Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/KU64UFfMvr7hELtznW1kd3Jgx0g.roa
File: KU64UFfMvr7hELtznW1kd3Jgx0g.roa (raw, json)
Hash identifier: IreqOrqzILh2oR2ldJiQhRHfJ01koP4D4FLp7x9G4/4=
Subject key identifier: 29:4E:B8:50:57:CC:BE:BE:E1:10:BB:73:9D:6D:64:77:72:60:C7:48
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 018CC94E689D568C33CFACB2998BA9EEBFCC
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/KU64UFfMvr7hELtznW1kd3Jgx0g.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35913
IP address blocks: 85.239.34.0/24 maxlen: 24
85.239.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 05:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:68:9d:56:8c:33:cf:ac:b2:99:8b:a9:ee:bf:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=294eb85057ccbebee110bb739d6d64777260c748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:31:1b:b2:39:85:c1:95:6d:3f:65:fc:55:44:
8d:21:9f:f0:9b:bf:81:9a:50:25:ba:e1:af:89:62:
08:11:89:50:0f:06:16:07:16:2b:e3:d4:2d:8c:ab:
e8:00:7e:a0:85:b1:af:db:7c:a0:f2:f0:24:da:63:
69:8b:92:26:ed:bf:31:ed:c2:b3:88:e3:c5:56:ab:
51:f6:a9:b7:b8:9f:f1:b1:9c:15:e2:fe:e1:d8:3f:
77:0d:d9:ae:c8:73:33:8b:43:8f:26:8c:c4:28:19:
a8:47:22:70:fb:5c:25:b8:29:8d:08:7c:0e:11:01:
ba:bb:68:fd:f8:a5:d7:d4:ea:df:5e:c0:40:59:4c:
29:88:e8:4d:1f:a2:6f:2b:e1:aa:58:5d:6d:4d:c2:
b9:c4:3e:48:d6:ed:7b:31:d9:64:f0:17:33:7f:26:
54:9d:16:0f:1c:b8:d0:7a:2f:87:cb:2a:bc:78:0e:
7c:63:01:a9:f6:ab:9d:9a:91:ff:6f:3b:71:8e:5f:
f9:43:0c:ff:c3:63:93:18:a8:c7:20:f9:d2:8b:af:
53:54:37:46:67:8a:3d:41:80:17:68:b3:19:0f:88:
f8:2e:c2:88:e5:fc:71:7d:59:05:8e:d4:0a:52:85:
2b:99:80:de:7c:23:84:25:df:96:29:49:93:b5:b0:
00:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4E:B8:50:57:CC:BE:BE:E1:10:BB:73:9D:6D:64:77:72:60:C7:48
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/KU64UFfMvr7hELtznW1kd3Jgx0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.34.0/24
85.239.44.0/22
Signature Algorithm: sha256WithRSAEncryption
02:b5:5b:ef:05:b5:a0:36:11:47:08:86:53:c4:e2:42:bc:af:
13:f6:00:3d:be:35:d3:1e:42:a3:1f:43:41:03:dc:a5:12:18:
7f:aa:ca:e3:9a:e9:d1:70:69:7c:d2:04:8e:8d:14:fb:61:f4:
84:11:f4:2b:ac:eb:a6:be:23:b3:1d:c2:c6:ae:4b:05:60:f3:
ec:67:ab:5a:ed:36:68:fd:a1:b7:05:10:ec:9b:4b:8e:75:ad:
d2:6a:16:e1:6c:0e:c2:e1:6d:4e:08:79:57:3e:5c:99:4b:d3:
69:c1:fe:ab:3c:4c:93:5d:29:3c:42:bc:bc:c5:09:fc:55:36:
4d:53:be:8e:0d:d3:4f:19:6d:fb:bb:75:10:2d:2c:6f:42:a3:
86:09:3a:4c:06:ef:fd:30:a2:b6:19:11:fb:a3:12:2e:d9:6a:
f5:fe:2d:0f:fb:8a:21:7e:64:22:89:cb:8f:c5:57:4b:f1:72:
e2:ab:e4:42:c1:fc:05:f3:06:e3:03:ba:9b:e0:16:3d:28:3b:
ff:1a:02:db:be:75:d9:7b:02:89:45:62:fc:44:00:ba:5c:7f:
a6:50:08:ee:c9:6f:3f:f1:f4:26:14:de:aa:1d:f6:a7:d9:5d:
f2:cd:a6:76:e5:46:fe:70:5b:98:23:73:30:dc:2e:65:de:77:
5e:39:eb:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTmidVowzz6yymYup7r/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTRlYjg1MDU3Y2NiZWJlZTExMGJiNzM5ZDZkNjQ3NzcyNjBjNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTEbsjmFwZVtP2X8VUSNIZ/wm7+B
mlAluuGviWIIEYlQDwYWBxYr49QtjKvoAH6ghbGv23yg8vAk2mNpi5Im7b8x7cKz
iOPFVqtR9qm3uJ/xsZwV4v7h2D93DdmuyHMzi0OPJozEKBmoRyJw+1wluCmNCHwO
EQG6u2j9+KXX1OrfXsBAWUwpiOhNH6JvK+GqWF1tTcK5xD5I1u17Mdlk8BczfyZU
nRYPHLjQei+Hyyq8eA58YwGp9qudmpH/bztxjl/5Qwz/w2OTGKjHIPnSi69TVDdG
Z4o9QYAXaLMZD4j4LsKI5fxxfVkFjtQKUoUrmYDefCOEJd+WKUmTtbAAdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFClOuFBXzL6+4RC7c51tZHdyYMdIMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvS1U2NFVGZk12cjdoRUx0em5XMWtkM0pneDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe8iAwQC
Ve8sMA0GCSqGSIb3DQEBCwUAA4IBAQACtVvvBbWgNhFHCIZTxOJCvK8T9gA9vjXT
HkKjH0NBA9ylEhh/qsrjmunRcGl80gSOjRT7YfSEEfQrrOumviOzHcLGrksFYPPs
Z6ta7TZo/aG3BRDsm0uOda3SahbhbA7C4W1OCHlXPlyZS9Npwf6rPEyTXSk8Qry8
xQn8VTZNU76ODdNPGW37u3UQLSxvQqOGCTpMBu/9MKK2GRH7oxIu2Wr1/i0P+4oh
fmQiicuPxVdL8XLiq+RCwfwF8wbjA7qb4BY9KDv/GgLbvnXZewKJRWL8RAC6XH+m
UAjuyW8/8fQmFN6qHfan2V3yzaZ25Ub+cFuYI3Mw3C5l3ndeOeuJ
-----END CERTIFICATE-----
Generated at Fri May 3 13:49:26 2024 by rpki-client on console-fra.rpki-client.org