Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/DDNbL8-muhovLIUMdkkW6YplPYU.roa
File: DDNbL8-muhovLIUMdkkW6YplPYU.roa (raw, json)
Hash identifier: g3gx/4T723kZ6tCstIQEjwIBuCuNUfdMYWI0oHuRSVw=
Subject key identifier: 0C:33:5B:2F:CF:A6:BA:1A:2F:2C:85:0C:76:49:16:E9:8A:65:3D:85
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018CC2DAEED8C1CFB01269A7E53AC671C8B4
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/DDNbL8-muhovLIUMdkkW6YplPYU.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47447
IP address blocks: 193.38.156.0/22 maxlen: 22
45.87.136.0/22 maxlen: 24
2a0e:fe80::/29 maxlen: 48
2a0d:6940::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ee:d8:c1:cf:b0:12:69:a7:e5:3a:c6:71:c8:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c335b2fcfa6ba1a2f2c850c764916e98a653d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6c:71:c5:35:d0:95:33:30:d0:2a:8d:14:e0:
5b:57:19:c0:ef:a4:d3:e0:1d:8f:35:0d:b2:1e:57:
3d:e6:9d:9d:33:3f:fc:71:47:cc:19:5d:7d:fe:63:
c4:21:f6:ba:c2:fa:d9:8a:18:ec:47:da:a0:f8:e9:
17:85:ff:eb:1e:93:71:d1:d9:a7:ce:f6:f8:67:fa:
ef:68:02:a4:d4:c8:fc:e0:e4:ac:cf:44:85:2b:24:
64:7b:4f:ab:9c:58:54:3e:2b:61:a8:09:1f:e0:45:
27:81:c0:15:8f:9b:d3:28:11:12:63:95:23:b8:0f:
9e:dc:79:da:c1:41:dc:f6:f4:02:71:0a:7b:28:d4:
9f:c6:1f:17:3b:76:06:b7:5e:2e:98:a2:c9:05:6d:
78:6e:f9:ab:36:69:3f:c4:58:5c:3b:6b:ca:3d:19:
d5:5c:23:a0:ad:ef:d7:41:b7:e0:e3:53:5b:f7:e3:
9d:f0:da:05:ae:9f:90:bd:00:c6:8d:1a:49:cc:77:
8b:77:b1:9f:60:93:5a:28:d0:9e:f5:a0:fc:93:af:
9e:f9:c7:71:ce:87:80:ec:7a:8f:cb:b6:91:b7:e7:
ff:68:dc:cd:d8:b6:1c:61:a7:3d:e9:f0:42:c7:94:
a5:3b:1d:dc:e9:3e:4e:b9:6a:d3:00:85:bf:d5:26:
fe:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:33:5B:2F:CF:A6:BA:1A:2F:2C:85:0C:76:49:16:E9:8A:65:3D:85
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/DDNbL8-muhovLIUMdkkW6YplPYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.136.0/22
193.38.156.0/22
IPv6:
2a0d:6940::/29
2a0e:fe80::/29
Signature Algorithm: sha256WithRSAEncryption
71:81:80:4e:d3:e9:ff:92:b1:df:49:b8:78:03:4c:78:79:d5:
9a:3e:01:45:5d:5c:2e:44:10:64:54:ed:f8:cf:c3:e0:f4:69:
3d:88:02:e4:65:3a:f9:be:74:0d:40:85:15:77:94:c3:93:0b:
9e:06:86:a2:f9:39:ef:aa:26:aa:42:15:8d:73:c2:2e:d9:2a:
be:f7:8a:9c:0f:58:cb:91:e3:71:08:89:af:8a:8c:25:47:5d:
bf:1c:ab:cb:e8:05:94:d6:43:f7:51:ac:28:db:21:ff:ad:5f:
c6:11:0f:41:24:4b:12:6f:7c:34:55:3a:e3:31:7b:ac:fd:2f:
0c:81:a3:2c:1c:a9:5c:8f:61:a9:07:55:d9:0e:4d:93:0d:64:
8a:e4:4e:9f:de:50:8a:72:96:30:cf:16:56:62:77:a9:f7:96:
66:43:d2:23:ea:e5:ba:9a:f3:d5:17:59:57:5c:47:d6:70:7c:
81:44:f8:ac:de:fb:f8:61:5f:46:f4:ec:c3:09:78:4b:dc:68:
b1:33:ed:5b:b4:f7:72:25:5e:da:05:db:69:c8:2a:ab:6d:df:
ea:ce:b6:3d:6f:a5:83:83:c5:56:31:e0:fb:32:f2:e8:fc:9e:
79:e4:82:bf:c6:4f:cd:ab:14:eb:5b:1b:3f:bb:35:90:6b:b9:
11:41:ef:06
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC2u7Ywc+wEmmn5TrGcci0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzMzNWIyZmNmYTZiYTFhMmYyYzg1MGM3NjQ5MTZlOThhNjUzZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGxxxTXQlTMw0CqNFOBbVxnA76TT
4B2PNQ2yHlc95p2dMz/8cUfMGV19/mPEIfa6wvrZihjsR9qg+OkXhf/rHpNx0dmn
zvb4Z/rvaAKk1Mj84OSsz0SFKyRke0+rnFhUPithqAkf4EUngcAVj5vTKBESY5Uj
uA+e3HnawUHc9vQCcQp7KNSfxh8XO3YGt14umKLJBW14bvmrNmk/xFhcO2vKPRnV
XCOgre/XQbfg41Nb9+Od8NoFrp+QvQDGjRpJzHeLd7GfYJNaKNCe9aD8k6+e+cdx
zoeA7HqPy7aRt+f/aNzN2LYcYac96fBCx5SlOx3c6T5OuWrTAIW/1Sb+3wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAwzWy/PproaLyyFDHZJFumKZT2FMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvREROYkw4LW11aG92TElVTWRra1c2WXBsUFlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVeIAwQC
wSacMBQEAgACMA4DBQMqDWlAAwUDKg7+gDANBgkqhkiG9w0BAQsFAAOCAQEAcYGA
TtPp/5Kx30m4eANMeHnVmj4BRV1cLkQQZFTt+M/D4PRpPYgC5GU6+b50DUCFFXeU
w5MLngaGovk576omqkIVjXPCLtkqvveKnA9Yy5HjcQiJr4qMJUddvxyry+gFlNZD
91GsKNsh/61fxhEPQSRLEm98NFU64zF7rP0vDIGjLBypXI9hqQdV2Q5Nkw1kiuRO
n95QinKWMM8WVmJ3qfeWZkPSI+rluprz1RdZV1xH1nB8gUT4rN77+GFfRvTswwl4
S9xosTPtW7T3ciVe2gXbacgqq23f6s62PW+lg4PFVjHg+zLy6PyeeeSCv8ZPzasU
61sbP7s1kGu5EUHvBg==
-----END CERTIFICATE-----
Generated at Sun Jun 23 03:18:44 2024 by rpki-client on console-fra.rpki-client.org