Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/DYm06eN1cgiv-b67OWDhcoB4Dcw.roa
File: DYm06eN1cgiv-b67OWDhcoB4Dcw.roa (raw, json)
Hash identifier: BCBzxnHvzElNzTrcN/t36KikgZYeD9kCqxoRi/0AUgw=
Subject key identifier: 0D:89:B4:E9:E3:75:72:08:AF:F9:BE:BB:39:60:E1:72:80:78:0D:CC
Certificate issuer: /CN=7f51228374742df544aa93058c5a3bd3d1642199
Certificate serial: 018CC5DC1AE5323F50DACDB5267715740BFA
Authority key identifier: 7F:51:22:83:74:74:2D:F5:44:AA:93:05:8C:5A:3B:D3:D1:64:21:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1Eig3R0LfVEqpMFjFo709FkIZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/DYm06eN1cgiv-b67OWDhcoB4Dcw.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201014
IP address blocks: 185.88.224.0/22 maxlen: 22
2a05:cf00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/f1Eig3R0LfVEqpMFjFo709FkIZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/f1Eig3R0LfVEqpMFjFo709FkIZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/f1Eig3R0LfVEqpMFjFo709FkIZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1a:e5:32:3f:50:da:cd:b5:26:77:15:74:0b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f51228374742df544aa93058c5a3bd3d1642199
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d89b4e9e3757208aff9bebb3960e17280780dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:93:dd:1a:5f:8c:db:98:ff:c3:98:11:61:b1:
90:b6:ec:7d:b8:6e:89:6a:02:58:f6:53:dd:f4:72:
10:bc:2b:e4:e2:b0:ff:03:f4:f7:e5:92:ff:a7:6c:
1e:3d:23:77:99:47:3a:83:7d:d9:b9:98:fe:6b:4d:
7d:0e:92:d2:83:3d:c5:b6:5f:9c:08:a8:54:af:ba:
8e:c2:61:ce:bf:4b:c9:82:4e:77:f6:01:69:25:d6:
4e:e4:db:65:6a:9f:8a:5b:aa:a4:89:76:54:a5:29:
b9:9c:a3:bf:6e:1d:62:30:a4:7f:2b:e4:d5:2e:40:
eb:14:b5:9b:f5:43:f1:28:93:24:7a:8c:3d:ba:f8:
53:5b:ca:79:dc:f3:9e:24:8e:29:67:d5:0c:ca:34:
4b:49:52:dc:ed:03:4f:c6:72:cb:41:f9:be:80:a6:
85:f0:51:6d:9f:4c:1e:cc:43:b8:f0:78:dd:eb:7e:
75:e5:0d:c7:c1:4e:5e:3d:90:34:f3:a6:c3:38:8d:
8d:f3:fc:02:46:13:e7:61:57:c7:a0:cd:31:a8:79:
f3:48:a6:3b:b2:2d:10:82:5d:c7:d3:7c:4d:30:1d:
a3:37:be:74:16:9c:82:53:7b:51:61:60:3d:a0:35:
35:4c:f4:b5:a3:a4:34:76:5c:7f:bd:f6:10:75:78:
5f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:89:B4:E9:E3:75:72:08:AF:F9:BE:BB:39:60:E1:72:80:78:0D:CC
X509v3 Authority Key Identifier:
keyid:7F:51:22:83:74:74:2D:F5:44:AA:93:05:8C:5A:3B:D3:D1:64:21:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1Eig3R0LfVEqpMFjFo709FkIZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/DYm06eN1cgiv-b67OWDhcoB4Dcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9385aa-1b79-4a02-a092-01eb03684f09/1/f1Eig3R0LfVEqpMFjFo709FkIZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.224.0/22
IPv6:
2a05:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
63:54:d7:28:86:3d:c5:7d:65:83:6d:d1:3f:9d:ee:99:e0:79:
3f:ee:cb:67:69:ab:4e:0c:f6:26:e0:cb:86:cc:d0:4e:2b:33:
da:4a:85:e8:57:71:85:02:58:9f:0e:bd:ac:06:13:17:3c:5d:
1e:44:59:bf:ae:52:4a:66:cd:cb:6f:b6:41:9b:1e:aa:39:b3:
78:0a:2e:37:98:63:9d:9c:48:77:ce:c4:fd:ae:38:2a:80:b6:
2f:00:9c:92:c3:96:5c:9b:f0:5b:3f:0b:f9:b7:8d:e9:e6:a7:
7a:b6:f2:6b:d3:bd:55:16:00:f8:00:36:43:35:97:9c:71:a6:
15:d6:c7:94:75:9d:76:88:b3:52:00:a1:ff:53:a8:fa:97:b7:
63:a1:56:18:00:00:d9:9c:52:b1:e9:42:38:34:d0:ad:c5:5f:
8f:35:dd:9e:25:16:2d:2b:27:68:ea:f8:c0:1e:32:5a:56:a6:
33:8c:0d:a6:8c:f6:c1:7d:78:0a:78:63:b3:f5:f0:ab:af:8f:
c0:29:3b:ca:db:49:ba:d0:f4:75:f7:71:ab:46:8b:28:6b:0e:
92:f6:27:c6:51:32:12:9f:60:ae:ab:1a:9d:30:24:8f:2b:76:
9a:19:8e:12:be:3f:b7:aa:3f:9a:6a:45:b6:40:2e:72:c4:f9:
ee:7f:8b:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3BrlMj9Q2s21JncVdAv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTEyMjgzNzQ3NDJkZjU0NGFhOTMwNThjNWEzYmQzZDE2
NDIxOTkwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDg5YjRlOWUzNzU3MjA4YWZmOWJlYmIzOTYwZTE3MjgwNzgwZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5PdGl+M25j/w5gRYbGQtux9uG6J
agJY9lPd9HIQvCvk4rD/A/T35ZL/p2wePSN3mUc6g33ZuZj+a019DpLSgz3Ftl+c
CKhUr7qOwmHOv0vJgk539gFpJdZO5Ntlap+KW6qkiXZUpSm5nKO/bh1iMKR/K+TV
LkDrFLWb9UPxKJMkeow9uvhTW8p53POeJI4pZ9UMyjRLSVLc7QNPxnLLQfm+gKaF
8FFtn0wezEO48Hjd63515Q3HwU5ePZA086bDOI2N8/wCRhPnYVfHoM0xqHnzSKY7
si0Qgl3H03xNMB2jN750FpyCU3tRYWA9oDU1TPS1o6Q0dlx/vfYQdXhftQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA2JtOnjdXIIr/m+uzlg4XKAeA3MMB8GA1UdIwQY
MBaAFH9RIoN0dC31RKqTBYxaO9PRZCGZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFFaWczUjBMZlZFcXBNRmpGbzcwOUZrSVprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS85Mzg1YWEtMWI3OS00YTAyLWEwOTIt
MDFlYjAzNjg0ZjA5LzEvRFltMDZlTjFjZ2l2LWI2N09XRGhjb0I0RGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS85Mzg1YWEtMWI3OS00YTAyLWEwOTItMDFlYjAzNjg0ZjA5
LzEvZjFFaWczUjBMZlZFcXBNRmpGbzcwOUZrSVprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVjgMA0E
AgACMAcDBQMqBc8AMA0GCSqGSIb3DQEBCwUAA4IBAQBjVNcohj3FfWWDbdE/ne6Z
4Hk/7stnaatODPYm4MuGzNBOKzPaSoXoV3GFAlifDr2sBhMXPF0eRFm/rlJKZs3L
b7ZBmx6qObN4Ci43mGOdnEh3zsT9rjgqgLYvAJySw5Zcm/BbPwv5t43p5qd6tvJr
071VFgD4ADZDNZeccaYV1seUdZ12iLNSAKH/U6j6l7djoVYYAADZnFKx6UI4NNCt
xV+PNd2eJRYtKydo6vjAHjJaVqYzjA2mjPbBfXgKeGOz9fCrr4/AKTvK20m60PR1
93GrRosoaw6S9ifGUTISn2CuqxqdMCSPK3aaGY4Svj+3qj+aakW2QC5yxPnuf4uI
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:47:44 2024 by rpki-client on console-fra.rpki-client.org