Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/DikBhCoOIRZsZwplda6_8maOOpk.roa
File: DikBhCoOIRZsZwplda6_8maOOpk.roa (raw, json)
Hash identifier: cnoOdIE3BOu9Ztu+bMtUiwzy542lBiQBZs5aTXAQb+Q=
Subject key identifier: 0E:29:01:84:2A:0E:21:16:6C:67:0A:65:75:AE:BF:F2:66:8E:3A:99
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 018CC64B6474015A90761711116939C14597
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/DikBhCoOIRZsZwplda6_8maOOpk.roa
Signing time: Mon 01 Jan 2024 18:31:18 +0000
ROA not before: Mon 01 Jan 2024 18:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6134
IP address blocks: 45.131.179.0/24 maxlen: 24
91.217.160.0/24 maxlen: 24
193.227.103.0/24 maxlen: 24
193.227.109.0/24 maxlen: 24
193.227.114.0/24 maxlen: 24
193.200.149.0/24 maxlen: 24
193.200.152.0/24 maxlen: 24
45.132.238.0/24 maxlen: 24
45.132.239.0/24 maxlen: 24
91.238.207.0/24 maxlen: 24
45.128.146.0/24 maxlen: 24
45.128.147.0/24 maxlen: 24
45.137.11.0/24 maxlen: 24
45.137.10.0/24 maxlen: 24
2a12:a380::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:64:74:01:5a:90:76:17:11:11:69:39:c1:45:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 18:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e2901842a0e21166c670a6575aebff2668e3a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d0:60:30:25:a2:b7:43:cf:22:0c:94:a7:72:
80:26:36:6d:6d:f1:37:9b:7e:aa:3c:db:4e:37:46:
a7:8e:d1:34:c3:38:71:ea:3d:26:df:67:90:78:12:
79:05:87:fb:50:d7:60:26:be:eb:ce:b0:ed:3d:39:
ee:c9:1f:8d:ad:3d:de:82:ce:3c:c4:48:05:55:b8:
87:60:70:26:f6:26:7d:5b:a6:7c:52:f8:2e:32:36:
78:fa:1c:f0:65:a6:96:37:c3:b1:22:e8:14:2c:f6:
05:03:d1:35:38:6f:34:b7:cd:34:dc:49:b2:b0:81:
c9:dd:9f:19:35:4d:0d:f7:49:96:f5:15:cb:3b:69:
ef:ab:ba:84:b0:c3:f6:49:de:a2:4d:3d:7b:5b:e2:
40:b5:c2:b1:9f:e4:9a:f6:ed:e9:f5:8d:9e:3a:51:
a9:06:79:9e:f7:7a:ba:1d:7b:37:d7:bb:c1:90:de:
ff:cb:47:8c:6a:a9:80:82:b2:5d:cb:31:1f:67:ab:
df:7c:e1:f8:06:19:14:b8:3e:c3:76:30:61:1c:fb:
2f:be:d5:e4:e7:38:19:b8:23:50:14:83:15:08:c3:
81:e1:cc:ff:ea:39:00:fa:8c:9a:8b:10:6d:cf:ad:
c8:0d:93:55:99:12:c2:d9:cc:bd:36:d0:52:84:ba:
14:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:29:01:84:2A:0E:21:16:6C:67:0A:65:75:AE:BF:F2:66:8E:3A:99
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/DikBhCoOIRZsZwplda6_8maOOpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.146.0/23
45.131.179.0/24
45.132.238.0/23
45.137.10.0/23
91.217.160.0/24
91.238.207.0/24
193.200.149.0/24
193.200.152.0/24
193.227.103.0/24
193.227.109.0/24
193.227.114.0/24
IPv6:
2a12:a380::/29
Signature Algorithm: sha256WithRSAEncryption
a8:44:c2:bb:24:66:a2:95:76:a6:de:15:f8:9a:a0:8c:68:63:
69:7f:ce:37:f1:c3:01:e0:28:1a:7b:f1:a0:46:ea:0b:a6:71:
f4:e4:15:07:e8:0b:8a:d2:3f:4b:88:19:37:9a:d9:42:ad:0f:
48:87:5e:19:9f:0c:01:bc:c1:d9:54:f3:49:ed:86:b5:11:5f:
a7:58:7d:07:8d:e8:66:c3:58:68:66:bc:f4:5d:a4:b3:d6:92:
f9:9f:49:26:46:b9:47:1c:f4:b3:24:0d:b1:2e:6e:13:fd:e0:
eb:9c:a5:f2:a6:63:27:7a:35:9b:ab:13:cf:d1:2e:9c:d4:06:
f3:27:18:a3:f5:fc:eb:dd:9b:e5:27:67:e8:87:3a:25:94:d0:
10:f5:e2:07:9c:71:5d:5c:50:fe:66:35:23:b4:f0:6f:41:fb:
07:e4:0e:0d:a3:de:ca:59:82:1a:00:5c:08:b9:db:27:1f:3c:
40:7a:84:54:8c:72:a6:31:33:38:53:18:9d:d9:14:52:3e:29:
b1:08:ff:a7:15:a3:ef:65:85:1d:ff:d2:23:f9:44:4b:fd:66:
12:fb:01:98:f9:ad:24:73:fc:e0:bc:2a:78:6c:64:44:2a:42:
db:22:3a:2c:b9:f5:e5:b1:8d:e4:ee:01:73:59:7a:51:c4:0f:
3d:af:33:e7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzGS2R0AVqQdhcREWk5wUWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTI5MDE4NDJhMGUyMTE2NmM2NzBhNjU3NWFlYmZmMjY2OGUzYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptBgMCWit0PPIgyUp3KAJjZtbfE3
m36qPNtON0anjtE0wzhx6j0m32eQeBJ5BYf7UNdgJr7rzrDtPTnuyR+NrT3egs48
xEgFVbiHYHAm9iZ9W6Z8UvguMjZ4+hzwZaaWN8OxIugULPYFA9E1OG80t8003Emy
sIHJ3Z8ZNU0N90mW9RXLO2nvq7qEsMP2Sd6iTT17W+JAtcKxn+Sa9u3p9Y2eOlGp
Bnme93q6HXs317vBkN7/y0eMaqmAgrJdyzEfZ6vffOH4BhkUuD7DdjBhHPsvvtXk
5zgZuCNQFIMVCMOB4cz/6jkA+oyaixBtz63IDZNVmRLC2cy9NtBShLoUxQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFA4pAYQqDiEWbGcKZXWuv/JmjjqZMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvRGlrQmhDb09JUlpzWndwbGRhNl84bWFPT3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQBLYCSAwQA
LYOzAwQBLYTuAwQBLYkKAwQAW9mgAwQAW+7PAwQAwciVAwQAwciYAwQAweNnAwQA
weNtAwQAweNyMA0EAgACMAcDBQMqEqOAMA0GCSqGSIb3DQEBCwUAA4IBAQCoRMK7
JGailXam3hX4mqCMaGNpf8438cMB4Cgae/GgRuoLpnH05BUH6AuK0j9LiBk3mtlC
rQ9Ih14ZnwwBvMHZVPNJ7Ya1EV+nWH0Hjehmw1hoZrz0XaSz1pL5n0kmRrlHHPSz
JA2xLm4T/eDrnKXypmMnejWbqxPP0S6c1AbzJxij9fzr3ZvlJ2fohzollNAQ9eIH
nHFdXFD+ZjUjtPBvQfsH5A4No97KWYIaAFwIudsnHzxAeoRUjHKmMTM4Uxid2RRS
PimxCP+nFaPvZYUd/9Ij+URL/WYS+wGY+a0kc/zgvCp4bGREKkLbIjosufXlsY3k
7gFzWXpRxA89rzPn
-----END CERTIFICATE-----
Generated at Sun May 19 21:04:28 2024 by rpki-client on console-ams.rpki-client.org