Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/sPdFL20zxH61jgZObFzSFG5U2ac.roa
File: sPdFL20zxH61jgZObFzSFG5U2ac.roa (raw, json)
Hash identifier: jUWTWOp183ErNo/9UYLw7pK7bFD4o7uAcZsahbPW8ns=
Subject key identifier: B0:F7:45:2F:6D:33:C4:7E:B5:8E:06:4E:6C:5C:D2:14:6E:54:D9:A7
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018E434342DB5A3032B9A9C5AD1B34B5E120
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/sPdFL20zxH61jgZObFzSFG5U2ac.roa
Signing time: Fri 15 Mar 2024 17:57:45 +0000
ROA not before: Fri 15 Mar 2024 17:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397630
IP address blocks: 85.115.208.0/24 maxlen: 24
213.145.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 16:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:43:43:42:db:5a:30:32:b9:a9:c5:ad:1b:34:b5:e1:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Mar 15 17:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0f7452f6d33c47eb58e064e6c5cd2146e54d9a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a4:b6:c2:f7:bc:dd:46:18:1d:93:c4:ac:fc:
c9:eb:59:1c:81:6d:7e:02:8f:da:e2:f5:d0:6a:ac:
df:a7:7b:89:3a:86:67:1e:88:f1:6f:2e:da:58:14:
50:eb:32:ee:15:35:27:46:42:15:e0:c8:8a:e8:38:
ad:6e:8d:da:d3:ec:2a:9b:c2:55:26:1b:a7:f4:83:
d2:94:16:ef:25:b2:2f:d4:90:21:3f:20:bf:36:8c:
cd:89:f5:64:e4:b1:90:a9:a3:05:3d:d1:7c:3a:dc:
68:ef:1d:0e:db:9e:25:be:ea:f5:03:f8:ae:f5:bb:
e5:82:eb:90:2c:80:9e:a7:bb:8d:c0:63:5d:7f:2e:
b8:e7:34:76:2f:78:43:be:4f:02:66:d6:0b:01:1f:
ff:fc:fb:85:9c:29:31:ee:a7:3d:f6:8b:44:e8:7d:
e8:ac:96:c2:5d:ea:6a:0f:f5:da:9e:d9:03:a4:e4:
df:f1:53:f1:25:fa:9c:96:9e:79:81:7e:8e:55:0d:
7f:85:fb:e5:0b:4f:43:9a:a8:4e:8f:60:52:79:be:
cf:76:ac:3e:7c:d9:55:f5:3d:be:3a:91:c2:5d:e7:
ba:d9:22:ba:f8:b3:10:45:3d:4f:e8:c5:78:07:1e:
52:e4:17:81:c5:b3:e2:8b:c8:7c:76:25:fd:86:3d:
fa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F7:45:2F:6D:33:C4:7E:B5:8E:06:4E:6C:5C:D2:14:6E:54:D9:A7
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/sPdFL20zxH61jgZObFzSFG5U2ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/24
213.145.74.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:0d:fd:ab:70:aa:16:ee:0e:a9:6d:53:8d:7c:bd:1d:5c:e8:
c7:74:54:c9:fe:03:f0:4a:93:c9:db:c0:7e:aa:4a:e7:c2:d4:
9f:39:19:52:fe:91:84:22:a7:9d:8a:89:b9:fe:42:bd:9e:f3:
75:12:99:4e:7f:05:06:a4:11:bb:74:c0:53:4a:22:9d:35:c3:
34:5c:a1:82:59:ca:0f:94:99:61:4f:23:e2:38:b0:84:8b:4b:
35:73:80:94:20:2f:33:75:dc:71:54:35:1c:8d:a0:49:4e:db:
6c:88:e7:5c:51:c3:4e:bf:45:8d:21:cb:9a:28:b4:df:48:24:
12:c6:5a:ee:5f:ae:2d:a9:72:cb:5d:56:37:21:d9:a5:df:de:
93:fa:07:36:49:7f:2a:83:f9:0d:6e:d4:46:c8:eb:f4:8d:ca:
c3:16:67:54:df:31:1b:e6:97:00:f0:03:6f:c0:d4:18:74:16:
cb:bd:dd:9c:29:3a:e4:9d:46:f9:3c:fc:97:77:87:85:75:7d:
64:5c:64:cc:68:e4:07:2e:06:0f:9e:0e:c3:49:0a:26:d5:44:
c9:6b:11:22:73:21:99:42:3b:d6:05:87:b0:15:4f:1c:b3:36:
dc:50:ba:ec:b0:6e:78:77:c4:b1:f7:60:0e:b3:45:36:5c:ea:
5f:35:dc:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5DQ0LbWjAyuanFrRs0teEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMzE1MTc1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY3NDUyZjZkMzNjNDdlYjU4ZTA2NGU2YzVjZDIxNDZlNTRkOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKS2wve83UYYHZPErPzJ61kcgW1+
Ao/a4vXQaqzfp3uJOoZnHojxby7aWBRQ6zLuFTUnRkIV4MiK6Ditbo3a0+wqm8JV
Jhun9IPSlBbvJbIv1JAhPyC/NozNifVk5LGQqaMFPdF8Otxo7x0O254lvur1A/iu
9bvlguuQLICep7uNwGNdfy645zR2L3hDvk8CZtYLAR///PuFnCkx7qc99otE6H3o
rJbCXepqD/XantkDpOTf8VPxJfqclp55gX6OVQ1/hfvlC09DmqhOj2BSeb7Pdqw+
fNlV9T2+OpHCXee62SK6+LMQRT1P6MV4Bx5S5BeBxbPii8h8diX9hj36fwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLD3RS9tM8R+tY4GTmxc0hRuVNmnMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvc1BkRkwyMHp4SDYxamdaT2JGelNGRzVVMmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXPQAwQA
1ZFKMA0GCSqGSIb3DQEBCwUAA4IBAQCqDf2rcKoW7g6pbVONfL0dXOjHdFTJ/gPw
SpPJ28B+qkrnwtSfORlS/pGEIqediom5/kK9nvN1EplOfwUGpBG7dMBTSiKdNcM0
XKGCWcoPlJlhTyPiOLCEi0s1c4CUIC8zddxxVDUcjaBJTttsiOdcUcNOv0WNIcua
KLTfSCQSxlruX64tqXLLXVY3Idml396T+gc2SX8qg/kNbtRGyOv0jcrDFmdU3zEb
5pcA8ANvwNQYdBbLvd2cKTrknUb5PPyXd4eFdX1kXGTMaOQHLgYPng7DSQom1UTJ
axEicyGZQjvWBYewFU8cszbcULrssG54d8Sx92AOs0U2XOpfNdyW
-----END CERTIFICATE-----
Generated at Tue May 7 23:39:13 2024 by rpki-client on console-ams.rpki-client.org