Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/RT3J7RweelZjFAa5g3tboUv8NmA.roa
File: RT3J7RweelZjFAa5g3tboUv8NmA.roa (raw, json)
Hash identifier: EHj0eOx09It5sAkDFKhlL3UEmT/PziTQeXUOwFWCZM0=
Subject key identifier: 45:3D:C9:ED:1C:1E:7A:56:63:14:06:B9:83:7B:5B:A1:4B:FC:36:60
Certificate issuer: /CN=8e0840804c6680c41f21e8726f380b95e69e9447
Certificate serial: 018CC42459BEAE5C41E8803297B3DCAF2655
Authority key identifier: 8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/RT3J7RweelZjFAa5g3tboUv8NmA.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25512
IP address blocks: 85.209.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:59:be:ae:5c:41:e8:80:32:97:b3:dc:af:26:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e0840804c6680c41f21e8726f380b95e69e9447
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=453dc9ed1c1e7a56631406b9837b5ba14bfc3660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0e:42:88:1e:3c:ab:13:28:8b:41:dd:9d:88:
e8:1e:ed:7e:e2:37:d3:93:c0:1c:49:21:cb:7f:39:
f5:92:7b:44:57:bc:d4:03:01:86:2c:e3:b5:f3:ac:
cc:58:91:fc:fc:5f:5f:f3:a4:b9:1f:bb:7f:a2:75:
9d:c5:0d:b9:5c:6c:c1:c6:f5:df:2d:0e:8d:5e:f0:
a5:ea:4a:81:a3:b7:7b:2e:e7:7b:39:11:b2:29:e6:
ea:e0:68:7f:ea:2c:8d:0e:e6:0a:3b:27:c2:34:a3:
ea:cd:e7:e9:ef:9c:b3:63:84:6c:15:cc:e6:b8:96:
b9:ae:f8:9e:fb:c8:97:d1:fe:e7:f3:9f:84:2e:28:
d5:6c:cd:95:87:f4:05:c7:17:85:a1:7e:d3:7f:05:
77:bb:c0:11:e8:a4:be:69:7a:e7:c4:be:f5:e0:1a:
66:76:bd:77:64:76:d3:31:5c:e2:db:88:fd:d2:2d:
b1:d0:61:c7:dd:a6:de:86:74:fa:15:8c:18:e1:d5:
3f:ff:c5:67:c5:02:e0:28:e1:8f:b6:2b:0e:6e:7f:
9e:e6:93:0d:6d:eb:0d:64:93:22:78:48:e9:c6:cd:
dd:8c:71:9e:70:f1:32:be:5e:28:bb:5a:fc:4e:40:
4d:4e:30:8d:2b:cd:20:cd:a8:92:fd:c7:1c:6f:e7:
8d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:3D:C9:ED:1C:1E:7A:56:63:14:06:B9:83:7B:5B:A1:4B:FC:36:60
X509v3 Authority Key Identifier:
keyid:8E:08:40:80:4C:66:80:C4:1F:21:E8:72:6F:38:0B:95:E6:9E:94:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jghAgExmgMQfIehybzgLleaelEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/RT3J7RweelZjFAa5g3tboUv8NmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/cee572-3420-45e4-87b6-c2799753c853/1/jghAgExmgMQfIehybzgLleaelEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.124.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:e4:a3:35:d8:52:96:65:19:5b:fe:4d:f9:0d:09:ce:c2:34:
d5:13:4c:20:61:7c:34:61:86:51:8e:13:1e:75:26:ad:4f:d6:
c5:3f:11:65:ca:46:30:40:4d:07:bc:aa:73:02:a3:61:93:49:
38:06:a0:9d:08:fa:ee:42:bb:24:87:ff:99:3e:af:2a:e4:54:
f6:d0:8c:fd:f3:eb:db:94:b9:04:df:ce:65:22:7d:33:30:95:
c5:ea:c6:73:9b:60:f1:02:b4:dc:3c:f8:5e:0a:4d:cf:d5:51:
33:40:97:78:bd:5f:40:3c:d4:9d:48:4a:06:52:b2:ba:eb:a7:
72:b4:a9:2d:82:75:6e:f3:49:53:80:4b:7d:75:28:f3:d6:33:
3b:0a:e1:26:c7:f6:44:11:c9:e1:97:28:85:02:2a:55:1f:47:
ad:53:68:30:2a:ae:7c:ab:fa:e9:fc:a1:bd:1f:a6:7c:a6:bf:
57:cc:eb:1a:12:fb:29:de:56:8e:b1:8c:06:9d:fe:bb:a0:0d:
1a:48:cf:9a:64:94:24:50:46:0a:de:23:41:d6:8e:1e:b4:47:
31:82:52:1a:35:be:a6:14:3f:df:49:96:63:56:12:9e:83:ff:
d1:60:be:01:37:0b:da:03:f5:ab:f3:85:42:48:4e:8e:f8:c0:
99:76:25:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFm+rlxB6IAyl7PcryZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDg0MDgwNGM2NjgwYzQxZjIxZTg3MjZmMzgwYjk1ZTY5
ZTk0NDcwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTNkYzllZDFjMWU3YTU2NjMxNDA2Yjk4MzdiNWJhMTRiZmMzNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg5CiB48qxMoi0HdnYjoHu1+4jfT
k8AcSSHLfzn1kntEV7zUAwGGLOO186zMWJH8/F9f86S5H7t/onWdxQ25XGzBxvXf
LQ6NXvCl6kqBo7d7Lud7ORGyKebq4Gh/6iyNDuYKOyfCNKPqzefp75yzY4RsFczm
uJa5rvie+8iX0f7n85+ELijVbM2Vh/QFxxeFoX7TfwV3u8AR6KS+aXrnxL714Bpm
dr13ZHbTMVzi24j90i2x0GHH3abehnT6FYwY4dU//8VnxQLgKOGPtisObn+e5pMN
besNZJMieEjpxs3djHGecPEyvl4ou1r8TkBNTjCNK80gzaiS/cccb+eNAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEU9ye0cHnpWYxQGuYN7W6FL/DZgMB8GA1UdIwQY
MBaAFI4IQIBMZoDEHyHocm84C5XmnpRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYt
YzI3OTk3NTNjODUzLzEvUlQzSjdSd2VlbFpqRkFhNWczdGJvVXY4Tm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9jZWU1NzItMzQyMC00NWU0LTg3YjYtYzI3OTk3NTNjODUz
LzEvamdoQWdFeG1nTVFmSWVoeWJ6Z0xsZWFlbEVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdF8MA0G
CSqGSIb3DQEBCwUAA4IBAQCx5KM12FKWZRlb/k35DQnOwjTVE0wgYXw0YYZRjhMe
dSatT9bFPxFlykYwQE0HvKpzAqNhk0k4BqCdCPruQrskh/+ZPq8q5FT20Iz98+vb
lLkE385lIn0zMJXF6sZzm2DxArTcPPheCk3P1VEzQJd4vV9APNSdSEoGUrK666dy
tKktgnVu80lTgEt9dSjz1jM7CuEmx/ZEEcnhlyiFAipVH0etU2gwKq58q/rp/KG9
H6Z8pr9XzOsaEvsp3laOsYwGnf67oA0aSM+aZJQkUEYK3iNB1o4etEcxglIaNb6m
FD/fSZZjVhKeg//RYL4BNwvaA/Wr84VCSE6O+MCZdiUH
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:57:09 2024 by rpki-client on console-ams.rpki-client.org