Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/mDMW0NJDouLW5zwfQqKxUcws-dk.roa
File: mDMW0NJDouLW5zwfQqKxUcws-dk.roa (raw, json)
Hash identifier: YIYTQgLJAWDXkO7h45OxibNsLQ+5T87/0v7cz6jCGbM=
Subject key identifier: 98:33:16:D0:D2:43:A2:E2:D6:E7:3C:1F:42:A2:B1:51:CC:2C:F9:D9
Certificate issuer: /CN=66ff1e6a5cc3c0697629f4afbb0b07ae79133c5c
Certificate serial: 018CC5DC88E6F1D2691406063DB9C6F5AD88
Authority key identifier: 66:FF:1E:6A:5C:C3:C0:69:76:29:F4:AF:BB:0B:07:AE:79:13:3C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv8ealzDwGl2KfSvuwsHrnkTPFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/mDMW0NJDouLW5zwfQqKxUcws-dk.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50266
IP address blocks: 5.132.0.0/17 maxlen: 24
195.191.16.0/23 maxlen: 24
85.146.0.0/17 maxlen: 24
185.180.148.0/22 maxlen: 24
85.146.128.0/18 maxlen: 24
85.144.0.0/15 maxlen: 24
185.35.112.0/22 maxlen: 24
37.143.80.0/21 maxlen: 24
31.201.0.0/16 maxlen: 24
2a02:4240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/Zv8ealzDwGl2KfSvuwsHrnkTPFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/Zv8ealzDwGl2KfSvuwsHrnkTPFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zv8ealzDwGl2KfSvuwsHrnkTPFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:88:e6:f1:d2:69:14:06:06:3d:b9:c6:f5:ad:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ff1e6a5cc3c0697629f4afbb0b07ae79133c5c
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=983316d0d243a2e2d6e73c1f42a2b151cc2cf9d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:58:84:5c:76:8a:34:a5:c2:b4:4b:74:4d:f0:
2d:c6:46:01:b7:68:80:f0:27:ff:25:b6:28:ce:7d:
a7:7d:62:91:65:b1:b8:e1:3f:a3:7e:b6:ba:e8:f1:
a6:8f:a1:6a:5d:9f:9d:e7:cb:64:20:30:69:92:79:
ed:9f:79:3b:d3:31:44:fb:89:ac:b0:fb:12:e3:af:
1b:f8:b7:11:e1:d5:f5:09:05:93:a9:74:9c:fe:3e:
a0:d1:e9:ce:7c:6e:19:05:3d:03:a0:e5:c5:74:0d:
31:b0:3a:06:7d:1b:e6:bb:20:bd:02:9c:c8:ef:0c:
80:60:8e:9d:1b:99:d2:6d:9e:5d:d0:3c:5b:0d:19:
c3:26:51:13:b4:9f:55:46:e6:c1:49:9b:ec:3e:f9:
ac:6f:fe:f7:99:85:a4:28:ca:86:91:44:b1:b3:65:
2a:94:ca:8a:9a:01:01:0a:a5:44:d3:0a:55:09:ee:
40:df:6f:16:37:3a:bb:cd:99:00:f3:ce:10:fa:d7:
ad:cf:95:a8:e7:78:80:64:a6:d2:98:d4:ca:1a:74:
61:f5:0f:ba:db:37:e4:fc:a8:7c:ea:d1:c8:9b:d6:
a8:cc:d1:b0:c9:cf:f3:d9:07:0c:fc:ae:de:a9:f8:
08:1a:35:f5:ae:35:e0:3a:4e:e8:f7:c0:de:30:bd:
b5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:33:16:D0:D2:43:A2:E2:D6:E7:3C:1F:42:A2:B1:51:CC:2C:F9:D9
X509v3 Authority Key Identifier:
keyid:66:FF:1E:6A:5C:C3:C0:69:76:29:F4:AF:BB:0B:07:AE:79:13:3C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv8ealzDwGl2KfSvuwsHrnkTPFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/mDMW0NJDouLW5zwfQqKxUcws-dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/07d5eb-6211-4d7a-a96d-ee42745d8fd1/1/Zv8ealzDwGl2KfSvuwsHrnkTPFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.132.0.0/17
31.201.0.0/16
37.143.80.0/21
85.144.0.0-85.146.191.255
185.35.112.0/22
185.180.148.0/22
195.191.16.0/23
IPv6:
2a02:4240::/32
Signature Algorithm: sha256WithRSAEncryption
95:59:d5:0a:00:28:dc:bc:0b:8e:f2:f0:c8:25:83:d4:9e:51:
78:82:48:92:b6:e8:e1:5b:15:4a:e2:dc:82:39:e9:5a:ed:d1:
31:78:29:34:99:3b:03:26:55:d1:a6:c4:f3:8b:7e:be:a9:e4:
de:23:b3:ff:4f:d6:b5:a2:47:ef:6b:65:15:41:9d:39:6b:86:
b2:a8:d7:83:12:75:85:fd:95:e6:fb:b7:9e:ad:60:be:c2:e6:
74:4d:22:81:4e:dc:c5:f3:f7:7a:5f:3c:17:4b:61:8c:9d:38:
77:52:ce:88:c9:19:89:36:68:e8:d9:d3:27:05:39:ac:23:97:
7e:78:50:b4:8a:39:99:0c:1e:ee:a9:43:07:1f:50:54:e9:e3:
79:ba:00:86:ea:61:b7:6b:06:44:a3:16:37:6c:38:3b:a9:b6:
c8:ee:e7:14:15:cf:66:b7:11:a2:f3:03:19:94:43:2e:0c:3b:
e9:c9:58:6c:fd:75:20:4e:23:5c:13:a8:f1:ce:74:13:ae:d5:
30:28:4d:ad:bb:69:02:d8:9c:ef:df:d9:be:f3:09:05:d6:cd:
4b:9a:ed:91:79:b4:21:dd:fb:78:a3:23:a9:27:ec:c3:18:2c:
4e:48:45:34:4f:dd:55:70:21:ee:44:74:c0:8e:28:f2:da:e0:
8a:49:ce:3a
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzF3Ijm8dJpFAYGPbnG9a2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmYxZTZhNWNjM2MwNjk3NjI5ZjRhZmJiMGIwN2FlNzkx
MzNjNWMwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODMzMTZkMGQyNDNhMmUyZDZlNzNjMWY0MmEyYjE1MWNjMmNmOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiliEXHaKNKXCtEt0TfAtxkYBt2iA
8Cf/JbYozn2nfWKRZbG44T+jfra66PGmj6FqXZ+d58tkIDBpknntn3k70zFE+4ms
sPsS468b+LcR4dX1CQWTqXSc/j6g0enOfG4ZBT0DoOXFdA0xsDoGfRvmuyC9ApzI
7wyAYI6dG5nSbZ5d0DxbDRnDJlETtJ9VRubBSZvsPvmsb/73mYWkKMqGkUSxs2Uq
lMqKmgEBCqVE0wpVCe5A328WNzq7zZkA884Q+tetz5Wo53iAZKbSmNTKGnRh9Q+6
2zfk/Kh86tHIm9aozNGwyc/z2QcM/K7eqfgIGjX1rjXgOk7o98DeML21MQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJgzFtDSQ6Li1uc8H0KisVHMLPnZMB8GA1UdIwQY
MBaAFGb/Hmpcw8Bpdin0r7sLB655EzxcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY4ZWFsekR3R2wyS2ZTdnV3c0hybmtUUEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8wN2Q1ZWItNjIxMS00ZDdhLWE5NmQt
ZWU0Mjc0NWQ4ZmQxLzEvbURNVzBOSkRvdUxXNXp3ZlFxS3hVY3dzLWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8wN2Q1ZWItNjIxMS00ZDdhLWE5NmQtZWU0Mjc0NWQ4ZmQx
LzEvWnY4ZWFsekR3R2wyS2ZTdnV3c0hybmtUUEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQHBYQAAwMA
H8kDBAMlj1AwCwMDBFWQAwQGVZKAAwQCuSNwAwQCubSUAwQBw78QMA0EAgACMAcD
BQAqAkJAMA0GCSqGSIb3DQEBCwUAA4IBAQCVWdUKACjcvAuO8vDIJYPUnlF4gkiS
tujhWxVK4tyCOela7dExeCk0mTsDJlXRpsTzi36+qeTeI7P/T9a1okfva2UVQZ05
a4ayqNeDEnWF/ZXm+7eerWC+wuZ0TSKBTtzF8/d6XzwXS2GMnTh3Us6IyRmJNmjo
2dMnBTmsI5d+eFC0ijmZDB7uqUMHH1BU6eN5ugCG6mG3awZEoxY3bDg7qbbI7ucU
Fc9mtxGi8wMZlEMuDDvpyVhs/XUgTiNcE6jxznQTrtUwKE2tu2kC2Jzv39m+8wkF
1s1Lmu2RebQh3ft4oyOpJ+zDGCxOSEU0T91VcCHuRHTAjijy2uCKSc46
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:47:57 2024 by rpki-client on console-fra.rpki-client.org