Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/pDGMQMLTHhnarT3l6CDaubqDMJE.roa
File: pDGMQMLTHhnarT3l6CDaubqDMJE.roa (raw, json)
Hash identifier: X9dIg5xiXe4nWrAjox1AHru4JkV8uHdX3J+gEb6oCNM=
Subject key identifier: A4:31:8C:40:C2:D3:1E:19:DA:AD:3D:E5:E8:20:DA:B9:BA:83:30:91
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DACE2FFD4030FFBD8FE5E126C1C95
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/pDGMQMLTHhnarT3l6CDaubqDMJE.roa
Signing time: Tue 02 Jan 2024 08:32:40 +0000
ROA not before: Tue 02 Jan 2024 08:32:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48990
IP address blocks: 78.136.74.0/24 maxlen: 24
78.136.72.0/24 maxlen: 24
78.136.73.0/24 maxlen: 24
78.136.78.0/24 maxlen: 24
88.148.65.0/24 maxlen: 24
94.76.185.0/24 maxlen: 24
84.236.194.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ac:e2:ff:d4:03:0f:fb:d8:fe:5e:12:6c:1c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4318c40c2d31e19daad3de5e820dab9ba833091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:95:34:60:7f:d3:5f:d2:72:69:7c:27:93:ca:
c3:5a:d5:55:70:7e:7a:bf:2f:54:5c:30:a9:0e:e2:
52:3f:ba:0b:42:ef:b2:ba:3a:be:05:c6:dd:eb:7f:
29:ae:de:4f:f5:2f:e1:21:38:57:36:5f:bc:d5:63:
7f:25:09:dc:3f:4b:6c:b9:03:a5:ad:8e:3c:19:1d:
ce:0d:61:20:a2:97:50:44:77:94:a3:59:48:65:60:
56:59:48:2b:49:f3:3f:e7:97:23:6f:5d:1b:1f:ec:
e1:10:38:a1:ed:4c:20:c4:cd:d7:74:a5:aa:ce:27:
ef:a7:da:57:83:e5:59:39:98:f0:27:ad:1a:1c:3a:
68:d6:66:a9:ab:e8:53:96:4b:07:09:61:5f:68:c7:
27:38:77:62:9d:9d:b5:f4:21:b8:8a:23:a0:26:46:
f6:b2:fc:c0:5c:ae:f2:42:1d:3d:87:51:74:86:67:
10:95:28:18:5d:24:9a:8e:07:f5:e3:02:30:91:00:
33:f5:75:a6:e6:69:e8:d9:16:15:16:51:d6:28:fa:
9c:c4:b5:05:fe:84:a5:90:aa:6f:8e:bc:97:d2:31:
23:2a:60:90:38:76:ed:20:f6:d1:8d:a9:4e:ff:43:
73:f7:83:9f:02:df:fc:c1:6a:91:81:9a:1b:2c:b8:
a7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:31:8C:40:C2:D3:1E:19:DA:AD:3D:E5:E8:20:DA:B9:BA:83:30:91
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/pDGMQMLTHhnarT3l6CDaubqDMJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.72.0-78.136.74.255
78.136.78.0/24
84.236.194.0/23
88.148.65.0/24
94.76.185.0/24
Signature Algorithm: sha256WithRSAEncryption
42:3e:27:1c:e2:2c:de:a2:e5:3a:99:d9:64:9e:cb:52:fd:8e:
8e:e0:81:70:8a:a5:8b:0e:c2:5f:4d:bb:f9:7d:49:65:9d:81:
60:ea:9e:c6:7b:07:c9:1a:1d:fa:f1:f7:8c:35:a6:e5:38:b7:
93:47:fc:5a:44:36:d5:ea:d9:7a:ea:f4:da:a0:6f:23:49:dd:
19:15:0a:6d:ca:29:a1:d4:5e:2c:0d:6c:3a:cd:89:b2:8a:de:
dc:27:6d:f3:93:14:2c:56:77:a7:ee:54:ac:be:fe:db:cb:95:
56:c9:2f:9e:a9:0c:84:c6:99:63:fa:7a:01:af:62:34:66:9a:
dc:02:4b:7e:c8:d4:91:dc:fd:a6:f0:ab:fa:28:82:1b:ac:33:
d5:95:9e:64:a3:4a:f5:7e:42:9f:08:2e:22:9b:f3:5c:f2:1a:
6e:c8:e6:1d:c1:57:2e:57:59:d9:7c:54:92:60:1c:8b:97:b6:
84:0e:6f:aa:d5:7d:10:96:50:fc:61:64:10:7b:2a:e0:02:26:
ad:f7:64:56:4c:55:8c:d7:d1:a2:ff:76:39:c9:74:f7:36:8e:
b6:5d:61:a2:aa:5c:8e:c1:a2:a7:52:de:3c:cd:af:b5:9b:68:
9b:28:50:89:b8:11:bf:fd:98:88:10:7a:d1:a8:3d:18:3b:f7:
16:a9:5e:f8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzJTazi/9QDD/vY/l4SbByVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMxOGM0MGMyZDMxZTE5ZGFhZDNkZTVlODIwZGFiOWJhODMzMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5U0YH/TX9JyaXwnk8rDWtVVcH56
vy9UXDCpDuJSP7oLQu+yujq+Bcbd638prt5P9S/hIThXNl+81WN/JQncP0tsuQOl
rY48GR3ODWEgopdQRHeUo1lIZWBWWUgrSfM/55cjb10bH+zhEDih7UwgxM3XdKWq
zifvp9pXg+VZOZjwJ60aHDpo1mapq+hTlksHCWFfaMcnOHdinZ219CG4iiOgJkb2
svzAXK7yQh09h1F0hmcQlSgYXSSajgf14wIwkQAz9XWm5mno2RYVFlHWKPqcxLUF
/oSlkKpvjryX0jEjKmCQOHbtIPbRjalO/0Nz94OfAt/8wWqRgZobLLin1QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKQxjEDC0x4Z2q095egg2rm6gzCRMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvcERHTVFNTFRIaG5hclQzbDZDRGF1YnFETUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBANOiEgD
BABOiEoDBABOiE4DBAFU7MIDBABYlEEDBABeTLkwDQYJKoZIhvcNAQELBQADggEB
AEI+JxziLN6i5TqZ2WSey1L9jo7ggXCKpYsOwl9Nu/l9SWWdgWDqnsZ7B8kaHfrx
94w1puU4t5NH/FpENtXq2Xrq9NqgbyNJ3RkVCm3KKaHUXiwNbDrNibKK3twnbfOT
FCxWd6fuVKy+/tvLlVbJL56pDITGmWP6egGvYjRmmtwCS37I1JHc/abwq/ooghus
M9WVnmSjSvV+Qp8ILiKb81zyGm7I5h3BVy5XWdl8VJJgHIuXtoQOb6rVfRCWUPxh
ZBB7KuACJq33ZFZMVYzX0aL/djnJdPc2jrZdYaKqXI7BoqdS3jzNr7WbaJsoUIm4
Eb/9mIgQetGoPRg79xapXvg=
-----END CERTIFICATE-----
Generated at Fri Jun 14 16:08:24 2024 by rpki-client on console-ams.rpki-client.org