Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/XOzktqlV87zy2pc-2WvmHtaiF-M.roa
File: XOzktqlV87zy2pc-2WvmHtaiF-M.roa (raw, json)
Hash identifier: 5xckx7IzJgEd1Gbl3t+i6xWLZ8i0LA7ifZZWJdf/HuI=
Subject key identifier: 5C:EC:E4:B6:A9:55:F3:BC:F2:DA:97:3E:D9:6B:E6:1E:D6:A2:17:E3
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0192C2ED2F394125768388698937D00EC304
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/XOzktqlV87zy2pc-2WvmHtaiF-M.roa
Signing time: Fri 25 Oct 2024 09:06:16 +0000
ROA not before: Fri 25 Oct 2024 09:06:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 85.133.193.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.214.0/24 maxlen: 24
85.133.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:ed:2f:39:41:25:76:83:88:69:89:37:d0:0e:c3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Oct 25 09:06:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cece4b6a955f3bcf2da973ed96be61ed6a217e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:10:56:bc:2e:63:a9:6f:5e:1e:93:90:88:6b:
95:69:fe:e2:7b:bd:d1:e5:f6:5b:c1:89:f9:6f:86:
48:08:0e:a5:4f:35:ce:9a:dd:d2:d7:15:40:ce:ea:
69:29:ca:6f:ff:4e:b0:19:1c:60:47:76:38:f8:a1:
26:4e:40:00:1e:ea:bc:bb:50:70:46:a3:5d:2f:09:
57:9d:35:55:93:5c:e9:1b:62:0b:33:9c:c7:49:2a:
0e:a4:ee:1d:f7:cb:ef:29:24:8a:51:9f:3e:a1:ab:
f1:1d:79:1b:75:7d:0c:b5:45:0d:3b:4c:1e:94:6a:
14:12:6f:69:52:36:23:55:7e:56:bc:62:a2:55:15:
a7:ed:be:eb:c8:75:cd:fb:67:2f:be:e9:c3:0c:c6:
d4:a7:a4:c0:e8:95:a5:43:d2:76:0a:7c:a7:70:68:
90:33:0f:57:47:58:da:5e:4b:90:75:50:e5:23:5a:
86:e7:56:60:72:e9:6d:6d:66:33:00:17:b6:27:48:
76:ac:8f:f5:78:e1:a9:05:02:40:0b:5f:b9:b8:72:
e4:05:98:ba:cb:90:8e:9b:cc:0e:f8:87:f9:57:a4:
df:cb:bc:76:a2:68:49:20:53:45:c0:d7:c2:db:7b:
3c:86:9b:fc:83:b2:00:f1:af:53:b9:5b:1e:cd:1a:
96:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:EC:E4:B6:A9:55:F3:BC:F2:DA:97:3E:D9:6B:E6:1E:D6:A2:17:E3
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/XOzktqlV87zy2pc-2WvmHtaiF-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.193.0/24
85.133.208.0/24
85.133.214.0/24
85.133.254.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f8:aa:74:db:ad:9f:a9:35:4e:a0:9a:a1:d7:0c:44:35:2e:
4a:8d:44:85:32:4d:c9:5d:e2:b2:14:ab:e3:f9:7f:10:95:88:
38:6d:a9:f7:39:84:fb:7f:6d:b7:43:4d:07:bc:42:45:83:55:
f5:ff:c0:e3:c1:70:0d:9f:bf:fa:97:9d:ae:a4:c4:f8:77:1a:
3f:2d:6a:ec:6e:f6:b7:79:56:20:5a:38:32:90:45:89:e0:ab:
db:95:75:e9:99:82:55:2f:87:dc:ef:fb:f6:bf:ca:cc:3c:53:
ab:a2:cd:e4:eb:bd:f7:ee:cd:01:4c:f5:01:30:d7:37:aa:18:
92:31:46:4e:da:a4:c2:41:4c:29:7c:05:5b:de:b6:d3:2f:28:
83:fb:2d:1a:db:b0:21:be:a2:b2:a2:cb:88:0b:2d:1e:0a:cf:
6b:c4:c2:f5:7e:2f:00:f7:5d:03:eb:a4:9d:34:d3:15:4b:b6:
4d:73:86:6b:ff:88:05:d0:99:25:d4:ab:f0:cc:cb:f9:bf:15:
50:f3:3f:40:6f:9d:86:b8:47:fe:53:1b:7a:d7:92:a3:9c:dd:
4c:07:46:97:82:6f:b9:ac:2a:61:35:a3:e3:13:e5:32:b9:50:
70:49:d9:99:57:b5:e9:ad:a5:f9:c0:b0:15:aa:c7:62:4d:af:
db:84:7d:4b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLC7S85QSV2g4hpiTfQDsMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMDI1MDkwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2VjZTRiNmE5NTVmM2JjZjJkYTk3M2VkOTZiZTYxZWQ2YTIxN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxBWvC5jqW9eHpOQiGuVaf7ie73R
5fZbwYn5b4ZICA6lTzXOmt3S1xVAzuppKcpv/06wGRxgR3Y4+KEmTkAAHuq8u1Bw
RqNdLwlXnTVVk1zpG2ILM5zHSSoOpO4d98vvKSSKUZ8+oavxHXkbdX0MtUUNO0we
lGoUEm9pUjYjVX5WvGKiVRWn7b7ryHXN+2cvvunDDMbUp6TA6JWlQ9J2CnyncGiQ
Mw9XR1jaXkuQdVDlI1qG51ZgcultbWYzABe2J0h2rI/1eOGpBQJAC1+5uHLkBZi6
y5COm8wO+If5V6Tfy7x2omhJIFNFwNfC23s8hpv8g7IA8a9TuVsezRqWBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFzs5LapVfO88tqXPtlr5h7WohfjMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvWE96a3RxbFY4N3p5MnBjLTJXdm1IdGFpRi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVYXBAwQA
VYXQAwQAVYXWAwQAVYX+MA0GCSqGSIb3DQEBCwUAA4IBAQB6+Kp0262fqTVOoJqh
1wxENS5KjUSFMk3JXeKyFKvj+X8QlYg4ban3OYT7f223Q00HvEJFg1X1/8DjwXAN
n7/6l52upMT4dxo/LWrsbva3eVYgWjgykEWJ4KvblXXpmYJVL4fc7/v2v8rMPFOr
os3k67337s0BTPUBMNc3qhiSMUZO2qTCQUwpfAVb3rbTLyiD+y0a27AhvqKyosuI
Cy0eCs9rxML1fi8A910D66SdNNMVS7ZNc4Zr/4gF0Jkl1KvwzMv5vxVQ8z9Ab52G
uEf+Uxt615KjnN1MB0aXgm+5rCphNaPjE+UyuVBwSdmZV7XpraX5wLAVqsdiTa/b
hH1L
-----END CERTIFICATE-----
Generated at Tue Nov 26 15:55:49 2024 by rpki-client on console-fra.rpki-client.org