Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/jPHXDflZXKomWOuCrgAI_OJtpsg.roa
File: jPHXDflZXKomWOuCrgAI_OJtpsg.roa (raw, json)
Hash identifier: RXoY5EqclqnoS12Z4T0SkKI+pes1KugcqdiE3jOmKYo=
Subject key identifier: 8C:F1:D7:0D:F9:59:5C:AA:26:58:EB:82:AE:00:08:FC:E2:6D:A6:C8
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019421B260AA9E5A28EBD01DC3D48D490909
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/jPHXDflZXKomWOuCrgAI_OJtpsg.roa
Signing time: Wed 01 Jan 2025 11:48:45 +0000
ROA not before: Wed 01 Jan 2025 11:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49505
IP address blocks: 85.142.0.0/21 maxlen: 24
85.142.40.0/21 maxlen: 24
85.142.48.0/22 maxlen: 24
85.142.64.0/22 maxlen: 24
85.142.72.0/24 maxlen: 24
85.142.76.0/24 maxlen: 24
85.142.81.0/24 maxlen: 24
85.142.82.0/24 maxlen: 24
85.142.84.0/23 maxlen: 24
85.142.87.0/24 maxlen: 24
85.142.99.0/24 maxlen: 24
85.142.100.0/23 maxlen: 24
85.142.112.0/22 maxlen: 24
85.142.128.0/20 maxlen: 24
85.142.212.0/23 maxlen: 24
85.142.215.0/24 maxlen: 24
85.142.240.0/24 maxlen: 24
85.142.242.0/24 maxlen: 24
85.142.244.0/24 maxlen: 24
85.142.246.0/24 maxlen: 24
85.142.250.0/24 maxlen: 24
85.142.252.0/22 maxlen: 24
85.143.41.0/24 maxlen: 24
85.143.42.0/23 maxlen: 24
85.143.44.0/24 maxlen: 24
85.143.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 07:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:60:aa:9e:5a:28:eb:d0:1d:c3:d4:8d:49:09:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8cf1d70df9595caa2658eb82ae0008fce26da6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:90:90:5b:54:1a:6f:6e:87:e0:77:68:83:39:
bd:ea:0c:db:e5:40:d6:a5:ce:43:8c:93:f1:8f:e9:
bc:59:bf:40:b8:7a:88:63:2a:bc:5d:1d:2a:e6:0b:
ea:48:f2:d3:e6:ad:47:5a:80:11:7a:81:9a:be:80:
fd:65:be:bd:85:8e:4a:23:9f:b0:09:50:10:c3:60:
8a:d1:dc:40:b8:50:95:dd:2f:d9:b0:65:1d:fa:bf:
a6:37:3a:ec:08:ca:45:47:ac:9a:45:b0:72:31:f9:
4b:50:54:45:8b:be:64:73:96:b6:aa:ac:e0:c6:fc:
fb:42:6a:6d:99:06:ce:e6:b7:3d:12:03:8d:60:46:
22:e3:f2:c0:6d:41:6f:9f:6c:f1:08:61:cd:15:57:
11:88:f3:56:2a:87:8f:40:24:36:2a:a7:63:76:db:
6f:73:75:2f:68:a4:c4:fb:14:16:92:c3:20:f4:f1:
7b:7a:dc:fe:5b:a9:62:7e:8a:ca:de:67:3c:2a:4d:
0b:ae:61:50:76:5b:dc:ad:7f:e2:9a:a1:50:38:af:
0f:f0:ca:42:4e:1e:5a:8f:32:a2:e5:ee:34:9d:a5:
7d:5e:f1:76:53:e0:9c:70:ba:2c:92:ba:f2:00:14:
55:b0:bc:53:30:ab:39:d9:6f:43:ce:39:a2:1f:4c:
78:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F1:D7:0D:F9:59:5C:AA:26:58:EB:82:AE:00:08:FC:E2:6D:A6:C8
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/jPHXDflZXKomWOuCrgAI_OJtpsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.0.0/21
85.142.40.0-85.142.51.255
85.142.64.0/22
85.142.72.0/24
85.142.76.0/24
85.142.81.0-85.142.82.255
85.142.84.0/23
85.142.87.0/24
85.142.99.0-85.142.101.255
85.142.112.0/22
85.142.128.0/20
85.142.212.0/23
85.142.215.0/24
85.142.240.0/24
85.142.242.0/24
85.142.244.0/24
85.142.246.0/24
85.142.250.0/24
85.142.252.0/22
85.143.41.0-85.143.44.255
85.143.48.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:3f:3f:b4:8e:d0:57:d3:5b:3c:a2:a7:2c:5f:ac:59:b5:a2:
90:97:7a:47:53:60:c8:6e:9b:5a:98:c5:b3:01:58:74:27:1f:
27:79:eb:b3:6a:4b:55:7d:30:63:b5:e1:1d:a6:5d:52:bb:95:
41:22:41:1d:a4:93:fc:89:ff:ae:ef:51:6d:a8:9c:2b:cb:45:
1c:b1:ec:3a:5b:ca:1f:51:c2:25:81:04:bc:cf:c6:90:62:77:
c9:51:d9:fb:67:01:48:19:77:47:d0:45:81:9a:25:5f:f7:10:
74:44:94:4f:8f:d6:55:15:d8:ea:5d:a9:f3:a2:10:86:3e:f7:
38:1e:65:2a:9b:91:da:1a:8d:5c:a4:46:6b:1d:be:16:59:d5:
1d:49:d5:7b:c6:9f:18:b2:e8:91:b6:5f:78:40:c6:29:ac:67:
94:3c:ae:7a:c5:54:92:fb:73:62:ac:be:2d:d7:38:34:e7:49:
99:33:89:0a:5c:17:8a:c4:4d:a5:3c:6e:98:d7:09:83:4a:4e:
d1:ee:92:9f:12:ec:7f:41:41:c2:eb:4b:4b:72:88:e5:6a:58:
52:2d:af:2f:fe:18:eb:87:7a:bc:09:92:b6:fb:8a:a3:cf:21:
64:9f:1c:58:e8:33:fd:bc:91:57:da:27:98:23:21:51:41:04:
95:c3:13:14
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZQhsmCqnloo69Adw9SNSQkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjUwMTAxMTE0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2YxZDcwZGY5NTk1Y2FhMjY1OGViODJhZTAwMDhmY2UyNmRhNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JCQW1Qab26H4Hdogzm96gzb5UDW
pc5DjJPxj+m8Wb9AuHqIYyq8XR0q5gvqSPLT5q1HWoAReoGavoD9Zb69hY5KI5+w
CVAQw2CK0dxAuFCV3S/ZsGUd+r+mNzrsCMpFR6yaRbByMflLUFRFi75kc5a2qqzg
xvz7QmptmQbO5rc9EgONYEYi4/LAbUFvn2zxCGHNFVcRiPNWKoePQCQ2Kqdjdttv
c3UvaKTE+xQWksMg9PF7etz+W6liforK3mc8Kk0LrmFQdlvcrX/imqFQOK8P8MpC
Th5ajzKi5e40naV9XvF2U+CccLoskrryABRVsLxTMKs52W9DzjmiH0x4HwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFIzx1w35WVyqJljrgq4ACPzibabIMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvalBIWERmbFpYS29tV091Q3JnQUlfT0p0cHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBANV
jgAwDAMEA1WOKAMEAlWOMAMEAlWOQAMEAFWOSAMEAFWOTDAMAwQAVY5RAwQAVY5S
AwQBVY5UAwQAVY5XMAwDBABVjmMDBAFVjmQDBAJVjnADBARVjoADBAFVjtQDBABV
jtcDBABVjvADBABVjvIDBABVjvQDBABVjvYDBABVjvoDBAJVjvwwDAMEAFWPKQME
AFWPLAMEAlWPMDANBgkqhkiG9w0BAQsFAAOCAQEAXD8/tI7QV9NbPKKnLF+sWbWi
kJd6R1NgyG6bWpjFswFYdCcfJ3nrs2pLVX0wY7XhHaZdUruVQSJBHaST/In/ru9R
baicK8tFHLHsOlvKH1HCJYEEvM/GkGJ3yVHZ+2cBSBl3R9BFgZolX/cQdESUT4/W
VRXY6l2p86IQhj73OB5lKpuR2hqNXKRGax2+FlnVHUnVe8afGLLokbZfeEDGKaxn
lDyuesVUkvtzYqy+Ldc4NOdJmTOJClwXisRNpTxumNcJg0pO0e6SnxLsf0FBwutL
S3KI5WpYUi2vL/4Y64d6vAmStvuKo88hZJ8cWOgz/byRV9onmCMhUUEElcMTFA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:56:59 2025 by rpki-client