Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/m0n9Y5mrE_9EMO13ZJL09qJaMsU.roa
File: m0n9Y5mrE_9EMO13ZJL09qJaMsU.roa (raw, json)
Hash identifier: x2Nwi2LHAGG/RkDGsKep/X0Zxpxd/AsFDpgHHa7HMnc=
Subject key identifier: 9B:49:FD:63:99:AB:13:FF:44:30:ED:77:64:92:F4:F6:A2:5A:32:C5
Certificate issuer: /CN=12c4a17d20666b7d8d2b1ffe18a4687af926218f
Certificate serial: 018CC87100D2A5BFD337B436F77F5E82CDEC
Authority key identifier: 12:C4:A1:7D:20:66:6B:7D:8D:2B:1F:FE:18:A4:68:7A:F9:26:21:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsShfSBma32NKx_-GKRoevkmIY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/m0n9Y5mrE_9EMO13ZJL09qJaMsU.roa
Signing time: Tue 02 Jan 2024 04:31:37 +0000
ROA not before: Tue 02 Jan 2024 04:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34788
IP address blocks: 185.3.40.0/22 maxlen: 22
85.13.173.0/24 maxlen: 24
85.13.174.0/24 maxlen: 24
85.13.179.0/24 maxlen: 24
85.13.175.0/24 maxlen: 24
85.13.176.0/24 maxlen: 24
85.13.177.0/24 maxlen: 24
85.13.178.0/24 maxlen: 24
85.13.186.0/24 maxlen: 24
85.13.182.0/24 maxlen: 24
85.13.183.0/24 maxlen: 24
85.13.184.0/24 maxlen: 24
85.13.185.0/24 maxlen: 24
85.13.180.0/24 maxlen: 24
85.13.181.0/24 maxlen: 24
85.13.189.0/24 maxlen: 24
85.13.190.0/24 maxlen: 24
85.13.191.0/24 maxlen: 24
85.13.187.0/24 maxlen: 24
85.13.188.0/24 maxlen: 24
85.13.130.0/24 maxlen: 24
85.13.131.0/24 maxlen: 24
85.13.132.0/24 maxlen: 24
85.13.128.0/24 maxlen: 24
85.13.129.0/24 maxlen: 24
85.13.137.0/24 maxlen: 24
85.13.138.0/24 maxlen: 24
85.13.139.0/24 maxlen: 24
85.13.134.0/24 maxlen: 24
85.13.135.0/24 maxlen: 24
85.13.136.0/24 maxlen: 24
85.13.133.0/24 maxlen: 24
85.13.144.0/24 maxlen: 24
85.13.145.0/24 maxlen: 24
85.13.141.0/24 maxlen: 24
85.13.142.0/24 maxlen: 24
85.13.143.0/24 maxlen: 24
85.13.140.0/24 maxlen: 24
85.13.146.0/24 maxlen: 24
85.13.151.0/24 maxlen: 24
85.13.152.0/24 maxlen: 24
85.13.147.0/24 maxlen: 24
85.13.148.0/24 maxlen: 24
85.13.149.0/24 maxlen: 24
85.13.150.0/24 maxlen: 24
85.13.158.0/24 maxlen: 24
85.13.159.0/24 maxlen: 24
85.13.154.0/24 maxlen: 24
85.13.155.0/24 maxlen: 24
85.13.156.0/24 maxlen: 24
85.13.157.0/24 maxlen: 24
85.13.153.0/24 maxlen: 24
85.13.165.0/24 maxlen: 24
85.13.166.0/24 maxlen: 24
85.13.161.0/24 maxlen: 24
85.13.162.0/24 maxlen: 24
85.13.163.0/24 maxlen: 24
85.13.164.0/24 maxlen: 24
85.13.160.0/24 maxlen: 24
85.13.172.0/24 maxlen: 24
85.13.168.0/24 maxlen: 24
85.13.169.0/24 maxlen: 24
85.13.170.0/24 maxlen: 24
85.13.171.0/24 maxlen: 24
85.13.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsShfSBma32NKx_-GKRoevkmIY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Dec 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:00:d2:a5:bf:d3:37:b4:36:f7:7f:5e:82:cd:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c4a17d20666b7d8d2b1ffe18a4687af926218f
Validity
Not Before: Jan 2 04:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b49fd6399ab13ff4430ed776492f4f6a25a32c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9f:7f:48:55:46:69:ab:98:4f:dd:20:ec:45:
98:c8:33:d9:54:9d:e5:68:ee:9e:5d:22:bc:62:e6:
11:7e:95:1d:1c:f1:4c:4e:67:36:d9:a4:ad:a8:2b:
46:fa:f0:55:a1:9f:2b:42:da:de:8a:bc:58:e4:7d:
3c:be:9f:1d:1a:cb:ec:b9:9c:1d:0d:81:07:67:61:
29:9e:96:8b:6f:2d:e7:97:7b:06:23:34:65:58:39:
84:10:97:67:7c:eb:b9:bf:e2:bd:d0:d2:56:16:fb:
d3:18:aa:85:92:fa:37:a7:eb:de:7e:de:70:ec:cc:
6d:29:7b:aa:71:f1:1a:6e:69:3a:e1:82:28:2e:e3:
57:7b:04:23:86:28:65:6e:7a:b0:96:7d:3d:b6:3a:
8e:bd:bf:e3:f6:34:ad:ff:8a:28:7f:60:7a:4a:a2:
e2:92:7a:43:63:4e:a4:85:ec:4e:6b:9b:63:97:4b:
b8:8e:66:ca:02:2f:70:44:f7:04:18:65:c4:e6:26:
fc:40:56:94:a5:e6:5c:f9:35:06:2f:c1:81:be:0e:
24:a9:df:28:8d:ba:0d:83:46:e8:43:9f:91:fc:10:
00:7d:29:b3:03:0f:45:9d:c9:67:ba:5c:6d:97:bb:
aa:bf:9d:7b:cb:ae:1e:1c:09:ba:eb:fd:4b:55:55:
bc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:49:FD:63:99:AB:13:FF:44:30:ED:77:64:92:F4:F6:A2:5A:32:C5
X509v3 Authority Key Identifier:
keyid:12:C4:A1:7D:20:66:6B:7D:8D:2B:1F:FE:18:A4:68:7A:F9:26:21:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsShfSBma32NKx_-GKRoevkmIY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/m0n9Y5mrE_9EMO13ZJL09qJaMsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/831181-b0b3-4b2e-88dc-49a96a82214e/1/EsShfSBma32NKx_-GKRoevkmIY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.13.128.0/18
185.3.40.0/22
Signature Algorithm: sha256WithRSAEncryption
25:0b:36:08:02:20:25:83:cf:f2:c9:58:99:f8:63:0e:06:e2:
56:6a:07:fd:b7:86:95:35:2a:c4:7e:7c:3b:98:d6:00:a0:65:
cd:5b:aa:77:7f:4d:86:b8:4c:35:27:16:28:b7:fc:c1:41:df:
60:e2:82:3e:1d:ac:61:3b:27:42:a0:94:ad:b5:58:f0:32:d6:
69:3d:6a:0f:21:e8:15:0e:22:aa:24:ec:82:2d:53:3a:ed:7e:
67:06:bd:05:73:7c:9e:59:6c:f9:d1:1e:b8:b8:fc:84:cf:2b:
f0:fa:f3:c6:bb:5b:fa:56:3c:0e:67:8c:83:db:af:1d:f7:f6:
f3:a1:53:bc:8f:27:9a:32:cd:d2:c2:36:19:ed:0b:5c:b5:73:
ab:48:57:14:fa:ec:9c:fa:aa:18:89:06:78:47:e0:21:eb:1c:
5d:35:3c:ce:69:1b:7a:43:39:7c:6c:eb:dc:75:6f:60:59:b3:
17:e2:aa:b4:9d:dc:ef:a3:15:5c:61:7f:10:75:6e:89:9b:7b:
84:c8:70:a9:57:65:6a:83:b3:59:83:68:b3:43:85:6d:3b:2b:
0a:70:48:18:b1:fd:1b:de:8c:8b:b6:4e:d5:a1:56:9f:9f:bf:
c8:c5:75:07:b0:ef:47:bb:e6:72:1c:35:57:ad:55:6a:5a:df:
38:a6:47:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcQDSpb/TN7Q2939egs3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYzRhMTdkMjA2NjZiN2Q4ZDJiMWZmZTE4YTQ2ODdhZjky
NjIxOGYwHhcNMjQwMTAyMDQzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ5ZmQ2Mzk5YWIxM2ZmNDQzMGVkNzc2NDkyZjRmNmEyNWEzMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ9/SFVGaauYT90g7EWYyDPZVJ3l
aO6eXSK8YuYRfpUdHPFMTmc22aStqCtG+vBVoZ8rQtreirxY5H08vp8dGsvsuZwd
DYEHZ2EpnpaLby3nl3sGIzRlWDmEEJdnfOu5v+K90NJWFvvTGKqFkvo3p+veft5w
7MxtKXuqcfEabmk64YIoLuNXewQjhihlbnqwln09tjqOvb/j9jSt/4oof2B6SqLi
knpDY06khexOa5tjl0u4jmbKAi9wRPcEGGXE5ib8QFaUpeZc+TUGL8GBvg4kqd8o
jboNg0boQ5+R/BAAfSmzAw9Fnclnulxtl7uqv517y64eHAm66/1LVVW8xQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJtJ/WOZqxP/RDDtd2SS9PaiWjLFMB8GA1UdIwQY
MBaAFBLEoX0gZmt9jSsf/hikaHr5JiGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXNTaGZTQm1hMzJOS3hfLUdLUm9ldmttSVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS84MzExODEtYjBiMy00YjJlLTg4ZGMt
NDlhOTZhODIyMTRlLzEvbTBuOVk1bXJFXzlFTU8xM1pKTDA5cUphTXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS84MzExODEtYjBiMy00YjJlLTg4ZGMtNDlhOTZhODIyMTRl
LzEvRXNTaGZTQm1hMzJOS3hfLUdLUm9ldmttSVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGVQ2AAwQC
uQMoMA0GCSqGSIb3DQEBCwUAA4IBAQAlCzYIAiAlg8/yyViZ+GMOBuJWagf9t4aV
NSrEfnw7mNYAoGXNW6p3f02GuEw1JxYot/zBQd9g4oI+HaxhOydCoJSttVjwMtZp
PWoPIegVDiKqJOyCLVM67X5nBr0Fc3yeWWz50R64uPyEzyvw+vPGu1v6VjwOZ4yD
268d9/bzoVO8jyeaMs3SwjYZ7QtctXOrSFcU+uyc+qoYiQZ4R+Ah6xxdNTzOaRt6
Qzl8bOvcdW9gWbMX4qq0ndzvoxVcYX8QdW6Jm3uEyHCpV2Vqg7NZg2izQ4VtOysK
cEgYsf0b3oyLtk7VoVafn7/IxXUHsO9Hu+ZyHDVXrVVqWt84pkd0
-----END CERTIFICATE-----
Generated at Wed Dec 4 09:13:51 2024 by rpki-client on console-ams.rpki-client.org