Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/DtONX9UVwFjc0qsps5U1KFAgnEo.roa
File: DtONX9UVwFjc0qsps5U1KFAgnEo.roa (raw, json)
Hash identifier: Tg1Ho7qg84nk6VuUK0q/5xVMBE8ufhTzbTe6nyjUdys=
Subject key identifier: 0E:D3:8D:5F:D5:15:C0:58:DC:D2:AB:29:B3:95:35:28:50:20:9C:4A
Certificate issuer: /CN=b85213df97329556d608b150f03c4ee75fbd98c1
Certificate serial: 018CC5003BBB9372B4C20A9D92F5DB67D93A
Authority key identifier: B8:52:13:DF:97:32:95:56:D6:08:B1:50:F0:3C:4E:E7:5F:BD:98:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFIT35cylVbWCLFQ8DxO51-9mME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/DtONX9UVwFjc0qsps5U1KFAgnEo.roa
Signing time: Mon 01 Jan 2024 12:29:36 +0000
ROA not before: Mon 01 Jan 2024 12:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212236
IP address blocks: 193.238.45.0/24 maxlen: 24
193.238.46.0/23 maxlen: 24
193.162.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/uFIT35cylVbWCLFQ8DxO51-9mME.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/uFIT35cylVbWCLFQ8DxO51-9mME.mft
rsync://rpki.ripe.net/repository/DEFAULT/uFIT35cylVbWCLFQ8DxO51-9mME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:3b:bb:93:72:b4:c2:0a:9d:92:f5:db:67:d9:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85213df97329556d608b150f03c4ee75fbd98c1
Validity
Not Before: Jan 1 12:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ed38d5fd515c058dcd2ab29b395352850209c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:24:d2:4b:f2:96:f0:9f:de:d7:95:a7:dc:34:
6f:88:27:a1:9f:3c:e6:55:38:f7:e0:7e:57:e8:ca:
b8:ee:b9:a6:56:88:8c:03:3c:3c:d1:62:f1:dd:1e:
6a:6e:e2:54:f7:26:3d:39:da:2a:dc:09:a5:bf:8c:
7a:34:4a:67:dd:8e:34:f4:2e:c6:f9:c0:f5:aa:aa:
86:8c:6f:13:2d:58:3b:db:8e:da:f3:15:a9:e2:6a:
17:e9:c0:f0:2d:aa:e9:22:fc:ab:65:ec:40:5e:26:
dd:06:5b:e2:28:9d:78:ac:18:53:8a:09:2b:2c:f3:
07:4e:52:6d:81:85:41:69:ee:f9:9e:09:d9:39:4b:
ff:60:a7:f8:c3:d2:f2:55:40:5a:f4:d9:24:54:f2:
25:12:1f:0b:63:5f:57:3d:a9:8f:fe:77:2f:e0:82:
b6:fb:24:11:de:b8:79:a5:84:63:cc:a9:0e:a3:0d:
59:c3:37:3f:c6:e9:02:e9:67:8a:99:c3:bf:b8:11:
b6:79:6e:ac:5e:5d:ad:dc:cb:f7:22:1e:9e:37:d7:
85:33:d5:34:03:aa:a2:9a:bc:82:18:c4:ea:2b:4d:
42:e8:47:5c:c9:4c:2e:70:ef:f1:53:92:bb:31:12:
08:12:ba:c5:48:81:58:37:1b:fe:0a:44:a6:ec:43:
c8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D3:8D:5F:D5:15:C0:58:DC:D2:AB:29:B3:95:35:28:50:20:9C:4A
X509v3 Authority Key Identifier:
keyid:B8:52:13:DF:97:32:95:56:D6:08:B1:50:F0:3C:4E:E7:5F:BD:98:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFIT35cylVbWCLFQ8DxO51-9mME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/DtONX9UVwFjc0qsps5U1KFAgnEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/dd8098-7fe0-422f-92e9-1fb1e9c86b53/1/uFIT35cylVbWCLFQ8DxO51-9mME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.162.139.0/24
193.238.45.0-193.238.47.255
Signature Algorithm: sha256WithRSAEncryption
02:5a:22:b4:a5:cc:f3:08:1d:73:4e:26:93:de:a0:b1:8d:e4:
a0:7e:2b:34:06:9e:49:28:3d:e5:d8:8f:5d:18:73:33:e9:88:
38:2c:c3:e9:73:90:ef:cc:e4:0c:db:2c:27:56:6c:58:d9:bb:
f7:2c:b3:76:88:f3:81:f0:80:da:56:d6:d3:7c:71:4c:75:3f:
94:cb:fb:42:78:99:45:40:79:63:65:18:20:3b:71:ff:09:db:
bf:6f:62:17:06:56:ab:2b:4e:0c:f4:65:2e:e3:11:cd:3e:f6:
b0:60:95:5b:40:69:39:df:92:5e:be:4f:52:0b:b0:29:2b:a9:
9f:94:14:ad:d5:93:3e:54:77:35:5b:c6:c1:65:1f:b6:e0:e5:
99:eb:d5:99:1f:fe:bf:88:1f:7a:7e:8e:04:4f:b6:58:9a:10:
f7:55:79:fe:a0:df:ee:af:14:fb:55:f6:e4:ef:42:ad:42:c4:
68:04:aa:c2:12:d1:f1:2f:a0:e0:80:7e:89:46:d1:05:21:34:
e7:2e:75:4b:46:e1:2d:25:52:62:36:a9:40:7a:ae:0d:14:c4:
72:38:9a:4d:8e:be:8a:32:14:05:12:cd:72:e1:1a:f2:42:a5:
78:a6:67:b0:0f:d9:e3:c3:9b:23:3b:4d:d5:ab:47:6f:89:a2:
39:1b:37:09
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFADu7k3K0wgqdkvXbZ9k6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTIxM2RmOTczMjk1NTZkNjA4YjE1MGYwM2M0ZWU3NWZi
ZDk4YzEwHhcNMjQwMTAxMTIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWQzOGQ1ZmQ1MTVjMDU4ZGNkMmFiMjliMzk1MzUyODUwMjA5YzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyTSS/KW8J/e15Wn3DRviCehnzzm
VTj34H5X6Mq47rmmVoiMAzw80WLx3R5qbuJU9yY9Odoq3Amlv4x6NEpn3Y409C7G
+cD1qqqGjG8TLVg7247a8xWp4moX6cDwLarpIvyrZexAXibdBlviKJ14rBhTigkr
LPMHTlJtgYVBae75ngnZOUv/YKf4w9LyVUBa9NkkVPIlEh8LY19XPamP/ncv4IK2
+yQR3rh5pYRjzKkOow1Zwzc/xukC6WeKmcO/uBG2eW6sXl2t3Mv3Ih6eN9eFM9U0
A6qimryCGMTqK01C6EdcyUwucO/xU5K7MRIIErrFSIFYNxv+CkSm7EPI2QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA7TjV/VFcBY3NKrKbOVNShQIJxKMB8GA1UdIwQY
MBaAFLhSE9+XMpVW1gixUPA8TudfvZjBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZJVDM1Y3lsVmJXQ0xGUThEeE81MS05bU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kZDgwOTgtN2ZlMC00MjJmLTkyZTkt
MWZiMWU5Yzg2YjUzLzEvRHRPTlg5VVZ3RmpjMHFzcHM1VTFLRkFnbkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9kZDgwOTgtN2ZlMC00MjJmLTkyZTktMWZiMWU5Yzg2YjUz
LzEvdUZJVDM1Y3lsVmJXQ0xGUThEeE81MS05bU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAwaKLMAwD
BADB7i0DBATB7iAwDQYJKoZIhvcNAQELBQADggEBAAJaIrSlzPMIHXNOJpPeoLGN
5KB+KzQGnkkoPeXYj10YczPpiDgsw+lzkO/M5AzbLCdWbFjZu/css3aI84HwgNpW
1tN8cUx1P5TL+0J4mUVAeWNlGCA7cf8J279vYhcGVqsrTgz0ZS7jEc0+9rBglVtA
aTnfkl6+T1ILsCkrqZ+UFK3Vkz5UdzVbxsFlH7bg5Znr1Zkf/r+IH3p+jgRPtlia
EPdVef6g3+6vFPtV9uTvQq1CxGgEqsIS0fEvoOCAfolG0QUhNOcudUtG4S0lUmI2
qUB6rg0UxHI4mk2OvooyFAUSzXLhGvJCpXimZ7AP2ePDmyM7TdWrR2+JojkbNwk=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:02:11 2024 by rpki-client on console-ams.rpki-client.org