Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/DGiTictajwWlIqV1Y3gB4SABHrM.roa
File: DGiTictajwWlIqV1Y3gB4SABHrM.roa (raw, json)
Hash identifier: Id5c1uksWgHuNXSqMulTJtxTXfw1/TAJk3AEd7b9YRQ=
Subject key identifier: 0C:68:93:89:CB:5A:8F:05:A5:22:A5:75:63:78:01:E1:20:01:1E:B3
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 019426D9C91AEC0F691D151A136981E38B05
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/DGiTictajwWlIqV1Y3gB4SABHrM.roa
Signing time: Thu 02 Jan 2025 11:49:54 +0000
ROA not before: Thu 02 Jan 2025 11:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 65024
IP address blocks: 84.108.0.0/22 maxlen: 22
84.108.10.0/23 maxlen: 23
84.108.12.0/23 maxlen: 23
84.108.14.0/23 maxlen: 23
84.108.100.0/23 maxlen: 23
84.108.102.0/24 maxlen: 24
84.108.103.0/24 maxlen: 24
84.108.104.0/22 maxlen: 22
84.108.108.0/22 maxlen: 22
84.108.112.0/22 maxlen: 22
84.108.116.0/22 maxlen: 22
84.108.120.0/22 maxlen: 22
84.108.124.0/23 maxlen: 23
84.108.126.0/23 maxlen: 23
84.108.128.0/22 maxlen: 22
84.108.132.0/22 maxlen: 22
84.108.136.0/22 maxlen: 22
84.108.140.0/24 maxlen: 24
84.108.142.0/24 maxlen: 24
84.108.143.0/24 maxlen: 24
84.108.144.0/23 maxlen: 23
84.108.146.0/23 maxlen: 23
84.108.148.0/22 maxlen: 22
84.108.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c9:1a:ec:0f:69:1d:15:1a:13:69:81:e3:8b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 2 11:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c689389cb5a8f05a522a575637801e120011eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:7a:99:6e:8b:01:c9:a6:b2:80:29:4c:d0:
8f:87:4d:fb:09:8f:94:0d:46:c2:cd:b3:97:e8:e9:
c3:42:e8:74:71:27:42:b0:d1:07:7e:34:ab:65:d6:
03:b7:7a:61:e0:d6:a8:59:1c:db:0e:d2:53:b7:3e:
ee:f9:38:5f:97:10:08:4a:63:b9:52:cc:25:ea:56:
f6:0c:57:d0:d3:4d:0d:3d:d0:53:9a:bd:0e:08:07:
84:68:5c:41:f0:aa:4f:aa:51:05:d8:05:d9:0c:6e:
a4:37:f4:00:ad:d9:d2:6f:7c:a3:59:fc:5a:43:ff:
bb:4a:40:85:53:05:46:4f:b8:21:ad:56:6f:73:1d:
d6:5b:93:f1:ea:6a:47:1d:cf:22:6e:b0:cf:13:3f:
71:c1:4c:64:89:ce:92:75:96:04:c5:ed:28:31:f9:
77:7e:b0:7e:0b:b0:44:4b:51:eb:75:64:2c:83:75:
db:14:fe:71:92:86:9d:a2:e3:ae:e0:1f:b6:68:79:
98:04:96:87:69:e3:e5:b8:8f:c8:c4:8c:83:7c:63:
78:88:69:e9:c7:57:38:2a:2f:36:24:2e:a5:2d:2e:
2d:82:9f:ab:ea:7c:bc:84:25:ed:1e:e7:3d:bd:b7:
6d:6f:1d:55:07:42:53:2d:b7:3d:dc:35:a4:af:4e:
b9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:68:93:89:CB:5A:8F:05:A5:22:A5:75:63:78:01:E1:20:01:1E:B3
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/DGiTictajwWlIqV1Y3gB4SABHrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.108.0.0/22
84.108.10.0-84.108.15.255
84.108.100.0-84.108.140.255
84.108.142.0-84.108.155.255
Signature Algorithm: sha256WithRSAEncryption
25:92:a4:13:16:bf:e0:f4:a7:81:2a:71:cc:47:1e:30:f3:fb:
3e:f3:4b:2a:50:b6:bc:d7:d8:31:87:6f:e4:96:43:dc:a7:60:
57:89:00:ca:3d:ea:ad:0b:ce:cf:d1:fe:0c:a6:51:5a:dc:55:
d5:9f:9c:ac:1d:4c:a3:39:52:b6:5e:44:87:5e:58:d5:2e:92:
6a:84:8a:6b:29:06:2d:91:46:ac:a1:1a:06:6b:32:e3:57:6c:
19:e0:66:4d:f5:28:06:ff:7d:38:bf:97:bd:ae:4c:58:07:75:
1b:d7:aa:fc:c8:b0:be:b8:87:98:b6:4a:5a:15:b5:e8:04:0c:
f9:e1:f7:4f:d9:90:04:9d:2a:ac:01:4f:b3:7b:75:e3:57:fb:
76:4f:db:8b:1e:89:d3:12:80:c9:f7:ad:86:4e:4a:bb:e4:bb:
79:91:1c:a7:de:d7:7a:f1:bc:4c:0f:64:0a:46:c9:15:64:1d:
b1:70:de:a2:63:ab:a4:32:75:ae:3e:d6:e0:7d:b7:8b:a8:f5:
23:04:07:f3:04:af:f7:71:f0:01:26:91:11:db:32:56:d9:25:
8a:78:60:09:57:04:94:4b:98:82:03:0a:7a:92:a4:32:40:74:
43:b4:d1:a6:60:51:87:f9:e8:c3:f2:b4:8f:5d:6a:cf:f9:ec:
95:e2:41:53
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQm2cka7A9pHRUaE2mB44sFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjUwMTAyMTE0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzY4OTM4OWNiNWE4ZjA1YTUyMmE1NzU2Mzc4MDFlMTIwMDExZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBF6mW6LAcmmsoApTNCPh037CY+U
DUbCzbOX6OnDQuh0cSdCsNEHfjSrZdYDt3ph4NaoWRzbDtJTtz7u+ThflxAISmO5
Uswl6lb2DFfQ000NPdBTmr0OCAeEaFxB8KpPqlEF2AXZDG6kN/QArdnSb3yjWfxa
Q/+7SkCFUwVGT7ghrVZvcx3WW5Px6mpHHc8ibrDPEz9xwUxkic6SdZYExe0oMfl3
frB+C7BES1HrdWQsg3XbFP5xkoadouOu4B+2aHmYBJaHaePluI/IxIyDfGN4iGnp
x1c4Ki82JC6lLS4tgp+r6ny8hCXtHuc9vbdtbx1VB0JTLbc93DWkr065IwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAxok4nLWo8FpSKldWN4AeEgAR6zMB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvREdpVGljdGFqd1dsSXFWMVkzZ0I0U0FCSHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCVGwAMAwD
BAFUbAoDBARUbAAwDAMEAlRsZAMEAFRsjDAMAwQBVGyOAwQCVGyYMA0GCSqGSIb3
DQEBCwUAA4IBAQAlkqQTFr/g9KeBKnHMRx4w8/s+80sqULa819gxh2/klkPcp2BX
iQDKPeqtC87P0f4MplFa3FXVn5ysHUyjOVK2XkSHXljVLpJqhIprKQYtkUasoRoG
azLjV2wZ4GZN9SgG/304v5e9rkxYB3Ub16r8yLC+uIeYtkpaFbXoBAz54fdP2ZAE
nSqsAU+ze3XjV/t2T9uLHonTEoDJ962GTkq75Lt5kRyn3td68bxMD2QKRskVZB2x
cN6iY6ukMnWuPtbgfbeLqPUjBAfzBK/3cfABJpER2zJW2SWKeGAJVwSUS5iCAwp6
kqQyQHRDtNGmYFGH+ejD8rSPXWrP+eyV4kFT
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:34:48 2025 by rpki-client