Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/vQJdbvxTGU4bkBe8pX_o5rEmWTg.roa
File: vQJdbvxTGU4bkBe8pX_o5rEmWTg.roa (raw, json)
Hash identifier: U3W2F8taKN7JY7YGFO03H7opOiSDsrDcQs5zVZN8BqM=
Subject key identifier: BD:02:5D:6E:FC:53:19:4E:1B:90:17:BC:A5:7F:E8:E6:B1:26:59:38
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 019305F1EE5587726E215193382DBC638BCE
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/vQJdbvxTGU4bkBe8pX_o5rEmWTg.roa
Signing time: Thu 07 Nov 2024 09:26:01 +0000
ROA not before: Thu 07 Nov 2024 09:26:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211056
IP address blocks: 85.133.216.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:f1:ee:55:87:72:6e:21:51:93:38:2d:bc:63:8b:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 7 09:26:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd025d6efc53194e1b9017bca57fe8e6b1265938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:11:15:60:1c:22:10:9b:3f:11:04:d5:87:59:
6d:41:42:31:f6:83:fe:b6:0e:46:07:07:f9:f6:de:
2d:c7:8f:7f:5f:d5:f0:57:62:dc:ee:b6:a3:d9:b0:
3c:41:f5:d2:5b:00:17:26:6a:b1:d0:7b:bd:1c:43:
85:5c:fd:39:0f:52:60:60:0d:6d:e5:b7:ac:ee:c9:
24:70:2f:56:de:4e:fe:14:97:cc:28:e7:af:c0:c6:
f8:c4:d6:ef:d5:99:a4:13:66:a2:46:d5:b5:71:e6:
93:92:97:54:62:cb:fe:fd:f9:19:3a:17:88:8b:4b:
2e:c2:55:93:a3:8e:c4:8a:4d:be:df:ec:9b:4c:46:
6a:28:9a:33:ce:3d:1a:9c:08:cc:4d:0e:98:a4:b5:
95:41:1a:8f:0b:6b:1d:50:1a:ab:bc:a3:59:64:e7:
b8:b2:04:06:92:8b:11:2e:07:6b:02:25:cd:c6:be:
82:91:9d:b4:7e:d9:ab:4e:d2:11:fa:15:a9:2a:74:
cc:f0:8c:07:49:c1:c9:15:b5:23:22:a0:c5:c7:69:
df:e9:74:13:39:f6:fa:63:9a:6d:11:c5:6a:42:ad:
9b:70:e1:8b:75:a1:cd:89:23:92:52:04:09:ef:35:
6a:92:eb:43:64:e9:79:10:92:20:0e:29:69:c2:79:
c5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:02:5D:6E:FC:53:19:4E:1B:90:17:BC:A5:7F:E8:E6:B1:26:59:38
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/vQJdbvxTGU4bkBe8pX_o5rEmWTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.216.0/24
85.133.236.0-85.133.238.255
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
00:f2:33:92:02:cb:fd:91:f6:99:c2:ca:ab:a0:5d:12:58:d9:
ea:2d:10:90:59:cd:8c:31:9d:27:43:94:d4:09:87:7b:15:25:
a4:6b:81:b3:f7:21:59:0b:e4:6b:24:4f:76:73:77:7a:90:2d:
34:07:97:7c:89:5a:06:e6:b1:51:35:9f:00:cf:04:94:86:53:
f8:3c:1e:82:ad:64:cd:f8:1d:9e:21:ca:35:d0:d5:cb:87:9e:
f7:a8:d7:88:8d:49:3c:76:07:7c:26:af:ab:b5:9d:8a:d6:32:
e3:bd:1b:f6:a0:63:25:bb:f0:6f:a7:e4:b0:f0:f7:56:2e:46:
c8:61:29:df:d5:4b:af:fb:a2:c2:58:5c:72:5e:9e:c9:a2:ad:
84:ce:a7:d9:de:9b:41:de:fd:cf:c5:43:53:78:e1:01:c1:f8:
4a:c9:59:ca:4c:01:85:87:e1:29:1d:6a:d0:44:01:41:da:09:
12:38:ae:e0:6e:ff:1b:a9:97:32:9a:2c:4b:5c:87:78:4b:6e:
5c:e1:61:22:50:7e:bb:33:84:a9:87:35:a0:ab:3e:af:be:d0:
84:f2:0a:0a:1e:f0:11:95:3e:28:31:39:24:95:63:2a:74:96:
88:0e:5c:67:4e:2d:87:83:8c:37:1a:19:da:10:62:33:b6:37:
19:70:33:9e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZMF8e5Vh3JuIVGTOC28Y4vOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQxMTA3MDkyNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDAyNWQ2ZWZjNTMxOTRlMWI5MDE3YmNhNTdmZThlNmIxMjY1OTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBEVYBwiEJs/EQTVh1ltQUIx9oP+
tg5GBwf59t4tx49/X9XwV2Lc7raj2bA8QfXSWwAXJmqx0Hu9HEOFXP05D1JgYA1t
5bes7skkcC9W3k7+FJfMKOevwMb4xNbv1ZmkE2aiRtW1ceaTkpdUYsv+/fkZOheI
i0suwlWTo47Eik2+3+ybTEZqKJozzj0anAjMTQ6YpLWVQRqPC2sdUBqrvKNZZOe4
sgQGkosRLgdrAiXNxr6CkZ20ftmrTtIR+hWpKnTM8IwHScHJFbUjIqDFx2nf6XQT
Ofb6Y5ptEcVqQq2bcOGLdaHNiSOSUgQJ7zVqkutDZOl5EJIgDilpwnnF4wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL0CXW78UxlOG5AXvKV/6OaxJlk4MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdlFKZGJ2eFRHVTRia0JlOHBYX281ckVtV1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVYXYMAwD
BAJVhewDBABVhe4DBABVhf0wDQYJKoZIhvcNAQELBQADggEBAADyM5ICy/2R9pnC
yqugXRJY2eotEJBZzYwxnSdDlNQJh3sVJaRrgbP3IVkL5GskT3Zzd3qQLTQHl3yJ
WgbmsVE1nwDPBJSGU/g8HoKtZM34HZ4hyjXQ1cuHnveo14iNSTx2B3wmr6u1nYrW
MuO9G/agYyW78G+n5LDw91YuRshhKd/VS6/7osJYXHJensmirYTOp9nem0He/c/F
Q1N44QHB+ErJWcpMAYWH4SkdatBEAUHaCRI4ruBu/xuplzKaLEtch3hLblzhYSJQ
frszhKmHNaCrPq++0ITyCgoe8BGVPigxOSSVYyp0logOXGdOLYeDjDcaGdoQYjO2
NxlwM54=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:10:51 2024 by rpki-client on console-ams.rpki-client.org