Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Dbj_CyivS3q-hpW_-tXD9tSZ1yo.roa
File: Dbj_CyivS3q-hpW_-tXD9tSZ1yo.roa (raw, json)
Hash identifier: fv9ff34weXk1j27ttLWr856xkiLF411QqefooEY7JF4=
Subject key identifier: 0D:B8:FF:0B:28:AF:4B:7A:BE:86:95:BF:FA:D5:C3:F6:D4:99:D7:2A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC50138D3F7B9DC97FB44522D35D1AA52
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Dbj_CyivS3q-hpW_-tXD9tSZ1yo.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:38:d3:f7:b9:dc:97:fb:44:52:2d:35:d1:aa:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0db8ff0b28af4b7abe8695bffad5c3f6d499d72a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b4:6c:5b:94:1c:d8:f0:dd:21:ed:7c:2e:9c:
a0:51:13:51:22:e7:bb:72:40:1e:02:3f:ff:f5:1a:
80:b1:47:05:3c:15:0d:a6:d8:c7:b3:26:36:0b:d4:
9b:b8:d2:ab:2b:f4:34:20:69:5b:7f:dd:54:40:2c:
fb:2c:0f:ef:3a:9c:83:fa:7b:36:ce:ef:1e:d2:96:
3a:09:a7:7a:11:a7:ff:4f:0b:47:6a:2b:33:3e:3c:
c2:8e:cb:66:32:ee:84:9b:a9:88:66:8b:88:01:46:
17:50:60:dd:d0:8e:7b:29:1d:08:61:d0:40:98:ea:
01:04:76:20:0b:cf:73:49:03:25:f9:5b:c7:ca:6c:
1c:e6:33:dd:d8:7d:49:bf:99:17:78:8e:bb:1a:4b:
de:9e:d5:24:46:25:e9:16:a1:88:cb:20:2d:11:6b:
7e:39:58:ed:00:7e:ad:f3:87:5e:16:69:79:76:d1:
fc:2b:ca:39:3e:74:14:3c:8f:1f:ab:2e:b6:e4:5e:
ac:e2:2e:a6:cd:59:7b:4d:b2:20:13:b9:88:4c:7e:
d9:f6:5a:25:98:1e:c6:80:cf:81:11:3b:1b:38:17:
c4:a4:d7:15:b5:ef:e4:b7:1e:76:80:82:1d:82:76:
05:1b:c0:e0:f9:0f:7e:03:22:21:65:1a:64:9d:d9:
30:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B8:FF:0B:28:AF:4B:7A:BE:86:95:BF:FA:D5:C3:F6:D4:99:D7:2A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Dbj_CyivS3q-hpW_-tXD9tSZ1yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.52.0/22
88.216.20.0/23
88.216.98.0/24
88.216.103.0/24
88.216.185.0/24
88.216.212.0/23
88.216.215.0/24
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:61:e2:c4:1f:4f:65:89:b9:4c:58:ac:e3:ff:70:10:63:c6:
39:1f:42:fc:ab:a3:7c:dd:65:8a:ec:31:d3:2b:de:6f:1d:52:
68:6e:9e:43:30:b8:d1:34:88:5d:00:a5:d3:d8:d2:a5:3d:d7:
d1:8d:c2:9f:7f:e1:b2:c0:d6:d9:6f:e2:96:72:9e:d5:df:49:
0a:8a:39:f4:da:e2:80:53:7c:0f:9a:44:4d:2a:c0:3a:64:1c:
e1:76:5b:65:e1:a4:6f:50:0b:5f:89:31:50:61:e7:dd:dc:6f:
4c:f3:72:7d:19:65:d8:79:2e:d5:a0:08:81:53:f1:39:97:89:
ce:71:79:d2:55:64:92:f2:6f:56:4f:92:98:9c:a8:ef:6b:32:
34:a9:50:6a:17:a5:b7:15:95:70:c6:a7:b4:c2:c5:9d:aa:03:
22:30:3b:c0:5b:d4:a1:f3:8a:a7:f4:83:36:8a:de:68:27:e7:
6e:03:3d:28:83:30:dd:da:5c:44:e0:46:8d:89:1e:3f:91:0c:
bc:00:04:20:96:63:eb:ed:e1:c3:cf:57:dd:27:e7:e8:a9:4c:
13:9e:65:4d:36:0e:54:55:b2:40:40:05:75:01:ec:cb:bf:86:
e6:7f:37:71:db:f4:3a:6e:ef:63:3c:43:0d:ec:82:b6:8d:97:
89:9e:aa:2c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzFATjT97ncl/tEUi010apSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGI4ZmYwYjI4YWY0YjdhYmU4Njk1YmZmYWQ1YzNmNmQ0OTlkNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLRsW5Qc2PDdIe18LpygURNRIue7
ckAeAj//9RqAsUcFPBUNptjHsyY2C9SbuNKrK/Q0IGlbf91UQCz7LA/vOpyD+ns2
zu8e0pY6Cad6Eaf/TwtHaiszPjzCjstmMu6Em6mIZouIAUYXUGDd0I57KR0IYdBA
mOoBBHYgC89zSQMl+VvHymwc5jPd2H1Jv5kXeI67GkventUkRiXpFqGIyyAtEWt+
OVjtAH6t84deFml5dtH8K8o5PnQUPI8fqy625F6s4i6mzVl7TbIgE7mITH7Z9lol
mB7GgM+BETsbOBfEpNcVte/ktx52gIIdgnYFG8Dg+Q9+AyIhZRpkndkwswIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFA24/wsor0t6voaVv/rVw/bUmdcqMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRGJqX0N5aXZTM3EtaHBXXy10WEQ5dFNaMXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAGAwQC
VCA0AwQBWNgUAwQAWNhiAwQAWNhnAwQAWNi5AwQBWNjUAwQAWNjXAwQCWNj8MA0G
CSqGSIb3DQEBCwUAA4IBAQChYeLEH09liblMWKzj/3AQY8Y5H0L8q6N83WWK7DHT
K95vHVJobp5DMLjRNIhdAKXT2NKlPdfRjcKff+GywNbZb+KWcp7V30kKijn02uKA
U3wPmkRNKsA6ZBzhdltl4aRvUAtfiTFQYefd3G9M83J9GWXYeS7VoAiBU/E5l4nO
cXnSVWSS8m9WT5KYnKjvazI0qVBqF6W3FZVwxqe0wsWdqgMiMDvAW9Sh84qn9IM2
it5oJ+duAz0ogzDd2lxE4EaNiR4/kQy8AAQglmPr7eHDz1fdJ+foqUwTnmVNNg5U
VbJAQAV1AezLv4bmfzdx2/Q6bu9jPEMN7IK2jZeJnqos
-----END CERTIFICATE-----
Generated at Sat May 4 03:06:47 2024 by rpki-client on console-ams.rpki-client.org