Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0DJ0Qm5EGyWR51fTOQyw215uPys.roa
File: 0DJ0Qm5EGyWR51fTOQyw215uPys.roa (raw, json)
Hash identifier: yKG0vr7zHqXx6jt+S7UZsI6aZSgAaMTObH97X3IJmd8=
Subject key identifier: D0:32:74:42:6E:44:1B:25:91:E7:57:D3:39:0C:B0:DB:5E:6E:3F:2B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018F0E801FB417617D8565874AEA3B4A742E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0DJ0Qm5EGyWR51fTOQyw215uPys.roa
Signing time: Wed 24 Apr 2024 05:07:08 +0000
ROA not before: Wed 24 Apr 2024 05:07:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204770
IP address blocks: 84.32.34.0/24 maxlen: 24
84.32.128.0/22 maxlen: 32
88.216.198.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0e:80:1f:b4:17:61:7d:85:65:87:4a:ea:3b:4a:74:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 24 05:07:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d03274426e441b2591e757d3390cb0db5e6e3f2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:f0:ee:ed:48:68:52:d4:5a:5a:40:ab:d4:
f1:fb:f7:3a:4e:ef:cb:38:8d:6c:45:bd:6a:59:69:
d6:79:b5:30:b0:d1:41:84:84:af:bf:de:f3:14:d6:
5e:b1:db:fc:a1:3b:74:69:a4:00:d4:17:80:e7:39:
3f:09:e9:b0:70:58:76:f2:01:77:8d:02:91:b3:73:
c0:59:9d:17:6b:5c:84:84:e2:fd:34:39:94:4e:a9:
d9:51:76:ed:a8:44:a2:d1:9c:1e:36:69:57:94:e9:
b6:55:9f:7f:dc:78:e5:37:e5:9c:6e:40:38:a4:b9:
65:15:6f:20:f6:ba:9c:03:5b:55:ea:88:1c:0d:1f:
11:a9:ee:b3:4b:e9:a2:de:e3:af:11:ca:4e:30:d8:
9a:77:bf:06:68:02:c6:49:a4:4f:02:59:f0:37:e8:
22:ce:d2:52:86:73:65:c1:1f:c5:9a:1d:ab:3d:bc:
d8:b9:86:b7:7d:99:ca:fe:b5:7f:18:84:47:ba:df:
5c:b2:f6:84:55:a2:76:b9:f7:1f:ec:49:0e:80:aa:
d3:4c:60:aa:05:72:5b:f4:15:6d:71:b2:6c:9f:d1:
d8:9e:d4:79:53:00:13:a3:3d:8e:78:cd:f9:e2:fe:
8a:76:f9:65:bf:c2:3c:1b:25:48:10:b3:5f:09:e7:
0e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:32:74:42:6E:44:1B:25:91:E7:57:D3:39:0C:B0:DB:5E:6E:3F:2B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0DJ0Qm5EGyWR51fTOQyw215uPys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.34.0/24
84.32.128.0/22
88.216.198.0/24
88.216.210.0/24
88.216.222.0/24
Signature Algorithm: sha256WithRSAEncryption
63:bb:12:39:6e:90:c0:69:03:9b:71:57:2c:83:d2:a7:65:a0:
2a:f8:1a:c0:99:9f:df:9d:7d:91:61:36:e1:ea:45:e2:b8:dd:
d8:c7:39:a3:3c:5a:5e:ae:54:fd:be:2c:1d:87:90:00:8f:a8:
ee:49:6f:9e:4b:9b:24:36:f7:77:50:a5:a7:b2:0b:df:80:58:
63:64:90:ae:64:7a:4c:0f:2c:62:28:ff:c5:c2:8d:70:33:57:
c5:a8:61:e7:c9:0c:0c:b2:7b:68:93:d7:61:e8:1a:92:1a:66:
76:7a:00:22:2d:e8:bf:a9:97:8c:68:8f:00:74:e1:ae:93:0c:
5f:ea:44:61:19:69:0a:54:62:d9:06:71:c7:ff:e6:cd:6e:33:
2f:32:c8:f6:fb:1a:89:98:3b:64:a1:1e:9e:e6:7e:73:05:b0:
be:08:74:69:34:9c:8f:0e:1e:1e:84:25:8e:ea:1d:40:27:0e:
f8:9c:1a:b5:1c:48:f3:0f:3d:30:16:66:b3:59:16:19:68:d6:
c7:80:bf:02:5d:3b:2c:7f:0b:69:8c:69:4f:8b:07:2f:fd:79:
75:95:1f:69:a7:fb:45:7e:58:35:f3:7a:c8:96:8b:9a:78:27:
75:68:71:5d:3d:3e:a8:34:fb:37:ca:87:87:61:74:5f:58:83:
9d:73:4f:d3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8OgB+0F2F9hWWHSuo7SnQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNDI0MDUwNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDMyNzQ0MjZlNDQxYjI1OTFlNzU3ZDMzOTBjYjBkYjVlNmUzZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVbw7u1IaFLUWlpAq9Tx+/c6Tu/L
OI1sRb1qWWnWebUwsNFBhISvv97zFNZesdv8oTt0aaQA1BeA5zk/CemwcFh28gF3
jQKRs3PAWZ0Xa1yEhOL9NDmUTqnZUXbtqESi0ZweNmlXlOm2VZ9/3HjlN+WcbkA4
pLllFW8g9rqcA1tV6ogcDR8Rqe6zS+mi3uOvEcpOMNiad78GaALGSaRPAlnwN+gi
ztJShnNlwR/Fmh2rPbzYuYa3fZnK/rV/GIRHut9csvaEVaJ2ufcf7EkOgKrTTGCq
BXJb9BVtcbJsn9HYntR5UwAToz2OeM354v6Kdvllv8I8GyVIELNfCecO1QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNAydEJuRBslkedX0zkMsNtebj8rMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMERKMFFtNUVHeVdSNTFmVE9ReXcyMTV1UHlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAiAwQC
VCCAAwQAWNjGAwQAWNjSAwQAWNjeMA0GCSqGSIb3DQEBCwUAA4IBAQBjuxI5bpDA
aQObcVcsg9KnZaAq+BrAmZ/fnX2RYTbh6kXiuN3YxzmjPFperlT9viwdh5AAj6ju
SW+eS5skNvd3UKWnsgvfgFhjZJCuZHpMDyxiKP/Fwo1wM1fFqGHnyQwMsntok9dh
6BqSGmZ2egAiLei/qZeMaI8AdOGukwxf6kRhGWkKVGLZBnHH/+bNbjMvMsj2+xqJ
mDtkoR6e5n5zBbC+CHRpNJyPDh4ehCWO6h1AJw74nBq1HEjzDz0wFmazWRYZaNbH
gL8CXTssfwtpjGlPiwcv/Xl1lR9pp/tFflg183rIlouaeCd1aHFdPT6oNPs3yoeH
YXRfWIOdc0/T
-----END CERTIFICATE-----
Generated at Tue May 7 14:37:56 2024 by rpki-client on console-ams.rpki-client.org