Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/9jyazhf0jCTGb6tNMM0_rBFdY6k.roa
File: 9jyazhf0jCTGb6tNMM0_rBFdY6k.roa (raw, json)
Hash identifier: FxosTmF8m+dqMtuYFJnb4FFHbBqKINi4LKJGOAgke7w=
Subject key identifier: F6:3C:9A:CE:17:F4:8C:24:C6:6F:AB:4D:30:CD:3F:AC:11:5D:63:A9
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 018EC228E1FD943D8E053F15FC7234448B8F
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/9jyazhf0jCTGb6tNMM0_rBFdY6k.roa
Signing time: Tue 09 Apr 2024 09:20:42 +0000
ROA not before: Tue 09 Apr 2024 09:20:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.mft
rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:28:e1:fd:94:3d:8e:05:3f:15:fc:72:34:44:8b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Apr 9 09:20:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f63c9ace17f48c24c66fab4d30cd3fac115d63a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:de:0a:65:4b:c1:7f:7f:e2:40:73:30:2e:a4:
b1:be:9a:dd:14:dc:2e:2a:c5:b3:90:10:dc:17:6c:
bb:f4:50:5d:3e:39:c7:21:92:e8:f1:f2:53:1d:1b:
04:f1:62:ed:6a:32:76:7b:80:d0:be:d7:ff:31:c3:
32:81:5d:06:af:af:2d:b9:21:5b:78:35:91:26:97:
73:e4:b1:17:22:fd:eb:ee:69:bc:c5:a2:50:2c:79:
ff:78:96:67:53:c2:10:91:c1:9c:08:4d:15:48:9b:
9d:fd:7c:77:41:7f:8b:58:4b:4e:1a:34:21:a2:be:
59:85:b5:0c:74:e6:c8:f9:2b:2d:a1:8d:82:d9:f9:
fa:5b:d8:d3:8f:47:b8:74:0d:00:c6:9b:a6:c7:1a:
f6:17:c4:38:ea:7b:08:d0:a8:cf:29:ca:9b:59:0e:
1a:83:20:0a:6c:98:6d:09:0e:ea:ba:e6:28:9b:b9:
5e:a8:d5:f8:9d:46:e3:d3:6f:f2:74:cd:fe:7f:50:
9d:f4:d4:21:48:a6:97:be:17:fb:7f:9d:90:e6:6c:
26:57:6e:6a:a8:ae:62:e2:dd:ba:22:98:03:09:8c:
5d:6f:c8:4b:cb:c2:41:94:c4:02:aa:60:93:77:b9:
6e:7b:d0:8f:90:01:92:81:c3:68:49:c9:d7:ca:54:
6b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:3C:9A:CE:17:F4:8C:24:C6:6F:AB:4D:30:CD:3F:AC:11:5D:63:A9
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/9jyazhf0jCTGb6tNMM0_rBFdY6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.21.255
85.255.23.0-85.255.31.255
185.114.120.0/22
209.206.0.0-209.206.29.255
209.206.31.0/24
216.252.177.0-216.252.178.255
Signature Algorithm: sha256WithRSAEncryption
c7:9e:ec:1e:7e:23:a8:cb:f7:96:1e:d4:51:5c:73:d8:67:f5:
b3:73:96:4f:50:9f:8a:01:68:5b:cb:1b:5d:7c:8e:41:e0:cd:
a7:5c:3c:b8:7c:d3:c1:cb:cf:c2:54:0f:92:9e:4d:b0:1e:4a:
16:a1:65:65:0c:3c:70:ff:e9:ae:48:a0:4d:75:67:92:32:89:
36:74:31:bb:ec:39:a4:16:2a:fd:70:93:22:eb:f6:d7:51:3f:
60:d8:5c:8f:b7:7c:bf:4c:4c:72:28:3b:5d:08:af:df:ce:5a:
cf:6f:f8:19:52:c4:50:e3:61:6d:b2:6b:cf:f0:0b:49:bd:0b:
43:7a:ee:a6:67:77:df:56:f0:d1:1e:42:41:78:aa:0a:16:bd:
b6:7a:4a:c7:63:c2:17:89:ea:df:bb:70:3d:2c:b0:4c:5f:ba:
b7:fb:56:2c:e9:ec:eb:92:85:62:ec:91:b1:76:36:57:fc:54:
ad:dc:67:22:02:84:2d:43:f3:d2:36:d4:ee:73:1b:63:24:29:
66:15:02:1b:0d:29:f1:7f:33:69:40:a6:06:c1:aa:76:95:63:
85:c6:2c:58:6b:9a:d6:ca:5d:95:9a:b6:ed:fd:f8:80:aa:2e:
e9:87:8c:44:ad:32:8e:4c:78:6d:38:e9:3d:f6:2e:1a:a1:98:
ea:76:cf:94
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAY7CKOH9lD2OBT8V/HI0RIuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjQwNDA5MDkyMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjNjOWFjZTE3ZjQ4YzI0YzY2ZmFiNGQzMGNkM2ZhYzExNWQ2M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd4KZUvBf3/iQHMwLqSxvprdFNwu
KsWzkBDcF2y79FBdPjnHIZLo8fJTHRsE8WLtajJ2e4DQvtf/McMygV0Gr68tuSFb
eDWRJpdz5LEXIv3r7mm8xaJQLHn/eJZnU8IQkcGcCE0VSJud/Xx3QX+LWEtOGjQh
or5ZhbUMdObI+SstoY2C2fn6W9jTj0e4dA0Axpumxxr2F8Q46nsI0KjPKcqbWQ4a
gyAKbJhtCQ7quuYom7leqNX4nUbj02/ydM3+f1Cd9NQhSKaXvhf7f52Q5mwmV25q
qK5i4t26IpgDCYxdb8hLy8JBlMQCqmCTd7lue9CPkAGSgcNoScnXylRrkQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFPY8ms4X9Iwkxm+rTTDNP6wRXWOpMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvOWp5YXpoZjBqQ1RHYjZ0Tk1NMF9yQkZkWTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBPBAIAATBJAwQBVf8QMAwD
BABV/xMDBAFV/xQwDAMEAFX/FwMEBVX/AAMEArlyeDALAwMB0c4DBAHRzhwDBADR
zh8wDAMEANj8sQMEANj8sjANBgkqhkiG9w0BAQsFAAOCAQEAx57sHn4jqMv3lh7U
UVxz2Gf1s3OWT1CfigFoW8sbXXyOQeDNp1w8uHzTwcvPwlQPkp5NsB5KFqFlZQw8
cP/prkigTXVnkjKJNnQxu+w5pBYq/XCTIuv211E/YNhcj7d8v0xMcig7XQiv385a
z2/4GVLEUONhbbJrz/ALSb0LQ3rupmd331bw0R5CQXiqCha9tnpKx2PCF4nq37tw
PSywTF+6t/tWLOns65KFYuyRsXY2V/xUrdxnIgKELUPz0jbU7nMbYyQpZhUCGw0p
8X8zaUCmBsGqdpVjhcYsWGua1spdlZq27f34gKou6YeMRK0yjkx4bTjpPfYuGqGY
6nbPlA==
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:34:33 2024 by rpki-client on console-fra.rpki-client.org