Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/dRIZGAaw1E6LsENhH7SdNiperGs.roa
File: dRIZGAaw1E6LsENhH7SdNiperGs.roa (raw, json)
Hash identifier: gUmlB2Kb7os3mkh3MxnUrSI/J/dzIBQtY6fsocbuk2s=
Subject key identifier: 75:12:19:18:06:B0:D4:4E:8B:B0:43:61:1F:B4:9D:36:2A:5E:AC:6B
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56E129B91AA24FE5E3DD27D87D001C2
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/dRIZGAaw1E6LsENhH7SdNiperGs.roa
Signing time: Mon 01 Jan 2024 14:29:34 +0000
ROA not before: Mon 01 Jan 2024 14:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209813
IP address blocks: 5.8.66.0/24 maxlen: 24
5.8.67.0/24 maxlen: 24
5.188.50.0/24 maxlen: 24
5.188.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:12:9b:91:aa:24:fe:5e:3d:d2:7d:87:d0:01:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7512191806b0d44e8bb043611fb49d362a5eac6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:80:53:06:2c:31:a3:1c:94:65:87:7f:54:95:
16:32:e0:a9:ef:9a:18:d4:21:f6:1b:0b:8d:90:ad:
25:97:27:21:bf:d5:e2:cf:b3:b5:dc:9b:9b:1b:8a:
da:e8:74:2d:2e:06:fa:4a:ef:f6:43:aa:d4:dd:41:
04:82:69:97:fe:74:d9:1d:9c:24:23:5b:b6:74:eb:
b5:b8:53:f4:f6:6a:0b:58:7b:8c:41:a7:f6:8e:9a:
02:46:75:8d:94:72:ef:79:2f:cd:71:92:75:39:0f:
af:58:f7:16:da:be:fd:13:3f:3b:24:6c:4b:fa:b5:
df:6c:ec:e7:39:9b:88:e3:84:b1:fb:85:a8:e3:4d:
54:37:be:93:33:d3:9b:47:a2:f4:1e:a6:ee:84:f9:
3b:25:d0:8e:2a:82:e0:f0:b0:51:ae:f8:78:40:93:
0c:9e:06:28:1a:65:ae:42:fe:c9:64:fc:c8:ca:c4:
8f:3e:b8:d4:a4:24:b7:64:d4:4c:c9:af:14:62:e4:
c7:5a:16:76:dc:27:8c:ac:a7:73:b3:ba:6e:a8:fe:
1e:c2:4c:fe:75:3c:62:e8:48:37:3e:c2:14:44:07:
14:bf:00:24:4e:08:1f:43:75:39:61:7e:77:ca:c9:
8f:0b:87:76:f7:9e:2a:a1:7f:a4:76:46:b3:67:3b:
6a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:12:19:18:06:B0:D4:4E:8B:B0:43:61:1F:B4:9D:36:2A:5E:AC:6B
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/dRIZGAaw1E6LsENhH7SdNiperGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.66.0/23
5.188.50.0/24
5.188.195.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:fa:4c:de:62:f4:e1:a2:62:1e:e1:8d:23:f1:b4:52:d5:90:
c8:e9:dc:11:9d:30:57:5d:8d:4b:10:57:a9:ef:90:1d:d9:3f:
fc:3f:3c:9c:26:a2:5a:80:d7:44:05:76:34:ee:29:af:c1:9c:
d3:b6:55:18:91:3c:ca:0f:e2:98:c8:d6:f6:0c:70:be:ad:97:
cc:91:d2:9e:d1:72:f1:de:c3:34:b2:76:8a:64:07:a8:46:de:
81:50:ed:db:c4:d8:c6:32:52:cc:1f:35:c9:6c:2a:c8:2b:cc:
9a:08:cf:c4:39:8f:5c:83:a8:0a:9a:f4:5a:91:e1:cf:f7:9b:
a9:e6:a0:31:d8:b6:11:c7:f9:ce:2a:23:e6:bb:73:a7:c2:56:
f1:b7:fe:c6:1b:a7:d5:e1:73:f7:3e:af:50:66:43:d7:7c:03:
76:17:80:68:47:d5:56:49:54:7f:48:be:63:bc:60:85:10:6f:
64:d4:cb:a2:9a:b2:91:a8:65:8b:29:b6:7b:be:f7:f4:1f:03:
b5:70:bf:d0:27:f1:18:3f:37:7f:1e:76:f3:18:99:fd:99:21:
d8:33:09:70:1a:ca:0a:72:41:bb:70:3d:b0:42:0c:a2:3f:5d:
bb:24:c7:53:4a:e1:a9:1a:e9:ef:10:71:bb:da:66:1b:e1:53:
eb:93:da:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbhKbkaok/l490n2H0AHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTEyMTkxODA2YjBkNDRlOGJiMDQzNjExZmI0OWQzNjJhNWVhYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoBTBiwxoxyUZYd/VJUWMuCp75oY
1CH2GwuNkK0llychv9Xiz7O13JubG4ra6HQtLgb6Su/2Q6rU3UEEgmmX/nTZHZwk
I1u2dOu1uFP09moLWHuMQaf2jpoCRnWNlHLveS/NcZJ1OQ+vWPcW2r79Ez87JGxL
+rXfbOznOZuI44Sx+4Wo401UN76TM9ObR6L0HqbuhPk7JdCOKoLg8LBRrvh4QJMM
ngYoGmWuQv7JZPzIysSPPrjUpCS3ZNRMya8UYuTHWhZ23CeMrKdzs7puqP4ewkz+
dTxi6Eg3PsIURAcUvwAkTggfQ3U5YX53ysmPC4d2954qoX+kdkazZztqLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHUSGRgGsNROi7BDYR+0nTYqXqxrMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvZFJJWkdBYXcxRTZMc0VOaEg3U2ROaXBlckdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBQhCAwQA
BbwyAwQABbzDMA0GCSqGSIb3DQEBCwUAA4IBAQCx+kzeYvThomIe4Y0j8bRS1ZDI
6dwRnTBXXY1LEFep75Ad2T/8PzycJqJagNdEBXY07imvwZzTtlUYkTzKD+KYyNb2
DHC+rZfMkdKe0XLx3sM0snaKZAeoRt6BUO3bxNjGMlLMHzXJbCrIK8yaCM/EOY9c
g6gKmvRakeHP95up5qAx2LYRx/nOKiPmu3Onwlbxt/7GG6fV4XP3Pq9QZkPXfAN2
F4BoR9VWSVR/SL5jvGCFEG9k1MuimrKRqGWLKbZ7vvf0HwO1cL/QJ/EYPzd/Hnbz
GJn9mSHYMwlwGsoKckG7cD2wQgyiP127JMdTSuGpGunvEHG72mYb4VPrk9pA
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:22:41 2024 by rpki-client on console-fra.rpki-client.org