Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/1-nsQWGsdz-53RFk8EUp8mXUHcx4.roa
File: 1-nsQWGsdz-53RFk8EUp8mXUHcx4.roa (raw, json)
Hash identifier: wZpNrv1SresT2L82q4j7DEGVmlL0VWkROgW6jakZmSA=
Subject key identifier: FA:7B:10:58:6B:1D:CF:EE:77:44:59:3C:11:4A:7C:99:75:07:73:1E
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 01931F489349C255CFB645BF3B6F96E631A7
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/1-nsQWGsdz-53RFk8EUp8mXUHcx4.roa
Signing time: Tue 12 Nov 2024 07:31:10 +0000
ROA not before: Tue 12 Nov 2024 07:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47164
IP address blocks: 212.231.80.0/24 maxlen: 24
212.231.81.0/24 maxlen: 24
212.231.82.0/24 maxlen: 24
212.231.83.0/24 maxlen: 24
212.231.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:48:93:49:c2:55:cf:b6:45:bf:3b:6f:96:e6:31:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Nov 12 07:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa7b10586b1dcfee7744593c114a7c997507731e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3b:ba:46:cc:cb:d9:80:8c:90:96:08:bd:54:
9f:fa:33:d2:8f:ff:b4:27:56:04:d4:27:3f:3c:d6:
61:a7:be:3f:90:5a:65:ab:4f:a1:97:73:88:3e:a4:
6c:fc:25:0c:81:cb:59:0e:c2:f7:3b:1b:a7:8a:0c:
16:0a:85:50:59:35:77:7e:0e:d9:36:3e:a2:8f:aa:
c6:99:1a:21:0b:7a:54:42:9c:91:4a:6a:8c:15:77:
1e:85:ce:1f:f2:04:e5:f2:c6:ff:70:98:18:30:f7:
93:b3:08:93:61:06:42:07:02:f0:5c:ac:94:84:e4:
8e:f4:92:6c:ad:7d:39:d3:4d:ee:89:f2:be:c3:67:
f1:e2:52:dd:38:8d:40:76:e2:9b:7b:aa:51:d1:da:
fb:3c:3c:01:3a:e6:45:28:7e:d0:f3:dc:e5:05:12:
46:c6:7b:67:1f:39:96:86:a7:a6:6e:d7:4d:b3:04:
59:43:0a:5b:9e:b4:9e:a2:cc:81:a6:7a:c7:34:c7:
6c:69:47:dc:27:a4:cb:5c:01:08:35:b2:ab:7d:cc:
f1:33:af:98:c3:51:23:b5:c9:88:89:e7:01:4e:4e:
50:8a:72:64:60:8c:9d:64:2d:f8:02:0a:e4:1a:6e:
33:ae:42:8a:6e:24:c0:d4:af:d0:23:48:3a:dd:c6:
3a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:7B:10:58:6B:1D:CF:EE:77:44:59:3C:11:4A:7C:99:75:07:73:1E
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/1-nsQWGsdz-53RFk8EUp8mXUHcx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.231.80.0/22
212.231.85.0/24
Signature Algorithm: sha256WithRSAEncryption
85:e4:db:62:af:4c:33:3a:ef:51:03:b9:e1:8c:a6:1d:c6:c1:
b6:be:07:44:17:56:fe:35:f6:73:47:0d:1b:3a:d5:f2:81:bd:
a8:77:21:a9:07:54:fd:d9:86:71:10:e2:3c:0e:2f:33:41:8a:
f5:aa:a6:50:67:8a:b5:9c:98:b4:01:06:e2:79:fe:cc:55:aa:
a4:f4:55:b7:52:4d:b2:d8:a1:bb:9d:30:27:f7:8f:24:02:25:
aa:e8:9e:5f:8c:b9:f2:71:4d:41:70:2c:a6:46:3c:a1:a4:c0:
67:32:26:58:73:cf:c8:13:b6:4b:9c:3e:f1:5a:ff:59:1b:b7:
29:61:0f:ae:6b:d3:c8:90:eb:56:48:ea:9b:2b:00:75:70:46:
b0:8f:15:83:be:8a:f1:aa:7e:8b:d9:e2:1a:6f:31:01:b4:6a:
cf:1c:9c:5f:b0:93:94:97:57:c9:4c:09:24:19:36:91:58:88:
9c:c7:3b:c9:56:ee:a7:1a:13:4f:4f:cc:2f:91:29:d8:80:23:
e2:c8:78:7f:dc:57:7d:cb:f6:46:c3:04:38:4b:95:e5:5e:4d:
77:1d:05:c8:39:fe:c7:9c:d6:4d:b3:d1:d4:20:9b:b3:83:3f:
59:c6:51:f8:36:f2:e2:1d:14:93:41:fe:23:94:be:58:c1:02:
91:1e:ee:b9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZMfSJNJwlXPtkW/O2+W5jGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjQxMTEyMDczMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTdiMTA1ODZiMWRjZmVlNzc0NDU5M2MxMTRhN2M5OTc1MDc3MzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzu6RszL2YCMkJYIvVSf+jPSj/+0
J1YE1Cc/PNZhp74/kFplq0+hl3OIPqRs/CUMgctZDsL3OxunigwWCoVQWTV3fg7Z
Nj6ij6rGmRohC3pUQpyRSmqMFXcehc4f8gTl8sb/cJgYMPeTswiTYQZCBwLwXKyU
hOSO9JJsrX05003uifK+w2fx4lLdOI1AduKbe6pR0dr7PDwBOuZFKH7Q89zlBRJG
xntnHzmWhqembtdNswRZQwpbnrSeosyBpnrHNMdsaUfcJ6TLXAEINbKrfczxM6+Y
w1EjtcmIiecBTk5QinJkYIydZC34AgrkGm4zrkKKbiTA1K/QI0g63cY6PwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPp7EFhrHc/ud0RZPBFKfJl1B3MeMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvMS1uc1FXR3Nkei01M1JGazhFVXA4bVhVSGN4NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvNzQ2NDEwLTAyNmItNDVjOS04MWNkLWYxMjgzNWYwMjQ3
Yi8xL2hkRG5ZX2sxd1hGcFR4Y2dWdXRFSUoyeTRzMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAtTnUAME
ANTnVTANBgkqhkiG9w0BAQsFAAOCAQEAheTbYq9MMzrvUQO54YymHcbBtr4HRBdW
/jX2c0cNGzrV8oG9qHchqQdU/dmGcRDiPA4vM0GK9aqmUGeKtZyYtAEG4nn+zFWq
pPRVt1JNstihu50wJ/ePJAIlquieX4y58nFNQXAspkY8oaTAZzImWHPPyBO2S5w+
8Vr/WRu3KWEPrmvTyJDrVkjqmysAdXBGsI8Vg76K8ap+i9niGm8xAbRqzxycX7CT
lJdXyUwJJBk2kViInMc7yVbupxoTT0/ML5Ep2IAj4sh4f9xXfcv2RsMEOEuV5V5N
dx0FyDn+x5zWTbPR1CCbs4M/WcZR+Dby4h0Uk0H+I5S+WMECkR7uuQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:46 2024 by rpki-client on console-fra.rpki-client.org