Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/dxCnSqbJZ68z1zqS1Li2MzFd0F4.roa
File: dxCnSqbJZ68z1zqS1Li2MzFd0F4.roa (raw, json)
Hash identifier: jJs0nJOuMQVd7nKAThK7tp9Es46qoI5U5Gv5M786i+0=
Subject key identifier: 77:10:A7:4A:A6:C9:67:AF:33:D7:3A:92:D4:B8:B6:33:31:5D:D0:5E
Certificate issuer: /CN=e8f99cd884fb5cbab3f3b34e17a80a48adec3fe5
Certificate serial: 018FECFF08CB697841F6CC7D02A34656E340
Authority key identifier: E8:F9:9C:D8:84:FB:5C:BA:B3:F3:B3:4E:17:A8:0A:48:AD:EC:3F:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Pmc2IT7XLqz87NOF6gKSK3sP-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/dxCnSqbJZ68z1zqS1Li2MzFd0F4.roa
Signing time: Thu 06 Jun 2024 10:01:27 +0000
ROA not before: Thu 06 Jun 2024 10:01:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198268
IP address blocks: 178.175.182.0/23 maxlen: 23
178.175.182.0/24 maxlen: 24
178.175.183.0/24 maxlen: 24
2a14:2b40::/29 maxlen: 29
2a14:2b40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/6Pmc2IT7XLqz87NOF6gKSK3sP-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/6Pmc2IT7XLqz87NOF6gKSK3sP-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/6Pmc2IT7XLqz87NOF6gKSK3sP-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ec:ff:08:cb:69:78:41:f6:cc:7d:02:a3:46:56:e3:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8f99cd884fb5cbab3f3b34e17a80a48adec3fe5
Validity
Not Before: Jun 6 10:01:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7710a74aa6c967af33d73a92d4b8b633315dd05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:26:65:ea:ba:9e:29:22:88:23:f2:f7:5b:87:
cc:28:51:27:b6:1e:b6:48:7b:f5:30:f2:02:78:a2:
ef:1d:aa:28:48:5c:7b:d5:02:22:eb:42:05:a1:7d:
c6:5c:49:8c:d4:3e:95:d7:6d:0c:82:70:4e:56:26:
b6:d5:a5:e3:fb:83:a9:f2:9b:0f:db:e9:a2:16:5c:
8b:32:4e:ad:0e:bd:d1:87:7c:7a:98:c4:6d:58:ed:
6d:e6:36:87:85:f9:a0:48:e3:1e:9f:61:c8:aa:9b:
41:78:f4:d7:ef:71:5c:da:cd:dd:53:a0:97:a8:ce:
0a:71:45:44:6b:a7:7e:f1:8f:de:b9:0f:a3:7e:f2:
64:72:9b:e0:88:4d:44:4d:bc:bd:05:68:d3:13:a9:
2a:b4:d7:9c:9b:25:65:8b:cf:d8:a6:59:86:bb:d4:
5b:36:e9:65:1b:d4:1e:7e:2e:c0:f3:4e:d5:aa:5c:
5c:4a:8c:a5:4e:f1:2e:14:0c:3b:6c:2e:7f:c5:ce:
7f:e6:af:5c:5f:82:62:c8:54:f3:00:40:00:76:72:
18:58:db:b2:af:d5:fe:79:e8:6c:40:5c:b4:35:f2:
d2:93:0e:ad:cd:09:00:15:3f:e8:47:d4:46:88:6d:
ee:6d:a3:3c:49:c5:32:56:b0:3f:7e:6c:a6:2a:e2:
9c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:10:A7:4A:A6:C9:67:AF:33:D7:3A:92:D4:B8:B6:33:31:5D:D0:5E
X509v3 Authority Key Identifier:
keyid:E8:F9:9C:D8:84:FB:5C:BA:B3:F3:B3:4E:17:A8:0A:48:AD:EC:3F:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Pmc2IT7XLqz87NOF6gKSK3sP-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/dxCnSqbJZ68z1zqS1Li2MzFd0F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/d85bc7-58a6-407a-8acb-7509f7f4c5a6/1/6Pmc2IT7XLqz87NOF6gKSK3sP-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.182.0/23
IPv6:
2a14:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
28:12:27:50:b2:6f:0d:ac:a6:98:4c:0c:a2:d9:6b:e9:f3:ec:
e1:27:6d:ef:e7:1a:00:8a:ee:8a:3c:c5:f9:1d:89:13:b7:0a:
b3:45:29:d4:64:c2:2c:6e:bc:89:7a:11:0c:df:57:e7:e0:68:
42:4a:ba:cd:fb:d8:22:dd:25:ca:57:9a:a7:77:36:23:60:c7:
77:29:7c:62:ff:d0:29:c1:4d:86:bc:55:39:4d:90:06:9a:1c:
eb:39:8b:c4:ec:12:4b:6c:cf:d8:1d:40:04:a7:b0:4c:28:ef:
93:d6:7b:03:0b:a2:08:9f:03:73:6b:59:56:22:1d:1e:92:b4:
d2:82:f0:e7:ba:6c:1f:57:8b:8f:f6:67:d1:a1:a6:c7:08:c8:
3e:87:fa:32:d5:34:8c:a0:de:76:7e:11:9e:ff:df:e7:3d:59:
6c:64:a2:d4:4f:73:91:99:a4:5c:3c:e1:dc:0a:a4:e3:97:0e:
0f:83:cc:5c:be:ca:a9:25:f4:de:61:f1:bc:7e:0c:0f:9f:80:
71:b0:1c:95:c6:a7:9e:62:ae:42:ba:67:01:45:73:77:6b:02:
df:d7:79:75:d3:53:81:44:2d:02:58:7c:09:c8:8d:b8:1b:fd:
11:1a:e8:1f:a7:fa:3f:eb:1d:2a:f1:b0:08:bf:75:e2:da:af:
7c:4b:99:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/s/wjLaXhB9sx9AqNGVuNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4Zjk5Y2Q4ODRmYjVjYmFiM2YzYjM0ZTE3YTgwYTQ4YWRl
YzNmZTUwHhcNMjQwNjA2MTAwMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzEwYTc0YWE2Yzk2N2FmMzNkNzNhOTJkNGI4YjYzMzMxNWRkMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCZl6rqeKSKII/L3W4fMKFEnth62
SHv1MPICeKLvHaooSFx71QIi60IFoX3GXEmM1D6V120MgnBOVia21aXj+4Op8psP
2+miFlyLMk6tDr3Rh3x6mMRtWO1t5jaHhfmgSOMen2HIqptBePTX73Fc2s3dU6CX
qM4KcUVEa6d+8Y/euQ+jfvJkcpvgiE1ETby9BWjTE6kqtNecmyVli8/YplmGu9Rb
NullG9Qefi7A807VqlxcSoylTvEuFAw7bC5/xc5/5q9cX4JiyFTzAEAAdnIYWNuy
r9X+eehsQFy0NfLSkw6tzQkAFT/oR9RGiG3ubaM8ScUyVrA/fmymKuKcJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHcQp0qmyWevM9c6ktS4tjMxXdBeMB8GA1UdIwQY
MBaAFOj5nNiE+1y6s/OzTheoCkit7D/lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlBtYzJJVDdYTHF6ODdOT0Y2Z0tTSzNzUC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9kODViYzctNThhNi00MDdhLThhY2It
NzUwOWY3ZjRjNWE2LzEvZHhDblNxYkpaNjh6MXpxUzFMaTJNekZkMEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9kODViYzctNThhNi00MDdhLThhY2ItNzUwOWY3ZjRjNWE2
LzEvNlBtYzJJVDdYTHF6ODdOT0Y2Z0tTSzNzUC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBsq+2MA0E
AgACMAcDBQMqFCtAMA0GCSqGSIb3DQEBCwUAA4IBAQAoEidQsm8NrKaYTAyi2Wvp
8+zhJ23v5xoAiu6KPMX5HYkTtwqzRSnUZMIsbryJehEM31fn4GhCSrrN+9gi3SXK
V5qndzYjYMd3KXxi/9ApwU2GvFU5TZAGmhzrOYvE7BJLbM/YHUAEp7BMKO+T1nsD
C6IInwNza1lWIh0ekrTSgvDnumwfV4uP9mfRoabHCMg+h/oy1TSMoN52fhGe/9/n
PVlsZKLUT3ORmaRcPOHcCqTjlw4Pg8xcvsqpJfTeYfG8fgwPn4BxsByVxqeeYq5C
umcBRXN3awLf13l101OBRC0CWHwJyI24G/0RGugfp/o/6x0q8bAIv3Xi2q98S5m7
-----END CERTIFICATE-----
Generated at Sat Nov 23 08:44:59 2024 by rpki-client on console-fra.rpki-client.org