Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/Dfg_6uPZGIobbDBwacwC_EIGO5Q.roa
File: Dfg_6uPZGIobbDBwacwC_EIGO5Q.roa (raw, json)
Hash identifier: MNEfy6R5nPCa8pOdBJiq9jk5hqQVJGf5oHPySiSroIg=
Subject key identifier: 0D:F8:3F:EA:E3:D9:18:8A:1B:6C:30:70:69:CC:02:FC:42:06:3B:94
Certificate issuer: /CN=52eb03d211996e99a49e3c3f9ce4b3f2a15723c5
Certificate serial: 019425FD97142A30F1B1C9F423F57DBFA504
Authority key identifier: 52:EB:03:D2:11:99:6E:99:A4:9E:3C:3F:9C:E4:B3:F2:A1:57:23:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UusD0hGZbpmknjw_nOSz8qFXI8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/Dfg_6uPZGIobbDBwacwC_EIGO5Q.roa
Signing time: Thu 02 Jan 2025 07:49:23 +0000
ROA not before: Thu 02 Jan 2025 07:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47267
IP address blocks: 91.199.17.0/24 maxlen: 24
185.182.160.0/22 maxlen: 22
185.182.160.0/24 maxlen: 24
185.182.161.0/24 maxlen: 24
185.182.162.0/24 maxlen: 24
185.182.163.0/24 maxlen: 24
2001:67c:69c::/48 maxlen: 48
2a0f:eb80::/32 maxlen: 32
2a0f:eb80::/44 maxlen: 44
2a0f:eb80::/48 maxlen: 48
2a0f:eb80:1::/48 maxlen: 48
2a0f:eb80:a::/48 maxlen: 48
2a0f:eb80:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/UusD0hGZbpmknjw_nOSz8qFXI8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/UusD0hGZbpmknjw_nOSz8qFXI8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/UusD0hGZbpmknjw_nOSz8qFXI8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:97:14:2a:30:f1:b1:c9:f4:23:f5:7d:bf:a5:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52eb03d211996e99a49e3c3f9ce4b3f2a15723c5
Validity
Not Before: Jan 2 07:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0df83feae3d9188a1b6c307069cc02fc42063b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:50:bc:88:19:02:2d:58:57:a3:46:08:2b:e5:
e5:66:5e:fd:31:7f:ab:b1:9e:6c:f5:83:4c:ec:e9:
1a:1b:46:18:f7:9c:41:b0:90:f1:68:ab:b2:bc:53:
a3:c6:5f:5d:ca:07:4d:6e:07:1a:98:43:18:07:98:
17:5d:a9:a2:dc:34:d7:72:0e:3c:76:5e:5d:ee:2b:
76:52:00:8f:04:b8:7b:51:3b:a5:c0:8b:c5:62:3b:
b9:19:29:53:e4:2c:39:1b:1f:28:1d:0f:57:c3:61:
97:a5:1d:8f:4f:2a:f6:7d:b3:7b:cc:39:2e:23:60:
c6:89:3a:d8:5a:0e:c2:07:17:55:55:06:16:09:c4:
ce:1b:b5:ce:f7:19:b8:bb:26:13:9c:6b:c3:4d:12:
93:1f:5e:b6:2e:de:9a:6d:2e:ee:92:7b:aa:e4:0a:
45:69:d1:41:2b:cf:36:23:79:82:e3:87:1e:d2:ab:
0e:65:d0:eb:e8:05:c0:3d:8e:d1:28:12:06:4b:15:
62:6f:35:80:11:00:51:9b:94:75:0d:a6:99:21:98:
c5:47:97:ea:45:e9:51:fc:ee:f3:38:16:39:c4:23:
e7:d7:d8:eb:29:cb:20:b1:18:89:30:4c:98:bf:95:
85:16:85:d1:20:cb:d8:e5:b1:ef:bb:fb:f7:42:61:
4b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F8:3F:EA:E3:D9:18:8A:1B:6C:30:70:69:CC:02:FC:42:06:3B:94
X509v3 Authority Key Identifier:
keyid:52:EB:03:D2:11:99:6E:99:A4:9E:3C:3F:9C:E4:B3:F2:A1:57:23:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UusD0hGZbpmknjw_nOSz8qFXI8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/Dfg_6uPZGIobbDBwacwC_EIGO5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/UusD0hGZbpmknjw_nOSz8qFXI8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.17.0/24
185.182.160.0/22
IPv6:
2001:67c:69c::/48
2a0f:eb80::/32
Signature Algorithm: sha256WithRSAEncryption
0f:94:42:de:4e:02:90:a0:76:4c:cb:c9:15:a2:76:30:89:73:
8d:5a:ed:5d:d4:7f:db:1e:e0:b4:92:d2:02:e6:12:f4:3f:e4:
71:16:70:ae:74:d6:ce:26:50:fb:3b:4f:ca:83:90:c3:cd:86:
64:67:ea:d2:8c:da:42:18:3d:d3:b9:19:7c:29:6e:40:a8:cc:
89:93:19:d2:14:25:3b:c9:2e:5e:3a:51:19:92:2c:a8:a8:b7:
eb:00:4c:2e:a3:81:c3:0c:7d:8f:ea:e7:e0:54:af:56:f8:75:
b5:60:95:90:bf:2b:03:ee:79:49:9c:81:13:4d:2f:01:ca:a0:
da:5f:1f:3c:4a:88:4c:cd:ec:c1:f9:68:db:89:56:58:77:3e:
13:a5:fb:91:b8:b9:19:73:93:e1:a9:a3:93:a2:bb:c2:1d:18:
46:a7:f0:cd:bd:16:1a:59:9b:17:d9:ed:9c:30:34:29:42:78:
bd:aa:b8:a7:31:b1:f5:a7:22:88:f2:d5:b4:5a:0c:6b:eb:4a:
67:84:e1:ba:55:40:ad:fb:b6:c9:cf:62:6f:e4:9e:2a:29:04:
c5:9c:92:b6:ba:1e:7a:33:94:23:23:69:a1:18:09:e4:f9:61:
52:fc:60:6c:47:5b:7b:43:fe:df:0e:9f:22:d1:2f:60:e5:0b:
d2:9b:01:c0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQl/ZcUKjDxscn0I/V9v6UEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZWIwM2QyMTE5OTZlOTlhNDllM2MzZjljZTRiM2YyYTE1
NzIzYzUwHhcNMjUwMTAyMDc0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGY4M2ZlYWUzZDkxODhhMWI2YzMwNzA2OWNjMDJmYzQyMDYzYjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+VC8iBkCLVhXo0YIK+XlZl79MX+r
sZ5s9YNM7OkaG0YY95xBsJDxaKuyvFOjxl9dygdNbgcamEMYB5gXXami3DTXcg48
dl5d7it2UgCPBLh7UTulwIvFYju5GSlT5Cw5Gx8oHQ9Xw2GXpR2PTyr2fbN7zDku
I2DGiTrYWg7CBxdVVQYWCcTOG7XO9xm4uyYTnGvDTRKTH162Lt6abS7uknuq5ApF
adFBK882I3mC44ce0qsOZdDr6AXAPY7RKBIGSxVibzWAEQBRm5R1DaaZIZjFR5fq
RelR/O7zOBY5xCPn19jrKcsgsRiJMEyYv5WFFoXRIMvY5bHvu/v3QmFLEwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA34P+rj2RiKG2wwcGnMAvxCBjuUMB8GA1UdIwQY
MBaAFFLrA9IRmW6ZpJ48P5zks/KhVyPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVzRDBoR1picG1rbmp3X25PU3o4cUZYSThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82NjY3NmEtM2JhYy00YjZkLWE2Mzgt
OTZjZDQyZjBmOTViLzEvRGZnXzZ1UFpHSW9iYkRCd2Fjd0NfRUlHTzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82NjY3NmEtM2JhYy00YjZkLWE2MzgtOTZjZDQyZjBmOTVi
LzEvVXVzRDBoR1picG1rbmp3X25PU3o4cUZYSThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAW8cRAwQC
ubagMBYEAgACMBADBwAgAQZ8BpwDBQAqD+uAMA0GCSqGSIb3DQEBCwUAA4IBAQAP
lELeTgKQoHZMy8kVonYwiXONWu1d1H/bHuC0ktIC5hL0P+RxFnCudNbOJlD7O0/K
g5DDzYZkZ+rSjNpCGD3TuRl8KW5AqMyJkxnSFCU7yS5eOlEZkiyoqLfrAEwuo4HD
DH2P6ufgVK9W+HW1YJWQvysD7nlJnIETTS8ByqDaXx88SohMzezB+WjbiVZYdz4T
pfuRuLkZc5PhqaOTorvCHRhGp/DNvRYaWZsX2e2cMDQpQni9qrinMbH1pyKI8tW0
Wgxr60pnhOG6VUCt+7bJz2Jv5J4qKQTFnJK2uh56M5QjI2mhGAnk+WFS/GBsR1t7
Q/7fDp8i0S9g5QvSmwHA
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:12 2025 by rpki-client