Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/RuzZmXD7Dd0EK3mntJO4QSWgaCU.roa
File: RuzZmXD7Dd0EK3mntJO4QSWgaCU.roa (raw, json)
Hash identifier: s/cxByud4VNE7Zeb0fTExjT1wf6so1t194zHyp+Gymk=
Subject key identifier: 46:EC:D9:99:70:FB:0D:DD:04:2B:79:A7:B4:93:B8:41:25:A0:68:25
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018F2E6243EEF4DA9A4703F46DFD4A84C2F1
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/RuzZmXD7Dd0EK3mntJO4QSWgaCU.roa
Signing time: Tue 30 Apr 2024 09:42:22 +0000
ROA not before: Tue 30 Apr 2024 09:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 85.9.96.0/20 maxlen: 20
85.9.96.0/21 maxlen: 21
85.9.96.0/22 maxlen: 22
85.9.100.0/22 maxlen: 22
85.9.104.0/21 maxlen: 21
85.9.105.0/24 maxlen: 24
85.9.106.0/24 maxlen: 24
85.9.107.0/24 maxlen: 24
85.9.108.0/24 maxlen: 24
85.9.109.0/24 maxlen: 24
85.9.110.0/24 maxlen: 24
85.9.111.0/24 maxlen: 24
85.9.112.0/22 maxlen: 22
85.9.112.0/24 maxlen: 24
85.9.113.0/24 maxlen: 24
85.9.114.0/24 maxlen: 24
85.9.115.0/24 maxlen: 24
85.9.120.0/21 maxlen: 21
85.9.120.0/22 maxlen: 22
85.9.124.0/22 maxlen: 22
185.126.0.0/20 maxlen: 20
185.126.0.0/21 maxlen: 21
185.126.0.0/22 maxlen: 22
185.126.0.0/24 maxlen: 24
185.126.1.0/24 maxlen: 24
185.126.2.0/24 maxlen: 24
185.126.3.0/24 maxlen: 24
185.126.4.0/24 maxlen: 24
185.126.5.0/24 maxlen: 24
185.126.6.0/24 maxlen: 24
185.126.7.0/24 maxlen: 24
185.126.8.0/21 maxlen: 21
185.126.8.0/24 maxlen: 24
185.126.9.0/24 maxlen: 24
185.126.10.0/24 maxlen: 24
185.126.11.0/24 maxlen: 24
185.126.12.0/24 maxlen: 24
185.126.13.0/24 maxlen: 24
185.126.14.0/24 maxlen: 24
185.126.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft
rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:62:43:ee:f4:da:9a:47:03:f4:6d:fd:4a:84:c2:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Apr 30 09:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46ecd99970fb0ddd042b79a7b493b84125a06825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a8:5d:9c:07:88:5e:77:c4:f6:0a:43:51:6e:
8d:50:39:98:84:c1:20:57:05:c2:45:69:06:35:05:
04:83:dd:db:a4:6d:0b:6c:e7:17:4c:5c:dd:6c:28:
15:63:23:71:ad:18:e2:78:76:fb:a2:26:89:48:78:
dc:45:17:b3:d2:b7:fa:d1:1b:ee:98:df:fc:67:fc:
3e:8e:b2:58:d2:80:93:8c:29:ff:c9:d3:c6:4a:39:
c8:66:af:34:0a:10:93:18:81:4e:1b:5d:82:1a:a8:
de:b1:c7:ef:66:fc:72:44:65:60:39:81:f1:c9:dc:
60:47:58:7d:da:47:2e:d8:a3:7c:91:cd:10:06:51:
02:a9:06:b5:97:29:52:ba:13:0b:4b:94:6d:83:20:
20:9f:12:41:75:a0:1e:f9:38:a1:1e:6c:38:eb:be:
ac:6e:98:7b:5c:b7:7e:e2:84:30:b1:f1:61:46:29:
ac:db:00:50:5c:ca:bf:6b:ba:a3:e9:9d:90:67:ec:
c4:c2:3f:7c:11:03:09:db:2f:6c:3b:59:75:57:cc:
ee:4a:80:77:ca:a0:f4:89:1e:49:f4:34:ca:03:5a:
0e:25:91:71:a4:74:a0:58:d3:12:28:b7:26:b8:3f:
81:99:66:3b:37:21:0d:2b:48:06:53:47:cd:2b:19:
1b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:EC:D9:99:70:FB:0D:DD:04:2B:79:A7:B4:93:B8:41:25:A0:68:25
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/RuzZmXD7Dd0EK3mntJO4QSWgaCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.96.0-85.9.115.255
85.9.120.0/21
185.126.0.0/20
Signature Algorithm: sha256WithRSAEncryption
b0:e7:34:48:82:4a:5a:f7:74:b3:e4:42:b7:e9:b8:cb:af:30:
1d:8d:ee:28:b7:b6:15:16:7a:37:57:89:2d:f3:0f:5d:94:69:
dc:5a:d6:05:0d:4f:41:5d:2e:40:aa:d2:43:25:d7:ad:9f:80:
f8:ec:9d:b2:33:98:3f:ac:49:17:d7:ff:45:da:d8:88:1f:35:
de:14:26:0a:6d:3c:e1:7b:4e:04:d3:3c:cd:81:ce:22:cc:82:
15:dc:6a:30:fe:1f:70:7e:f7:79:48:5a:a9:1f:ca:e0:b7:24:
5b:b7:02:9c:fc:49:3b:d0:a0:1a:f7:5e:f1:6e:53:08:59:41:
18:83:2c:62:b5:57:bd:e2:9e:9d:0c:1f:82:5e:ce:fa:cb:97:
e0:69:89:64:b3:7e:e6:6c:b6:cd:18:74:08:aa:8e:32:ec:31:
b0:05:ec:9d:0e:0d:1a:9c:43:27:d2:3f:b4:e2:f2:26:2e:11:
41:b7:53:0e:4f:dd:0c:8b:f2:39:9b:ae:7e:61:9e:13:76:58:
be:64:6b:9c:f2:f0:e6:09:ee:e8:f5:7a:7f:ae:20:f3:e0:de:
5f:f6:ac:83:1f:e5:fc:fb:04:cb:32:de:c4:bf:b5:2a:4b:c1:
8d:a4:ed:81:e7:7c:2b:8c:ed:cb:b7:38:bb:a4:38:eb:75:67:
17:09:ef:7c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8uYkPu9NqaRwP0bf1KhMLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwNDMwMDk0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmVjZDk5OTcwZmIwZGRkMDQyYjc5YTdiNDkzYjg0MTI1YTA2ODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06hdnAeIXnfE9gpDUW6NUDmYhMEg
VwXCRWkGNQUEg93bpG0LbOcXTFzdbCgVYyNxrRjieHb7oiaJSHjcRRez0rf60Rvu
mN/8Z/w+jrJY0oCTjCn/ydPGSjnIZq80ChCTGIFOG12CGqjescfvZvxyRGVgOYHx
ydxgR1h92kcu2KN8kc0QBlECqQa1lylSuhMLS5RtgyAgnxJBdaAe+TihHmw4676s
bph7XLd+4oQwsfFhRims2wBQXMq/a7qj6Z2QZ+zEwj98EQMJ2y9sO1l1V8zuSoB3
yqD0iR5J9DTKA1oOJZFxpHSgWNMSKLcmuD+BmWY7NyENK0gGU0fNKxkbkwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEbs2Zlw+w3dBCt5p7STuEEloGglMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvUnV6Wm1YRDdEZDBFSzNtbnRKTzRRU1dnYUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAVVCWAD
BAJVCXADBANVCXgDBAS5fgAwDQYJKoZIhvcNAQELBQADggEBALDnNEiCSlr3dLPk
QrfpuMuvMB2N7ii3thUWejdXiS3zD12Uadxa1gUNT0FdLkCq0kMl162fgPjsnbIz
mD+sSRfX/0Xa2IgfNd4UJgptPOF7TgTTPM2BziLMghXcajD+H3B+93lIWqkfyuC3
JFu3Apz8STvQoBr3XvFuUwhZQRiDLGK1V73inp0MH4JezvrLl+BpiWSzfuZsts0Y
dAiqjjLsMbAF7J0ODRqcQyfSP7Ti8iYuEUG3Uw5P3QyL8jmbrn5hnhN2WL5ka5zy
8OYJ7uj1en+uIPPg3l/2rIMf5fz7BMsy3sS/tSpLwY2k7YHnfCuM7cu3OLukOOt1
ZxcJ73w=
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:04:48 2024 by rpki-client on console-fra.rpki-client.org