Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/1-6YeZlPAoL19Oeyviz7u7sQUmdw.roa
File: 1-6YeZlPAoL19Oeyviz7u7sQUmdw.roa (raw, json)
Hash identifier: 9aZN0DAEXWTLcgmJHaImPYVhry7In7tN7ToxCT9WXdY=
Subject key identifier: FB:A6:1E:66:53:C0:A0:BD:7D:39:EC:AF:8B:3E:EE:EE:C4:14:99:DC
Certificate issuer: /CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Certificate serial: 018CC5007FE8F72B8C201C6D7B8E4EBB2973
Authority key identifier: 19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/1-6YeZlPAoL19Oeyviz7u7sQUmdw.roa
Signing time: Mon 01 Jan 2024 12:29:53 +0000
ROA not before: Mon 01 Jan 2024 12:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206991
IP address blocks: 85.95.240.0/24 maxlen: 24
85.95.239.0/24 maxlen: 24
85.95.238.0/24 maxlen: 24
85.95.237.0/24 maxlen: 24
85.95.244.0/24 maxlen: 24
85.95.243.0/24 maxlen: 24
85.95.242.0/24 maxlen: 24
85.95.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:7f:e8:f7:2b:8c:20:1c:6d:7b:8e:4e:bb:29:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19f1a9dd126f37237ce200fb8616ff937bca966c
Validity
Not Before: Jan 1 12:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fba61e6653c0a0bd7d39ecaf8b3eeeeec41499dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2d:1a:83:c3:8e:b0:20:38:4b:f8:de:13:81:
e5:53:ec:8c:07:c4:6b:69:45:14:45:88:16:13:7d:
00:27:ce:ac:ab:59:9b:82:4a:32:f2:b6:b5:21:fc:
5b:f7:04:fe:ba:6e:d3:93:82:39:ab:db:7d:17:25:
ee:59:87:a3:41:9d:98:0b:4f:11:03:6b:8f:01:53:
2b:db:4c:09:75:2d:08:87:01:84:27:0a:0b:21:02:
d1:ab:53:41:84:54:1b:ac:f3:4b:87:d3:56:51:b0:
44:87:c5:94:ac:c6:d5:40:81:20:cd:52:45:69:94:
8e:f6:d3:e2:25:88:22:e1:3a:0b:fc:95:a8:b2:45:
48:90:11:b9:32:f2:f2:21:f7:cf:cf:4e:60:f3:62:
cd:0b:12:d9:a0:21:2c:0b:43:44:01:43:29:57:54:
4c:f2:99:82:87:79:8f:ab:19:de:9e:57:bb:da:33:
64:88:25:83:2c:fb:54:cb:93:36:ec:36:28:35:72:
c8:8e:64:b6:b9:aa:5a:49:79:90:46:12:29:9c:c2:
f8:c3:5a:bb:41:41:f6:85:75:00:9b:b4:67:0d:40:
77:9b:f7:e4:80:75:50:51:da:e3:6d:2f:d9:c4:25:
13:c8:92:fd:5c:bd:35:7d:c4:2e:68:f2:6e:a0:56:
4b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A6:1E:66:53:C0:A0:BD:7D:39:EC:AF:8B:3E:EE:EE:C4:14:99:DC
X509v3 Authority Key Identifier:
keyid:19:F1:A9:DD:12:6F:37:23:7C:E2:00:FB:86:16:FF:93:7B:CA:96:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GfGp3RJvNyN84gD7hhb_k3vKlmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/1-6YeZlPAoL19Oeyviz7u7sQUmdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a63d-1730-4d88-ab38-3fd30988f677/1/GfGp3RJvNyN84gD7hhb_k3vKlmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.95.237.0-85.95.244.255
Signature Algorithm: sha256WithRSAEncryption
96:04:ed:2a:0d:89:b7:61:98:6a:d9:e3:0b:4f:b6:4b:e5:aa:
f2:7e:69:15:f7:29:8c:ec:0e:40:32:5f:4a:51:03:bc:4b:e7:
05:5b:01:c5:0e:d6:eb:be:b0:b0:f0:23:c7:3d:3d:e8:5b:82:
89:61:60:40:ec:5a:58:8f:77:e4:d6:10:1a:91:54:a7:32:4d:
87:52:81:8d:50:4f:39:00:52:bb:f4:2d:d4:6a:da:fd:60:aa:
61:d0:c1:b1:32:07:a3:80:b0:97:ea:a9:79:de:1f:ff:ce:e3:
1d:33:bc:54:42:3f:13:e4:a6:b8:b8:bd:1c:79:36:8b:10:2f:
fb:a8:46:a1:27:e0:22:43:bf:be:07:9f:9e:a0:ab:5f:f9:ee:
63:a7:bc:13:45:59:88:84:c7:d3:f0:33:05:94:3a:28:b0:0a:
ae:64:aa:9a:5b:04:ca:2d:ad:f6:4b:ef:b5:5a:78:00:f2:2e:
90:5b:a8:6e:0a:18:bc:b7:3f:c6:2d:8c:53:fe:07:17:02:0d:
c7:9a:59:ff:7d:0a:c5:66:9f:9b:30:29:07:6f:d0:b5:df:9e:
d2:91:ec:e5:ea:3b:fe:29:32:59:c5:3b:90:89:f7:e9:21:0d:
40:39:a5:a3:cf:eb:5a:3f:01:26:7d:9e:2d:a6:4c:e1:6c:a9:
85:29:a7:de
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYzFAH/o9yuMIBxte45OuylzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZjFhOWRkMTI2ZjM3MjM3Y2UyMDBmYjg2MTZmZjkzN2Jj
YTk2NmMwHhcNMjQwMTAxMTIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmE2MWU2NjUzYzBhMGJkN2QzOWVjYWY4YjNlZWVlZWM0MTQ5OWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi0ag8OOsCA4S/jeE4HlU+yMB8Rr
aUUURYgWE30AJ86sq1mbgkoy8ra1Ifxb9wT+um7Tk4I5q9t9FyXuWYejQZ2YC08R
A2uPAVMr20wJdS0IhwGEJwoLIQLRq1NBhFQbrPNLh9NWUbBEh8WUrMbVQIEgzVJF
aZSO9tPiJYgi4ToL/JWoskVIkBG5MvLyIffPz05g82LNCxLZoCEsC0NEAUMpV1RM
8pmCh3mPqxnenle72jNkiCWDLPtUy5M27DYoNXLIjmS2uapaSXmQRhIpnML4w1q7
QUH2hXUAm7RnDUB3m/fkgHVQUdrjbS/ZxCUTyJL9XL01fcQuaPJuoFZLWQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPumHmZTwKC9fTnsr4s+7u7EFJncMB8GA1UdIwQY
MBaAFBnxqd0SbzcjfOIA+4YW/5N7ypZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZHcDNSSnZOeU44NGdEN2hoYl9rM3ZLbG13LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE2M2QtMTczMC00ZDg4LWFiMzgt
M2ZkMzA5ODhmNjc3LzEvMS02WWVabFBBb0wxOU9leXZpejd1N3NRVW1kdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjEvZjhhNjNkLTE3MzAtNGQ4OC1hYjM4LTNmZDMwOTg4ZjY3
Ny8xL0dmR3AzUkp2TnlOODRnRDdoaGJfazN2S2xtdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAVV/t
AwQAVV/0MA0GCSqGSIb3DQEBCwUAA4IBAQCWBO0qDYm3YZhq2eMLT7ZL5aryfmkV
9ymM7A5AMl9KUQO8S+cFWwHFDtbrvrCw8CPHPT3oW4KJYWBA7FpYj3fk1hAakVSn
Mk2HUoGNUE85AFK79C3Uatr9YKph0MGxMgejgLCX6ql53h//zuMdM7xUQj8T5Ka4
uL0ceTaLEC/7qEahJ+AiQ7++B5+eoKtf+e5jp7wTRVmIhMfT8DMFlDoosAquZKqa
WwTKLa32S++1WngA8i6QW6huChi8tz/GLYxT/gcXAg3Hmln/fQrFZp+bMCkHb9C1
357Skezl6jv+KTJZxTuQiffpIQ1AOaWjz+taPwEmfZ4tpkzhbKmFKafe
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:17 2024 by rpki-client on console-fra.rpki-client.org