Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b71ca7-5070-4bcc-a00d-ec97f18a794a/1/dtlk-_ARiPBiQMJAS1IpGYFXUTA.roa
File: dtlk-_ARiPBiQMJAS1IpGYFXUTA.roa (raw, json)
Hash identifier: JAHUiyJYxqaRgU56TOKpXCfYZYjhYIwTc6HRpdjOLMk=
Subject key identifier: 76:D9:64:FB:F0:11:88:F0:62:40:C2:40:4B:52:29:19:81:57:51:30
Certificate issuer: /CN=a7f62916197f7796cec578ea4352fae4ef89aec2
Certificate serial: 018CC500137120CE962AA9962FB101727DC1
Authority key identifier: A7:F6:29:16:19:7F:77:96:CE:C5:78:EA:43:52:FA:E4:EF:89:AE:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_YpFhl_d5bOxXjqQ1L65O-JrsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b71ca7-5070-4bcc-a00d-ec97f18a794a/1/dtlk-_ARiPBiQMJAS1IpGYFXUTA.roa
Signing time: Mon 01 Jan 2024 12:29:25 +0000
ROA not before: Mon 01 Jan 2024 12:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47220
IP address blocks: 194.152.42.0/24 maxlen: 24
194.152.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/b71ca7-5070-4bcc-a00d-ec97f18a794a/1/p_YpFhl_d5bOxXjqQ1L65O-JrsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/b71ca7-5070-4bcc-a00d-ec97f18a794a/1/p_YpFhl_d5bOxXjqQ1L65O-JrsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/p_YpFhl_d5bOxXjqQ1L65O-JrsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:13:71:20:ce:96:2a:a9:96:2f:b1:01:72:7d:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f62916197f7796cec578ea4352fae4ef89aec2
Validity
Not Before: Jan 1 12:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76d964fbf01188f06240c2404b52291981575130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bb:49:4a:21:be:0d:92:5e:6c:ad:80:a4:e1:
22:e2:d6:f4:7f:08:d6:a3:95:4c:d7:4b:13:b8:2c:
d7:d4:b3:3e:a7:08:b0:34:2b:ba:aa:06:03:14:4d:
f2:58:c7:4f:79:6e:76:9b:ca:45:cf:d9:6b:53:32:
60:40:38:db:13:2a:3e:90:4b:94:c7:cc:22:24:7e:
21:1f:d3:dc:48:b7:95:e8:67:db:a8:20:ae:49:79:
d5:cc:7e:29:ea:c1:70:05:6b:c9:77:88:96:d0:b4:
09:17:d7:2d:1e:2c:ca:88:96:58:b0:e7:4c:1a:d7:
b1:15:ba:eb:7d:09:70:f2:f5:38:83:af:cd:c8:46:
03:1f:66:39:4b:c5:43:0f:b8:ca:a6:a6:5e:52:9b:
59:3a:87:57:24:10:6d:51:0f:86:08:33:64:80:0a:
93:bf:7a:87:10:bb:03:ba:bc:71:51:91:ea:b3:d7:
16:31:e9:3e:de:78:b0:46:c1:7c:18:ef:5e:17:ce:
2d:fa:06:2e:c6:3a:85:db:af:94:3c:d1:3e:13:a6:
ea:6e:28:ab:00:8b:26:17:cb:fe:12:2e:e8:a9:1e:
69:f1:46:11:71:62:a1:4b:d8:17:ff:c7:ef:0b:3b:
7d:2d:f5:59:d5:68:ba:81:de:60:3c:fd:6b:55:2c:
83:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D9:64:FB:F0:11:88:F0:62:40:C2:40:4B:52:29:19:81:57:51:30
X509v3 Authority Key Identifier:
keyid:A7:F6:29:16:19:7F:77:96:CE:C5:78:EA:43:52:FA:E4:EF:89:AE:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_YpFhl_d5bOxXjqQ1L65O-JrsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b71ca7-5070-4bcc-a00d-ec97f18a794a/1/dtlk-_ARiPBiQMJAS1IpGYFXUTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b71ca7-5070-4bcc-a00d-ec97f18a794a/1/p_YpFhl_d5bOxXjqQ1L65O-JrsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.152.42.0/23
Signature Algorithm: sha256WithRSAEncryption
58:ff:2d:7b:d9:c5:06:76:c7:73:51:a6:05:18:08:01:ce:7a:
f4:8a:99:82:5a:68:e6:18:0a:14:58:be:60:70:3c:97:cd:d1:
7b:56:ec:cf:8c:e8:7e:99:c4:25:06:97:54:f0:6c:8f:6b:2f:
e9:68:c2:88:4c:57:cf:a8:65:c3:ea:51:32:5e:b2:a5:f8:9b:
a8:1c:74:10:74:f0:cd:26:b9:ed:c6:b6:21:0e:18:3a:07:ea:
dc:13:4f:dc:63:30:41:84:35:ae:19:a1:f4:4d:5f:ad:eb:36:
83:88:77:81:05:1e:45:09:84:c4:a3:50:f8:3e:5a:42:49:10:
36:06:ee:d8:04:e3:93:68:5c:0e:dc:0d:99:77:7e:8c:5a:cc:
bc:c7:b7:80:a1:09:27:73:8f:c9:52:48:99:96:b5:b9:76:18:
c2:8d:4b:9e:07:72:bd:50:44:69:2a:29:8d:8e:e0:56:f9:da:
05:10:01:28:c4:48:da:6f:49:3c:c3:be:da:1d:41:b8:b1:46:
91:dc:2b:ac:8f:59:20:4a:74:b1:cd:6a:b3:e7:e2:23:35:25:
d0:bb:7b:0b:a6:f0:4f:31:a0:f0:c8:3c:dc:a1:ef:50:53:0f:
ef:6c:7e:11:96:11:9f:63:a9:0d:d3:92:23:aa:45:0c:72:3b:
e6:32:7c:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABNxIM6WKqmWL7EBcn3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZjYyOTE2MTk3Zjc3OTZjZWM1NzhlYTQzNTJmYWU0ZWY4
OWFlYzIwHhcNMjQwMTAxMTIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQ5NjRmYmYwMTE4OGYwNjI0MGMyNDA0YjUyMjkxOTgxNTc1MTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbtJSiG+DZJebK2ApOEi4tb0fwjW
o5VM10sTuCzX1LM+pwiwNCu6qgYDFE3yWMdPeW52m8pFz9lrUzJgQDjbEyo+kEuU
x8wiJH4hH9PcSLeV6GfbqCCuSXnVzH4p6sFwBWvJd4iW0LQJF9ctHizKiJZYsOdM
GtexFbrrfQlw8vU4g6/NyEYDH2Y5S8VDD7jKpqZeUptZOodXJBBtUQ+GCDNkgAqT
v3qHELsDurxxUZHqs9cWMek+3niwRsF8GO9eF84t+gYuxjqF26+UPNE+E6bqbiir
AIsmF8v+Ei7oqR5p8UYRcWKhS9gX/8fvCzt9LfVZ1Wi6gd5gPP1rVSyDYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbZZPvwEYjwYkDCQEtSKRmBV1EwMB8GA1UdIwQY
MBaAFKf2KRYZf3eWzsV46kNS+uTvia7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF9ZcEZobF9kNWJPeFhqcVExTDY1Ty1KcnNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iNzFjYTctNTA3MC00YmNjLWEwMGQt
ZWM5N2YxOGE3OTRhLzEvZHRsay1fQVJpUEJpUU1KQVMxSXBHWUZYVVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iNzFjYTctNTA3MC00YmNjLWEwMGQtZWM5N2YxOGE3OTRh
LzEvcF9ZcEZobF9kNWJPeFhqcVExTDY1Ty1KcnNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpgqMA0G
CSqGSIb3DQEBCwUAA4IBAQBY/y172cUGdsdzUaYFGAgBznr0ipmCWmjmGAoUWL5g
cDyXzdF7VuzPjOh+mcQlBpdU8GyPay/paMKITFfPqGXD6lEyXrKl+JuoHHQQdPDN
JrntxrYhDhg6B+rcE0/cYzBBhDWuGaH0TV+t6zaDiHeBBR5FCYTEo1D4PlpCSRA2
Bu7YBOOTaFwO3A2Zd36MWsy8x7eAoQknc4/JUkiZlrW5dhjCjUueB3K9UERpKimN
juBW+doFEAEoxEjab0k8w77aHUG4sUaR3Cusj1kgSnSxzWqz5+IjNSXQu3sLpvBP
MaDwyDzcoe9QUw/vbH4RlhGfY6kN05IjqkUMcjvmMnxZ
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:18 2024 by rpki-client on console-ams.rpki-client.org