Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/cdaaea-6118-490e-84f5-967f2e506548/1/mEHPfDbqX4-VVROOELQqvWMqVl8.roa
File: mEHPfDbqX4-VVROOELQqvWMqVl8.roa (raw, json)
Hash identifier: Gd0gjJGXdjtHisCT7nNdOQk09yLpbDqSLlG6hfXZeH8=
Subject key identifier: 98:41:CF:7C:36:EA:5F:8F:95:55:13:8E:10:B4:2A:BD:63:2A:56:5F
Certificate issuer: /CN=bbf43e173f782f01c33b33693985bd3c08d4d054
Certificate serial: 018CC94D778AF6DB30990D11DF8727F87D52
Authority key identifier: BB:F4:3E:17:3F:78:2F:01:C3:3B:33:69:39:85:BD:3C:08:D4:D0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_Q-Fz94LwHDOzNpOYW9PAjU0FQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/cdaaea-6118-490e-84f5-967f2e506548/1/mEHPfDbqX4-VVROOELQqvWMqVl8.roa
Signing time: Tue 02 Jan 2024 08:32:26 +0000
ROA not before: Tue 02 Jan 2024 08:32:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42205
IP address blocks: 185.33.82.0/23 maxlen: 23
80.85.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/cdaaea-6118-490e-84f5-967f2e506548/1/u_Q-Fz94LwHDOzNpOYW9PAjU0FQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/cdaaea-6118-490e-84f5-967f2e506548/1/u_Q-Fz94LwHDOzNpOYW9PAjU0FQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/u_Q-Fz94LwHDOzNpOYW9PAjU0FQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:77:8a:f6:db:30:99:0d:11:df:87:27:f8:7d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbf43e173f782f01c33b33693985bd3c08d4d054
Validity
Not Before: Jan 2 08:32:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9841cf7c36ea5f8f9555138e10b42abd632a565f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3a:7d:1a:ab:23:d3:f9:1a:2c:c4:f0:3a:35:
3c:bc:5e:f3:40:8f:1d:55:be:bc:9a:ef:82:82:fd:
0b:46:d7:6f:30:c0:e9:b3:22:f2:c3:90:60:7b:4a:
4e:19:a2:71:3d:78:ec:46:e9:c5:aa:a8:36:ed:70:
67:7a:6c:79:81:59:98:95:da:26:4a:3d:47:84:c4:
65:3e:90:54:17:5d:fc:20:4c:8f:17:55:01:34:7d:
5a:e0:95:c9:85:79:f6:d4:1e:85:97:e9:7d:ac:a5:
54:ba:d0:2a:3d:ba:ab:94:e4:22:60:f7:f5:6f:b8:
c9:3a:13:a0:77:2d:6d:d1:29:30:8d:af:dc:47:1d:
90:67:e6:d6:24:63:5b:6f:cf:28:8a:af:e8:59:38:
24:eb:29:d0:01:71:01:e0:d0:e9:1b:c6:c3:0b:ea:
ec:47:93:07:fc:bb:37:13:31:bf:43:21:4c:3b:2e:
a8:0c:00:f1:57:1c:ae:c5:1d:a1:14:47:32:2e:d1:
aa:8d:ee:e3:41:df:21:60:11:05:eb:04:40:b9:6b:
02:65:b9:8f:3f:64:52:6e:21:f7:e9:e7:77:e8:83:
46:48:57:f3:99:7c:32:91:ec:cf:89:92:09:44:c4:
43:41:22:18:c8:3b:85:29:ba:e5:38:d8:32:f0:0a:
14:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:41:CF:7C:36:EA:5F:8F:95:55:13:8E:10:B4:2A:BD:63:2A:56:5F
X509v3 Authority Key Identifier:
keyid:BB:F4:3E:17:3F:78:2F:01:C3:3B:33:69:39:85:BD:3C:08:D4:D0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_Q-Fz94LwHDOzNpOYW9PAjU0FQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cdaaea-6118-490e-84f5-967f2e506548/1/mEHPfDbqX4-VVROOELQqvWMqVl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/cdaaea-6118-490e-84f5-967f2e506548/1/u_Q-Fz94LwHDOzNpOYW9PAjU0FQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.56.0/21
185.33.82.0/23
Signature Algorithm: sha256WithRSAEncryption
59:38:c7:11:da:50:54:92:21:7b:fd:6d:2b:f2:f5:88:45:a9:
80:fc:88:d9:35:2e:64:33:65:49:61:d7:1b:45:3f:43:af:f5:
15:52:1f:69:93:5e:12:f0:e0:b1:12:24:db:f9:3f:2a:8c:fe:
0d:42:f6:e8:82:bc:19:05:df:82:1f:33:21:a7:43:17:ec:32:
7c:6f:26:b6:de:75:2a:44:fa:61:3b:7f:98:50:c5:90:4d:0e:
2d:90:29:26:86:bc:d8:56:fb:3f:fc:a8:22:7c:fa:82:c9:b0:
25:e2:16:3e:04:a4:38:a9:aa:6b:b5:c7:f2:f2:7a:d3:07:c0:
14:f1:ee:df:1e:13:c4:09:41:a7:2a:ac:42:c0:5a:5e:5f:49:
fe:d2:09:5d:5e:97:61:0a:2a:28:4b:61:d0:a8:26:29:37:30:
23:5e:24:49:c7:88:91:25:c5:73:be:e3:aa:f0:71:3e:4d:0c:
2e:b0:5b:f0:8e:8f:03:91:48:f3:05:31:24:ff:5c:6f:cf:96:
bf:b6:29:5f:90:43:54:ee:a4:96:df:5c:3e:69:b2:98:3f:25:
06:2f:7e:33:df:fe:29:6f:5a:29:b4:e4:6f:6a:6a:b2:b6:9d:
92:cd:ae:af:56:48:bc:6d:88:af:84:ab:a0:2b:0b:b2:2d:32:
0a:5b:20:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTXeK9tswmQ0R34cn+H1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZjQzZTE3M2Y3ODJmMDFjMzNiMzM2OTM5ODViZDNjMDhk
NGQwNTQwHhcNMjQwMTAyMDgzMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQxY2Y3YzM2ZWE1ZjhmOTU1NTEzOGUxMGI0MmFiZDYzMmE1NjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTp9Gqsj0/kaLMTwOjU8vF7zQI8d
Vb68mu+Cgv0LRtdvMMDpsyLyw5Bge0pOGaJxPXjsRunFqqg27XBnemx5gVmYldom
Sj1HhMRlPpBUF138IEyPF1UBNH1a4JXJhXn21B6Fl+l9rKVUutAqPbqrlOQiYPf1
b7jJOhOgdy1t0Skwja/cRx2QZ+bWJGNbb88oiq/oWTgk6ynQAXEB4NDpG8bDC+rs
R5MH/Ls3EzG/QyFMOy6oDADxVxyuxR2hFEcyLtGqje7jQd8hYBEF6wRAuWsCZbmP
P2RSbiH36ed36INGSFfzmXwykezPiZIJRMRDQSIYyDuFKbrlONgy8AoUIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJhBz3w26l+PlVUTjhC0Kr1jKlZfMB8GA1UdIwQY
MBaAFLv0Phc/eC8BwzszaTmFvTwI1NBUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9RLUZ6OTRMd0hET3pOcE9ZVzlQQWpVMEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9jZGFhZWEtNjExOC00OTBlLTg0ZjUt
OTY3ZjJlNTA2NTQ4LzEvbUVIUGZEYnFYNC1WVlJPT0VMUXF2V01xVmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9jZGFhZWEtNjExOC00OTBlLTg0ZjUtOTY3ZjJlNTA2NTQ4
LzEvdV9RLUZ6OTRMd0hET3pOcE9ZVzlQQWpVMEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUFU4AwQB
uSFSMA0GCSqGSIb3DQEBCwUAA4IBAQBZOMcR2lBUkiF7/W0r8vWIRamA/IjZNS5k
M2VJYdcbRT9Dr/UVUh9pk14S8OCxEiTb+T8qjP4NQvbogrwZBd+CHzMhp0MX7DJ8
bya23nUqRPphO3+YUMWQTQ4tkCkmhrzYVvs//KgifPqCybAl4hY+BKQ4qaprtcfy
8nrTB8AU8e7fHhPECUGnKqxCwFpeX0n+0gldXpdhCiooS2HQqCYpNzAjXiRJx4iR
JcVzvuOq8HE+TQwusFvwjo8DkUjzBTEk/1xvz5a/tilfkENU7qSW31w+abKYPyUG
L34z3/4pb1optORvamqytp2Sza6vVki8bYivhKugKwuyLTIKWyC0
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:18:04 2024 by rpki-client on console-fra.rpki-client.org