Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/dgdB4qfEpN-GTPaPEvcDB38g8DY.roa
File: dgdB4qfEpN-GTPaPEvcDB38g8DY.roa (raw, json)
Hash identifier: LS9RIuwf2u4H1KeUZ9bJxAfJ+CgxFZkG+oKMqeJjuG8=
Subject key identifier: 76:07:41:E2:A7:C4:A4:DF:86:4C:F6:8F:12:F7:03:07:7F:20:F0:36
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B730D1917FA2D8D8A3C59FC57C8D34
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/dgdB4qfEpN-GTPaPEvcDB38g8DY.roa
Signing time: Mon 01 Jan 2024 06:30:11 +0000
ROA not before: Mon 01 Jan 2024 06:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16028
IP address blocks: 193.251.162.0/23 maxlen: 24
193.251.160.0/24 maxlen: 24
81.52.208.0/21 maxlen: 24
2a01:cde0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 05:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:30:d1:91:7f:a2:d8:d8:a3:c5:9f:c5:7c:8d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=760741e2a7c4a4df864cf68f12f703077f20f036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bf:9b:53:7e:ca:a6:7b:f4:e0:ea:3e:a6:17:
e2:75:8b:41:ae:01:64:81:88:64:c4:1f:dd:ae:e5:
40:60:66:e2:3e:e6:3f:95:80:6a:da:de:4f:cc:da:
63:04:dd:df:ed:a8:79:57:ac:2a:5a:b5:08:bb:a3:
17:fb:f1:5b:ff:a0:99:29:d4:32:79:34:3b:53:9c:
a8:0d:04:48:f2:e9:3f:0a:3c:76:d4:3e:31:97:5d:
c7:b7:42:00:7e:43:2f:f4:54:ca:9a:20:cc:73:5c:
52:3a:d1:4d:95:13:5c:fa:49:d6:1a:1a:d2:8e:64:
26:93:ec:2e:88:21:63:26:c9:0a:62:6a:5e:ba:03:
69:31:38:99:63:72:b1:45:54:b8:46:68:b5:c0:13:
e2:43:92:1a:a8:85:53:7c:e5:1b:7e:9e:98:44:96:
c2:a8:ad:b3:c8:63:7f:31:e1:18:6f:06:e5:9a:38:
25:24:19:cd:f4:c1:cd:78:9b:a2:a4:55:2d:db:6c:
91:de:58:7a:2b:f7:3e:dc:8b:f2:15:03:15:c0:70:
78:7d:93:c0:c8:c8:89:78:c7:de:2e:18:8e:1c:48:
05:9e:6b:de:76:85:63:ca:69:58:00:57:fe:a1:7a:
5e:26:ef:a8:d1:c7:f2:68:2d:f3:c5:db:ac:23:bc:
f1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:07:41:E2:A7:C4:A4:DF:86:4C:F6:8F:12:F7:03:07:7F:20:F0:36
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/dgdB4qfEpN-GTPaPEvcDB38g8DY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.52.208.0/21
193.251.160.0/24
193.251.162.0/23
IPv6:
2a01:cde0::/32
Signature Algorithm: sha256WithRSAEncryption
45:9f:3b:7f:36:4d:84:3b:f1:45:5b:dc:f8:d7:8d:76:5a:44:
e9:96:f5:02:42:4d:4d:af:38:5b:3d:66:f3:6c:92:67:70:ce:
76:90:aa:c0:4c:1e:00:bd:96:eb:d0:32:d1:a4:31:a4:92:d0:
7c:4d:bd:1f:3c:73:b0:7a:d3:e7:ad:32:11:5d:54:16:ac:41:
d7:11:52:6e:9f:d6:b4:2d:f3:d8:4b:47:fa:e6:1c:bc:86:9e:
03:c8:73:c1:5c:4d:92:49:7f:98:d6:4e:5a:07:3b:f8:22:50:
23:8e:a8:89:c5:40:3b:18:d8:b7:62:ea:44:8e:95:79:51:f1:
9b:97:6e:15:e4:f3:eb:0c:8f:fb:bf:11:d4:b2:7a:4a:73:e8:
ab:e7:79:8e:58:dc:ab:13:95:da:ec:a2:14:f6:e8:1a:c7:41:
20:57:bb:1b:19:0a:c2:85:b5:9b:76:88:37:5f:66:be:ff:1b:
a9:ce:93:a0:5c:87:d3:1f:7d:d4:42:23:c5:b0:b9:aa:e0:97:
be:ca:b1:4d:57:0d:8b:cf:eb:11:e2:48:e9:b1:c3:8a:b8:03:
43:54:c8:5d:c0:15:47:30:86:39:55:14:8c:76:9c:56:1d:41:
cf:99:19:64:04:22:99:54:90:ca:45:eb:c1:74:ce:cb:b2:64:
04:2d:96:b8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtzDRkX+i2NijxZ/FfI00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjA3NDFlMmE3YzRhNGRmODY0Y2Y2OGYxMmY3MDMwNzdmMjBmMDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb+bU37Kpnv04Oo+phfidYtBrgFk
gYhkxB/druVAYGbiPuY/lYBq2t5PzNpjBN3f7ah5V6wqWrUIu6MX+/Fb/6CZKdQy
eTQ7U5yoDQRI8uk/Cjx21D4xl13Ht0IAfkMv9FTKmiDMc1xSOtFNlRNc+knWGhrS
jmQmk+wuiCFjJskKYmpeugNpMTiZY3KxRVS4Rmi1wBPiQ5IaqIVTfOUbfp6YRJbC
qK2zyGN/MeEYbwblmjglJBnN9MHNeJuipFUt22yR3lh6K/c+3IvyFQMVwHB4fZPA
yMiJeMfeLhiOHEgFnmvedoVjymlYAFf+oXpeJu+o0cfyaC3zxdusI7zxgwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHYHQeKnxKTfhkz2jxL3Awd/IPA2MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvZGdkQjRxZkVwTi1HVFBhUEV2Y0RCMzhnOERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDUTTQAwQA
wfugAwQBwfuiMA0EAgACMAcDBQAqAc3gMA0GCSqGSIb3DQEBCwUAA4IBAQBFnzt/
Nk2EO/FFW9z41412WkTplvUCQk1NrzhbPWbzbJJncM52kKrATB4AvZbr0DLRpDGk
ktB8Tb0fPHOwetPnrTIRXVQWrEHXEVJun9a0LfPYS0f65hy8hp4DyHPBXE2SSX+Y
1k5aBzv4IlAjjqiJxUA7GNi3YupEjpV5UfGbl24V5PPrDI/7vxHUsnpKc+ir53mO
WNyrE5Xa7KIU9ugax0EgV7sbGQrChbWbdog3X2a+/xupzpOgXIfTH33UQiPFsLmq
4Je+yrFNVw2Lz+sR4kjpscOKuANDVMhdwBVHMIY5VRSMdpxWHUHPmRlkBCKZVJDK
RevBdM7LsmQELZa4
-----END CERTIFICATE-----
Generated at Thu May 30 08:52:44 2024 by rpki-client on console-ams.rpki-client.org