Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/pxadCBjnp27o8WyIB73oB9AZ9o0.roa
File: pxadCBjnp27o8WyIB73oB9AZ9o0.roa (raw, json)
Hash identifier: jBptfobYmGGa0dwaqmhwtYdOrdKjV92SX1UEc0zFLIQ=
Subject key identifier: A7:16:9D:08:18:E7:A7:6E:E8:F1:6C:88:07:BD:E8:07:D0:19:F6:8D
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 0192FC80F0C8E7DB250EE41452456D555295
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/pxadCBjnp27o8WyIB73oB9AZ9o0.roa
Signing time: Tue 05 Nov 2024 13:26:01 +0000
ROA not before: Tue 05 Nov 2024 13:26:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.30.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
216.252.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.mft
rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:80:f0:c8:e7:db:25:0e:e4:14:52:45:6d:55:52:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Nov 5 13:26:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7169d0818e7a76ee8f16c8807bde807d019f68d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:ee:f5:f4:89:1f:38:e4:dc:32:7d:4f:09:d9:
b8:f9:9c:1e:bb:d2:2a:fd:75:d9:77:0d:a0:3d:ae:
f5:10:27:b2:94:41:90:ec:8a:ea:b9:7f:df:02:2c:
7d:f3:34:f9:ce:bc:50:71:d1:63:6d:c0:16:8a:23:
2e:ba:94:6e:e0:31:2a:86:5a:87:19:17:47:ce:73:
d8:74:5e:da:28:6a:bb:e9:7f:cc:69:8b:06:0b:fb:
8c:31:15:13:49:f7:c4:ab:58:c8:a2:3b:89:e1:9f:
a5:30:d9:a5:62:f7:a2:3d:b7:6f:09:51:5d:a9:e3:
f5:30:0a:d6:c0:76:c4:fc:88:a6:df:d2:37:99:c6:
ec:87:64:46:5a:5e:61:c6:31:7a:2b:a5:58:6c:95:
fd:f4:3e:d8:f7:02:99:ad:b0:1a:8b:28:2e:7c:d4:
eb:c4:d8:b8:12:a4:6f:1a:5f:83:74:7d:a2:ef:d7:
a3:67:84:f8:60:ab:60:f3:c6:c7:0e:c1:e5:c1:37:
2d:0f:df:42:cd:cf:ca:ff:2f:f3:8f:7f:2f:12:8f:
1d:5c:72:42:98:5a:a7:31:d6:ea:b2:f7:92:57:8f:
21:99:69:fc:ed:78:c8:ab:29:ab:d0:b8:13:d4:25:
9a:41:a5:8d:06:35:93:7f:da:df:b1:0d:c9:eb:99:
51:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:16:9D:08:18:E7:A7:6E:E8:F1:6C:88:07:BD:E8:07:D0:19:F6:8D
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/pxadCBjnp27o8WyIB73oB9AZ9o0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.21.255
85.255.23.0-85.255.31.255
185.114.120.0/22
209.206.0.0/19
216.252.177.0-216.252.179.255
Signature Algorithm: sha256WithRSAEncryption
91:c5:cb:fc:e0:f7:05:08:a7:20:a8:cd:cc:a3:bc:28:27:bb:
8f:62:9a:a8:77:b3:82:4a:aa:e6:eb:cb:2c:8f:c8:1e:49:a8:
8c:10:d7:97:0b:2e:05:a6:57:6b:fc:ef:ad:7d:bb:67:f1:c9:
06:1e:db:93:7a:4c:f1:46:68:52:6c:a0:b6:88:4a:71:04:8b:
0c:4c:21:8c:4d:da:79:be:e1:33:9e:bb:b9:89:45:fc:a4:5c:
c9:ed:a3:01:d4:c9:42:25:e8:b2:b4:f4:62:72:a8:11:d8:2a:
8f:53:67:4a:dd:90:fb:a0:3d:19:92:55:0e:33:d1:15:3a:1b:
f5:66:46:e9:76:3b:90:3f:9c:69:51:25:49:fc:7e:09:e9:6d:
04:69:d5:ab:30:a4:59:d1:5d:4c:e0:14:c3:c5:01:bd:3c:f0:
e3:4f:6b:e8:87:d3:e1:29:1f:92:86:d3:43:73:84:07:a5:9f:
e5:1a:44:bd:9c:a8:5e:67:71:32:f5:54:da:9f:4f:b9:53:6c:
84:37:e7:d0:83:c2:d6:1d:f4:cb:0a:51:6f:04:2a:67:a7:1c:
a6:ed:4a:04:26:a0:4b:85:47:ed:76:82:32:36:67:12:95:8f:
ba:87:fe:a6:59:bb:a9:14:9f:6f:61:ee:45:49:ce:e5:54:bf:
ca:1e:44:bb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZL8gPDI59slDuQUUkVtVVKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjQxMTA1MTMyNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzE2OWQwODE4ZTdhNzZlZThmMTZjODgwN2JkZTgwN2QwMTlmNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9e719IkfOOTcMn1PCdm4+Zweu9Iq
/XXZdw2gPa71ECeylEGQ7IrquX/fAix98zT5zrxQcdFjbcAWiiMuupRu4DEqhlqH
GRdHznPYdF7aKGq76X/MaYsGC/uMMRUTSffEq1jIojuJ4Z+lMNmlYveiPbdvCVFd
qeP1MArWwHbE/Iim39I3mcbsh2RGWl5hxjF6K6VYbJX99D7Y9wKZrbAaiygufNTr
xNi4EqRvGl+DdH2i79ejZ4T4YKtg88bHDsHlwTctD99Czc/K/y/zj38vEo8dXHJC
mFqnMdbqsveSV48hmWn87XjIqymr0LgT1CWaQaWNBjWTf9rfsQ3J65lR/QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKcWnQgY56du6PFsiAe96AfQGfaNMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvcHhhZENCam5wMjdvOFd5SUI3M29COUFaOW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBVf8QMAwD
BABV/xMDBAFV/xQwDAMEAFX/FwMEBVX/AAMEArlyeAMEBdHOADAMAwQA2PyxAwQC
2PywMA0GCSqGSIb3DQEBCwUAA4IBAQCRxcv84PcFCKcgqM3Mo7woJ7uPYpqod7OC
Sqrm68ssj8geSaiMENeXCy4Fpldr/O+tfbtn8ckGHtuTekzxRmhSbKC2iEpxBIsM
TCGMTdp5vuEznru5iUX8pFzJ7aMB1MlCJeiytPRicqgR2CqPU2dK3ZD7oD0ZklUO
M9EVOhv1ZkbpdjuQP5xpUSVJ/H4J6W0EadWrMKRZ0V1M4BTDxQG9PPDjT2voh9Ph
KR+ShtNDc4QHpZ/lGkS9nKheZ3Ey9VTan0+5U2yEN+fQg8LWHfTLClFvBCpnpxym
7UoEJqBLhUftdoIyNmcSlY+6h/6mWbupFJ9vYe5FSc7lVL/KHkS7
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:29:00 2024 by rpki-client on console-fra.rpki-client.org