Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/DAZZ70kyHQ4fmQYlrltvrKqFVFc.roa
File: DAZZ70kyHQ4fmQYlrltvrKqFVFc.roa (raw, json)
Hash identifier: L5V/qK1dsmS3PJOOJrRXeTpjoB/eMclziqjIxjMndMk=
Subject key identifier: 0C:06:59:EF:49:32:1D:0E:1F:99:06:25:AE:5B:6F:AC:AA:85:54:57
Certificate issuer: /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial: 018CC64B72999BF1F927A48DF78751EFDBF5
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/DAZZ70kyHQ4fmQYlrltvrKqFVFc.roa
Signing time: Mon 01 Jan 2024 18:31:22 +0000
ROA not before: Mon 01 Jan 2024 18:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8677
IP address blocks: 193.58.80.0/21 maxlen: 24
160.92.0.0/16 maxlen: 24
193.16.186.0/23 maxlen: 24
193.16.188.0/22 maxlen: 24
193.201.76.0/23 maxlen: 24
192.136.30.0/24 maxlen: 24
89.106.184.0/21 maxlen: 24
193.56.46.0/24 maxlen: 24
2a01:20:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:72:99:9b:f1:f9:27:a4:8d:f7:87:51:ef:db:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Validity
Not Before: Jan 1 18:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c0659ef49321d0e1f990625ae5b6facaa855457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3a:13:21:fa:27:dd:a4:f7:59:90:2c:10:05:
24:e0:70:bf:88:37:fb:8e:7e:f3:45:12:11:03:99:
58:22:8c:40:c8:06:0b:74:f0:24:46:25:f8:f9:4c:
47:b6:71:5e:15:0f:b6:d8:f7:fc:24:f3:75:81:0e:
ca:e2:7c:1a:fc:aa:48:4d:76:b3:fd:f8:c5:69:6b:
59:82:a2:6a:80:ef:9e:70:44:91:60:77:3b:ba:52:
44:57:a5:f3:67:f3:42:da:07:a8:9e:8e:e0:7a:e3:
9b:9f:32:aa:77:d7:06:d2:33:f6:42:22:12:c7:36:
b7:8b:8d:65:3f:67:db:32:5e:6c:78:dd:ff:65:2b:
f5:16:79:a2:7a:6c:a3:ab:ed:7e:c5:d6:e8:25:6c:
b6:ee:56:3f:aa:c3:58:a9:c1:bd:85:1f:91:4a:5c:
e7:52:0e:0b:70:c5:16:d8:e9:8c:07:0b:b3:12:35:
3b:19:7d:04:5e:20:09:3b:ef:14:13:e8:c0:7b:ae:
8e:e5:0e:39:70:8b:f7:e0:f1:9b:4f:a1:a8:be:eb:
14:69:40:c9:1f:55:af:7d:cd:b5:b8:e0:42:aa:62:
dd:6d:83:d3:31:21:36:f3:b6:5f:80:b0:34:57:94:
80:bd:fd:c0:8a:29:7e:47:9b:ec:7e:fc:ed:68:20:
33:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:06:59:EF:49:32:1D:0E:1F:99:06:25:AE:5B:6F:AC:AA:85:54:57
X509v3 Authority Key Identifier:
keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/DAZZ70kyHQ4fmQYlrltvrKqFVFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.184.0/21
160.92.0.0/16
192.136.30.0/24
193.16.186.0-193.16.191.255
193.56.46.0/24
193.58.80.0/21
193.201.76.0/23
IPv6:
2a01:20:6::/48
Signature Algorithm: sha256WithRSAEncryption
a2:5b:dd:81:98:ba:82:28:b7:e0:51:5f:6b:ee:be:cf:8e:25:
0b:aa:01:5b:b3:ff:42:94:0f:74:a7:97:60:9d:59:be:50:57:
4c:1b:f3:42:01:65:b2:2f:6b:52:01:c2:b8:1d:03:16:b0:8d:
5c:85:f9:45:d2:16:94:3d:70:ef:7a:5e:a2:07:90:cd:41:28:
0b:72:c3:0f:67:75:71:3d:d8:8d:e5:b9:a3:08:f6:6f:ff:e0:
a1:c8:af:3f:a3:06:e1:7b:94:4c:31:2e:b5:5b:f0:9d:06:fc:
96:8b:e8:53:03:9d:4e:ec:fb:8d:84:59:64:54:ea:9a:5d:79:
06:1d:5c:15:44:1b:01:28:77:54:bd:da:d9:d5:4b:a1:85:71:
7b:49:31:f5:62:26:64:bd:d3:04:ee:25:63:7a:6a:41:84:71:
a0:09:3c:80:c5:8e:29:39:eb:41:cb:61:4c:ea:80:6f:36:26:
41:ab:82:b0:80:14:34:b2:bf:77:f0:d2:58:88:54:67:f0:7e:
57:ef:7c:86:78:00:e3:7c:b1:67:aa:20:ca:91:a1:30:5d:3b:
6e:b8:71:53:73:5f:13:5f:bd:62:17:99:2f:4b:61:2c:e4:a4:
e5:d8:53:4d:77:58:f1:b5:be:cf:8e:79:da:1e:18:b0:9d:0f:
fc:f6:3f:60
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzGS3KZm/H5J6SN94dR79v1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwN2U2YjVhYTQzN2QzNjkzMTUxNTAyYTIxMTQ5NmUzN2Q0
YWUyYzUwHhcNMjQwMTAxMTgzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzA2NTllZjQ5MzIxZDBlMWY5OTA2MjVhZTViNmZhY2FhODU1NDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjoTIfon3aT3WZAsEAUk4HC/iDf7
jn7zRRIRA5lYIoxAyAYLdPAkRiX4+UxHtnFeFQ+22Pf8JPN1gQ7K4nwa/KpITXaz
/fjFaWtZgqJqgO+ecESRYHc7ulJEV6XzZ/NC2geono7geuObnzKqd9cG0jP2QiIS
xza3i41lP2fbMl5seN3/ZSv1Fnmiemyjq+1+xdboJWy27lY/qsNYqcG9hR+RSlzn
Ug4LcMUW2OmMBwuzEjU7GX0EXiAJO+8UE+jAe66O5Q45cIv34PGbT6GovusUaUDJ
H1Wvfc21uOBCqmLdbYPTMSE287ZfgLA0V5SAvf3Aiil+R5vsfvztaCAzgQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAwGWe9JMh0OH5kGJa5bb6yqhVRXMB8GA1UdIwQY
MBaAFAB+a1qkN9NpMVFQKiEUluN9SuLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYt
NWE4YzY3ODQyMzg5LzEvREFaWjcwa3lIUTRmbVFZbHJsdHZyS3FGVkZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYtNWE4YzY3ODQyMzg5
LzEvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA3BAIAATAxAwQDWWq4AwMA
oFwDBADAiB4wDAMEAcEQugMEBsEQgAMEAME4LgMEA8E6UAMEAcHJTDAPBAIAAjAJ
AwcAKgEAIAAGMA0GCSqGSIb3DQEBCwUAA4IBAQCiW92BmLqCKLfgUV9r7r7PjiUL
qgFbs/9ClA90p5dgnVm+UFdMG/NCAWWyL2tSAcK4HQMWsI1chflF0haUPXDvel6i
B5DNQSgLcsMPZ3VxPdiN5bmjCPZv/+ChyK8/owbhe5RMMS61W/CdBvyWi+hTA51O
7PuNhFlkVOqaXXkGHVwVRBsBKHdUvdrZ1UuhhXF7STH1YiZkvdME7iVjempBhHGg
CTyAxY4pOetBy2FM6oBvNiZBq4KwgBQ0sr938NJYiFRn8H5X73yGeADjfLFnqiDK
kaEwXTtuuHFTc18TX71iF5kvS2Es5KTl2FNNd1jxtb7PjnnaHhiwnQ/89j9g
-----END CERTIFICATE-----
Generated at Sun May 19 05:00:26 2024 by rpki-client on console-fra.rpki-client.org