Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/DsbS7S5FnQ7114fu_CklbSiIKvQ.roa
File: DsbS7S5FnQ7114fu_CklbSiIKvQ.roa (raw, json)
Hash identifier: NeX0stGr6+FWpk9zUARO1jWS2kZCYIaqRvW023hReSs=
Subject key identifier: 0E:C6:D2:ED:2E:45:9D:0E:F5:D7:87:EE:FC:29:25:6D:28:88:2A:F4
Certificate issuer: /CN=67670683062cd8b35c1b760218a789b908cb4c8d
Certificate serial: 018CCA2A23494255D10931A6E4E7371C0EB8
Authority key identifier: 67:67:06:83:06:2C:D8:B3:5C:1B:76:02:18:A7:89:B9:08:CB:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z2cGgwYs2LNcG3YCGKeJuQjLTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/DsbS7S5FnQ7114fu_CklbSiIKvQ.roa
Signing time: Tue 02 Jan 2024 12:33:28 +0000
ROA not before: Tue 02 Jan 2024 12:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31726
IP address blocks: 185.102.28.0/22 maxlen: 22
2a06:2240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/Z2cGgwYs2LNcG3YCGKeJuQjLTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/Z2cGgwYs2LNcG3YCGKeJuQjLTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z2cGgwYs2LNcG3YCGKeJuQjLTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 13:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:23:49:42:55:d1:09:31:a6:e4:e7:37:1c:0e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67670683062cd8b35c1b760218a789b908cb4c8d
Validity
Not Before: Jan 2 12:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ec6d2ed2e459d0ef5d787eefc29256d28882af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:62:8e:4e:de:7b:00:67:e7:cd:c7:1a:06:d8:
2c:e8:d8:e5:0d:ff:b7:d8:a9:58:f1:8d:35:9c:c9:
e7:d6:6c:8c:68:8c:f7:22:cb:ef:ee:35:7e:68:3b:
b6:17:7e:10:0d:43:69:df:45:8b:b2:3f:e3:e2:de:
30:8c:d4:d8:b9:2d:d6:65:fe:16:ac:8d:de:fd:26:
9e:44:ea:d8:ab:87:bc:cd:87:e3:a6:33:70:4c:e8:
61:56:6c:00:ec:1d:d9:fd:dd:a3:48:08:27:34:e0:
d5:97:ea:87:f4:a1:4b:62:79:3e:34:9f:36:43:97:
3b:9c:5c:ac:2e:74:c6:0f:21:d8:1e:03:99:47:52:
14:b7:ad:9e:5e:17:af:7b:f1:b5:cc:9b:98:df:f2:
e5:d7:86:b9:61:44:e5:01:21:8f:c5:ad:f6:92:ee:
c7:13:2a:e9:5d:10:fc:e1:ab:85:85:51:88:f0:53:
92:0d:9d:d1:65:6c:14:51:92:8f:82:22:25:73:44:
ab:a1:a6:cf:f7:1c:9d:1e:ee:e2:9a:02:1c:92:eb:
1b:ba:ac:23:38:a5:ec:11:99:e9:d1:67:58:10:70:
d0:01:0e:df:8b:9d:f1:8c:f6:08:bd:8a:00:7a:a3:
86:b8:95:98:a5:e2:25:8f:74:6c:89:fe:de:e8:c6:
56:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C6:D2:ED:2E:45:9D:0E:F5:D7:87:EE:FC:29:25:6D:28:88:2A:F4
X509v3 Authority Key Identifier:
keyid:67:67:06:83:06:2C:D8:B3:5C:1B:76:02:18:A7:89:B9:08:CB:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2cGgwYs2LNcG3YCGKeJuQjLTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/DsbS7S5FnQ7114fu_CklbSiIKvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/94f5c8-b41c-485a-b3db-7d8cb53dc086/1/Z2cGgwYs2LNcG3YCGKeJuQjLTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.28.0/22
IPv6:
2a06:2240::/29
Signature Algorithm: sha256WithRSAEncryption
58:ae:45:4f:19:d9:d0:06:d2:82:3e:03:bb:3e:71:0e:27:ef:
5f:40:01:c7:d8:f4:43:e0:48:89:e0:0d:b9:b8:ed:64:82:93:
d7:25:ab:37:b0:25:41:4b:bd:b2:76:17:0d:7c:64:57:51:60:
66:4b:66:49:5f:f9:87:59:95:ca:4d:4c:78:1c:ea:69:99:96:
50:91:32:01:a5:5d:35:0e:45:2f:d5:3b:fa:47:2b:7a:9b:d3:
3f:64:25:53:5b:60:bd:d5:58:09:c3:95:89:e8:af:8d:6c:07:
56:9a:86:7a:48:6a:93:8c:b0:3c:60:5d:fe:92:2e:f1:aa:13:
ee:7a:fa:ee:7f:5e:56:74:da:bf:9b:b0:2f:1e:51:e7:ef:82:
98:06:75:a2:48:13:4b:6f:75:b4:17:80:8c:7c:50:06:32:31:
c4:8e:f9:ec:02:a7:1e:b5:83:77:e6:0e:d0:4f:79:8c:87:04:
b9:5d:65:fa:45:6c:5b:21:25:bd:51:c7:bb:22:a0:15:2b:1c:
7a:2e:ec:af:c3:23:68:6a:df:94:63:a5:2c:db:4f:1f:04:36:
7f:8f:a6:1f:e9:86:9c:af:de:b6:1d:f8:71:6f:92:e2:b2:23:
37:cd:5f:45:a6:2c:dd:24:b8:cf:50:65:ad:2e:1c:e3:08:22:
03:34:9b:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKiNJQlXRCTGm5Oc3HA64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NjcwNjgzMDYyY2Q4YjM1YzFiNzYwMjE4YTc4OWI5MDhj
YjRjOGQwHhcNMjQwMTAyMTIzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWM2ZDJlZDJlNDU5ZDBlZjVkNzg3ZWVmYzI5MjU2ZDI4ODgyYWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2KOTt57AGfnzccaBtgs6NjlDf+3
2KlY8Y01nMnn1myMaIz3Isvv7jV+aDu2F34QDUNp30WLsj/j4t4wjNTYuS3WZf4W
rI3e/SaeROrYq4e8zYfjpjNwTOhhVmwA7B3Z/d2jSAgnNODVl+qH9KFLYnk+NJ82
Q5c7nFysLnTGDyHYHgOZR1IUt62eXheve/G1zJuY3/Ll14a5YUTlASGPxa32ku7H
EyrpXRD84auFhVGI8FOSDZ3RZWwUUZKPgiIlc0SroabP9xydHu7imgIckusbuqwj
OKXsEZnp0WdYEHDQAQ7fi53xjPYIvYoAeqOGuJWYpeIlj3Rsif7e6MZWqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA7G0u0uRZ0O9deH7vwpJW0oiCr0MB8GA1UdIwQY
MBaAFGdnBoMGLNizXBt2AhinibkIy0yNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjJjR2d3WXMyTE5jRzNZQ0dLZUp1UWpMVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85NGY1YzgtYjQxYy00ODVhLWIzZGIt
N2Q4Y2I1M2RjMDg2LzEvRHNiUzdTNUZuUTcxMTRmdV9Da2xiU2lJS3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85NGY1YzgtYjQxYy00ODVhLWIzZGItN2Q4Y2I1M2RjMDg2
LzEvWjJjR2d3WXMyTE5jRzNZQ0dLZUp1UWpMVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWYcMA0E
AgACMAcDBQMqBiJAMA0GCSqGSIb3DQEBCwUAA4IBAQBYrkVPGdnQBtKCPgO7PnEO
J+9fQAHH2PRD4EiJ4A25uO1kgpPXJas3sCVBS72ydhcNfGRXUWBmS2ZJX/mHWZXK
TUx4HOppmZZQkTIBpV01DkUv1Tv6Ryt6m9M/ZCVTW2C91VgJw5WJ6K+NbAdWmoZ6
SGqTjLA8YF3+ki7xqhPuevruf15WdNq/m7AvHlHn74KYBnWiSBNLb3W0F4CMfFAG
MjHEjvnsAqcetYN35g7QT3mMhwS5XWX6RWxbISW9Uce7IqAVKxx6LuyvwyNoat+U
Y6Us208fBDZ/j6Yf6Yacr962Hfhxb5LisiM3zV9FpizdJLjPUGWtLhzjCCIDNJss
-----END CERTIFICATE-----
Generated at Tue Dec 3 18:12:23 2024 by rpki-client on console-fra.rpki-client.org