Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/0f0788-f1c4-4eae-b0c3-c5d4f0a00907/1/dj5MlBDiurldoA-E2VPIwpjtCQk.roa
File: dj5MlBDiurldoA-E2VPIwpjtCQk.roa (raw, json)
Hash identifier: VolCjw+0P1kpP2rtaoNR8oU6ZUTbIKpbd7ewCxkZQNI=
Subject key identifier: 76:3E:4C:94:10:E2:BA:B9:5D:A0:0F:84:D9:53:C8:C2:98:ED:09:09
Certificate issuer: /CN=a9fc5630d57b1971f3a256ed6d983afad6b28d75
Certificate serial: 018E12603E6AFBCE28FC67DF6030993BB08A
Authority key identifier: A9:FC:56:30:D5:7B:19:71:F3:A2:56:ED:6D:98:3A:FA:D6:B2:8D:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qfxWMNV7GXHzolbtbZg6-tayjXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/0f0788-f1c4-4eae-b0c3-c5d4f0a00907/1/dj5MlBDiurldoA-E2VPIwpjtCQk.roa
Signing time: Wed 06 Mar 2024 06:08:01 +0000
ROA not before: Wed 06 Mar 2024 06:08:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51324
IP address blocks: 185.80.144.0/22 maxlen: 24
2a05:7dc2:1000::/36 maxlen: 36
2a05:7dc2:2000::/36 maxlen: 36
2a05:7dc2:3000::/36 maxlen: 36
2a05:7dc2:4000::/36 maxlen: 36
2a05:7dc2:5000::/36 maxlen: 36
2a05:7dc2:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/0f0788-f1c4-4eae-b0c3-c5d4f0a00907/1/qfxWMNV7GXHzolbtbZg6-tayjXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/0f0788-f1c4-4eae-b0c3-c5d4f0a00907/1/qfxWMNV7GXHzolbtbZg6-tayjXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qfxWMNV7GXHzolbtbZg6-tayjXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:60:3e:6a:fb:ce:28:fc:67:df:60:30:99:3b:b0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9fc5630d57b1971f3a256ed6d983afad6b28d75
Validity
Not Before: Mar 6 06:08:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=763e4c9410e2bab95da00f84d953c8c298ed0909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:23:7e:bb:5b:da:9a:23:7b:05:14:cc:93:6f:
59:52:b4:cd:53:fe:f5:f3:d5:f3:ac:f5:e9:77:df:
17:24:dc:05:5f:5a:ab:c6:a9:a5:76:23:23:4b:b8:
7f:4a:e1:da:16:f6:f0:d7:e8:80:cb:82:c4:01:c4:
51:5b:4d:6d:67:22:61:27:5f:23:ff:ab:75:bf:f0:
72:b7:36:d0:26:c9:d1:88:fc:e4:ff:65:f4:01:7d:
e6:4e:50:4d:40:56:06:d1:9b:1f:78:41:20:21:d6:
71:04:e4:9f:8f:7c:08:e6:3d:7d:76:31:4c:58:7e:
d8:7a:cd:55:14:59:de:8a:70:1c:20:3f:5e:ca:5d:
63:49:dd:d3:f6:69:45:f5:36:55:cb:aa:fa:41:b9:
c5:79:41:10:78:98:7b:9c:cf:56:45:07:e5:4e:e3:
8d:bf:8f:df:48:b7:f3:f2:1d:60:02:48:7c:23:ce:
8e:20:0e:ba:60:f8:8d:e9:08:ff:2a:18:28:2f:65:
e8:7b:47:a8:d8:f8:6b:f8:10:cf:bd:b8:fc:04:1f:
60:52:53:ae:08:84:70:25:71:29:65:ac:66:21:f2:
5a:3b:b4:42:3a:f2:d0:65:48:a2:a8:37:5f:6a:c8:
86:5e:57:bd:b8:61:81:4e:62:a4:d6:d3:ba:91:62:
07:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:3E:4C:94:10:E2:BA:B9:5D:A0:0F:84:D9:53:C8:C2:98:ED:09:09
X509v3 Authority Key Identifier:
keyid:A9:FC:56:30:D5:7B:19:71:F3:A2:56:ED:6D:98:3A:FA:D6:B2:8D:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qfxWMNV7GXHzolbtbZg6-tayjXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0f0788-f1c4-4eae-b0c3-c5d4f0a00907/1/dj5MlBDiurldoA-E2VPIwpjtCQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0f0788-f1c4-4eae-b0c3-c5d4f0a00907/1/qfxWMNV7GXHzolbtbZg6-tayjXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.144.0/22
IPv6:
2a05:7dc2:1000::-2a05:7dc2:6fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
51:30:2b:6d:4f:d4:57:ce:90:ec:93:c2:7a:7d:68:e2:e2:5b:
2e:62:b0:15:b9:13:76:c7:2b:4b:0e:25:57:43:b0:e3:7e:2d:
24:44:e9:7e:78:71:fb:d0:3d:a5:dd:a3:ea:21:c3:54:8d:41:
76:50:9c:92:fe:b4:10:71:3d:5a:14:cc:e6:1f:b5:76:e8:25:
57:3e:66:b1:d1:54:9e:65:29:e1:ac:aa:b0:0c:64:8c:7e:29:
66:9f:10:79:aa:b8:09:85:fd:a1:4d:34:6a:d8:83:ff:81:2a:
a1:33:35:1b:09:c0:b4:7b:64:25:9d:a4:5a:c0:f8:58:95:16:
e9:82:1b:df:fb:97:d4:97:00:bb:3b:36:bf:da:ff:35:9f:2f:
74:a2:b1:b9:c8:fb:3a:4b:cd:0c:e7:30:58:31:d7:73:3c:2e:
d6:02:9e:c1:7b:77:96:d6:6f:17:df:b2:fe:44:8f:fe:4a:c2:
8a:dd:62:63:25:35:19:7e:14:a0:d6:a7:f4:77:f4:04:f4:98:
26:21:b1:41:2d:a8:18:d5:c9:99:5c:11:2a:e9:74:88:66:22:
29:87:0e:56:5f:4c:56:6e:b7:ef:73:55:8a:86:8b:e8:24:83:
c9:ea:54:e5:22:a6:8d:d8:c1:50:e7:c2:c2:d6:77:88:60:c7:
8d:a2:ab:f4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY4SYD5q+84o/GffYDCZO7CKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZmM1NjMwZDU3YjE5NzFmM2EyNTZlZDZkOTgzYWZhZDZi
MjhkNzUwHhcNMjQwMzA2MDYwODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjNlNGM5NDEwZTJiYWI5NWRhMDBmODRkOTUzYzhjMjk4ZWQwOTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCN+u1vamiN7BRTMk29ZUrTNU/71
89XzrPXpd98XJNwFX1qrxqmldiMjS7h/SuHaFvbw1+iAy4LEAcRRW01tZyJhJ18j
/6t1v/BytzbQJsnRiPzk/2X0AX3mTlBNQFYG0ZsfeEEgIdZxBOSfj3wI5j19djFM
WH7Yes1VFFneinAcID9eyl1jSd3T9mlF9TZVy6r6QbnFeUEQeJh7nM9WRQflTuON
v4/fSLfz8h1gAkh8I86OIA66YPiN6Qj/KhgoL2Xoe0eo2Phr+BDPvbj8BB9gUlOu
CIRwJXEpZaxmIfJaO7RCOvLQZUiiqDdfasiGXle9uGGBTmKk1tO6kWIH6wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHY+TJQQ4rq5XaAPhNlTyMKY7QkJMB8GA1UdIwQY
MBaAFKn8VjDVexlx86JW7W2YOvrWso11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWZ4V01OVjdHWEh6b2xidGJaZzYtdGF5alhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wZjA3ODgtZjFjNC00ZWFlLWIwYzMt
YzVkNGYwYTAwOTA3LzEvZGo1TWxCRGl1cmxkb0EtRTJWUEl3cGp0Q1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wZjA3ODgtZjFjNC00ZWFlLWIwYzMtYzVkNGYwYTAwOTA3
LzEvcWZ4V01OVjdHWEh6b2xidGJaZzYtdGF5alhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuVCQMBgE
AgACMBIwEAMGBCoFfcIQAwYEKgV9wmAwDQYJKoZIhvcNAQELBQADggEBAFEwK21P
1FfOkOyTwnp9aOLiWy5isBW5E3bHK0sOJVdDsON+LSRE6X54cfvQPaXdo+ohw1SN
QXZQnJL+tBBxPVoUzOYftXboJVc+ZrHRVJ5lKeGsqrAMZIx+KWafEHmquAmF/aFN
NGrYg/+BKqEzNRsJwLR7ZCWdpFrA+FiVFumCG9/7l9SXALs7Nr/a/zWfL3SisbnI
+zpLzQznMFgx13M8LtYCnsF7d5bWbxffsv5Ej/5KwordYmMlNRl+FKDWp/R39AT0
mCYhsUEtqBjVyZlcESrpdIhmIimHDlZfTFZut+9zVYqGi+gkg8nqVOUipo3YwVDn
wsLWd4hgx42iq/Q=
-----END CERTIFICATE-----
Generated at Sat Jun 22 08:11:07 2024 by rpki-client on console-fra.rpki-client.org