Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/DGHZfxKkPZ0U0K76ps1pA7WjgFs.roa
File: DGHZfxKkPZ0U0K76ps1pA7WjgFs.roa (raw, json)
Hash identifier: eIIsnrnmldXq85Y0NjvDM3h7EV85y/dWrYtK0n9jQJo=
Subject key identifier: 0C:61:D9:7F:12:A4:3D:9D:14:D0:AE:FA:A6:CD:69:03:B5:A3:80:5B
Certificate issuer: /CN=0e856801bef8ed3ae810e7e67a31fd012b44d30c
Certificate serial: 018CC86F2D1F199C882D0DCD98CDCAC5E102
Authority key identifier: 0E:85:68:01:BE:F8:ED:3A:E8:10:E7:E6:7A:31:FD:01:2B:44:D3:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoVoAb747TroEOfmejH9AStE0ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/DGHZfxKkPZ0U0K76ps1pA7WjgFs.roa
Signing time: Tue 02 Jan 2024 04:29:38 +0000
ROA not before: Tue 02 Jan 2024 04:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13127
IP address blocks: 176.117.57.0/24 maxlen: 24
2001:67c:17ec::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/DoVoAb747TroEOfmejH9AStE0ww.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/DoVoAb747TroEOfmejH9AStE0ww.mft
rsync://rpki.ripe.net/repository/DEFAULT/DoVoAb747TroEOfmejH9AStE0ww.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:2d:1f:19:9c:88:2d:0d:cd:98:cd:ca:c5:e1:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e856801bef8ed3ae810e7e67a31fd012b44d30c
Validity
Not Before: Jan 2 04:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c61d97f12a43d9d14d0aefaa6cd6903b5a3805b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:35:37:bb:9e:e1:2c:37:33:f7:5c:33:2b:4c:
43:6c:b0:84:98:b1:f3:ca:68:50:54:43:02:c1:0b:
34:96:29:e1:bb:5d:ff:0b:b4:69:de:ed:57:1f:c1:
39:b7:67:25:9f:b6:64:7e:4a:1c:3c:24:72:7c:0f:
28:c3:4f:46:b6:ab:0f:18:c6:8d:8b:09:11:25:1c:
23:99:4f:21:59:56:3e:5a:a5:da:ee:e9:6e:0a:8c:
dd:c9:c9:b0:ec:4d:b9:81:2b:95:5e:19:95:3b:3b:
a3:b8:48:3b:33:ce:23:91:85:b9:cf:8c:07:cb:83:
62:06:55:c1:b1:2b:9d:01:fd:ce:1c:a8:28:6f:b4:
f4:8b:cc:dd:de:40:7a:5d:79:7f:e3:e0:29:ef:36:
78:f7:d6:75:3c:79:d6:6c:19:14:ef:28:71:fe:f4:
5b:14:e6:ea:d7:f5:b3:c0:7c:64:ba:69:86:37:d3:
a1:0e:da:56:e6:4c:ff:c1:e5:26:4f:64:c1:a4:f8:
77:61:37:91:34:14:41:fc:50:58:17:67:ce:37:13:
46:7c:2f:a4:de:28:de:a5:26:9e:13:c6:20:4c:84:
ed:89:8a:fa:3b:ee:82:b3:41:86:0a:26:87:aa:e0:
69:ca:5c:dc:5a:5a:8a:35:8c:22:1e:fc:68:b8:18:
30:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:61:D9:7F:12:A4:3D:9D:14:D0:AE:FA:A6:CD:69:03:B5:A3:80:5B
X509v3 Authority Key Identifier:
keyid:0E:85:68:01:BE:F8:ED:3A:E8:10:E7:E6:7A:31:FD:01:2B:44:D3:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoVoAb747TroEOfmejH9AStE0ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/DGHZfxKkPZ0U0K76ps1pA7WjgFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/541434-879d-4e55-a47f-190b06dee4dc/1/DoVoAb747TroEOfmejH9AStE0ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.57.0/24
IPv6:
2001:67c:17ec::/48
Signature Algorithm: sha256WithRSAEncryption
68:12:3a:d4:9c:37:05:59:d2:ea:74:57:69:ae:b4:7c:f1:5f:
db:60:6d:49:8b:21:04:75:6c:01:20:cc:18:59:09:a0:83:c8:
13:6f:1d:e5:d7:4c:14:55:9a:6d:74:c0:c1:d2:8c:93:fa:c6:
e3:54:76:ae:c7:40:bf:5a:d4:8e:51:ca:ae:b6:04:89:52:e5:
d5:b3:13:fe:52:1c:85:6f:a1:43:a9:70:b2:14:df:ed:07:76:
ac:13:f9:64:8f:9a:ea:10:b5:5e:18:f7:5b:2c:78:dd:45:af:
0f:2f:a7:68:2e:4b:ae:59:71:1c:54:70:8f:74:7b:11:be:d4:
1a:92:13:2e:57:a7:73:56:4b:32:f2:0c:61:5f:eb:3d:e0:4a:
8c:ee:07:a7:ec:8a:b1:f3:8e:86:a6:7a:40:12:40:d7:38:6f:
8b:34:12:89:78:eb:81:3b:cd:d4:40:ba:f1:59:69:bb:2a:f7:
69:a8:b4:2c:17:75:23:1d:b9:5e:71:4f:91:9c:df:bb:5b:7c:
fa:b9:26:df:6c:7c:b6:71:07:db:75:d4:81:49:a6:e0:57:18:
0c:27:a0:05:72:63:29:22:06:14:3c:61:fa:25:b0:92:a8:d0:
49:ba:a8:58:c9:e5:37:6e:19:06:31:4c:97:d6:4a:03:fe:fc:
e9:00:0c:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIby0fGZyILQ3NmM3KxeECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODU2ODAxYmVmOGVkM2FlODEwZTdlNjdhMzFmZDAxMmI0
NGQzMGMwHhcNMjQwMTAyMDQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzYxZDk3ZjEyYTQzZDlkMTRkMGFlZmFhNmNkNjkwM2I1YTM4MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljU3u57hLDcz91wzK0xDbLCEmLHz
ymhQVEMCwQs0linhu13/C7Rp3u1XH8E5t2cln7ZkfkocPCRyfA8ow09GtqsPGMaN
iwkRJRwjmU8hWVY+WqXa7uluCozdycmw7E25gSuVXhmVOzujuEg7M84jkYW5z4wH
y4NiBlXBsSudAf3OHKgob7T0i8zd3kB6XXl/4+Ap7zZ499Z1PHnWbBkU7yhx/vRb
FObq1/WzwHxkummGN9OhDtpW5kz/weUmT2TBpPh3YTeRNBRB/FBYF2fONxNGfC+k
3ijepSaeE8YgTITtiYr6O+6Cs0GGCiaHquBpylzcWlqKNYwiHvxouBgwcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAxh2X8SpD2dFNCu+qbNaQO1o4BbMB8GA1UdIwQY
MBaAFA6FaAG++O066BDn5nox/QErRNMMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9Wb0FiNzQ3VHJvRU9mbWVqSDlBU3RFMHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC81NDE0MzQtODc5ZC00ZTU1LWE0N2Yt
MTkwYjA2ZGVlNGRjLzEvREdIWmZ4S2tQWjBVMEs3NnBzMXBBN1dqZ0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC81NDE0MzQtODc5ZC00ZTU1LWE0N2YtMTkwYjA2ZGVlNGRj
LzEvRG9Wb0FiNzQ3VHJvRU9mbWVqSDlBU3RFMHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsHU5MA8E
AgACMAkDBwAgAQZ8F+wwDQYJKoZIhvcNAQELBQADggEBAGgSOtScNwVZ0up0V2mu
tHzxX9tgbUmLIQR1bAEgzBhZCaCDyBNvHeXXTBRVmm10wMHSjJP6xuNUdq7HQL9a
1I5Ryq62BIlS5dWzE/5SHIVvoUOpcLIU3+0HdqwT+WSPmuoQtV4Y91sseN1Frw8v
p2guS65ZcRxUcI90exG+1BqSEy5Xp3NWSzLyDGFf6z3gSozuB6fsirHzjoamekAS
QNc4b4s0Eol464E7zdRAuvFZabsq92motCwXdSMduV5xT5Gc37tbfPq5Jt9sfLZx
B9t11IFJpuBXGAwnoAVyYykiBhQ8YfolsJKo0Em6qFjJ5TduGQYxTJfWSgP+/OkA
DE0=
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:03:12 2024 by rpki-client on console-ams.rpki-client.org