Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/DPkoyJm-5BRG46XjO_pD173zs-o.roa
File: DPkoyJm-5BRG46XjO_pD173zs-o.roa (raw, json)
Hash identifier: p+gatfWrluhT5cvP6VCTe+uyl2d7Tb7Iji6Xd2d6zAc=
Subject key identifier: 0C:F9:28:C8:99:BE:E4:14:46:E3:A5:E3:3B:FA:43:D7:BD:F3:B3:EA
Certificate issuer: /CN=1795ac843cd8ba90188f7313652bb561299b296f
Certificate serial: 018CC4244DCF65D90CAFD09FE8402B267F4D
Authority key identifier: 17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/DPkoyJm-5BRG46XjO_pD173zs-o.roa
Signing time: Mon 01 Jan 2024 08:29:22 +0000
ROA not before: Mon 01 Jan 2024 08:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31313
IP address blocks: 213.177.16.0/21 maxlen: 32
213.177.24.0/21 maxlen: 32
93.113.29.0/24 maxlen: 32
203.25.143.0/24 maxlen: 32
89.42.116.0/23 maxlen: 32
193.151.28.0/22 maxlen: 32
89.35.192.0/24 maxlen: 32
91.235.4.0/23 maxlen: 32
213.177.0.0/21 maxlen: 32
86.105.108.0/22 maxlen: 32
213.177.8.0/21 maxlen: 32
193.169.21.0/24 maxlen: 32
130.195.57.0/24 maxlen: 24
89.41.56.0/23 maxlen: 32
89.43.190.0/23 maxlen: 32
195.242.244.0/22 maxlen: 32
89.200.246.0/23 maxlen: 32
89.200.247.0/24 maxlen: 32
86.105.216.0/22 maxlen: 32
2a00:5dc0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:03:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:4d:cf:65:d9:0c:af:d0:9f:e8:40:2b:26:7f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1795ac843cd8ba90188f7313652bb561299b296f
Validity
Not Before: Jan 1 08:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cf928c899bee41446e3a5e33bfa43d7bdf3b3ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b1:c0:e9:aa:e0:12:92:f2:dd:1d:5d:ce:95:
27:19:37:99:4a:2d:0d:63:4c:e6:95:8a:c8:01:4e:
97:93:3b:b9:69:ca:aa:9c:06:bd:33:e2:d4:06:57:
8b:3a:7e:0f:29:9d:2e:1b:25:57:85:8e:3a:79:ba:
4c:4a:e0:fb:4e:24:05:88:8d:1f:6d:4b:2c:8b:a3:
7f:60:27:ed:38:f8:fb:50:16:df:7c:3e:76:e0:a3:
36:7c:b6:f1:bf:d9:87:c1:cf:62:67:1a:27:76:5b:
7c:0f:84:4b:77:a9:6f:e7:29:a4:0f:51:a6:a4:24:
0d:9a:7a:14:f5:ad:3f:0e:d3:82:60:b1:8f:12:e2:
ed:ac:76:f5:98:c5:6d:fb:4f:7d:07:77:48:7d:c4:
5a:ac:c7:d9:4d:9d:de:6b:88:5b:39:70:ec:5a:5f:
60:8f:bf:4c:89:06:f2:a3:93:a5:14:15:c4:a4:b8:
12:f2:cf:b1:f5:33:13:63:77:74:1a:c4:99:29:35:
16:05:89:e6:75:4b:25:5b:20:57:67:10:c4:12:f4:
44:ba:ad:d0:8d:9f:24:fd:89:1c:8a:ed:c9:94:bb:
6a:92:cb:b0:3e:05:f1:bb:db:7f:af:ad:49:35:04:
82:93:f6:28:20:8b:b7:db:ff:64:a0:30:f2:d0:ec:
ad:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F9:28:C8:99:BE:E4:14:46:E3:A5:E3:3B:FA:43:D7:BD:F3:B3:EA
X509v3 Authority Key Identifier:
keyid:17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/DPkoyJm-5BRG46XjO_pD173zs-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.108.0/22
86.105.216.0/22
89.35.192.0/24
89.41.56.0/23
89.42.116.0/23
89.43.190.0/23
89.200.246.0/23
91.235.4.0/23
93.113.29.0/24
130.195.57.0/24
193.151.28.0/22
193.169.21.0/24
195.242.244.0/22
203.25.143.0/24
213.177.0.0/19
IPv6:
2a00:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:45:e0:42:af:e9:61:2c:5c:58:90:6d:9c:34:1b:37:8c:e8:
00:c2:8b:a6:b7:c8:19:7c:22:2e:b8:a2:c9:45:21:01:ae:19:
bf:da:49:58:49:88:5a:ce:26:28:f6:f1:18:b1:7e:73:84:fe:
24:0a:af:8d:cb:61:ee:fa:eb:8a:c4:e8:ab:88:b0:24:3f:8e:
5f:77:47:d5:76:93:7c:c3:45:11:26:c9:50:7f:c8:93:64:cb:
c8:90:b6:01:fe:62:2f:e9:6c:9d:c1:e3:99:c5:8d:35:d6:58:
de:34:3f:16:97:75:30:f6:5c:a9:29:ac:71:fc:9b:21:8b:5d:
ca:55:29:6d:37:26:e6:2b:12:1a:e4:21:5c:70:24:c8:80:f9:
a3:93:cb:58:01:18:7c:ea:04:01:1e:da:ed:a9:0d:ff:e8:6e:
73:25:e5:2c:1a:03:cf:b0:43:77:39:d3:7f:00:6f:2a:5c:32:
33:5f:45:2b:58:e3:78:ef:e8:3d:24:95:b7:ad:ce:40:ae:74:
b4:51:66:8c:6c:bd:4f:1d:1f:27:33:be:70:7b:e3:4d:f4:ba:
2e:de:87:c6:40:48:a4:a0:d1:1e:04:ac:9d:06:ff:ca:5a:2a:
0d:e8:15:4c:ed:0b:3b:75:74:4f:df:52:b5:c3:f9:12:34:08:
bb:ab:a3:01
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzEJE3PZdkMr9Cf6EArJn9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTVhYzg0M2NkOGJhOTAxODhmNzMxMzY1MmJiNTYxMjk5
YjI5NmYwHhcNMjQwMTAxMDgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2Y5MjhjODk5YmVlNDE0NDZlM2E1ZTMzYmZhNDNkN2JkZjNiM2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLHA6argEpLy3R1dzpUnGTeZSi0N
Y0zmlYrIAU6Xkzu5acqqnAa9M+LUBleLOn4PKZ0uGyVXhY46ebpMSuD7TiQFiI0f
bUssi6N/YCftOPj7UBbffD524KM2fLbxv9mHwc9iZxondlt8D4RLd6lv5ymkD1Gm
pCQNmnoU9a0/DtOCYLGPEuLtrHb1mMVt+099B3dIfcRarMfZTZ3ea4hbOXDsWl9g
j79MiQbyo5OlFBXEpLgS8s+x9TMTY3d0GsSZKTUWBYnmdUslWyBXZxDEEvREuq3Q
jZ8k/Ykciu3JlLtqksuwPgXxu9t/r61JNQSCk/YoIIu32/9koDDy0Oyt3QIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFAz5KMiZvuQURuOl4zv6Q9e987PqMB8GA1UdIwQY
MBaAFBeVrIQ82LqQGI9zE2UrtWEpmylvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODct
NzMxYWJjNmY3NWNhLzEvRFBrb3lKbS01QlJHNDZYak9fcEQxNzN6cy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODctNzMxYWJjNmY3NWNh
LzEvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAlZpbAME
AlZp2AMEAFkjwAMEAVkpOAMEAVkqdAMEAVkrvgMEAVnI9gMEAVvrBAMEAF1xHQME
AILDOQMEAsGXHAMEAMGpFQMEAsPy9AMEAMsZjwMEBdWxADANBAIAAjAHAwUDKgBd
wDANBgkqhkiG9w0BAQsFAAOCAQEAo0XgQq/pYSxcWJBtnDQbN4zoAMKLprfIGXwi
LriiyUUhAa4Zv9pJWEmIWs4mKPbxGLF+c4T+JAqvjcth7vrrisToq4iwJD+OX3dH
1XaTfMNFESbJUH/Ik2TLyJC2Af5iL+lsncHjmcWNNdZY3jQ/Fpd1MPZcqSmscfyb
IYtdylUpbTcm5isSGuQhXHAkyID5o5PLWAEYfOoEAR7a7akN/+hucyXlLBoDz7BD
dznTfwBvKlwyM19FK1jjeO/oPSSVt63OQK50tFFmjGy9Tx0fJzO+cHvjTfS6Lt6H
xkBIpKDRHgSsnQb/yloqDegVTO0LO3V0T99StcP5EjQIu6ujAQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:04:23 2024 by rpki-client on console-ams.rpki-client.org