Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/DJUg3Einy9P9qXmpdOjidVP9zM4.roa
File: DJUg3Einy9P9qXmpdOjidVP9zM4.roa (raw, json)
Hash identifier: dIB4sp0F9vSxjrRg8nxfUCLrXIIkqk0DhKLU2BR9cwM=
Subject key identifier: 0C:95:20:DC:48:A7:CB:D3:FD:A9:79:A9:74:E8:E2:75:53:FD:CC:CE
Certificate issuer: /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Certificate serial: 018CC80199A64D73ECAEF3793FC504A4D990
Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/DJUg3Einy9P9qXmpdOjidVP9zM4.roa
Signing time: Tue 02 Jan 2024 02:29:57 +0000
ROA not before: Tue 02 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43641
IP address blocks: 37.16.75.0/24 maxlen: 24
91.202.4.0/23 maxlen: 24
31.42.176.0/23 maxlen: 24
2a11:6101::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:99:a6:4d:73:ec:ae:f3:79:3f:c5:04:a4:d9:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Validity
Not Before: Jan 2 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c9520dc48a7cbd3fda979a974e8e27553fdccce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:58:8a:24:3d:ae:75:43:c7:52:5e:05:b2:c6:
55:52:20:ac:13:15:a4:ac:da:42:68:1c:ce:7c:97:
ba:0e:13:17:f7:33:9b:37:22:4d:e9:75:55:a4:99:
6a:c2:78:48:88:7f:db:0f:49:2c:18:d5:24:bd:d6:
6d:39:16:3d:23:f9:88:44:c2:6a:1b:91:c9:4c:15:
51:08:dc:ff:49:2a:a7:36:07:5f:39:ba:d1:44:50:
3d:06:5c:a4:6f:78:49:40:7b:c0:b4:8f:b7:27:6c:
ff:cb:ad:52:26:c3:fd:24:58:a5:ee:d5:22:d4:d7:
c0:09:fd:41:6b:a0:c8:70:21:48:87:7e:ef:8d:7e:
b9:5f:fe:3c:d5:b2:da:d5:9d:b9:2c:67:24:a0:a6:
9d:21:fb:db:f9:70:17:3c:89:e9:ad:2d:73:1f:60:
49:9e:31:69:7e:18:82:da:53:38:29:b4:98:ae:23:
2c:af:2b:e8:75:1e:a4:1c:3d:39:d2:65:bc:1c:6e:
f4:f9:0c:db:00:95:67:ec:89:e1:a9:c7:c9:a0:e6:
6b:bb:55:83:ca:30:90:32:af:ec:b2:e0:31:10:39:
ae:fa:dc:19:85:45:ea:2a:5e:4d:1e:04:89:4c:c1:
f9:e2:c9:65:66:3e:eb:2c:45:6b:9c:6c:ec:f7:ca:
91:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:95:20:DC:48:A7:CB:D3:FD:A9:79:A9:74:E8:E2:75:53:FD:CC:CE
X509v3 Authority Key Identifier:
keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/DJUg3Einy9P9qXmpdOjidVP9zM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.176.0/23
37.16.75.0/24
91.202.4.0/23
IPv6:
2a11:6101::/32
Signature Algorithm: sha256WithRSAEncryption
aa:f0:5e:97:b1:cb:db:26:ae:fd:90:cf:9d:08:6f:b8:53:89:
0b:05:8c:21:2d:73:49:d9:c9:09:ee:5a:0b:8e:d1:ad:20:c8:
8c:60:ec:ea:d2:e5:18:7e:7d:0c:9a:88:2b:41:9a:06:63:77:
c5:5b:ae:4d:68:9b:d1:47:f8:fd:70:1d:f3:1e:d5:27:61:ef:
8b:67:47:ef:a8:41:ca:33:3e:71:31:40:43:b0:db:85:a7:2c:
0c:43:58:e2:53:36:73:2f:73:7a:5a:72:8e:6d:97:ee:39:ea:
6e:49:f8:64:da:85:9e:78:d1:78:18:3f:ed:1f:e1:e5:a4:a8:
b5:2b:a4:12:d9:36:45:bf:71:41:06:f4:a1:1b:6e:76:2a:3f:
c2:ce:de:aa:49:91:66:03:b3:96:c8:b6:6c:4f:02:24:81:e8:
5e:07:79:20:87:e0:97:9d:06:b9:d6:3d:2e:10:0f:de:6d:a2:
be:a6:08:7d:05:37:98:54:ec:f0:ed:5c:a6:9a:62:36:14:15:
e8:4b:05:55:06:7b:7d:60:fd:aa:05:69:53:85:4b:f6:78:1e:
98:1f:37:d3:3d:75:6c:01:f1:77:97:90:b0:10:22:b8:e4:36:
ac:55:53:39:67:89:41:1d:a1:1c:23:4f:d0:7f:95:9e:73:b6:
30:b6:03:5b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAZmmTXPsrvN5P8UEpNmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl
YmM3MGQwHhcNMjQwMTAyMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk1MjBkYzQ4YTdjYmQzZmRhOTc5YTk3NGU4ZTI3NTUzZmRjY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnViKJD2udUPHUl4FssZVUiCsExWk
rNpCaBzOfJe6DhMX9zObNyJN6XVVpJlqwnhIiH/bD0ksGNUkvdZtORY9I/mIRMJq
G5HJTBVRCNz/SSqnNgdfObrRRFA9Blykb3hJQHvAtI+3J2z/y61SJsP9JFil7tUi
1NfACf1Ba6DIcCFIh37vjX65X/481bLa1Z25LGckoKadIfvb+XAXPInprS1zH2BJ
njFpfhiC2lM4KbSYriMsryvodR6kHD050mW8HG70+QzbAJVn7InhqcfJoOZru1WD
yjCQMq/ssuAxEDmu+twZhUXqKl5NHgSJTMH54sllZj7rLEVrnGzs98qR5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAyVINxIp8vT/al5qXTo4nVT/czOMB8GA1UdIwQY
MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt
MDg3M2UzOTk0ZDBlLzEvREpVZzNFaW55OVA5cVhtcGRPamlkVlA5ek00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl
LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBHyqwAwQA
JRBLAwQBW8oEMA0EAgACMAcDBQAqEWEBMA0GCSqGSIb3DQEBCwUAA4IBAQCq8F6X
scvbJq79kM+dCG+4U4kLBYwhLXNJ2ckJ7loLjtGtIMiMYOzq0uUYfn0MmogrQZoG
Y3fFW65NaJvRR/j9cB3zHtUnYe+LZ0fvqEHKMz5xMUBDsNuFpywMQ1jiUzZzL3N6
WnKObZfuOepuSfhk2oWeeNF4GD/tH+HlpKi1K6QS2TZFv3FBBvShG252Kj/Czt6q
SZFmA7OWyLZsTwIkgeheB3kgh+CXnQa51j0uEA/ebaK+pgh9BTeYVOzw7VymmmI2
FBXoSwVVBnt9YP2qBWlThUv2eB6YHzfTPXVsAfF3l5CwECK45DasVVM5Z4lBHaEc
I0/Qf5Wec7YwtgNb
-----END CERTIFICATE-----
Generated at Mon May 20 15:14:35 2024 by rpki-client on console-ams.rpki-client.org