Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/Dy5ZkDW0UfAL590M5yyfFuQeA3s.roa
File: Dy5ZkDW0UfAL590M5yyfFuQeA3s.roa (raw, json)
Hash identifier: brZVk/x+0hWnpdiWpGdRMDX5arbELDhwajL+ZdwGLBo=
Subject key identifier: 0F:2E:59:90:35:B4:51:F0:0B:E7:DD:0C:E7:2C:9F:16:E4:1E:03:7B
Certificate issuer: /CN=cd8e8ebd80fcf884975e42b46bf4e548793f29cb
Certificate serial: 018E98E76484CBF85979630DC622DD977258
Authority key identifier: CD:8E:8E:BD:80:FC:F8:84:97:5E:42:B4:6B:F4:E5:48:79:3F:29:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/Dy5ZkDW0UfAL590M5yyfFuQeA3s.roa
Signing time: Mon 01 Apr 2024 09:04:45 +0000
ROA not before: Mon 01 Apr 2024 09:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213359
IP address blocks: 193.34.80.0/24 maxlen: 24
2a10:d840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:98:e7:64:84:cb:f8:59:79:63:0d:c6:22:dd:97:72:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8e8ebd80fcf884975e42b46bf4e548793f29cb
Validity
Not Before: Apr 1 09:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f2e599035b451f00be7dd0ce72c9f16e41e037b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:99:15:0f:4e:e0:7e:00:2e:a0:ba:63:48:3e:
fe:bd:b9:92:13:54:e7:db:7c:5f:6c:f5:88:bd:5e:
bb:5d:32:31:1c:52:2a:61:9c:98:f1:6d:bb:a9:1e:
b6:89:37:b3:6b:28:1f:96:62:8b:32:c3:09:18:c0:
82:81:6b:59:e2:34:63:1c:c4:fa:05:49:24:28:c7:
89:6d:73:d3:42:e9:c3:6c:ba:96:d7:49:3d:c2:2d:
f3:c6:24:d3:40:1b:10:aa:48:ae:98:15:27:52:27:
e0:9e:b4:5d:9f:3a:90:20:84:ad:bb:04:28:10:5a:
f2:aa:6d:09:6e:c6:be:8c:70:15:4c:89:a1:1c:9d:
41:41:1e:56:fc:6c:17:b4:b1:c0:04:bc:73:87:93:
d8:d8:61:c6:89:a3:65:15:55:26:34:12:00:90:6c:
f6:d7:49:98:08:d3:6c:a5:ae:22:a8:b3:fb:39:ed:
36:81:a7:64:86:09:9a:42:bd:41:67:ca:0f:cb:eb:
9e:79:af:25:f3:37:df:cf:3f:8e:00:cf:6f:1f:e8:
c1:3a:bd:b2:b3:8f:fc:9d:df:f1:ff:3f:5c:1e:5b:
a7:84:07:95:e5:03:45:84:37:1b:8a:d9:18:47:95:
30:91:d4:a6:76:6d:49:8b:f8:9d:38:e9:24:08:7f:
5a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:2E:59:90:35:B4:51:F0:0B:E7:DD:0C:E7:2C:9F:16:E4:1E:03:7B
X509v3 Authority Key Identifier:
keyid:CD:8E:8E:BD:80:FC:F8:84:97:5E:42:B4:6B:F4:E5:48:79:3F:29:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/Dy5ZkDW0UfAL590M5yyfFuQeA3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.80.0/24
IPv6:
2a10:d840::/29
Signature Algorithm: sha256WithRSAEncryption
44:bd:86:f6:34:7e:48:6e:0f:af:19:6e:b1:49:5a:ae:30:3d:
c9:14:40:a8:72:a9:b1:f9:89:e8:85:f2:e1:6c:2d:90:52:8b:
d4:b3:bd:72:c7:03:68:b3:ba:3c:ed:3a:23:c1:ad:51:53:1a:
f6:2a:0e:9b:09:3a:2f:94:9f:ab:b4:ea:7e:b8:1c:e5:81:05:
4c:2b:fc:b0:7d:ee:96:53:45:35:e9:e7:10:96:19:a5:80:80:
6d:67:4e:ce:b7:a1:7b:e1:1e:d4:d7:3f:fa:c3:35:72:b6:0a:
c7:38:1c:f5:7a:bc:08:8e:6d:e3:fd:47:db:dd:77:f0:95:d3:
1c:f6:c1:6f:04:e8:27:b7:8b:42:2c:c0:06:1f:96:49:3d:8d:
37:c0:92:d7:77:8e:81:aa:31:5f:bc:36:34:f5:95:98:b5:3a:
a4:37:e3:77:92:51:2f:9c:f5:f6:b1:f2:48:e8:eb:96:ea:20:
48:5c:8f:0b:50:b0:4a:20:25:31:eb:f6:58:c4:bc:aa:2f:1c:
56:e9:06:83:33:07:ea:b0:bf:e1:5f:6e:81:57:09:95:73:43:
6b:ae:f6:2c:d1:8c:79:54:6c:f6:c3:89:12:52:1f:84:de:36:
95:df:63:76:6f:23:62:bb:30:4a:e4:8c:a1:b9:77:3b:75:c9:
45:07:27:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6Y52SEy/hZeWMNxiLdl3JYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOGU4ZWJkODBmY2Y4ODQ5NzVlNDJiNDZiZjRlNTQ4Nzkz
ZjI5Y2IwHhcNMjQwNDAxMDkwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjJlNTk5MDM1YjQ1MWYwMGJlN2RkMGNlNzJjOWYxNmU0MWUwMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJkVD07gfgAuoLpjSD7+vbmSE1Tn
23xfbPWIvV67XTIxHFIqYZyY8W27qR62iTezaygflmKLMsMJGMCCgWtZ4jRjHMT6
BUkkKMeJbXPTQunDbLqW10k9wi3zxiTTQBsQqkiumBUnUifgnrRdnzqQIIStuwQo
EFryqm0Jbsa+jHAVTImhHJ1BQR5W/GwXtLHABLxzh5PY2GHGiaNlFVUmNBIAkGz2
10mYCNNspa4iqLP7Oe02gadkhgmaQr1BZ8oPy+ueea8l8zffzz+OAM9vH+jBOr2y
s4/8nd/x/z9cHlunhAeV5QNFhDcbitkYR5UwkdSmdm1Ji/idOOkkCH9aUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA8uWZA1tFHwC+fdDOcsnxbkHgN7MB8GA1UdIwQY
MBaAFM2Ojr2A/PiEl15CtGv05Uh5PynLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelk2T3ZZRDgtSVNYWGtLMGFfVGxTSGtfS2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9kYzhmOWItMDZkNi00NGQzLTlhMzgt
Mjg2YTVlZTZlMDQzLzEvRHk1WmtEVzBVZkFMNTkwTTV5eWZGdVFlQTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9kYzhmOWItMDZkNi00NGQzLTlhMzgtMjg2YTVlZTZlMDQz
LzEvelk2T3ZZRDgtSVNYWGtLMGFfVGxTSGtfS2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSJQMA0E
AgACMAcDBQMqENhAMA0GCSqGSIb3DQEBCwUAA4IBAQBEvYb2NH5Ibg+vGW6xSVqu
MD3JFECocqmx+YnohfLhbC2QUovUs71yxwNos7o87Tojwa1RUxr2Kg6bCTovlJ+r
tOp+uBzlgQVMK/ywfe6WU0U16ecQlhmlgIBtZ07Ot6F74R7U1z/6wzVytgrHOBz1
erwIjm3j/Ufb3XfwldMc9sFvBOgnt4tCLMAGH5ZJPY03wJLXd46BqjFfvDY09ZWY
tTqkN+N3klEvnPX2sfJI6OuW6iBIXI8LULBKICUx6/ZYxLyqLxxW6QaDMwfqsL/h
X26BVwmVc0NrrvYs0Yx5VGz2w4kSUh+E3jaV32N2byNiuzBK5IyhuXc7dclFByfl
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:16:32 2024 by rpki-client on console-ams.rpki-client.org