Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/3Ov8FcMLdILK_P8_00CraiGJA90.roa
File: 3Ov8FcMLdILK_P8_00CraiGJA90.roa (raw, json)
Hash identifier: Iv2o1DFtpNp2CwNa2FQQg+J211i/AB1jJgoJz/m5R5Q=
Subject key identifier: DC:EB:FC:15:C3:0B:74:82:CA:FC:FF:3F:D3:40:AB:6A:21:89:03:DD
Certificate issuer: /CN=8daf61f6608f9a9eac14b18224854807bcdc1324
Certificate serial: 018CC3B72014D46D31940D92CEAAAB7001FA
Authority key identifier: 8D:AF:61:F6:60:8F:9A:9E:AC:14:B1:82:24:85:48:07:BC:DC:13:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/3Ov8FcMLdILK_P8_00CraiGJA90.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209824
IP address blocks: 85.209.53.0/24 maxlen: 24
85.209.52.0/24 maxlen: 24
85.209.55.0/24 maxlen: 24
85.209.54.0/24 maxlen: 24
2a09:9340::/30 maxlen: 30
2a09:9344::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:20:14:d4:6d:31:94:0d:92:ce:aa:ab:70:01:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8daf61f6608f9a9eac14b18224854807bcdc1324
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcebfc15c30b7482cafcff3fd340ab6a218903dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fe:91:08:ed:0e:8f:cc:c1:f5:0d:0a:78:12:
75:16:cb:c9:b2:81:b0:88:3d:80:ae:74:68:c5:e4:
83:13:56:0a:32:db:2f:97:92:4c:1d:71:59:3e:f1:
30:69:9f:90:07:a9:2b:4f:98:91:34:51:47:3c:ef:
c6:cf:68:24:f6:08:e1:05:2b:6d:a1:d6:b9:b2:fb:
17:85:2d:bc:5d:80:a2:4b:58:75:0d:fb:76:ad:ae:
43:b8:c7:ce:d6:0a:de:f5:27:6c:0e:96:eb:ce:53:
5c:05:bc:ce:e2:23:3c:40:27:87:00:66:03:72:80:
ba:8f:6d:81:79:06:00:d5:4a:2b:6b:7f:b1:b7:10:
e4:2e:d5:a8:8a:9b:13:15:ac:2c:80:7c:70:58:8e:
7b:72:9e:5f:d2:44:19:b1:bd:b3:4c:7c:e4:55:47:
28:ea:48:76:5c:30:a3:84:9a:c0:54:d0:cf:6c:3c:
2a:f4:3a:ed:52:cb:97:12:64:87:56:c5:04:66:9a:
ea:84:54:b8:6c:5d:bf:6c:ea:97:e5:ce:60:91:11:
db:74:23:98:82:fb:82:f2:75:9e:5c:2b:1a:cc:0a:
32:09:84:c5:ad:e5:02:b2:d4:a2:81:b0:9f:9d:f6:
a3:e0:ce:df:5a:e3:65:dc:4b:14:a9:90:94:cf:2c:
bc:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EB:FC:15:C3:0B:74:82:CA:FC:FF:3F:D3:40:AB:6A:21:89:03:DD
X509v3 Authority Key Identifier:
keyid:8D:AF:61:F6:60:8F:9A:9E:AC:14:B1:82:24:85:48:07:BC:DC:13:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/3Ov8FcMLdILK_P8_00CraiGJA90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.52.0/22
IPv6:
2a09:9340::/29
Signature Algorithm: sha256WithRSAEncryption
5b:26:f5:5c:03:b9:59:34:13:8a:e6:dc:40:c5:cf:98:8a:55:
a0:a4:78:62:0c:8f:9f:83:3c:94:28:f2:9c:15:af:dc:7b:f8:
36:61:b8:d9:33:34:24:05:a9:9a:bc:28:a7:d2:bd:72:5a:62:
43:26:f7:21:a2:45:54:10:00:35:20:07:97:f0:eb:44:fb:b1:
fc:3f:bd:c5:19:e5:8e:dc:92:7e:56:a0:98:41:69:db:dc:a4:
47:ec:9f:c0:6f:d6:24:bd:a0:e1:0f:fc:01:39:03:93:3d:c1:
83:c4:fd:c2:b7:47:9b:6e:bb:30:e0:8d:8e:bf:84:54:81:6d:
ce:29:85:64:c2:ab:3b:a0:e6:91:52:1f:8a:c4:ab:5c:c3:8d:
7a:6e:27:5e:6e:b0:4b:c6:d5:e9:4e:98:2d:0f:8a:20:ff:0c:
f8:8e:20:5e:2a:61:45:ae:7a:b3:7b:24:4d:14:6f:74:de:66:
7a:10:d4:0c:fd:bb:f3:1f:b1:05:17:0f:90:71:cf:ae:be:29:
23:54:97:2a:c4:1c:9d:96:f7:3d:a5:cd:39:37:77:9d:f8:03:
5e:73:fa:d0:03:8c:5a:fd:7b:7d:b7:e7:00:0d:52:21:02:e5:
43:21:8f:2e:c4:6e:3a:64:95:54:47:57:a5:b8:11:8f:fc:2c:
fc:be:26:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtyAU1G0xlA2SzqqrcAH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYWY2MWY2NjA4ZjlhOWVhYzE0YjE4MjI0ODU0ODA3YmNk
YzEzMjQwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ViZmMxNWMzMGI3NDgyY2FmY2ZmM2ZkMzQwYWI2YTIxODkwM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv6RCO0Oj8zB9Q0KeBJ1FsvJsoGw
iD2ArnRoxeSDE1YKMtsvl5JMHXFZPvEwaZ+QB6krT5iRNFFHPO/Gz2gk9gjhBStt
oda5svsXhS28XYCiS1h1Dft2ra5DuMfO1gre9SdsDpbrzlNcBbzO4iM8QCeHAGYD
coC6j22BeQYA1Uora3+xtxDkLtWoipsTFawsgHxwWI57cp5f0kQZsb2zTHzkVUco
6kh2XDCjhJrAVNDPbDwq9DrtUsuXEmSHVsUEZprqhFS4bF2/bOqX5c5gkRHbdCOY
gvuC8nWeXCsazAoyCYTFreUCstSigbCfnfaj4M7fWuNl3EsUqZCUzyy8mwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNzr/BXDC3SCyvz/P9NAq2ohiQPdMB8GA1UdIwQY
MBaAFI2vYfZgj5qerBSxgiSFSAe83BMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamE5aDltQ1BtcDZzRkxHQ0pJVklCN3pjRXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81MGY5MzUtZDY3NS00MDg5LWFhZTUt
ZmIyNGJlNzVhM2Y0LzEvM092OEZjTUxkSUxLX1A4XzAwQ3JhaUdKQTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81MGY5MzUtZDY3NS00MDg5LWFhZTUtZmIyNGJlNzVhM2Y0
LzEvamE5aDltQ1BtcDZzRkxHQ0pJVklCN3pjRXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdE0MA0E
AgACMAcDBQMqCZNAMA0GCSqGSIb3DQEBCwUAA4IBAQBbJvVcA7lZNBOK5txAxc+Y
ilWgpHhiDI+fgzyUKPKcFa/ce/g2YbjZMzQkBamavCin0r1yWmJDJvchokVUEAA1
IAeX8OtE+7H8P73FGeWO3JJ+VqCYQWnb3KRH7J/Ab9YkvaDhD/wBOQOTPcGDxP3C
t0ebbrsw4I2Ov4RUgW3OKYVkwqs7oOaRUh+KxKtcw416bidebrBLxtXpTpgtD4og
/wz4jiBeKmFFrnqzeyRNFG903mZ6ENQM/bvzH7EFFw+Qcc+uvikjVJcqxBydlvc9
pc05N3ed+ANec/rQA4xa/Xt9t+cADVIhAuVDIY8uxG46ZJVUR1eluBGP/Cz8viYE
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:09:11 2024 by rpki-client on console-fra.rpki-client.org