Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/DGeo2clsdX6iYOeFX9aBHcuZbZY.roa
File: DGeo2clsdX6iYOeFX9aBHcuZbZY.roa (raw, json)
Hash identifier: l1F9P+JNWkD9m5ZiiuPBd/J8cVlh1x/27ZXW+FcvMIU=
Subject key identifier: 0C:67:A8:D9:C9:6C:75:7E:A2:60:E7:85:5F:D6:81:1D:CB:99:6D:96
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0192D2737D25BFAE0AEA6DAFF9BDD53A7FAC
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/DGeo2clsdX6iYOeFX9aBHcuZbZY.roa
Signing time: Mon 28 Oct 2024 09:27:16 +0000
ROA not before: Mon 28 Oct 2024 09:27:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60150
IP address blocks: 45.12.100.0/22 maxlen: 24
185.96.56.0/22 maxlen: 24
185.136.16.0/22 maxlen: 24
2a05:ff00::/29 maxlen: 48
2a07:5b40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 20:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:73:7d:25:bf:ae:0a:ea:6d:af:f9:bd:d5:3a:7f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Oct 28 09:27:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c67a8d9c96c757ea260e7855fd6811dcb996d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e7:3d:69:2b:3f:12:53:84:f3:9a:7c:1a:f7:
71:18:12:68:ef:c9:ce:78:60:ce:ad:09:ea:b7:cc:
03:d0:de:b7:2e:3f:85:91:18:6a:08:2a:01:b6:2a:
f6:0b:bc:84:f8:3e:ab:29:98:5e:a1:4b:d0:cc:7b:
1e:a6:b1:0a:00:08:12:28:f1:ee:9f:12:18:dd:23:
da:cd:56:8a:16:22:25:b7:39:35:a6:c1:2c:72:f5:
4d:42:53:43:6e:fa:66:b1:9c:40:54:44:0a:9f:7c:
4e:ed:5c:41:42:d2:39:03:e3:f8:ab:8d:6e:57:48:
9b:01:d1:02:da:75:90:1a:de:8c:8b:54:21:ba:db:
63:04:01:36:e5:c1:00:b8:1a:e3:d0:d6:10:73:80:
41:8b:70:fb:09:f5:c9:f6:0b:12:90:e9:84:35:4e:
c6:22:b3:6b:02:3c:54:ba:c8:ee:b6:97:c9:a4:aa:
33:60:80:7a:b9:b7:ac:23:e5:64:02:8b:b2:a4:7a:
de:54:e1:97:ea:77:5b:cc:12:f7:1c:73:12:79:d5:
91:56:cf:30:4f:ef:db:be:ee:58:3a:44:12:11:c0:
07:c4:71:c7:a7:64:00:5d:cd:18:67:24:13:64:54:
8b:86:7e:7f:f5:e5:c9:3f:0a:82:a0:59:44:7a:72:
17:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:67:A8:D9:C9:6C:75:7E:A2:60:E7:85:5F:D6:81:1D:CB:99:6D:96
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/DGeo2clsdX6iYOeFX9aBHcuZbZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.100.0/22
185.96.56.0/22
185.136.16.0/22
IPv6:
2a05:ff00::/29
2a07:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
82:b1:ac:24:2e:91:90:9c:d1:58:c3:41:dd:c8:76:c0:5b:06:
e3:ad:60:36:2b:3e:20:33:13:aa:f7:17:19:2e:ef:cb:a4:36:
62:7d:15:90:54:32:fc:5b:65:b0:7b:ba:c8:1b:6c:66:2b:50:
b0:40:17:eb:aa:01:31:51:89:ef:25:40:0f:3b:f0:58:53:69:
32:b3:c6:4a:68:87:92:d3:94:4f:b8:2e:97:0e:68:ca:ca:6e:
f6:e7:da:e3:01:92:55:9e:ee:50:81:9f:b6:7a:d6:a1:89:8f:
88:73:af:e8:f9:46:cd:8c:12:11:42:0f:66:71:b9:c8:53:d9:
93:f4:49:bd:4a:be:cf:bb:d2:cc:37:f3:36:83:94:cb:27:03:
8d:13:71:db:16:0c:f4:80:9b:7c:57:b3:76:44:31:eb:95:0a:
00:cf:ac:d4:69:dc:63:d1:58:f9:a8:c0:4a:c6:35:14:b7:d5:
53:a6:09:e8:fb:4b:99:8f:fa:e1:75:bb:15:55:3a:62:cf:c0:
ac:cf:7b:53:8e:3e:86:57:b2:96:6b:99:e2:f2:dd:bd:df:8d:
29:29:a1:64:1b:ac:bd:80:ae:67:da:21:f1:f7:f5:75:be:c4:
e1:7f:b2:4e:2a:48:a5:9f:1b:98:12:c9:13:84:a6:34:fa:b6:
a3:e8:95:7a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZLSc30lv64K6m2v+b3VOn+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQxMDI4MDkyNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzY3YThkOWM5NmM3NTdlYTI2MGU3ODU1ZmQ2ODExZGNiOTk2ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uc9aSs/ElOE85p8GvdxGBJo78nO
eGDOrQnqt8wD0N63Lj+FkRhqCCoBtir2C7yE+D6rKZheoUvQzHseprEKAAgSKPHu
nxIY3SPazVaKFiIltzk1psEscvVNQlNDbvpmsZxAVEQKn3xO7VxBQtI5A+P4q41u
V0ibAdEC2nWQGt6Mi1QhuttjBAE25cEAuBrj0NYQc4BBi3D7CfXJ9gsSkOmENU7G
IrNrAjxUusjutpfJpKozYIB6ubesI+VkAouypHreVOGX6ndbzBL3HHMSedWRVs8w
T+/bvu5YOkQSEcAHxHHHp2QAXc0YZyQTZFSLhn5/9eXJPwqCoFlEenIXEwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFAxnqNnJbHV+omDnhV/WgR3LmW2WMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvREdlbzJjbHNkWDZpWU9lRlg5YUJIY3VaYlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLQxkAwQC
uWA4AwQCuYgQMBQEAgACMA4DBQMqBf8AAwUDKgdbQDANBgkqhkiG9w0BAQsFAAOC
AQEAgrGsJC6RkJzRWMNB3ch2wFsG461gNis+IDMTqvcXGS7vy6Q2Yn0VkFQy/Ftl
sHu6yBtsZitQsEAX66oBMVGJ7yVADzvwWFNpMrPGSmiHktOUT7gulw5oyspu9ufa
4wGSVZ7uUIGftnrWoYmPiHOv6PlGzYwSEUIPZnG5yFPZk/RJvUq+z7vSzDfzNoOU
yycDjRNx2xYM9ICbfFezdkQx65UKAM+s1GncY9FY+ajASsY1FLfVU6YJ6PtLmY/6
4XW7FVU6Ys/ArM97U44+hleylmuZ4vLdvd+NKSmhZBusvYCuZ9oh8ff1db7E4X+y
TipIpZ8bmBLJE4SmNPq2o+iVeg==
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:52:18 2024 by rpki-client on console-fra.rpki-client.org