Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DdwRpu0B-TjMBdkReOr5bOQSSXI.roa
File: DdwRpu0B-TjMBdkReOr5bOQSSXI.roa (raw, json)
Hash identifier: gTGWW8Wlkj8N3l6cEDnDch7xyOCDeuDTikMsp382nQc=
Subject key identifier: 0D:DC:11:A6:ED:01:F9:38:CC:05:D9:11:78:EA:F9:6C:E4:12:49:72
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 018CC7933A0C34346F52A62F3EE9928B9A79
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DdwRpu0B-TjMBdkReOr5bOQSSXI.roa
Signing time: Tue 02 Jan 2024 00:29:23 +0000
ROA not before: Tue 02 Jan 2024 00:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 37.252.0.0/23 maxlen: 23
5.45.80.0/22 maxlen: 22
91.193.180.0/22 maxlen: 22
185.4.64.0/22 maxlen: 22
2a02:c6c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3a:0c:34:34:6f:52:a6:2f:3e:e9:92:8b:9a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ddc11a6ed01f938cc05d91178eaf96ce4124972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:61:08:5a:05:1d:79:e9:9f:5b:f0:85:b5:3f:
51:8d:da:64:cc:e5:44:24:90:e2:08:ff:46:50:a2:
cd:ab:9b:66:04:c6:e1:47:26:10:1e:01:f6:a4:1f:
1d:4e:55:fe:3d:84:d1:b4:8e:4a:dc:87:e0:b7:12:
38:15:aa:3d:13:43:76:07:7b:1e:dd:1f:ce:ae:04:
0b:1f:2c:86:8d:ce:c5:aa:6a:3d:e3:64:24:75:2d:
f0:10:e1:1c:ee:6e:4c:9a:a8:e4:e0:3b:8c:aa:f0:
ed:02:5e:81:30:ec:76:60:90:19:49:f3:cc:43:b7:
a8:b4:60:3c:d9:28:7e:6c:58:ec:64:86:53:54:60:
57:8b:92:15:1f:2e:68:42:17:19:d9:80:c6:38:2e:
13:b4:f2:b2:5c:52:a9:f8:32:68:8d:61:d6:90:f9:
c4:77:4c:6b:b6:dc:f7:09:84:cb:e6:a5:38:68:86:
62:62:38:36:03:c1:87:ad:c9:41:dd:3a:24:6b:36:
77:69:17:32:85:38:61:ca:f8:ce:37:81:3f:7e:e4:
3d:5e:b5:72:19:64:c8:ad:26:ca:c4:8e:ac:a5:10:
75:19:af:60:b1:31:5e:11:1a:16:78:04:bf:02:7f:
d4:c4:32:cd:c1:ab:93:67:d6:e2:a9:7c:b7:24:dc:
b9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:DC:11:A6:ED:01:F9:38:CC:05:D9:11:78:EA:F9:6C:E4:12:49:72
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DdwRpu0B-TjMBdkReOr5bOQSSXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.80.0/22
37.252.0.0/23
91.193.180.0/22
185.4.64.0/22
IPv6:
2a02:c6c0::/32
Signature Algorithm: sha256WithRSAEncryption
51:1c:1c:ce:88:68:38:d8:5b:3b:17:e7:f6:45:4b:51:e9:55:
ce:e5:4f:a1:25:08:01:a9:00:35:f2:35:07:8a:52:6d:68:d4:
57:ff:93:80:5d:fa:9d:02:86:70:4e:bd:e2:76:62:85:40:aa:
4f:a6:17:74:7c:d6:2f:b1:66:c0:68:b9:21:66:e8:a9:26:e8:
2d:d1:b5:9e:17:42:73:b1:ce:1b:52:7d:d3:eb:89:b7:68:46:
32:2b:4e:c9:44:ef:56:f6:73:12:00:2a:c6:b9:2a:41:26:50:
07:8a:48:99:48:97:56:e1:7f:80:30:b7:d8:fa:c7:dc:f3:a2:
9a:28:bc:c5:ed:e0:39:1a:80:45:56:8f:71:1c:dd:a4:36:0e:
ff:3e:5f:b1:d7:01:e2:d5:26:08:5c:a5:34:55:33:71:19:f9:
d5:d2:14:c6:bc:86:fa:7a:9e:f6:ab:e6:f8:77:3b:00:c7:06:
46:28:1d:72:71:0a:35:55:ca:7d:af:3a:27:99:61:6f:09:73:
9b:a8:c0:d3:75:2a:09:23:4c:82:60:f2:62:b5:06:9a:f0:b1:
42:9a:b6:47:6d:0b:8d:89:d6:9c:da:e7:99:e4:d6:92:d7:cb:
82:56:07:f0:84:64:87:20:7f:c3:6a:ec:a8:9d:c9:c6:8d:8d:
ff:c3:1b:0b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHkzoMNDRvUqYvPumSi5p5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGRjMTFhNmVkMDFmOTM4Y2MwNWQ5MTE3OGVhZjk2Y2U0MTI0OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmEIWgUdeemfW/CFtT9RjdpkzOVE
JJDiCP9GUKLNq5tmBMbhRyYQHgH2pB8dTlX+PYTRtI5K3IfgtxI4Fao9E0N2B3se
3R/OrgQLHyyGjc7Fqmo942QkdS3wEOEc7m5Mmqjk4DuMqvDtAl6BMOx2YJAZSfPM
Q7eotGA82Sh+bFjsZIZTVGBXi5IVHy5oQhcZ2YDGOC4TtPKyXFKp+DJojWHWkPnE
d0xrttz3CYTL5qU4aIZiYjg2A8GHrclB3TokazZ3aRcyhThhyvjON4E/fuQ9XrVy
GWTIrSbKxI6spRB1Ga9gsTFeERoWeAS/An/UxDLNwauTZ9biqXy3JNy5wwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA3cEabtAfk4zAXZEXjq+WzkEklyMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvRGR3UnB1MEItVGpNQmRrUmVPcjViT1FTU1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBS1QAwQB
JfwAAwQCW8G0AwQCuQRAMA0EAgACMAcDBQAqAsbAMA0GCSqGSIb3DQEBCwUAA4IB
AQBRHBzOiGg42Fs7F+f2RUtR6VXO5U+hJQgBqQA18jUHilJtaNRX/5OAXfqdAoZw
Tr3idmKFQKpPphd0fNYvsWbAaLkhZuipJugt0bWeF0Jzsc4bUn3T64m3aEYyK07J
RO9W9nMSACrGuSpBJlAHikiZSJdW4X+AMLfY+sfc86KaKLzF7eA5GoBFVo9xHN2k
Ng7/Pl+x1wHi1SYIXKU0VTNxGfnV0hTGvIb6ep72q+b4dzsAxwZGKB1ycQo1Vcp9
rzonmWFvCXObqMDTdSoJI0yCYPJitQaa8LFCmrZHbQuNidac2ueZ5NaS18uCVgfw
hGSHIH/DauyoncnGjY3/wxsL
-----END CERTIFICATE-----
Generated at Mon May 20 17:55:31 2024 by rpki-client on console-ams.rpki-client.org