Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/dxsE05AugyoEt1g_r_sAh_2Csjk.roa
File: dxsE05AugyoEt1g_r_sAh_2Csjk.roa (raw, json)
Hash identifier: 1B3OSuzZnEmSiwaFdCaGO+tgezCL7D/7W/a+FtxJmfI=
Subject key identifier: 77:1B:04:D3:90:2E:83:2A:04:B7:58:3F:AF:FB:00:87:FD:82:B2:39
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 018CC42563CE55D491456C38CC6247582F19
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/dxsE05AugyoEt1g_r_sAh_2Csjk.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 195.178.0.0/23 maxlen: 23
185.8.84.0/23 maxlen: 23
109.75.100.0/22 maxlen: 22
109.75.105.0/24 maxlen: 24
185.65.196.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:63:ce:55:d4:91:45:6c:38:cc:62:47:58:2f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=771b04d3902e832a04b7583faffb0087fd82b239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c8:41:d6:7e:e7:e6:c5:00:40:c3:86:c2:e7:
f1:a3:fb:70:a9:c0:30:18:c8:6a:de:45:be:fe:77:
bc:c6:73:cb:26:e0:45:73:67:18:7c:8b:5b:e4:9d:
27:2d:1b:4d:02:3b:5b:2f:7d:2e:c2:01:6a:4c:6b:
3d:fa:98:65:13:91:e4:08:09:c3:dd:68:a6:0d:d4:
4f:13:83:9d:09:d3:7a:20:eb:13:d6:6b:6f:9b:0c:
f0:41:66:c7:ae:8c:ac:2e:65:29:42:b5:1c:30:2a:
d9:ae:20:f8:87:38:88:b6:f3:9c:be:7d:ee:da:54:
40:0b:7d:1c:81:3c:37:e9:b8:91:14:db:39:7c:5c:
b1:64:45:f0:73:f1:9a:e7:99:3c:84:38:f7:8c:c9:
bf:c5:fd:3c:bc:e9:4b:9f:21:68:ae:5f:57:31:21:
a3:7d:04:80:c8:06:10:11:a7:3f:3c:0f:bf:01:c1:
38:d9:9b:64:0e:f0:c2:f7:bd:bc:5e:d6:83:c4:3c:
97:97:18:88:2c:52:cd:f5:c5:4f:cc:8c:96:c1:9d:
0f:5e:c9:b9:30:87:e0:52:32:3a:57:5b:e8:64:97:
e6:2c:d4:e3:82:87:98:e3:3a:6e:79:81:b2:f8:ad:
e4:de:f5:e8:90:d0:d7:ec:56:86:34:5e:e8:ad:94:
e6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:1B:04:D3:90:2E:83:2A:04:B7:58:3F:AF:FB:00:87:FD:82:B2:39
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/dxsE05AugyoEt1g_r_sAh_2Csjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.100.0/22
109.75.105.0/24
185.8.84.0/23
185.65.196.0/23
195.178.0.0/23
Signature Algorithm: sha256WithRSAEncryption
46:ee:b2:b3:3c:13:0b:bd:23:4f:a0:00:e6:44:6c:a5:96:fe:
09:eb:81:a9:4c:34:f3:01:30:6e:8d:9f:73:80:95:17:69:9b:
4d:7c:f0:56:32:d0:be:29:15:1d:ea:1d:63:3b:a9:cf:43:76:
43:f8:f1:54:b0:70:20:b8:e7:fa:81:8c:7b:c4:bc:db:3b:16:
ce:9e:6d:1e:70:95:f8:09:da:30:58:6c:50:a3:e9:7b:bf:17:
b4:49:60:b6:44:25:dd:05:ee:33:48:b8:22:2a:3b:c7:1f:37:
fa:59:21:70:25:00:93:56:af:9f:ca:6a:09:90:3e:5e:ce:3c:
a0:26:63:46:00:b2:01:31:03:f9:02:83:9a:79:a0:85:06:c4:
fe:d9:02:69:ef:a0:64:c0:60:f9:e0:36:90:3c:87:39:e3:a4:
d8:04:04:98:4b:fe:fa:2f:b7:77:a9:eb:80:1e:34:03:28:fd:
64:b3:3d:7b:dc:34:29:12:b2:3b:d0:c3:f1:72:11:b2:d6:52:
e5:37:1a:28:63:db:b4:e5:46:8f:d9:6c:ca:24:4d:fe:9c:ee:
c6:d0:ba:45:1c:f2:47:d8:43:55:d8:27:02:39:13:24:ae:0b:
d2:69:a1:f0:50:3d:89:e0:3d:04:81:15:24:fa:13:8b:75:bc:
15:57:cf:fe
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJWPOVdSRRWw4zGJHWC8ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzFiMDRkMzkwMmU4MzJhMDRiNzU4M2ZhZmZiMDA4N2ZkODJiMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMhB1n7n5sUAQMOGwufxo/twqcAw
GMhq3kW+/ne8xnPLJuBFc2cYfItb5J0nLRtNAjtbL30uwgFqTGs9+phlE5HkCAnD
3WimDdRPE4OdCdN6IOsT1mtvmwzwQWbHroysLmUpQrUcMCrZriD4hziItvOcvn3u
2lRAC30cgTw36biRFNs5fFyxZEXwc/Ga55k8hDj3jMm/xf08vOlLnyForl9XMSGj
fQSAyAYQEac/PA+/AcE42ZtkDvDC9728XtaDxDyXlxiILFLN9cVPzIyWwZ0PXsm5
MIfgUjI6V1voZJfmLNTjgoeY4zpueYGy+K3k3vXokNDX7FaGNF7orZTm+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHcbBNOQLoMqBLdYP6/7AIf9grI5MB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvZHhzRTA1QXVneW9FdDFnX3Jfc0FoXzJDc2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2EtYzM4M2E5MDEwMDA1
LzEvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCbUtkAwQA
bUtpAwQBuQhUAwQBuUHEAwQBw7IAMA0GCSqGSIb3DQEBCwUAA4IBAQBG7rKzPBML
vSNPoADmRGyllv4J64GpTDTzATBujZ9zgJUXaZtNfPBWMtC+KRUd6h1jO6nPQ3ZD
+PFUsHAguOf6gYx7xLzbOxbOnm0ecJX4CdowWGxQo+l7vxe0SWC2RCXdBe4zSLgi
KjvHHzf6WSFwJQCTVq+fymoJkD5ezjygJmNGALIBMQP5AoOaeaCFBsT+2QJp76Bk
wGD54DaQPIc546TYBASYS/76L7d3qeuAHjQDKP1ksz173DQpErI70MPxchGy1lLl
NxooY9u05UaP2WzKJE3+nO7G0LpFHPJH2ENV2CcCORMkrgvSaaHwUD2J4D0EgRUk
+hOLdbwVV8/+
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:01:19 2024 by rpki-client on console-ams.rpki-client.org