Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/DAF-1sEXOxmUKlBPpLqneDl-P3w.roa
File: DAF-1sEXOxmUKlBPpLqneDl-P3w.roa (raw, json)
Hash identifier: /ck51UQYIV4qPpMhaCsW3MZiPFk8jsMck6Kbyra2zzY=
Subject key identifier: 0C:01:7E:D6:C1:17:3B:19:94:2A:50:4F:A4:BA:A7:78:39:7E:3F:7C
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018CC2DB546A67521A7B8EA6CF6B6980583B
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/DAF-1sEXOxmUKlBPpLqneDl-P3w.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12222
IP address blocks: 80.67.64.0/24 maxlen: 24
80.67.65.0/24 maxlen: 24
80.67.70.0/24 maxlen: 24
88.221.208.0/24 maxlen: 24
80.67.73.0/24 maxlen: 24
88.221.209.0/24 maxlen: 24
2.22.60.0/24 maxlen: 24
2.16.37.0/24 maxlen: 24
2.16.36.0/24 maxlen: 24
2.22.226.0/24 maxlen: 24
2.22.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:54:6a:67:52:1a:7b:8e:a6:cf:6b:69:80:58:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c017ed6c1173b19942a504fa4baa778397e3f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6f:d1:bb:47:89:f7:8d:39:6c:bd:4b:7e:04:
f3:30:dc:92:81:e9:d8:e5:41:a4:eb:e8:90:c1:cb:
2c:f4:3b:8f:31:4e:c4:27:dc:2d:05:db:3f:c8:12:
bd:47:a3:bf:87:71:d4:58:71:41:9f:c9:44:d9:0f:
34:26:d7:13:c4:d3:d6:a8:9a:67:7a:34:6e:3b:ad:
f3:c6:79:96:df:d3:2a:31:bb:29:26:96:74:db:9e:
66:0d:40:1a:7c:d2:dd:03:5a:3a:e6:78:6d:fb:64:
e3:73:e8:34:37:aa:56:dc:0b:6b:0f:99:d2:91:d4:
af:e3:0b:c9:53:a7:23:8a:7d:cb:a5:2f:71:5b:e1:
cd:6c:b6:c1:97:5c:7f:01:99:f1:0c:dc:f0:b8:e7:
72:da:12:d7:87:75:d7:70:4a:78:27:65:58:c5:4b:
76:2f:50:0b:d4:3d:a2:d1:a9:1c:2f:9b:e1:20:26:
03:8d:cf:fc:68:71:e3:95:a3:af:f0:f1:46:2b:f7:
f5:23:9c:4a:74:b7:e1:ef:44:a6:4f:d5:37:79:26:
5d:a4:92:ef:c6:47:87:f4:0c:5c:ab:35:75:d8:20:
ec:a9:c5:19:f0:e6:fc:07:fd:74:66:9d:b8:58:23:
75:a8:c3:80:b3:9a:f1:96:f1:1e:b8:9c:f3:40:19:
a8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:01:7E:D6:C1:17:3B:19:94:2A:50:4F:A4:BA:A7:78:39:7E:3F:7C
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/DAF-1sEXOxmUKlBPpLqneDl-P3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.36.0/23
2.22.60.0/24
2.22.226.0/23
80.67.64.0/23
80.67.70.0/24
80.67.73.0/24
88.221.208.0/23
Signature Algorithm: sha256WithRSAEncryption
04:f4:85:27:6a:b9:1c:b5:e0:c0:9e:1c:64:f4:2e:54:39:c1:
14:6b:89:b6:c7:d7:6b:6d:be:cf:20:8f:ad:2b:67:cd:86:6e:
7e:cc:75:7d:95:be:05:b0:a5:5a:2c:b7:85:ec:a3:05:14:0c:
c7:4e:71:b2:1a:25:99:89:53:f3:07:69:42:b7:dc:5d:09:3c:
48:79:46:27:68:b8:60:54:63:8c:ce:e9:32:31:80:13:34:76:
00:1d:bd:f8:f5:f7:8c:03:3a:6c:cc:c0:cd:56:6c:d7:a8:08:
54:09:24:eb:f1:c0:66:15:bb:98:b3:20:05:03:cc:03:a4:83:
77:68:21:3c:e3:b1:b4:e4:cc:35:10:a2:47:a9:18:a0:75:54:
68:fe:85:7a:e4:ff:3d:d3:bd:76:1e:e5:4c:ff:53:a0:19:0f:
77:23:a7:54:b0:1d:2f:99:ae:2c:af:b6:be:18:3e:8b:d0:7c:
59:45:e0:aa:75:53:45:95:27:61:3b:46:61:5c:8f:45:17:a7:
91:b3:1d:65:f0:84:75:93:e8:bc:85:41:db:53:b9:28:35:f8:
8f:81:2e:14:7c:4d:aa:4e:b7:ad:4d:44:f2:bb:db:7d:e7:c2:
a9:9f:49:e9:b2:2c:58:c3:a7:69:1e:37:46:89:d6:ac:17:c4:
fb:4c:01:d8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzC21RqZ1Iae46mz2tpgFg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzAxN2VkNmMxMTczYjE5OTQyYTUwNGZhNGJhYTc3ODM5N2UzZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7G/Ru0eJ9405bL1LfgTzMNySgenY
5UGk6+iQwcss9DuPMU7EJ9wtBds/yBK9R6O/h3HUWHFBn8lE2Q80JtcTxNPWqJpn
ejRuO63zxnmW39MqMbspJpZ0255mDUAafNLdA1o65nht+2Tjc+g0N6pW3AtrD5nS
kdSv4wvJU6cjin3LpS9xW+HNbLbBl1x/AZnxDNzwuOdy2hLXh3XXcEp4J2VYxUt2
L1AL1D2i0akcL5vhICYDjc/8aHHjlaOv8PFGK/f1I5xKdLfh70SmT9U3eSZdpJLv
xkeH9AxcqzV12CDsqcUZ8Ob8B/10Zp24WCN1qMOAs5rxlvEeuJzzQBmo0wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAwBftbBFzsZlCpQT6S6p3g5fj98MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvREFGLTFzRVhPeG1VS2xCUHBMcW5lRGwtUDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBAhAkAwQA
AhY8AwQBAhbiAwQBUENAAwQAUENGAwQAUENJAwQBWN3QMA0GCSqGSIb3DQEBCwUA
A4IBAQAE9IUnarkcteDAnhxk9C5UOcEUa4m2x9drbb7PII+tK2fNhm5+zHV9lb4F
sKVaLLeF7KMFFAzHTnGyGiWZiVPzB2lCt9xdCTxIeUYnaLhgVGOMzukyMYATNHYA
Hb349feMAzpszMDNVmzXqAhUCSTr8cBmFbuYsyAFA8wDpIN3aCE847G05Mw1EKJH
qRigdVRo/oV65P890712HuVM/1OgGQ93I6dUsB0vma4sr7a+GD6L0HxZReCqdVNF
lSdhO0ZhXI9FF6eRsx1l8IR1k+i8hUHbU7koNfiPgS4UfE2qTretTUTyu9t958Kp
n0npsixYw6dpHjdGidasF8T7TAHY
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:15:28 2024 by rpki-client on console-fra.rpki-client.org