Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/7v2k5HCg-ouPUAMDG4wcuT6W50w.roa
File: 7v2k5HCg-ouPUAMDG4wcuT6W50w.roa (raw, json)
Hash identifier: mguzfoCkBL8s5AgR8vea8aiTW2OHXS6uDg5s9agqq3w=
Subject key identifier: EE:FD:A4:E4:70:A0:FA:8B:8F:50:03:03:1B:8C:1C:B9:3E:96:E7:4C
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 0192528DF7F227DA272DE45092B93F856556
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/7v2k5HCg-ouPUAMDG4wcuT6W50w.roa
Signing time: Thu 03 Oct 2024 13:24:48 +0000
ROA not before: Thu 03 Oct 2024 13:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42018
IP address blocks: 85.255.194.0/24 maxlen: 24
85.255.196.0/24 maxlen: 24
85.255.198.0/24 maxlen: 24
85.255.199.0/24 maxlen: 24
85.255.202.0/24 maxlen: 24
85.255.203.0/24 maxlen: 24
85.255.204.0/24 maxlen: 24
85.255.206.0/24 maxlen: 24
185.35.52.0/24 maxlen: 24
185.35.53.0/24 maxlen: 24
2a01:498::/32 maxlen: 32
2a01:498:500::/40 maxlen: 40
2a01:498:8100::/40 maxlen: 40
2a01:498:8500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:8d:f7:f2:27:da:27:2d:e4:50:92:b9:3f:85:65:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Oct 3 13:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eefda4e470a0fa8b8f5003031b8c1cb93e96e74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:97:80:ed:88:c3:1d:49:97:90:f9:06:b2:f6:
9a:a4:de:36:00:fe:88:c4:c5:02:d1:a2:ff:6e:8e:
37:7b:3d:b6:68:a3:c3:be:5d:32:4a:82:23:2b:ad:
3c:bd:ec:9a:7e:9f:b6:a6:19:80:2d:f3:76:27:96:
70:c3:7e:65:b3:c1:34:bd:22:97:1c:7b:0f:c3:54:
05:0e:64:b8:86:89:bb:65:f4:e6:56:65:8d:f2:9e:
ec:43:0d:b2:ab:32:10:d2:c5:7c:de:b8:db:45:7d:
8b:6e:b5:f6:b2:8d:1d:ae:46:1e:a6:cd:4d:ae:e7:
31:90:dd:13:2b:a6:72:f4:27:aa:eb:c8:a3:7a:7e:
8d:8c:06:33:db:93:0e:ae:6d:f4:2c:bf:db:16:e8:
d7:f3:fc:1d:11:63:87:88:2b:42:51:34:d7:1a:8f:
6f:c0:e0:6d:c9:df:b3:40:1f:76:22:41:0d:f6:bc:
30:ae:0b:0f:86:f6:11:72:a0:86:63:e8:c0:db:0b:
f9:7c:29:a1:3b:eb:6e:2c:e0:cb:14:3b:a4:b3:ba:
2f:6f:42:c2:1b:a4:7d:37:29:b4:51:e1:c2:56:44:
c5:91:7f:72:1e:db:4b:83:89:33:38:db:0b:d9:de:
08:94:a1:05:1e:f1:30:ea:bf:f0:52:c3:c5:0b:b2:
8a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:FD:A4:E4:70:A0:FA:8B:8F:50:03:03:1B:8C:1C:B9:3E:96:E7:4C
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/7v2k5HCg-ouPUAMDG4wcuT6W50w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.194.0/24
85.255.196.0/24
85.255.198.0/23
85.255.202.0-85.255.204.255
85.255.206.0/24
185.35.52.0/23
IPv6:
2a01:498::/32
Signature Algorithm: sha256WithRSAEncryption
1b:b9:b0:a1:e6:96:91:44:40:42:61:c4:55:38:e9:2d:b0:3c:
23:88:e5:e0:61:0f:a8:e6:a7:ee:c2:cd:16:d1:a4:aa:59:52:
42:88:10:af:d8:57:de:36:6a:6d:24:1f:c4:87:86:3e:0d:18:
cf:51:a1:03:53:c8:b2:fe:44:b1:ea:84:f7:ea:e8:07:a4:cc:
49:f6:a9:f6:b7:d8:5a:e3:df:d3:6c:49:be:b9:6e:57:f6:c1:
3a:48:7d:36:37:dc:ad:7b:ba:d2:62:ea:cf:fe:1a:99:31:b1:
a8:c9:ad:c0:44:32:eb:12:dc:ba:98:0d:d1:1f:c1:b0:c7:1a:
16:f8:7c:5c:35:b9:b7:ca:dc:b1:80:64:0f:3b:79:28:c7:9b:
8b:74:1f:a3:68:eb:f6:d1:89:66:cb:3f:ca:c6:7b:30:c1:75:
4b:e5:80:d0:af:b4:ef:e9:c9:95:c2:15:f7:b3:51:86:df:20:
80:5e:d8:b9:84:32:f5:74:61:59:33:9f:f3:7b:57:e1:a9:25:
1e:88:d4:f6:c9:53:fd:d9:c7:a3:da:68:1a:ba:2f:a9:aa:20:
9e:8f:b9:c8:47:3a:4c:cd:ce:4b:b0:bb:0d:c3:02:35:bc:8c:
d5:1d:8c:03:f9:5a:3e:8d:91:47:8d:52:81:1f:fb:c8:8d:d2:
e1:eb:3b:c2
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZJSjffyJ9onLeRQkrk/hWVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjQxMDAzMTMyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWZkYTRlNDcwYTBmYThiOGY1MDAzMDMxYjhjMWNiOTNlOTZlNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJeA7YjDHUmXkPkGsvaapN42AP6I
xMUC0aL/bo43ez22aKPDvl0ySoIjK608veyafp+2phmALfN2J5Zww35ls8E0vSKX
HHsPw1QFDmS4hom7ZfTmVmWN8p7sQw2yqzIQ0sV83rjbRX2LbrX2so0drkYeps1N
rucxkN0TK6Zy9Ceq68ijen6NjAYz25MOrm30LL/bFujX8/wdEWOHiCtCUTTXGo9v
wOBtyd+zQB92IkEN9rwwrgsPhvYRcqCGY+jA2wv5fCmhO+tuLODLFDuks7ovb0LC
G6R9Nym0UeHCVkTFkX9yHttLg4kzONsL2d4IlKEFHvEw6r/wUsPFC7KKxwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFO79pORwoPqLj1ADAxuMHLk+ludMMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvN3YyazVIQ2ctb3VQVUFNREc0d2N1VDZXNTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQAVf/CAwQA
Vf/EAwQBVf/GMAwDBAFV/8oDBABV/8wDBABV/84DBAG5IzQwDQQCAAIwBwMFACoB
BJgwDQYJKoZIhvcNAQELBQADggEBABu5sKHmlpFEQEJhxFU46S2wPCOI5eBhD6jm
p+7CzRbRpKpZUkKIEK/YV942am0kH8SHhj4NGM9RoQNTyLL+RLHqhPfq6AekzEn2
qfa32Frj39NsSb65blf2wTpIfTY33K17utJi6s/+GpkxsajJrcBEMusS3LqYDdEf
wbDHGhb4fFw1ubfK3LGAZA87eSjHm4t0H6No6/bRiWbLP8rGezDBdUvlgNCvtO/p
yZXCFfezUYbfIIBe2LmEMvV0YVkzn/N7V+GpJR6I1PbJU/3Zx6PaaBq6L6mqIJ6P
uchHOkzNzkuwuw3DAjW8jNUdjAP5Wj6NkUeNUoEf+8iN0uHrO8I=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:55 2024 by rpki-client on console-ams.rpki-client.org