Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/DGOagCSWxnm1drgjWoSpOr9k9yQ.roa
File: DGOagCSWxnm1drgjWoSpOr9k9yQ.roa (raw, json)
Hash identifier: Sl0tfrDsfMAx3KqM53wlSJ5EuCal1VRSTQs5UVO2mLc=
Subject key identifier: 0C:63:9A:80:24:96:C6:79:B5:76:B8:23:5A:84:A9:3A:BF:64:F7:24
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E1E1972FDB50A607A4C384F0C61BF
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/DGOagCSWxnm1drgjWoSpOr9k9yQ.roa
Signing time: Mon 01 Jan 2024 14:29:37 +0000
ROA not before: Mon 01 Jan 2024 14:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 270026
IP address blocks: 141.136.56.0/23 maxlen: 23
141.136.56.0/24 maxlen: 24
141.136.57.0/24 maxlen: 24
181.41.152.0/24 maxlen: 24
181.41.155.0/24 maxlen: 24
181.41.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1e:19:72:fd:b5:0a:60:7a:4c:38:4f:0c:61:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c639a802496c679b576b8235a84a93abf64f724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1a:61:54:2f:b6:83:af:e3:26:00:c7:37:16:
82:d8:5d:c3:85:85:de:13:e3:92:06:06:ab:b5:5b:
44:32:19:58:27:8e:52:d3:45:90:71:69:34:06:a8:
08:8f:ce:05:cf:fe:21:ed:d8:1d:90:56:86:37:a0:
ef:d6:25:d9:46:d2:3f:f4:f2:b5:57:61:30:d9:e1:
c4:4a:5a:02:91:3c:b0:82:e6:16:a2:60:d7:91:d6:
c0:84:03:9b:86:5c:8c:32:b0:82:08:20:ac:85:be:
1c:3f:09:4d:1e:fc:b9:22:02:9e:0f:f1:9d:e6:09:
4e:db:c1:3f:28:9e:59:f3:e8:3a:c0:8c:71:00:d1:
8a:66:f3:3d:0c:28:0d:a0:90:55:ed:6e:c5:3d:18:
ed:fb:1e:46:00:4e:09:a8:5e:3b:15:84:58:d5:e3:
c5:36:8b:55:9f:d9:70:07:15:24:e9:fd:43:e1:19:
69:d0:42:26:7f:bf:90:87:10:99:75:a8:20:09:07:
80:7e:f5:6e:73:e4:8d:f9:08:0f:b5:2e:37:ea:bd:
42:6d:85:1e:50:21:82:fb:89:96:d4:0a:b3:fe:0f:
f0:0b:ab:73:4c:b2:5e:e6:3c:68:a8:5e:d9:29:1f:
ac:1b:f2:c2:cd:3e:37:d2:d2:d7:d9:b9:fd:06:cd:
4e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:63:9A:80:24:96:C6:79:B5:76:B8:23:5A:84:A9:3A:BF:64:F7:24
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/DGOagCSWxnm1drgjWoSpOr9k9yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.136.56.0/23
181.41.152.0/23
181.41.155.0/24
Signature Algorithm: sha256WithRSAEncryption
69:32:8b:22:c4:71:f2:71:3e:4f:45:fc:08:95:e8:1f:2a:eb:
ba:dd:8d:36:4b:f5:8d:80:e2:3c:f5:53:a7:08:8d:d7:fc:f0:
ef:33:16:52:d6:2a:76:7e:d5:c8:3e:b6:fd:a9:bf:40:c3:6c:
e1:0a:44:f4:d2:89:81:b8:76:a0:d6:31:52:09:ff:cb:ca:77:
9e:04:07:aa:96:df:65:d8:fb:ab:db:3f:73:5d:91:22:a8:97:
c0:e5:a4:5f:73:eb:44:ec:30:6e:f9:b0:55:1b:54:7a:7e:cb:
a6:eb:b9:3c:3e:e7:ca:00:bf:f3:2e:c1:70:8a:7b:f6:32:16:
46:0d:3b:2b:5b:17:8e:c8:42:2e:f6:0f:7e:35:ed:f5:59:37:
db:59:66:37:54:1d:42:21:14:b4:4b:eb:77:ca:9e:76:af:66:
60:0f:ee:ab:2f:26:96:75:45:d0:86:df:fb:95:ce:a1:f4:09:
50:a5:ac:0b:f1:94:a5:14:82:f7:8b:e2:b6:75:4e:fb:d4:1a:
16:16:b8:f2:ee:ee:fd:69:35:ec:c7:0a:d4:6c:9f:84:cd:d1:
b5:f1:89:76:5c:88:23:be:6e:23:8e:ee:eb:98:e1:6b:79:de:
e6:ed:58:ec:87:2d:9e:2c:e9:08:97:b8:c2:0d:3d:93:d8:80:
d3:b6:99:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbh4Zcv21CmB6TDhPDGG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzYzOWE4MDI0OTZjNjc5YjU3NmI4MjM1YTg0YTkzYWJmNjRmNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhphVC+2g6/jJgDHNxaC2F3DhYXe
E+OSBgartVtEMhlYJ45S00WQcWk0BqgIj84Fz/4h7dgdkFaGN6Dv1iXZRtI/9PK1
V2Ew2eHESloCkTywguYWomDXkdbAhAObhlyMMrCCCCCshb4cPwlNHvy5IgKeD/Gd
5glO28E/KJ5Z8+g6wIxxANGKZvM9DCgNoJBV7W7FPRjt+x5GAE4JqF47FYRY1ePF
NotVn9lwBxUk6f1D4Rlp0EImf7+QhxCZdaggCQeAfvVuc+SN+QgPtS436r1CbYUe
UCGC+4mW1Aqz/g/wC6tzTLJe5jxoqF7ZKR+sG/LCzT430tLX2bn9Bs1ONwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAxjmoAklsZ5tXa4I1qEqTq/ZPckMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvREdPYWdDU1d4bm0xZHJnaldvU3BPcjlrOXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBjYg4AwQB
tSmYAwQAtSmbMA0GCSqGSIb3DQEBCwUAA4IBAQBpMosixHHycT5PRfwIlegfKuu6
3Y02S/WNgOI89VOnCI3X/PDvMxZS1ip2ftXIPrb9qb9Aw2zhCkT00omBuHag1jFS
Cf/LyneeBAeqlt9l2Pur2z9zXZEiqJfA5aRfc+tE7DBu+bBVG1R6fsum67k8PufK
AL/zLsFwinv2MhZGDTsrWxeOyEIu9g9+Ne31WTfbWWY3VB1CIRS0S+t3yp52r2Zg
D+6rLyaWdUXQht/7lc6h9AlQpawL8ZSlFIL3i+K2dU771BoWFrjy7u79aTXsxwrU
bJ+EzdG18Yl2XIgjvm4jju7rmOFred7m7Vjshy2eLOkIl7jCDT2T2IDTtpll
-----END CERTIFICATE-----
Generated at Fri May 3 06:59:08 2024 by rpki-client on console-fra.rpki-client.org