Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/DJBN3BLlvNM7Bt2epMDGMpyF4vI.roa
File: DJBN3BLlvNM7Bt2epMDGMpyF4vI.roa (raw, json)
Hash identifier: kUudPzQ0LE1yyGEVIuzF5qd67JnaLYx+kdElqCvtlWU=
Subject key identifier: 0C:90:4D:DC:12:E5:BC:D3:3B:06:DD:9E:A4:C0:C6:32:9C:85:E2:F2
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 018CC727383CB50559F71734FB5AFF32A649
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/DJBN3BLlvNM7Bt2epMDGMpyF4vI.roa
Signing time: Mon 01 Jan 2024 22:31:25 +0000
ROA not before: Mon 01 Jan 2024 22:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208867
IP address blocks: 45.80.96.0/22 maxlen: 22
45.85.128.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:38:3c:b5:05:59:f7:17:34:fb:5a:ff:32:a6:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Jan 1 22:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c904ddc12e5bcd33b06dd9ea4c0c6329c85e2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:69:2f:da:3c:af:6e:0b:2b:3d:28:80:fb:36:
57:64:82:fa:a9:54:0e:af:6e:64:93:b1:a2:90:92:
34:3c:e7:c7:92:72:27:56:c9:23:e2:b3:99:50:da:
56:85:04:82:6b:c6:0e:c0:e1:db:23:72:d5:d9:67:
6d:c9:90:20:94:1d:5d:9f:6f:eb:d8:52:86:47:d9:
da:ee:41:68:53:d9:5d:df:63:8b:58:ff:39:aa:40:
99:73:33:c8:04:a6:cd:11:94:74:59:9a:7f:df:f2:
87:95:dc:93:0b:7a:d3:bb:0b:15:1d:44:89:ed:90:
16:b2:81:8c:27:12:a7:92:d6:da:c3:13:d1:85:27:
a9:23:60:ab:2d:83:df:19:99:57:a3:87:5f:12:8e:
2a:19:cb:e6:25:67:53:f2:8e:20:2a:86:85:85:af:
8c:7d:5d:9d:ec:94:81:15:7b:d4:39:b6:7a:da:65:
20:69:f0:c2:11:b4:75:1e:38:ed:d8:a3:33:c1:99:
c0:35:bd:f1:a3:73:7e:86:fe:71:c0:31:8e:ae:8e:
f3:99:3f:28:05:c1:b2:7b:8a:dd:54:b3:ba:2d:5a:
4b:ab:64:2c:92:4b:71:10:90:a3:a8:94:6b:8c:1e:
2f:e8:4e:9a:6f:19:49:b6:96:09:df:10:1f:62:ec:
d0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:90:4D:DC:12:E5:BC:D3:3B:06:DD:9E:A4:C0:C6:32:9C:85:E2:F2
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/DJBN3BLlvNM7Bt2epMDGMpyF4vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.96.0/22
45.85.128.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:b5:a7:7d:5b:53:61:88:ee:5d:94:43:91:ce:f8:f5:9f:b5:
35:20:6d:fe:41:ba:d3:6c:26:a8:f4:2b:50:aa:45:e7:41:e9:
41:c5:b9:7b:d3:43:f8:60:cf:fe:cf:d6:65:66:5c:2a:df:dd:
a8:75:a3:05:f7:bd:09:66:39:5b:40:60:97:7d:0e:12:7a:f7:
fb:9a:e0:32:78:31:53:65:d2:05:86:6e:1b:69:ea:2b:43:d4:
b4:e1:98:de:98:ec:43:41:b0:fa:e4:1d:e2:b5:e0:93:86:ce:
45:cb:1c:fe:a5:7c:07:f9:79:b6:06:ca:3d:09:18:4e:0d:7e:
dc:f7:2e:2c:d4:c5:a5:e9:b3:32:4c:80:d9:f1:db:6b:a8:1f:
ca:c0:65:8c:45:91:b6:d8:d1:b3:02:73:10:14:08:3a:69:92:
5e:75:22:61:42:49:c5:c8:24:9f:6b:0f:91:70:bc:24:68:4c:
1f:91:a4:7b:b0:e2:20:e1:0e:e4:e1:5d:e3:d5:28:c5:e8:c1:
d0:cb:8c:34:c3:6e:98:16:5b:c5:b6:e6:06:93:0d:2e:1f:51:
0e:33:47:18:24:53:66:ff:44:96:44:6c:72:cf:2c:d5:b2:1d:
79:52:8b:47:1d:b0:79:ca:e8:12:a1:09:ae:79:f5:20:65:fa:
63:ee:28:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJzg8tQVZ9xc0+1r/MqZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjQwMTAxMjIzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzkwNGRkYzEyZTViY2QzM2IwNmRkOWVhNGMwYzYzMjljODVlMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2kv2jyvbgsrPSiA+zZXZIL6qVQO
r25kk7GikJI0POfHknInVskj4rOZUNpWhQSCa8YOwOHbI3LV2WdtyZAglB1dn2/r
2FKGR9na7kFoU9ld32OLWP85qkCZczPIBKbNEZR0WZp/3/KHldyTC3rTuwsVHUSJ
7ZAWsoGMJxKnktbawxPRhSepI2CrLYPfGZlXo4dfEo4qGcvmJWdT8o4gKoaFha+M
fV2d7JSBFXvUObZ62mUgafDCEbR1Hjjt2KMzwZnANb3xo3N+hv5xwDGOro7zmT8o
BcGye4rdVLO6LVpLq2QskktxEJCjqJRrjB4v6E6abxlJtpYJ3xAfYuzQWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAyQTdwS5bzTOwbdnqTAxjKcheLyMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvREpCTjNCTGx2Tk03QnQyZXBNREdNcHlGNHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVBgAwQB
LVWAMA0GCSqGSIb3DQEBCwUAA4IBAQCxtad9W1NhiO5dlEORzvj1n7U1IG3+QbrT
bCao9CtQqkXnQelBxbl700P4YM/+z9ZlZlwq392odaMF970JZjlbQGCXfQ4Sevf7
muAyeDFTZdIFhm4baeorQ9S04ZjemOxDQbD65B3iteCThs5Fyxz+pXwH+Xm2Bso9
CRhODX7c9y4s1MWl6bMyTIDZ8dtrqB/KwGWMRZG22NGzAnMQFAg6aZJedSJhQknF
yCSfaw+RcLwkaEwfkaR7sOIg4Q7k4V3j1SjF6MHQy4w0w26YFlvFtuYGkw0uH1EO
M0cYJFNm/0SWRGxyzyzVsh15UotHHbB5yugSoQmuefUgZfpj7ijC
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:05:59 2024 by rpki-client on console-fra.rpki-client.org