3:65:dd:0e:18:4b:0b:a8:9d:19:00:1a:2b:6d:2b:b2:
33:58:b3:be:43:56:de:79:04:10:8a:ca:65:8e:fb:6e:48:ef:
25:3f:d8:ea:21:57:60:16:03:ce:cf:d3:20:6b:53:f7:31:b0:
25:42:87:a8:8e:a0:c0:17:20:2e:66:11:47:10:60:81:05:9c:
84:53:19:f6
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZML0FCj/0mLghnb3+EF4/fgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQxMTA4MTI0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQ5NjIyNjE1NDljZDA5ZGU2NjA5ZGEyZDFkN2VhM2FjNTdhYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2712saJQ/9Yti3MOfrh23S5nWYLE
L26+mMbN9fq/qgHjgfa4g46TLtBHZTgOOfUL3fIZW+cyVF7uVJzohkdjhJCCZpuv
ovvzcQwtXLyDUKYturjyH9koP3HKLUGIb7nwclIXzgBM1tJoVEaHcQtqQdV/MlS6
vFB2ypcWaOMz8r2MsfoEm4mxs3CS2nVTttoso1W69hkaUryEE9bro0ZhAWKqmdHV
hPaSXakG0YZLheKjv0Nc4nn85jX3BCvfosRJ85l0JwRKxA3JtdL+xvzhxB6/pcfM
v/dQc0o8q2e+vUsse5a3hKjgBHLgJfJ39f0XK3aKi8NyFKQquhp5o04H9QIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFHRJYiYVSc0J3mYJ2i0dfqOsV6tbMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvZEVsaUpoVkp6UW5lWmduYUxSMS1vNnhYcTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBANV
jgAwDAMEA1WOKAMEAlWOMAMEAlWOQAMEAFWOSAMEAFWOTDAMAwQAVY5RAwQAVY5S
AwQBVY5UMAwDBABVjlcDBAVVjkAwDAMEAFWOYwMEAVWOZAMEAlWOcAMEBFWOgAME
AVWO1AMEAFWO1wMEAFWO8AMEAFWO8gMEAFWO9AMEAFWO9gMEAFWO+gMEAlWO/DAM
AwQAVY8pAwQAVY8sAwQCVY8wMA0GCSqGSIb3DQEBCwUAA4IBAQA7koY9U9J9orkQ
9WCPWHTpwTrmxtypnAjovPOpvudW1xQxDAzuNMccdTcxyDN/zSbOL6bRjP528aBO
WALaOY4xJqm5L/IqYzH9vDM07nd/L6RMXBNZq0gK9FbwfNLXoEevFTGFtkzjjXGJ
JQt9mNXCLQrVkbr93MgBNhKSzsst6gmHFuLFIlj3AfVeQa95gQ65NXlwzHAJZzzU
XmkhhFRAN2/mVAwtjHUMu4KCFKGjtbtEhIXeHbNl3Q4YSwuonRkAGittK7IzWLO+
Q1beeQQQispljvtuSO8lP9jqIVdgFgPOz9Mga1P3MbAlQoeojqDAFyAuZhFHEGCB
BZyEUxn2
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:39:15 2024 by rpki-client on console-ams.rpki-client.org