Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/r0IByZQNfrLrBv390ZWL_pjbczg.roa
File: r0IByZQNfrLrBv390ZWL_pjbczg.roa (raw, json)
Hash identifier: lx9asTPWxscarYNMaWaP4gDXjewm9dnPwOyAfTNMevM=
Subject key identifier: AF:42:01:C9:94:0D:7E:B2:EB:06:FD:FD:D1:95:8B:FE:98:DB:73:38
Certificate issuer: /CN=49b2444644c43348d7c50f4e50e74356e9896dbf
Certificate serial: 018CC6B8DDE2AF98D08F3D9F56EC140114CC
Authority key identifier: 49:B2:44:46:44:C4:33:48:D7:C5:0F:4E:50:E7:43:56:E9:89:6D:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SbJERkTEM0jXxQ9OUOdDVumJbb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/r0IByZQNfrLrBv390ZWL_pjbczg.roa
Signing time: Mon 01 Jan 2024 20:30:53 +0000
ROA not before: Mon 01 Jan 2024 20:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25540
IP address blocks: 185.85.233.0/24 maxlen: 24
185.85.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/SbJERkTEM0jXxQ9OUOdDVumJbb8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/SbJERkTEM0jXxQ9OUOdDVumJbb8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SbJERkTEM0jXxQ9OUOdDVumJbb8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:dd:e2:af:98:d0:8f:3d:9f:56:ec:14:01:14:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49b2444644c43348d7c50f4e50e74356e9896dbf
Validity
Not Before: Jan 1 20:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af4201c9940d7eb2eb06fdfdd1958bfe98db7338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d3:32:c2:3d:aa:e4:83:a1:58:7d:2f:2e:3c:
b5:e3:35:c9:d0:7a:90:2c:6d:a4:79:1a:c8:72:8e:
0f:da:fb:15:98:1d:cf:cd:9f:98:b3:c7:f9:bd:32:
98:42:8d:08:7f:8b:aa:4c:ea:c4:76:18:49:c9:95:
3b:9b:63:a2:d4:cc:20:50:a1:04:b2:d5:1e:e2:fb:
35:0b:7c:77:61:08:f1:e4:54:95:6e:e2:6d:76:06:
7c:25:88:75:d4:3c:ea:5f:f8:b2:49:09:75:10:8e:
7e:13:0a:1a:94:66:7f:ab:0c:00:ab:75:b8:98:51:
94:ab:ac:7f:12:8e:af:90:0f:09:01:6d:b3:f9:64:
15:86:0c:16:61:30:8c:0e:c9:c6:11:e3:3d:5d:27:
3f:e4:4e:82:b7:03:f1:a4:11:11:9b:74:3e:8b:d5:
db:78:17:8b:3f:1e:60:74:f2:41:66:26:a6:16:e1:
64:90:40:f7:e3:dd:9f:56:1e:62:8f:66:b1:c9:67:
4c:6e:61:f7:c7:de:f2:32:1b:7d:55:4a:0d:da:bc:
55:23:73:2a:e7:85:dc:20:bb:d3:1e:67:43:c9:f3:
ce:35:2a:32:e9:e0:62:38:90:35:c2:9c:af:ea:97:
dd:70:f3:e4:9a:07:cc:e9:42:70:9f:1d:14:04:bc:
d7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:42:01:C9:94:0D:7E:B2:EB:06:FD:FD:D1:95:8B:FE:98:DB:73:38
X509v3 Authority Key Identifier:
keyid:49:B2:44:46:44:C4:33:48:D7:C5:0F:4E:50:E7:43:56:E9:89:6D:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SbJERkTEM0jXxQ9OUOdDVumJbb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/r0IByZQNfrLrBv390ZWL_pjbczg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/SbJERkTEM0jXxQ9OUOdDVumJbb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.233.0/24
185.85.235.0/24
Signature Algorithm: sha256WithRSAEncryption
06:96:6f:1c:4e:5d:34:10:bd:e6:07:73:22:ef:9a:d0:37:f8:
5e:77:dd:55:6a:59:46:5f:03:76:f2:c6:3d:d0:28:4d:ad:0c:
63:1c:9e:55:b6:65:d2:40:dd:ca:d7:0c:2a:fc:4d:92:d5:a8:
e6:d9:a7:09:35:f7:14:4e:0b:b6:db:65:d0:84:cc:bf:85:70:
a4:d9:12:c5:67:c2:3e:df:4a:d2:d7:0a:b8:d2:65:20:a8:36:
54:94:bb:c3:08:e7:96:d6:70:8c:9c:09:18:b9:f7:20:1a:ef:
e6:7f:b3:c6:aa:84:e4:bf:a3:40:31:de:70:01:ae:5e:63:73:
1e:a6:ef:a3:9c:ed:8d:9c:83:47:38:e9:f2:6e:1c:35:55:11:
c0:c7:70:f7:10:f2:11:49:31:de:19:c3:9f:90:30:0e:ad:ab:
3c:66:64:df:e1:9b:b0:a5:83:d2:9c:61:61:cb:c5:38:8e:63:
b3:12:6a:98:79:03:1e:c6:89:fa:91:80:38:19:9a:41:43:79:
c9:97:5a:b2:6c:b5:8d:71:52:6c:9f:6f:3f:e8:48:b5:64:c9:
86:97:fc:09:a5:01:bf:4d:a2:2a:63:86:d0:86:0a:5f:51:79:
ee:35:5d:35:43:31:94:f7:00:c7:21:15:94:f9:2d:f1:64:9e:
18:17:0d:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuN3ir5jQjz2fVuwUARTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YjI0NDQ2NDRjNDMzNDhkN2M1MGY0ZTUwZTc0MzU2ZTk4
OTZkYmYwHhcNMjQwMTAxMjAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjQyMDFjOTk0MGQ3ZWIyZWIwNmZkZmRkMTk1OGJmZTk4ZGI3MzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdMywj2q5IOhWH0vLjy14zXJ0HqQ
LG2keRrIco4P2vsVmB3PzZ+Ys8f5vTKYQo0If4uqTOrEdhhJyZU7m2Oi1MwgUKEE
stUe4vs1C3x3YQjx5FSVbuJtdgZ8JYh11DzqX/iySQl1EI5+EwoalGZ/qwwAq3W4
mFGUq6x/Eo6vkA8JAW2z+WQVhgwWYTCMDsnGEeM9XSc/5E6CtwPxpBERm3Q+i9Xb
eBeLPx5gdPJBZiamFuFkkED3492fVh5ij2axyWdMbmH3x97yMht9VUoN2rxVI3Mq
54XcILvTHmdDyfPONSoy6eBiOJA1wpyv6pfdcPPkmgfM6UJwnx0UBLzXfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9CAcmUDX6y6wb9/dGVi/6Y23M4MB8GA1UdIwQY
MBaAFEmyREZExDNI18UPTlDnQ1bpiW2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2JKRVJrVEVNMGpYeFE5T1VPZERWdW1KYmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi82NGNkYmQtYzg1MS00YjM1LWJiNzkt
NzUzZDk2OWEwNzAyLzEvcjBJQnlaUU5mckxyQnYzOTBaV0xfcGpiY3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi82NGNkYmQtYzg1MS00YjM1LWJiNzktNzUzZDk2OWEwNzAy
LzEvU2JKRVJrVEVNMGpYeFE5T1VPZERWdW1KYmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVXpAwQA
uVXrMA0GCSqGSIb3DQEBCwUAA4IBAQAGlm8cTl00EL3mB3Mi75rQN/hed91VallG
XwN28sY90ChNrQxjHJ5VtmXSQN3K1wwq/E2S1ajm2acJNfcUTgu222XQhMy/hXCk
2RLFZ8I+30rS1wq40mUgqDZUlLvDCOeW1nCMnAkYufcgGu/mf7PGqoTkv6NAMd5w
Aa5eY3Mepu+jnO2NnINHOOnybhw1VRHAx3D3EPIRSTHeGcOfkDAOras8ZmTf4Zuw
pYPSnGFhy8U4jmOzEmqYeQMexon6kYA4GZpBQ3nJl1qybLWNcVJsn28/6Ei1ZMmG
l/wJpQG/TaIqY4bQhgpfUXnuNV01QzGU9wDHIRWU+S3xZJ4YFw21
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:56:49 2024 by rpki-client on console-fra.rpki-client.org