Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Ookgz0MQke_jPEjgsvEBZe1n-fc.roa
File: Ookgz0MQke_jPEjgsvEBZe1n-fc.roa (raw, json)
Hash identifier: i8fBlJM8tHdcK2Vz0IXoUPHlC6WhNKKMaRykafcUdKE=
Subject key identifier: 3A:89:20:CF:43:10:91:EF:E3:3C:48:E0:B2:F1:01:65:ED:67:F9:F7
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018F8630EF18DC059EB3DB34FE977E0AE081
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Ookgz0MQke_jPEjgsvEBZe1n-fc.roa
Signing time: Fri 17 May 2024 10:55:04 +0000
ROA not before: Fri 17 May 2024 10:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 85.133.205.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:30:ef:18:dc:05:9e:b3:db:34:fe:97:7e:0a:e0:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 17 10:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a8920cf431091efe33c48e0b2f10165ed67f9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:af:55:e3:df:ce:e8:aa:f2:eb:4b:58:62:68:
28:7b:c9:76:ee:65:55:27:ea:9d:52:7e:e3:bc:6a:
f1:53:d5:e8:d8:a5:9d:01:02:36:dc:c0:e9:ba:d2:
90:ba:89:b9:af:34:2f:70:46:8d:bd:83:1b:2c:8b:
fd:f0:e7:16:93:75:da:dd:2f:12:18:75:b1:68:d3:
e2:e4:a0:04:8f:2e:06:88:d2:50:25:ea:ad:7e:1b:
02:4e:4e:65:73:06:7e:05:e8:45:b4:da:82:ea:eb:
39:d5:4a:5a:47:6f:3c:c9:c1:b4:d5:12:fc:2c:ee:
65:32:89:62:a0:d3:08:43:bb:22:53:04:8c:ad:4b:
f4:1d:49:73:a5:ef:c6:b5:ae:ec:28:bb:6b:a3:ff:
df:13:1d:08:fa:2f:a1:bd:02:4a:8e:f0:e5:73:9a:
a9:7c:64:57:d2:e5:18:60:b0:d0:57:58:60:50:03:
23:38:8b:dc:17:50:aa:e2:76:4d:d6:83:3f:b2:97:
dd:bc:15:d4:ac:bd:b9:97:60:db:af:8e:d2:37:a7:
9b:fc:69:07:fa:49:6e:b6:64:6a:07:c3:68:34:cc:
1a:38:24:a5:55:1b:a4:31:f9:42:4d:63:0e:9f:3f:
db:62:6f:7b:68:76:6e:a9:60:22:f6:31:66:0a:04:
c0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:89:20:CF:43:10:91:EF:E3:3C:48:E0:B2:F1:01:65:ED:67:F9:F7
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/Ookgz0MQke_jPEjgsvEBZe1n-fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.205.0/24
85.133.218.0/24
85.133.227.0-85.133.228.255
Signature Algorithm: sha256WithRSAEncryption
6a:c2:6c:58:4a:b9:61:e6:bf:a0:b7:e4:05:03:14:0c:ca:c1:
bc:b1:d0:76:fe:e4:2a:ce:26:b4:52:89:c2:a3:b9:47:a7:eb:
40:f6:bb:a2:87:7c:16:35:00:b8:26:21:61:15:de:e1:63:f5:
ae:ee:37:e4:c3:ed:6a:5d:b6:e0:f2:2a:a6:3c:6c:e5:0e:2c:
57:e5:24:54:b8:ba:61:b8:74:51:e9:18:5a:cd:c8:99:da:2d:
2a:73:e5:60:96:8a:69:f7:19:e0:a3:c0:7d:88:24:4f:10:67:
bb:bb:7e:0d:7b:87:87:93:99:4b:26:9e:5d:10:99:1c:4a:14:
c6:a6:41:00:df:de:55:84:9b:4f:3d:67:3f:7d:b1:bd:95:b0:
2b:09:c6:b3:2b:3b:8a:2d:0d:a4:8b:1a:ab:27:66:45:03:53:
22:af:32:16:83:ac:49:08:2b:c6:37:aa:d6:54:05:9d:87:f8:
10:a5:e0:e3:e5:bf:b7:5b:07:cf:39:43:f0:91:00:90:e0:8b:
5e:aa:ff:9c:e2:e5:12:6c:34:11:f0:b1:e7:b2:df:d7:18:2b:
e9:57:66:78:08:db:89:7a:00:86:fb:d7:2b:86:46:c6:0f:0b:
49:ec:92:56:8f:ca:b9:0b:dc:70:ff:93:00:57:d6:e3:74:92:
d2:1f:4b:84
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY+GMO8Y3AWes9s0/pd+CuCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwNTE3MTA1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTg5MjBjZjQzMTA5MWVmZTMzYzQ4ZTBiMmYxMDE2NWVkNjdmOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK9V49/O6Kry60tYYmgoe8l27mVV
J+qdUn7jvGrxU9Xo2KWdAQI23MDputKQuom5rzQvcEaNvYMbLIv98OcWk3Xa3S8S
GHWxaNPi5KAEjy4GiNJQJeqtfhsCTk5lcwZ+BehFtNqC6us51UpaR288ycG01RL8
LO5lMolioNMIQ7siUwSMrUv0HUlzpe/Gta7sKLtro//fEx0I+i+hvQJKjvDlc5qp
fGRX0uUYYLDQV1hgUAMjOIvcF1Cq4nZN1oM/spfdvBXUrL25l2Dbr47SN6eb/GkH
+klutmRqB8NoNMwaOCSlVRukMflCTWMOnz/bYm97aHZuqWAi9jFmCgTAsQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDqJIM9DEJHv4zxI4LLxAWXtZ/n3MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvT29rZ3owTVFrZV9qUEVqZ3N2RUJaZTFuLWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVYXNAwQA
VYXaMAwDBABVheMDBABVheQwDQYJKoZIhvcNAQELBQADggEBAGrCbFhKuWHmv6C3
5AUDFAzKwbyx0Hb+5CrOJrRSicKjuUen60D2u6KHfBY1ALgmIWEV3uFj9a7uN+TD
7WpdtuDyKqY8bOUOLFflJFS4umG4dFHpGFrNyJnaLSpz5WCWimn3GeCjwH2IJE8Q
Z7u7fg17h4eTmUsmnl0QmRxKFMamQQDf3lWEm089Zz99sb2VsCsJxrMrO4otDaSL
GqsnZkUDUyKvMhaDrEkIK8Y3qtZUBZ2H+BCl4OPlv7dbB885Q/CRAJDgi16q/5zi
5RJsNBHwseey39cYK+lXZngI24l6AIb71yuGRsYPC0nsklaPyrkL3HD/kwBX1uN0
ktIfS4Q=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:50:57 2024 by rpki-client on console-fra.rpki-client.org