Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/X53QUdfB23eIAzULrwBhcHJzYyY.roa
File: X53QUdfB23eIAzULrwBhcHJzYyY.roa (raw, json)
Hash identifier: 1P4Fp2hyt6Jm+gUmzHOhEIlCr4T0od/cn1BOoS1FBfk=
Subject key identifier: 5F:9D:D0:51:D7:C1:DB:77:88:03:35:0B:AF:00:61:70:72:73:63:26
Certificate issuer: /CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Certificate serial: 018F5CE44C0F2455921B1C6BE9081CB22468
Authority key identifier: 20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/X53QUdfB23eIAzULrwBhcHJzYyY.roa
Signing time: Thu 09 May 2024 10:26:56 +0000
ROA not before: Thu 09 May 2024 10:26:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44703
IP address blocks: 85.115.64.0/19 maxlen: 19
85.115.64.0/24 maxlen: 24
85.115.65.0/24 maxlen: 24
85.115.70.0/24 maxlen: 24
85.115.71.0/24 maxlen: 24
85.115.72.0/21 maxlen: 21
85.115.80.0/21 maxlen: 21
85.115.93.0/24 maxlen: 24
85.115.94.0/24 maxlen: 24
85.115.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5c:e4:4c:0f:24:55:92:1b:1c:6b:e9:08:1c:b2:24:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Validity
Not Before: May 9 10:26:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f9dd051d7c1db778803350baf00617072736326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f9:92:b4:f4:f2:79:ca:55:d9:59:f3:32:11:
fa:d5:2d:fc:99:f7:0c:18:2e:05:1c:8e:5d:2e:03:
7a:8a:21:cf:6b:a0:ea:ae:5f:0d:12:52:58:cd:51:
ba:72:f1:4f:89:59:d6:f3:4c:6a:fd:0c:43:3c:25:
7d:77:71:f3:b0:ed:ee:eb:56:af:43:f6:1c:25:42:
b7:d7:16:6d:3f:74:7d:ba:c2:e7:5c:a2:4a:9f:b8:
c5:d7:d6:c0:13:0a:bb:0d:d6:72:e7:b4:c6:78:7e:
de:47:7c:e7:6f:e3:ae:44:f4:2b:0f:84:5f:2f:8b:
f1:16:2f:3a:51:ec:c7:ba:6f:43:51:29:7c:94:44:
6c:e7:e9:75:5c:73:2f:9e:29:9d:72:74:32:4c:63:
5e:30:05:03:a9:d7:89:e1:3c:1a:30:1d:b0:b9:7a:
4d:7b:a7:d8:69:e3:f8:b5:f3:95:bc:6d:3c:8b:7a:
70:c3:90:f1:2e:0e:65:d7:39:92:6e:9f:98:10:30:
eb:5c:00:cc:9f:45:65:99:29:d7:b2:d4:23:71:6a:
e4:f1:92:2d:f2:1c:80:18:20:0f:33:5e:0e:2b:aa:
80:5e:a5:1c:54:88:72:eb:df:1f:97:da:04:07:62:
e8:2e:df:05:5a:57:f8:c9:46:cd:9d:bd:c3:f6:d1:
5a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9D:D0:51:D7:C1:DB:77:88:03:35:0B:AF:00:61:70:72:73:63:26
X509v3 Authority Key Identifier:
keyid:20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/X53QUdfB23eIAzULrwBhcHJzYyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.64.0/19
Signature Algorithm: sha256WithRSAEncryption
43:a2:70:82:f5:82:c6:2b:84:f5:9e:99:7e:7f:9a:05:29:c3:
e7:df:90:03:4f:ff:00:22:65:67:40:70:50:c2:8f:6e:3c:3d:
e9:4a:b2:de:d2:df:30:15:d5:6e:a6:8f:72:dd:75:59:a7:4d:
00:3d:c2:36:a3:35:7d:88:de:14:21:d4:85:98:15:9b:bd:23:
dd:f6:04:3e:33:64:da:43:3c:7e:92:fc:53:e8:00:49:4f:8e:
60:89:84:fd:68:29:1b:78:00:3e:b3:2e:59:9d:69:ca:e2:f5:
f7:11:06:47:9a:8d:24:6b:e8:cc:56:c4:30:fa:45:12:e7:d0:
c1:6f:06:e7:78:8e:7d:b7:2f:9d:c2:00:8b:24:68:6d:ee:fb:
65:12:ae:95:5b:75:aa:32:9a:be:f0:94:d6:18:bd:99:5b:da:
c0:9a:8c:5b:00:62:79:c7:d2:8a:90:3a:0b:4e:af:3b:e9:7b:
ec:f7:39:96:7d:54:90:98:bf:e6:fc:95:a2:36:32:9c:21:13:
08:dd:10:fc:70:e6:ef:c1:f0:66:ae:03:d5:f7:e0:de:0a:e4:
b6:b8:65:8b:cc:26:e2:2b:2f:75:2e:95:f1:32:23:5e:6d:03:
cc:19:0a:55:b2:99:02:f4:dc:a9:a6:2e:7d:db:0f:38:4b:be:
a2:56:ee:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9c5EwPJFWSGxxr6QgcsiRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjUxMDBlNzk4ZmFiNzU3N2JmNzI1YWM5NTY5ZWE4MGU2
YzJhMDQwHhcNMjQwNTA5MTAyNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjlkZDA1MWQ3YzFkYjc3ODgwMzM1MGJhZjAwNjE3MDcyNzM2MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPmStPTyecpV2VnzMhH61S38mfcM
GC4FHI5dLgN6iiHPa6Dqrl8NElJYzVG6cvFPiVnW80xq/QxDPCV9d3HzsO3u61av
Q/YcJUK31xZtP3R9usLnXKJKn7jF19bAEwq7DdZy57TGeH7eR3znb+OuRPQrD4Rf
L4vxFi86UezHum9DUSl8lERs5+l1XHMvnimdcnQyTGNeMAUDqdeJ4TwaMB2wuXpN
e6fYaeP4tfOVvG08i3pww5DxLg5l1zmSbp+YEDDrXADMn0VlmSnXstQjcWrk8ZIt
8hyAGCAPM14OK6qAXqUcVIhy698fl9oEB2LoLt8FWlf4yUbNnb3D9tFaJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+d0FHXwdt3iAM1C68AYXByc2MmMB8GA1UdIwQY
MBaAFCC1EA55j6t1d79yWslWnqgObCoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQt
ODAzNzk2NTY5M2EyLzEvWDUzUVVkZkIyM2VJQXpVTHJ3QmhjSEp6WXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQtODAzNzk2NTY5M2Ey
LzEvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFVXNAMA0G
CSqGSIb3DQEBCwUAA4IBAQBDonCC9YLGK4T1npl+f5oFKcPn35ADT/8AImVnQHBQ
wo9uPD3pSrLe0t8wFdVupo9y3XVZp00APcI2ozV9iN4UIdSFmBWbvSPd9gQ+M2Ta
Qzx+kvxT6ABJT45giYT9aCkbeAA+sy5ZnWnK4vX3EQZHmo0ka+jMVsQw+kUS59DB
bwbneI59ty+dwgCLJGht7vtlEq6VW3WqMpq+8JTWGL2ZW9rAmoxbAGJ5x9KKkDoL
Tq876Xvs9zmWfVSQmL/m/JWiNjKcIRMI3RD8cObvwfBmrgPV9+DeCuS2uGWLzCbi
Ky91LpXxMiNebQPMGQpVspkC9Nyppi592w84S76iVu7C
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:24:13 2024 by rpki-client on console-ams.rpki-client.org