Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DajcauuKScnJbPleTsgKp--r_sI.roa
File: DajcauuKScnJbPleTsgKp--r_sI.roa (raw, json)
Hash identifier: pmtgk8Tl79CoerB6nP3wa5ed7WPGAhFQFCSv2/+yXZg=
Subject key identifier: 0D:A8:DC:6A:EB:8A:49:C9:C9:6C:F9:5E:4E:C8:0A:A7:EF:AB:FE:C2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD02607544DFEAB01490AF018BF300
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DajcauuKScnJbPleTsgKp--r_sI.roa
Signing time: Tue 02 Jan 2024 06:29:36 +0000
ROA not before: Tue 02 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202129
IP address blocks: 93.123.105.0/24 maxlen: 24
93.123.104.0/22 maxlen: 22
93.123.104.0/24 maxlen: 24
93.123.106.0/24 maxlen: 24
93.123.107.0/24 maxlen: 24
2a00:1728:1e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:02:60:75:44:df:ea:b0:14:90:af:01:8b:f3:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0da8dc6aeb8a49c9c96cf95e4ec80aa7efabfec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:57:21:d6:80:a1:cb:ac:35:5d:4d:33:62:3f:
d2:1d:5c:bd:f9:e0:4b:73:45:f8:81:de:56:19:b0:
d7:16:c6:6f:dc:c5:ff:c7:bb:f2:e7:13:6e:43:35:
18:43:5c:bb:49:ab:73:66:a9:a6:12:b4:e7:b3:f5:
7d:05:36:4c:5f:3b:32:b5:66:0c:20:7e:eb:f1:d8:
9d:00:90:0f:a4:2a:88:6d:76:ac:c0:12:14:18:40:
e9:78:69:ed:61:b1:a5:db:81:ef:e3:8e:c2:a9:ac:
a7:91:eb:60:9c:11:25:38:66:c2:18:66:a2:0a:67:
88:60:7b:0c:90:fc:c1:d2:0f:98:0e:77:b6:02:a8:
15:4c:62:c6:77:11:b2:1a:2e:dc:ea:4d:2f:0c:b9:
57:0c:a8:33:43:f7:1b:8e:99:07:9c:13:a3:23:98:
8d:e9:05:6a:f7:87:35:91:6e:02:8f:18:28:36:d3:
ae:e4:25:9d:5e:4c:d3:b5:f4:81:66:89:9d:73:6b:
90:b3:6f:a9:4a:ec:5a:37:d0:9d:ca:a7:12:ac:e2:
10:27:27:cc:ec:aa:3b:5e:9d:d0:33:b7:8d:c3:52:
6e:63:d5:9a:e9:27:a5:72:e1:17:5e:88:8d:7f:0b:
4f:0a:e2:35:ab:04:2e:30:b0:45:19:b6:3c:b5:18:
96:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A8:DC:6A:EB:8A:49:C9:C9:6C:F9:5E:4E:C8:0A:A7:EF:AB:FE:C2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DajcauuKScnJbPleTsgKp--r_sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.104.0/22
IPv6:
2a00:1728:1e::/48
Signature Algorithm: sha256WithRSAEncryption
44:ec:58:ae:20:b8:48:ad:fe:49:71:e4:9e:90:59:d3:2f:c3:
c7:90:d0:f4:2e:b6:d1:06:83:c1:32:a5:17:3d:9c:82:47:34:
7b:4a:5f:c2:74:37:a0:10:4a:16:2e:72:e1:f5:12:2e:32:d5:
84:25:5d:b5:1c:1e:00:92:a3:71:c8:c0:20:33:62:26:50:6b:
1a:11:14:fa:30:38:8c:d8:5f:2d:fb:56:0d:4a:9d:82:eb:c2:
20:6e:d4:25:82:30:df:74:37:82:9e:98:14:fb:3f:5e:3b:84:
d0:93:5c:9d:74:e9:10:35:72:5e:12:0d:99:ab:e9:de:e5:96:
bc:a8:c3:68:91:ce:79:10:51:b1:04:c3:f3:69:aa:10:70:1d:
e5:26:00:93:fa:8e:97:bb:17:3a:8f:6b:5c:4e:d4:89:b4:95:
39:c1:56:d2:6b:89:1d:19:b2:8a:b6:3e:89:83:23:24:ef:8a:
a8:07:57:f9:e2:9f:be:5f:15:24:28:66:b2:41:f9:b1:2d:1b:
85:15:47:c4:10:07:c2:49:9a:8c:31:c5:80:2a:45:5d:d1:fa:
e1:d3:29:57:f1:e5:59:54:fc:e2:41:12:08:29:3b:ae:88:fe:
b4:15:60:b2:c4:f7:7a:7c:e1:84:68:d6:c1:78:86:d8:e1:d4:
2f:04:f9:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3QJgdUTf6rAUkK8Bi/MAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGE4ZGM2YWViOGE0OWM5Yzk2Y2Y5NWU0ZWM4MGFhN2VmYWJmZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1ch1oChy6w1XU0zYj/SHVy9+eBL
c0X4gd5WGbDXFsZv3MX/x7vy5xNuQzUYQ1y7SatzZqmmErTns/V9BTZMXzsytWYM
IH7r8didAJAPpCqIbXaswBIUGEDpeGntYbGl24Hv447CqaynketgnBElOGbCGGai
CmeIYHsMkPzB0g+YDne2AqgVTGLGdxGyGi7c6k0vDLlXDKgzQ/cbjpkHnBOjI5iN
6QVq94c1kW4CjxgoNtOu5CWdXkzTtfSBZomdc2uQs2+pSuxaN9CdyqcSrOIQJyfM
7Ko7Xp3QM7eNw1JuY9Wa6SelcuEXXoiNfwtPCuI1qwQuMLBFGbY8tRiWsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA2o3GrriknJyWz5Xk7ICqfvq/7CMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRGFqY2F1dUtTY25KYlBsZVRzZ0twLS1yX3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCXXtoMA8E
AgACMAkDBwAqABcoAB4wDQYJKoZIhvcNAQELBQADggEBAETsWK4guEit/klx5J6Q
WdMvw8eQ0PQuttEGg8EypRc9nIJHNHtKX8J0N6AQShYucuH1Ei4y1YQlXbUcHgCS
o3HIwCAzYiZQaxoRFPowOIzYXy37Vg1KnYLrwiBu1CWCMN90N4KemBT7P147hNCT
XJ106RA1cl4SDZmr6d7llryow2iRznkQUbEEw/NpqhBwHeUmAJP6jpe7FzqPa1xO
1Im0lTnBVtJriR0Zsoq2PomDIyTviqgHV/nin75fFSQoZrJB+bEtG4UVR8QQB8JJ
mowxxYAqRV3R+uHTKVfx5VlU/OJBEggpO66I/rQVYLLE93p84YRo1sF4htjh1C8E
+YA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:35:57 2024 by rpki-client on console-ams.rpki-client.org