Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/0QlxJkMIV7ChM_AJJrdeMTtWfJs.roa
File: 0QlxJkMIV7ChM_AJJrdeMTtWfJs.roa (raw, json)
Hash identifier: SG1XOlw+T7P0LMUqFBP2HNzaULrOremCLGEJkNReCug=
Subject key identifier: D1:09:71:26:43:08:57:B0:A1:33:F0:09:26:B7:5E:31:3B:56:7C:9B
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01933A46F8EA180622F86196E1ABFA4214CB
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/0QlxJkMIV7ChM_AJJrdeMTtWfJs.roa
Signing time: Sun 17 Nov 2024 13:19:10 +0000
ROA not before: Sun 17 Nov 2024 13:19:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3a:46:f8:ea:18:06:22:f8:61:96:e1:ab:fa:42:14:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Nov 17 13:19:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1097126430857b0a133f00926b75e313b567c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:33:a0:33:7c:d0:2e:2e:69:c4:17:2f:63:d2:
36:6f:46:a8:d3:54:a2:61:62:56:9d:23:f1:e3:e4:
bb:1d:e7:48:2b:40:ba:a5:10:3d:53:72:f5:6a:24:
5d:89:fd:58:37:fb:64:50:e5:23:47:de:e1:2c:4f:
4d:11:4c:20:9c:30:cf:80:73:68:75:37:a5:97:89:
3e:cc:a5:30:01:d3:c0:1b:a8:50:eb:12:0a:68:b7:
42:1f:6d:68:e5:40:2d:29:a3:0c:4a:8c:88:63:c5:
9d:40:1f:d7:3d:c0:00:62:fb:51:5e:a6:b0:13:a3:
99:d7:85:0f:3f:89:dc:50:11:e1:dd:2a:b6:1d:8d:
be:e1:08:23:54:e9:30:74:0a:3d:d1:df:59:7a:7d:
b7:37:61:c3:da:ae:e3:d9:19:e7:1b:53:c3:2e:cc:
fd:84:d0:b5:aa:77:74:d8:3e:9b:29:c2:d4:05:97:
e3:49:c0:a7:96:30:95:61:a5:ef:35:68:84:65:0a:
c2:08:c3:eb:af:94:5f:f5:ff:7a:5f:c9:a0:7f:04:
b6:8d:d7:96:39:fb:ca:08:91:78:83:59:6f:9e:46:
f7:79:d0:d9:a7:ac:11:ed:99:fd:54:86:25:b8:6c:
a6:3b:ce:df:00:9c:38:9b:c6:dd:d6:b5:d4:3f:8c:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:09:71:26:43:08:57:B0:A1:33:F0:09:26:B7:5E:31:3B:56:7C:9B
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/0QlxJkMIV7ChM_AJJrdeMTtWfJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/23
213.145.68.0-213.145.79.255
213.145.82.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
0a:80:64:5f:18:ff:1e:5f:6c:89:5a:27:cb:41:13:f1:a6:55:
b5:92:f2:8d:26:5f:bb:c5:0b:b0:af:09:d7:f4:cb:3b:ec:06:
36:4a:ac:9d:52:e0:68:3d:87:dc:0e:f8:4e:00:54:04:18:48:
61:ff:6d:da:e2:79:a0:db:cb:f2:57:3d:c9:4f:5f:ef:47:f7:
88:d0:d9:05:17:24:e7:2e:f3:4c:c7:32:19:16:be:8b:89:20:
c5:50:ce:30:4d:06:5e:66:f2:09:9c:b2:d9:3f:13:0b:4a:e1:
d2:99:66:2e:b9:d6:38:76:08:2e:7d:57:2d:34:2e:03:90:88:
c3:e4:0e:48:51:f4:f1:68:37:4f:7e:bf:ad:3d:23:b5:8b:3e:
c6:7f:bb:0f:55:bd:64:e3:a8:55:e8:b6:a5:09:1b:f8:e2:49:
27:d2:f9:19:94:bc:f7:76:27:9a:2d:ae:20:1f:7c:b0:ce:c0:
2b:db:3f:97:a6:b7:71:d0:fa:49:56:1d:98:fd:23:d6:d6:5d:
0c:17:83:6a:67:12:0e:67:29:52:fe:5b:84:0d:2c:4d:9a:3e:
69:6e:1f:c1:fa:79:fd:d8:3d:cc:41:d8:da:a5:63:98:57:22:
67:13:cf:30:93:23:d4:37:92:eb:bf:69:21:44:f6:cd:69:a4:
db:d8:f9:0b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZM6RvjqGAYi+GGW4av6QhTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQxMTE3MTMxOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA5NzEyNjQzMDg1N2IwYTEzM2YwMDkyNmI3NWUzMTNiNTY3YzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDOgM3zQLi5pxBcvY9I2b0ao01Si
YWJWnSPx4+S7HedIK0C6pRA9U3L1aiRdif1YN/tkUOUjR97hLE9NEUwgnDDPgHNo
dTell4k+zKUwAdPAG6hQ6xIKaLdCH21o5UAtKaMMSoyIY8WdQB/XPcAAYvtRXqaw
E6OZ14UPP4ncUBHh3Sq2HY2+4QgjVOkwdAo90d9Zen23N2HD2q7j2RnnG1PDLsz9
hNC1qnd02D6bKcLUBZfjScCnljCVYaXvNWiEZQrCCMPrr5Rf9f96X8mgfwS2jdeW
OfvKCJF4g1lvnkb3edDZp6wR7Zn9VIYluGymO87fAJw4m8bd1rXUP4znwQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNEJcSZDCFewoTPwCSa3XjE7VnybMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvMFFseEprTUlWN0NoTV9BSkpyZGVNVHRXZkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQBVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEAdWRWDANBgkqhkiG9w0BAQsFAAOCAQEACoBk
Xxj/Hl9siVony0ET8aZVtZLyjSZfu8ULsK8J1/TLO+wGNkqsnVLgaD2H3A74TgBU
BBhIYf9t2uJ5oNvL8lc9yU9f70f3iNDZBRck5y7zTMcyGRa+i4kgxVDOME0GXmby
CZyy2T8TC0rh0plmLrnWOHYILn1XLTQuA5CIw+QOSFH08Wg3T36/rT0jtYs+xn+7
D1W9ZOOoVei2pQkb+OJJJ9L5GZS893Ynmi2uIB98sM7AK9s/l6a3cdD6SVYdmP0j
1tZdDBeDamcSDmcpUv5bhA0sTZo+aW4fwfp5/dg9zEHY2qVjmFciZxPPMJMj1DeS
679pIUT2zWmk29j5Cw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 00:06:50 2024 by rpki-client on console-fra.rpki-client.org