Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/Y9-5OB6sAH2hvTY8KhQ7Bfj_dkg.roa
File: Y9-5OB6sAH2hvTY8KhQ7Bfj_dkg.roa (raw, json)
Hash identifier: L7cP2DeB0qDZnPyY5RlG+VPi+0uuLck6T+YterajaT4=
Subject key identifier: 63:DF:B9:38:1E:AC:00:7D:A1:BD:36:3C:2A:14:3B:05:F8:FF:76:48
Certificate issuer: /CN=75bce8f08b5efc44afaf8d7063e1ae951825142b
Certificate serial: 018CC3B734A7147AA602197DB0A9AC2C80FA
Authority key identifier: 75:BC:E8:F0:8B:5E:FC:44:AF:AF:8D:70:63:E1:AE:95:18:25:14:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dbzo8Ite_ESvr41wY-GulRglFCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/Y9-5OB6sAH2hvTY8KhQ7Bfj_dkg.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198916
IP address blocks: 178.23.201.0/24 maxlen: 24
178.23.204.0/23 maxlen: 24
185.109.68.0/22 maxlen: 24
178.23.206.0/24 maxlen: 24
178.23.206.0/23 maxlen: 24
178.23.202.0/23 maxlen: 24
178.23.200.0/24 maxlen: 24
178.23.207.0/24 maxlen: 24
2a01:6080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/dbzo8Ite_ESvr41wY-GulRglFCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/dbzo8Ite_ESvr41wY-GulRglFCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/dbzo8Ite_ESvr41wY-GulRglFCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:34:a7:14:7a:a6:02:19:7d:b0:a9:ac:2c:80:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75bce8f08b5efc44afaf8d7063e1ae951825142b
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63dfb9381eac007da1bd363c2a143b05f8ff7648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c9:c8:5c:71:cb:4c:53:fd:c4:76:1c:09:b7:
b7:c0:8d:80:74:ad:f4:8e:68:ea:eb:ff:f1:fa:b1:
a1:21:e2:9b:74:17:f6:18:cc:d5:b6:d3:d2:e5:7e:
be:52:6a:0e:0f:25:81:15:64:4e:49:3b:e8:6f:ac:
1f:45:20:52:a3:85:d3:54:06:45:76:62:6f:5d:2a:
d3:cc:16:73:d7:37:16:7c:8f:cd:46:d5:7a:59:17:
00:88:c2:4b:87:eb:59:4b:87:9c:ac:f4:0b:5b:c6:
c7:7a:70:81:e6:40:f9:ac:8b:e6:23:94:4e:74:ca:
39:7b:69:d8:9f:f8:3e:a4:4c:93:ab:ce:57:a2:bb:
2b:86:bd:da:3f:b8:84:52:e6:b0:a7:07:59:45:d3:
91:42:71:f6:ba:19:a4:53:6c:96:29:f0:85:be:a4:
8a:9e:da:77:86:2c:a8:07:c7:79:cd:00:63:85:78:
64:a1:d1:7d:23:de:f0:6f:7d:d7:3a:20:56:9d:c3:
50:4a:29:9d:36:50:d6:7c:1b:8c:44:e4:47:f7:47:
6b:3d:a6:05:c8:51:4f:62:0b:73:95:d8:99:3d:2b:
79:b8:6c:bb:d3:29:de:f8:52:ce:ed:ea:eb:e0:05:
0c:8a:c9:2d:1c:bf:84:05:a0:fb:85:d3:4f:1d:c6:
cd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DF:B9:38:1E:AC:00:7D:A1:BD:36:3C:2A:14:3B:05:F8:FF:76:48
X509v3 Authority Key Identifier:
keyid:75:BC:E8:F0:8B:5E:FC:44:AF:AF:8D:70:63:E1:AE:95:18:25:14:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbzo8Ite_ESvr41wY-GulRglFCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/Y9-5OB6sAH2hvTY8KhQ7Bfj_dkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3a3e9d-6d7f-4923-afef-136c9ffcb82c/1/dbzo8Ite_ESvr41wY-GulRglFCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.200.0/21
185.109.68.0/22
IPv6:
2a01:6080::/32
Signature Algorithm: sha256WithRSAEncryption
73:a3:64:66:6b:c8:e2:70:db:68:61:90:ed:fd:d0:ad:a5:f8:
e5:41:96:f6:03:69:80:92:e6:95:ef:4b:a8:4b:ad:bd:44:17:
9c:30:d3:4c:04:97:a1:da:e3:2e:b6:73:2e:9e:b4:2b:af:35:
9e:f6:a1:16:57:cf:6e:65:04:14:1c:8a:5a:ea:79:93:65:3b:
80:f4:e2:eb:a2:c7:ef:93:94:06:07:04:20:4c:50:d0:f7:c2:
75:f4:86:68:01:18:84:f1:3a:ff:70:94:92:e5:1a:24:df:22:
7e:fa:57:7f:dd:d4:d3:75:81:fb:eb:52:65:dc:71:af:9f:8c:
55:63:1a:d8:e4:93:8c:d9:13:c5:06:c6:50:f8:41:17:34:7a:
76:f7:26:09:1b:06:e1:e2:89:7c:5e:cc:3d:99:c2:25:aa:80:
ab:90:df:3a:f7:0b:68:7b:29:b6:c2:9a:cc:4b:f4:58:c5:84:
06:8e:dd:58:b4:0d:4b:5d:32:6d:23:7e:4a:57:b9:dc:be:84:
22:71:e9:c6:0c:f2:fc:bd:f5:21:2f:82:59:8b:f0:e0:48:9f:
32:61:6a:f2:06:b5:02:be:64:4d:74:e2:5f:80:f6:38:a5:00:
4b:2b:c3:4b:75:47:d9:a8:2c:48:f4:3b:db:52:a9:de:cd:74:
e4:1a:da:78
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtzSnFHqmAhl9sKmsLID6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YmNlOGYwOGI1ZWZjNDRhZmFmOGQ3MDYzZTFhZTk1MTgy
NTE0MmIwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2RmYjkzODFlYWMwMDdkYTFiZDM2M2MyYTE0M2IwNWY4ZmY3NjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8nIXHHLTFP9xHYcCbe3wI2AdK30
jmjq6//x+rGhIeKbdBf2GMzVttPS5X6+UmoODyWBFWROSTvob6wfRSBSo4XTVAZF
dmJvXSrTzBZz1zcWfI/NRtV6WRcAiMJLh+tZS4ecrPQLW8bHenCB5kD5rIvmI5RO
dMo5e2nYn/g+pEyTq85Xorsrhr3aP7iEUuawpwdZRdORQnH2uhmkU2yWKfCFvqSK
ntp3hiyoB8d5zQBjhXhkodF9I97wb33XOiBWncNQSimdNlDWfBuMRORH90drPaYF
yFFPYgtzldiZPSt5uGy70yne+FLO7err4AUMisktHL+EBaD7hdNPHcbNCQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGPfuTgerAB9ob02PCoUOwX4/3ZIMB8GA1UdIwQY
MBaAFHW86PCLXvxEr6+NcGPhrpUYJRQrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJ6bzhJdGVfRVN2cjQxd1ktR3VsUmdsRkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zYTNlOWQtNmQ3Zi00OTIzLWFmZWYt
MTM2YzlmZmNiODJjLzEvWTktNU9CNnNBSDJodlRZOEtoUTdCZmpfZGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zYTNlOWQtNmQ3Zi00OTIzLWFmZWYtMTM2YzlmZmNiODJj
LzEvZGJ6bzhJdGVfRVN2cjQxd1ktR3VsUmdsRkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDshfIAwQC
uW1EMA0EAgACMAcDBQAqAWCAMA0GCSqGSIb3DQEBCwUAA4IBAQBzo2Rma8jicNto
YZDt/dCtpfjlQZb2A2mAkuaV70uoS629RBecMNNMBJeh2uMutnMunrQrrzWe9qEW
V89uZQQUHIpa6nmTZTuA9OLrosfvk5QGBwQgTFDQ98J19IZoARiE8Tr/cJSS5Rok
3yJ++ld/3dTTdYH761Jl3HGvn4xVYxrY5JOM2RPFBsZQ+EEXNHp29yYJGwbh4ol8
Xsw9mcIlqoCrkN869wtoeym2wprMS/RYxYQGjt1YtA1LXTJtI35KV7ncvoQicenG
DPL8vfUhL4JZi/DgSJ8yYWryBrUCvmRNdOJfgPY4pQBLK8NLdUfZqCxI9DvbUqne
zXTkGtp4
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:38 2024 by rpki-client on console-fra.rpki-client.org