Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/DFF6e62bbHxPwsDaAfko-o7Ii5I.roa
File: DFF6e62bbHxPwsDaAfko-o7Ii5I.roa (raw, json)
Hash identifier: EgGP5Xm9YJx+FtN7tFlUdOH/ecyeGylrP17I+nAAEr0=
Subject key identifier: 0C:51:7A:7B:AD:9B:6C:7C:4F:C2:C0:DA:01:F9:28:FA:8E:C8:8B:92
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 018CCA2BCD3A4ABD053B0E31831CA4D80342
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/DFF6e62bbHxPwsDaAfko-o7Ii5I.roa
Signing time: Tue 02 Jan 2024 12:35:17 +0000
ROA not before: Tue 02 Jan 2024 12:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6878
IP address blocks: 80.158.31.0/24 maxlen: 24
80.158.32.0/19 maxlen: 24
80.158.72.0/21 maxlen: 24
80.158.80.0/20 maxlen: 24
80.158.96.0/19 maxlen: 24
80.158.0.0/21 maxlen: 24
80.158.0.0/23 maxlen: 23
80.158.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 10:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:cd:3a:4a:bd:05:3b:0e:31:83:1c:a4:d8:03:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Jan 2 12:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c517a7bad9b6c7c4fc2c0da01f928fa8ec88b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:14:e2:f1:ea:b2:df:48:8b:a7:00:9d:43:ac:
5e:4e:ea:37:65:f8:2c:05:3f:3e:73:2a:d1:49:7b:
1a:8b:16:5d:cc:b6:a0:0f:8f:d7:96:05:ee:b6:f2:
16:b1:bd:ea:bc:3d:2d:b9:1d:01:75:fc:67:52:98:
cc:df:cd:04:43:96:51:99:43:bd:f4:a2:64:44:c0:
fb:3b:66:fe:a9:4d:4d:ee:67:02:52:c9:7b:fb:a2:
e7:21:af:68:6f:69:95:b8:39:f3:ba:58:fc:8a:da:
7e:dd:71:d8:84:61:b1:58:0d:a2:f2:1c:fd:9c:72:
fb:f4:6f:6c:69:a3:41:07:b7:cb:aa:f9:d1:f7:48:
56:e7:85:48:65:06:8d:3d:6a:1c:f0:07:2b:22:ae:
68:7f:6a:5f:cb:ce:e1:bc:38:20:92:31:c9:e2:59:
d0:ec:40:bf:6e:e0:67:eb:04:ef:cb:ff:ba:28:b1:
0f:24:e7:65:c8:bc:e6:56:11:4e:55:ba:99:85:95:
66:a3:81:2e:33:9b:68:9e:3d:e9:bd:43:2a:af:f4:
1d:48:3b:01:c7:51:76:55:36:20:12:d4:4e:1a:ef:
36:4e:e1:b0:19:38:2c:68:14:90:4d:54:55:3e:60:
75:29:9d:1d:ec:68:57:a1:11:af:47:92:9c:e9:15:
9d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:51:7A:7B:AD:9B:6C:7C:4F:C2:C0:DA:01:F9:28:FA:8E:C8:8B:92
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/DFF6e62bbHxPwsDaAfko-o7Ii5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.158.0.0/21
80.158.16.0-80.158.63.255
80.158.72.0-80.158.127.255
Signature Algorithm: sha256WithRSAEncryption
67:dc:6e:71:b9:44:17:19:3c:95:cd:29:e1:cc:00:54:e1:3d:
0c:d1:dc:38:cd:94:2b:18:43:42:88:de:59:ac:30:fe:46:87:
c9:4b:85:a4:86:af:12:ea:b6:13:31:c2:3f:16:64:c4:84:a3:
18:42:ab:d6:c0:31:94:7a:ce:d5:17:8a:0f:92:a9:f0:48:f1:
06:ac:94:af:94:93:34:ee:18:ad:48:5c:1b:3d:a6:3e:24:0d:
0c:93:f8:3e:92:e3:aa:1d:a0:64:ea:1e:ca:21:84:0c:6f:41:
ce:1b:f4:ab:23:5a:07:c2:12:65:d5:9d:07:69:20:3a:21:3d:
fb:d5:29:ba:a2:77:a8:c0:3d:75:aa:7a:9e:20:50:b0:00:1a:
7a:39:e3:2a:5c:6d:45:77:41:5e:0d:0b:38:f9:0f:3f:d6:7b:
ab:17:b5:15:bd:c2:85:37:dd:7a:0d:43:cd:56:b0:4c:27:96:
5c:21:2b:29:e1:fb:99:47:3f:23:f4:42:42:b1:1a:8b:cc:75:
65:6a:9e:2f:79:51:ec:8e:4a:ef:74:7b:ed:3f:b8:2c:c1:93:
bb:ab:6d:53:c7:41:dc:d0:2e:db:dd:f0:14:92:0a:cc:8d:9c:
01:e4:e7:00:c4:3d:5c:fe:7e:ac:49:2d:00:9c:8c:0e:f7:1c:
07:3a:86:ce
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKK806Sr0FOw4xgxyk2ANCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjQwMTAyMTIzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzUxN2E3YmFkOWI2YzdjNGZjMmMwZGEwMWY5MjhmYThlYzg4YjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxTi8eqy30iLpwCdQ6xeTuo3Zfgs
BT8+cyrRSXsaixZdzLagD4/XlgXutvIWsb3qvD0tuR0BdfxnUpjM380EQ5ZRmUO9
9KJkRMD7O2b+qU1N7mcCUsl7+6LnIa9ob2mVuDnzulj8itp+3XHYhGGxWA2i8hz9
nHL79G9saaNBB7fLqvnR90hW54VIZQaNPWoc8AcrIq5of2pfy87hvDggkjHJ4lnQ
7EC/buBn6wTvy/+6KLEPJOdlyLzmVhFOVbqZhZVmo4EuM5tonj3pvUMqr/QdSDsB
x1F2VTYgEtROGu82TuGwGTgsaBSQTVRVPmB1KZ0d7GhXoRGvR5Kc6RWdXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAxRenutm2x8T8LA2gH5KPqOyIuSMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL0RGRjZlNjJiYkh4UHdzRGFBZmtvLW83SWk1SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOwYIKwYBBQUHAQcBAf8ELDAqMCgEAgABMCIDBANQngAw
DAMEBFCeEAMEBlCeADAMAwQDUJ5IAwQHUJ4AMA0GCSqGSIb3DQEBCwUAA4IBAQBn
3G5xuUQXGTyVzSnhzABU4T0M0dw4zZQrGENCiN5ZrDD+RofJS4Wkhq8S6rYTMcI/
FmTEhKMYQqvWwDGUes7VF4oPkqnwSPEGrJSvlJM07hitSFwbPaY+JA0Mk/g+kuOq
HaBk6h7KIYQMb0HOG/SrI1oHwhJl1Z0HaSA6IT371Sm6oneowD11qnqeIFCwABp6
OeMqXG1Fd0FeDQs4+Q8/1nurF7UVvcKFN916DUPNVrBMJ5ZcISsp4fuZRz8j9EJC
sRqLzHVlap4veVHsjkrvdHvtP7gswZO7q21Tx0Hc0C7b3fAUkgrMjZwB5OcAxD1c
/n6sSS0AnIwO9xwHOobO
-----END CERTIFICATE-----
Generated at Tue May 21 15:04:49 2024 by rpki-client on console-fra.rpki-client.org