Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dd1ukSgxLGzTaxWfP0mbh4qSaOQ.roa
File: dd1ukSgxLGzTaxWfP0mbh4qSaOQ.roa (raw, json)
Hash identifier: THN6VK7WvcDnqaXwxIBALxxL2a6+Tyk2VNRSOQ2FYNQ=
Subject key identifier: 75:DD:6E:91:28:31:2C:6C:D3:6B:15:9F:3F:49:9B:87:8A:92:68:E4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CF215D91AFE5659F3DEA1095C05F27D1B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dd1ukSgxLGzTaxWfP0mbh4qSaOQ.roa
Signing time: Wed 10 Jan 2024 06:36:07 +0000
ROA not before: Wed 10 Jan 2024 06:36:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
84.32.217.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.32.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.107.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:15:d9:1a:fe:56:59:f3:de:a1:09:5c:05:f2:7d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 10 06:36:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75dd6e9128312c6cd36b159f3f499b878a9268e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:82:d9:37:3d:91:9e:d0:2f:0c:e6:27:ab:a9:
a9:3e:fb:d8:fd:28:75:b1:7b:ec:d2:15:6b:05:d0:
35:21:ae:fe:f8:51:25:53:59:d9:5b:b7:74:5c:30:
ce:27:46:19:bb:ce:10:ac:f6:56:da:0c:71:d6:c2:
50:d6:6f:d8:2c:2d:d7:52:dc:77:0f:38:0c:53:42:
c7:9e:f6:e2:1e:52:65:30:b3:7d:fa:fc:4d:4b:45:
0a:c5:45:e7:5f:93:cf:b4:03:bc:c2:28:59:4b:4e:
2d:31:43:76:55:ec:26:4a:2b:85:39:4b:03:02:16:
6b:60:b1:c8:e4:a2:4c:9a:f9:10:6d:4e:f0:a7:98:
d2:19:9a:f2:c9:4d:4c:ee:3e:00:5a:3f:75:29:47:
3a:22:78:06:a9:5c:3c:9b:f6:63:77:d0:30:06:b7:
1f:ee:a3:74:2b:38:93:5d:d8:67:73:9f:98:5a:61:
ee:b3:5c:18:5a:ee:82:f3:e8:f6:d4:13:4d:00:2d:
a7:6a:c6:e2:10:1d:92:a4:5b:2d:3b:62:05:a8:09:
e7:19:ad:81:2d:9e:02:b6:c4:a1:71:02:e9:41:e0:
57:c8:e9:01:f0:3a:1e:e0:97:4b:fe:20:be:97:ef:
f6:2c:41:d6:d4:85:27:10:d2:1f:ee:c1:74:b2:83:
7f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DD:6E:91:28:31:2C:6C:D3:6B:15:9F:3F:49:9B:87:8A:92:68:E4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dd1ukSgxLGzTaxWfP0mbh4qSaOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.24.0/24
84.32.32.0/24
84.32.59.0/24
84.32.63.0/24
84.32.107.0/24
84.32.149.0/24
84.32.151.0-84.32.152.255
84.32.154.0/24
84.32.156.0/24
84.32.177.0/24
84.32.217.0-84.32.218.255
84.32.244.0/24
88.216.34.0/24
88.216.41.0/24
88.216.186.0/24
Signature Algorithm: sha256WithRSAEncryption
88:2d:3c:0f:46:d7:3b:41:37:01:30:0d:9d:04:21:03:b2:04:
b3:d6:13:aa:92:91:c6:5a:4c:00:13:4a:5b:8f:f9:49:19:3b:
4b:9a:e2:41:cf:96:36:b0:51:3a:dd:d8:e0:b5:9f:ca:05:67:
a8:81:6b:67:26:56:99:84:44:ea:c0:c1:c1:b5:8c:1a:1e:50:
0d:b1:b2:30:2b:82:ea:76:06:11:e1:45:7c:35:d6:d1:c1:5e:
92:3c:42:0a:60:0f:dd:d4:6a:97:4c:56:6c:ba:f3:f7:56:66:
f3:9d:7a:c2:63:b7:03:b9:1b:90:62:eb:0c:4e:df:90:84:51:
38:6c:ce:11:90:68:d0:ca:77:2c:d7:20:d6:c5:b1:08:69:61:
fa:0c:1d:9d:14:5b:f7:d4:59:53:1c:38:49:55:2c:ea:b4:21:
c8:ef:cb:53:4e:9a:1b:d6:6a:30:1a:2d:ce:fa:ca:40:46:f1:
18:da:06:bf:bb:e7:12:68:d9:31:38:81:a2:4d:57:05:54:ee:
10:16:e9:6a:97:15:72:4f:4b:ec:99:68:cc:a3:d8:7f:2a:2e:
39:43:b4:97:a6:a0:8e:97:54:ef:be:05:a8:19:e3:54:6f:f9:
e1:28:c4:6a:35:df:fa:14:cd:5f:4e:22:8d:d4:ce:88:ae:51:
64:41:10:6b
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYzyFdka/lZZ896hCVwF8n0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTEwMDYzNjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRkNmU5MTI4MzEyYzZjZDM2YjE1OWYzZjQ5OWI4NzhhOTI2OGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYLZNz2RntAvDOYnq6mpPvvY/Sh1
sXvs0hVrBdA1Ia7++FElU1nZW7d0XDDOJ0YZu84QrPZW2gxx1sJQ1m/YLC3XUtx3
DzgMU0LHnvbiHlJlMLN9+vxNS0UKxUXnX5PPtAO8wihZS04tMUN2VewmSiuFOUsD
AhZrYLHI5KJMmvkQbU7wp5jSGZryyU1M7j4AWj91KUc6IngGqVw8m/Zjd9AwBrcf
7qN0KziTXdhnc5+YWmHus1wYWu6C8+j21BNNAC2nasbiEB2SpFstO2IFqAnnGa2B
LZ4CtsShcQLpQeBXyOkB8Doe4JdL/iC+l+/2LEHW1IUnENIf7sF0soN/MwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFHXdbpEoMSxs02sVnz9Jm4eKkmjkMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZGQxdWtTZ3hMR3pUYXhXZlAwbWJoNHFTYU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAFQgDwME
AFQgGAMEAFQgIAMEAFQgOwMEAFQgPwMEAFQgawMEAFQglTAMAwQAVCCXAwQAVCCY
AwQAVCCaAwQAVCCcAwQAVCCxMAwDBABUINkDBABUINoDBABUIPQDBABY2CIDBABY
2CkDBABY2LowDQYJKoZIhvcNAQELBQADggEBAIgtPA9G1ztBNwEwDZ0EIQOyBLPW
E6qSkcZaTAATSluP+UkZO0ua4kHPljawUTrd2OC1n8oFZ6iBa2cmVpmEROrAwcG1
jBoeUA2xsjArgup2BhHhRXw11tHBXpI8QgpgD93UapdMVmy68/dWZvOdesJjtwO5
G5Bi6wxO35CEUThszhGQaNDKdyzXINbFsQhpYfoMHZ0UW/fUWVMcOElVLOq0Icjv
y1NOmhvWajAaLc76ykBG8RjaBr+75xJo2TE4gaJNVwVU7hAW6WqXFXJPS+yZaMyj
2H8qLjlDtJemoI6XVO++BagZ41Rv+eEoxGo13/oUzV9OIo3UzoiuUWRBEGs=
-----END CERTIFICATE-----
Generated at Sat May 4 03:06:55 2024 by rpki-client on console-fra.rpki-client.org