Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/0diCL6YnGvC8QcytYu8N8Ny3qJM.roa
File: 0diCL6YnGvC8QcytYu8N8Ny3qJM.roa (raw, json)
Hash identifier: sXVu/6kKr/7x0fFblSoyHceUQ8zM1i7ggAWV0CWrfm4=
Subject key identifier: D1:D8:82:2F:A6:27:1A:F0:BC:41:CC:AD:62:EF:0D:F0:DC:B7:A8:93
Certificate issuer: /CN=9280d3e4672968f86e8955db620cb765db9d7142
Certificate serial: 018CC8015208FEE58CE9F174E33C44C1D315
Authority key identifier: 92:80:D3:E4:67:29:68:F8:6E:89:55:DB:62:0C:B7:65:DB:9D:71:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/koDT5GcpaPhuiVXbYgy3ZdudcUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/0diCL6YnGvC8QcytYu8N8Ny3qJM.roa
Signing time: Tue 02 Jan 2024 02:29:38 +0000
ROA not before: Tue 02 Jan 2024 02:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 84.54.26.0/23 maxlen: 23
213.217.28.0/24 maxlen: 24
178.212.72.0/24 maxlen: 24
185.248.133.0/24 maxlen: 24
84.54.24.0/23 maxlen: 23
84.54.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/koDT5GcpaPhuiVXbYgy3ZdudcUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:52:08:fe:e5:8c:e9:f1:74:e3:3c:44:c1:d3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9280d3e4672968f86e8955db620cb765db9d7142
Validity
Not Before: Jan 2 02:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1d8822fa6271af0bc41ccad62ef0df0dcb7a893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5c:d2:53:9f:58:6b:6c:98:ef:8c:7a:b1:4c:
af:60:27:75:03:45:47:8c:e3:15:c2:6a:7f:a2:ad:
02:df:c5:41:bb:6c:17:79:03:8e:92:05:f8:4a:d2:
b8:44:8b:4c:90:ef:a1:53:52:8d:f8:c5:80:47:e4:
6b:27:66:c1:43:d7:b3:f7:19:f9:bb:f2:84:b6:44:
06:ad:6b:e0:c4:db:dd:ea:37:a9:15:63:0d:ed:28:
e4:1a:f2:03:d1:0c:58:9d:82:ef:b5:c9:4e:91:90:
a3:bb:a7:2d:d9:c1:c2:dd:a8:d2:c1:44:0d:6d:c0:
f0:92:af:f8:fb:89:51:7a:b4:19:2d:7c:41:ec:97:
e9:66:ce:31:d3:ab:17:7c:74:d0:d0:9f:86:13:ff:
2d:40:f0:27:a4:4f:e4:06:94:82:54:2a:3c:2b:d6:
ef:bc:1f:5c:45:c8:2c:ec:e7:f5:91:96:0d:d7:53:
76:91:63:dc:21:d8:9d:5e:4f:55:85:45:f6:67:e9:
d0:d3:5b:11:8a:78:13:2e:a6:ec:ae:55:7c:ce:f9:
5d:9b:11:e8:96:2f:f6:89:cc:13:42:91:b8:db:08:
40:cc:f4:73:c9:59:e8:5d:00:c2:ec:53:9f:ba:ab:
65:35:9c:a7:bb:be:0d:7b:5c:f1:56:08:f2:dc:68:
76:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D8:82:2F:A6:27:1A:F0:BC:41:CC:AD:62:EF:0D:F0:DC:B7:A8:93
X509v3 Authority Key Identifier:
keyid:92:80:D3:E4:67:29:68:F8:6E:89:55:DB:62:0C:B7:65:DB:9D:71:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/koDT5GcpaPhuiVXbYgy3ZdudcUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/0diCL6YnGvC8QcytYu8N8Ny3qJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/59da50-aedb-4906-af19-090fe3da2433/1/koDT5GcpaPhuiVXbYgy3ZdudcUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.24.0/22
178.212.72.0/24
185.248.133.0/24
213.217.28.0/24
Signature Algorithm: sha256WithRSAEncryption
84:f8:2b:19:cc:49:07:f6:a5:1d:fe:cc:fc:1a:49:b1:8a:32:
d5:f7:d2:c5:42:be:72:d1:ab:1e:f8:69:20:8b:a3:26:1c:49:
ed:29:a5:2b:29:0a:2a:a7:d5:9b:ec:ad:ba:6b:8b:0f:63:04:
49:04:60:0b:e6:dc:06:be:b8:32:84:72:29:34:4d:f7:c1:ca:
75:82:13:ea:75:bd:6f:5c:06:43:8e:36:17:3f:e0:05:60:b4:
a1:f4:fc:96:73:a6:29:1e:72:6d:aa:54:ee:65:d5:ec:49:ed:
56:b7:ed:4c:4d:ec:3a:46:9f:da:73:3a:20:d5:de:6f:3f:2a:
f5:7d:df:93:f3:5c:18:d7:01:ee:cc:bb:6e:76:92:47:d7:fb:
8e:f3:7d:8b:e9:ac:3a:3a:5a:04:82:11:f2:d4:3a:6d:50:3d:
29:7f:61:fc:4c:e3:40:cc:47:47:7d:96:4c:2b:ab:64:0b:d3:
83:bf:43:0c:a1:6a:33:16:cd:03:b5:ae:27:7d:d2:c0:4e:49:
1f:2f:1c:86:95:63:b1:07:4a:07:27:b8:dc:cd:22:bc:de:ae:
2e:40:42:9c:17:e6:fa:37:10:a7:d7:7d:61:f3:48:53:0c:ce:
52:cc:2d:35:b1:f1:48:0a:7f:30:f5:4b:47:21:83:fd:94:33:
2f:9d:b9:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAVII/uWM6fF04zxEwdMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyODBkM2U0NjcyOTY4Zjg2ZTg5NTVkYjYyMGNiNzY1ZGI5
ZDcxNDIwHhcNMjQwMTAyMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWQ4ODIyZmE2MjcxYWYwYmM0MWNjYWQ2MmVmMGRmMGRjYjdhODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1zSU59Ya2yY74x6sUyvYCd1A0VH
jOMVwmp/oq0C38VBu2wXeQOOkgX4StK4RItMkO+hU1KN+MWAR+RrJ2bBQ9ez9xn5
u/KEtkQGrWvgxNvd6jepFWMN7SjkGvID0QxYnYLvtclOkZCju6ct2cHC3ajSwUQN
bcDwkq/4+4lRerQZLXxB7JfpZs4x06sXfHTQ0J+GE/8tQPAnpE/kBpSCVCo8K9bv
vB9cRcgs7Of1kZYN11N2kWPcIdidXk9VhUX2Z+nQ01sRingTLqbsrlV8zvldmxHo
li/2icwTQpG42whAzPRzyVnoXQDC7FOfuqtlNZynu74Ne1zxVgjy3Gh21wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNHYgi+mJxrwvEHMrWLvDfDct6iTMB8GA1UdIwQY
MBaAFJKA0+RnKWj4bolV22IMt2XbnXFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva29EVDVHY3BhUGh1aVZYYllneTNaZHVkY1VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81OWRhNTAtYWVkYi00OTA2LWFmMTkt
MDkwZmUzZGEyNDMzLzEvMGRpQ0w2WW5HdkM4UWN5dFl1OE44TnkzcUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81OWRhNTAtYWVkYi00OTA2LWFmMTktMDkwZmUzZGEyNDMz
LzEva29EVDVHY3BhUGh1aVZYYllneTNaZHVkY1VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCVDYYAwQA
stRIAwQAufiFAwQA1dkcMA0GCSqGSIb3DQEBCwUAA4IBAQCE+CsZzEkH9qUd/sz8
GkmxijLV99LFQr5y0ase+Gkgi6MmHEntKaUrKQoqp9Wb7K26a4sPYwRJBGAL5twG
vrgyhHIpNE33wcp1ghPqdb1vXAZDjjYXP+AFYLSh9PyWc6YpHnJtqlTuZdXsSe1W
t+1MTew6Rp/aczog1d5vPyr1fd+T81wY1wHuzLtudpJH1/uO832L6aw6OloEghHy
1DptUD0pf2H8TONAzEdHfZZMK6tkC9ODv0MMoWozFs0Dta4nfdLATkkfLxyGlWOx
B0oHJ7jczSK83q4uQEKcF+b6NxCn131h80hTDM5SzC01sfFICn8w9UtHIYP9lDMv
nbkW
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:45:24 2024 by rpki-client on console-fra.rpki-client.org