Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/DdQ6k087lbdu8JOf3rJILBUQeog.roa
File: DdQ6k087lbdu8JOf3rJILBUQeog.roa (raw, json)
Hash identifier: O9NcV4SS/KIoQCFBu/yVsW0tnOIUFZ/9XchZeN+z178=
Subject key identifier: 0D:D4:3A:93:4F:3B:95:B7:6E:F0:93:9F:DE:B2:48:2C:15:10:7A:88
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 018CC9BC94FF7A5E70BD6F3860DDB1310499
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/DdQ6k087lbdu8JOf3rJILBUQeog.roa
Signing time: Tue 02 Jan 2024 10:33:48 +0000
ROA not before: Tue 02 Jan 2024 10:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210398
IP address blocks: 83.217.238.128/26 maxlen: 26
83.231.149.64/28 maxlen: 28
213.130.49.64/26 maxlen: 26
213.130.47.32/28 maxlen: 28
2001:728:1404::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:94:ff:7a:5e:70:bd:6f:38:60:dd:b1:31:04:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Jan 2 10:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dd43a934f3b95b76ef0939fdeb2482c15107a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:92:f5:43:a0:11:d0:92:5e:7f:d4:3b:34:df:
48:00:6d:0e:bd:8f:4e:48:42:e9:39:ad:96:f0:7a:
8c:e2:18:d5:e9:7b:dd:58:46:bb:b0:45:79:f5:22:
fc:e2:4f:bb:b5:75:1b:01:0d:d2:79:32:f7:0c:17:
a0:a3:44:bf:28:98:47:5d:37:a3:ca:54:b0:1a:66:
4e:52:40:2d:37:8a:4c:0c:2c:d8:54:27:f3:fd:8f:
65:b0:42:a9:f6:a0:b8:0d:2c:3b:f2:d7:9a:31:c5:
d2:3a:c8:e5:b2:d1:be:0c:95:32:71:cd:07:5d:4d:
08:49:87:58:d4:9b:22:cb:7e:69:e4:de:c6:28:75:
3a:ed:1f:80:71:cd:73:73:be:f8:de:c0:cd:b4:65:
ca:85:2a:90:9b:d5:0f:4e:1f:4f:5e:4b:1f:42:0b:
03:53:f5:53:05:7d:98:5a:31:18:13:1c:64:76:68:
92:6b:b0:1f:53:f2:d7:2a:9b:36:d2:b8:f4:57:58:
82:5a:4c:64:2e:0a:8e:05:5f:8b:0c:d8:87:5f:18:
be:a6:f9:83:01:32:78:91:30:50:59:a0:7c:2e:75:
76:11:44:e5:ff:17:1c:7a:60:0d:32:ec:60:54:98:
33:d5:55:41:92:4d:eb:17:28:20:43:e8:fa:71:53:
74:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D4:3A:93:4F:3B:95:B7:6E:F0:93:9F:DE:B2:48:2C:15:10:7A:88
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/DdQ6k087lbdu8JOf3rJILBUQeog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.217.238.128/26
83.231.149.64/28
213.130.47.32/28
213.130.49.64/26
IPv6:
2001:728:1404::/48
Signature Algorithm: sha256WithRSAEncryption
7c:ed:4c:40:a4:28:0a:c1:fa:c2:3d:9b:d8:b7:51:6b:1f:55:
89:3d:fc:8d:d6:16:e7:3f:56:b7:e6:74:48:28:a4:d8:42:c1:
ea:65:23:9e:d5:21:d0:ca:42:28:ef:51:a5:c5:a2:65:16:0b:
7b:9f:fa:11:32:e8:2b:bf:9d:be:80:1a:d5:39:b6:37:69:8c:
39:81:84:3b:53:f9:98:1e:ea:e9:ee:f2:f3:e4:cc:64:f3:6d:
aa:cc:c1:d7:05:41:e4:eb:6e:bc:77:5a:20:8a:cd:e2:f6:c5:
89:99:b1:ef:f1:a0:bb:23:eb:b7:a6:ac:9c:e6:c2:c4:07:a0:
ff:6e:a5:94:eb:41:73:24:23:77:be:d8:ab:98:1b:de:b3:0a:
92:0d:dd:11:17:69:b7:56:90:d7:21:19:d2:e8:82:42:b6:a3:
5d:4a:49:1c:ec:2e:fb:97:75:06:c3:1a:0c:b9:95:41:41:7b:
71:a2:fd:a0:ab:d3:d6:7f:92:1b:a9:33:95:9c:fe:74:67:ed:
f4:39:b9:ef:ae:ee:f6:4f:92:31:f0:96:53:e6:e8:04:9d:6d:
c5:26:7f:7a:59:bd:27:b5:eb:d1:75:83:76:ea:44:ce:9a:7e:
3d:e4:9e:15:10:85:d6:35:33:0c:34:a1:a8:12:5e:44:5f:a4:
83:c3:8c:0f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzJvJT/el5wvW84YN2xMQSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjQwMTAyMTAzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ0M2E5MzRmM2I5NWI3NmVmMDkzOWZkZWIyNDgyYzE1MTA3YTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5L1Q6AR0JJef9Q7NN9IAG0OvY9O
SELpOa2W8HqM4hjV6XvdWEa7sEV59SL84k+7tXUbAQ3SeTL3DBego0S/KJhHXTej
ylSwGmZOUkAtN4pMDCzYVCfz/Y9lsEKp9qC4DSw78teaMcXSOsjlstG+DJUycc0H
XU0ISYdY1Jsiy35p5N7GKHU67R+Acc1zc7743sDNtGXKhSqQm9UPTh9PXksfQgsD
U/VTBX2YWjEYExxkdmiSa7AfU/LXKps20rj0V1iCWkxkLgqOBV+LDNiHXxi+pvmD
ATJ4kTBQWaB8LnV2EUTl/xccemANMuxgVJgz1VVBkk3rFyggQ+j6cVN0EwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFA3UOpNPO5W3bvCTn96ySCwVEHqIMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvRGRRNmswODdsYmR1OEpPZjNySklMQlVRZW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAiBAIAATAcAwUGU9nugAMF
BFPnlUADBQTVgi8gAwUG1YIxQDAPBAIAAjAJAwcAIAEHKBQEMA0GCSqGSIb3DQEB
CwUAA4IBAQB87UxApCgKwfrCPZvYt1FrH1WJPfyN1hbnP1a35nRIKKTYQsHqZSOe
1SHQykIo71GlxaJlFgt7n/oRMugrv52+gBrVObY3aYw5gYQ7U/mYHurp7vLz5Mxk
822qzMHXBUHk6268d1ogis3i9sWJmbHv8aC7I+u3pqyc5sLEB6D/bqWU60FzJCN3
vtirmBveswqSDd0RF2m3VpDXIRnS6IJCtqNdSkkc7C77l3UGwxoMuZVBQXtxov2g
q9PWf5IbqTOVnP50Z+30Obnvru72T5Ix8JZT5ugEnW3FJn96Wb0ntevRdYN26kTO
mn495J4VEIXWNTMMNKGoEl5EX6SDw4wP
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:22:19 2024 by rpki-client on console-fra.rpki-client.org