Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/DGd_nQA9s6gY7y5x6kYUhNc4dS8.roa
File: DGd_nQA9s6gY7y5x6kYUhNc4dS8.roa (raw, json)
Hash identifier: p4/HEMZHHkoyE5xPXbF7RGfBm23kEjnk41tuDSFDOhQ=
Subject key identifier: 0C:67:7F:9D:00:3D:B3:A8:18:EF:2E:71:EA:46:14:84:D7:38:75:2F
Certificate issuer: /CN=a8305c6e58294ad0ed5162fa8429da5165653930
Certificate serial: 018CC2DB007919FBC88B973573CC957A00D0
Authority key identifier: A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/DGd_nQA9s6gY7y5x6kYUhNc4dS8.roa
Signing time: Mon 01 Jan 2024 02:29:41 +0000
ROA not before: Mon 01 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57118
IP address blocks: 91.199.218.0/24 maxlen: 24
2001:67c:2d70::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/qDBcblgpStDtUWL6hCnaUWVlOTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/qDBcblgpStDtUWL6hCnaUWVlOTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:00:79:19:fb:c8:8b:97:35:73:cc:95:7a:00:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8305c6e58294ad0ed5162fa8429da5165653930
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c677f9d003db3a818ef2e71ea461484d738752f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ce:6c:87:d3:5c:f6:6a:8a:d9:50:47:e8:10:
7b:57:6f:ab:57:34:1d:d2:c2:ce:6a:88:9a:77:40:
d4:f2:0a:93:3c:20:e4:dd:43:f5:09:68:27:69:45:
9b:13:4b:c0:b3:f4:c0:8b:15:09:fd:ce:b4:a5:c9:
06:10:ff:ac:ee:37:48:35:48:94:8b:2f:0e:44:bb:
7c:7a:f9:32:db:79:9a:b7:9f:b9:f3:cd:bf:ca:5e:
04:a7:bc:3d:8a:1c:40:e0:c8:64:8e:2c:f7:bf:ec:
89:b8:6c:d5:bc:c8:84:90:ec:52:e2:0d:14:df:f6:
97:86:da:17:f0:9f:5d:a8:c6:33:0e:d6:a6:73:bf:
cb:6b:4e:7e:85:c6:bd:f0:9b:c9:20:13:7b:88:d3:
b3:a0:7c:48:07:e0:3e:88:0d:5b:e8:1d:38:aa:0e:
94:ae:1f:d4:56:89:47:1d:cc:1f:0e:a5:b9:6e:50:
a8:30:54:b7:00:8a:6e:87:fa:e7:ce:4d:17:e3:6f:
f8:54:69:6f:52:2f:44:cb:f9:45:7d:2d:67:c6:17:
03:64:aa:81:cc:63:c7:8d:5e:24:bc:4e:6e:1a:1e:
c9:f2:47:e6:43:f8:97:89:e6:e6:cb:ef:6f:8d:27:
16:29:20:85:03:a4:9b:91:13:45:74:5f:1d:38:8c:
85:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:67:7F:9D:00:3D:B3:A8:18:EF:2E:71:EA:46:14:84:D7:38:75:2F
X509v3 Authority Key Identifier:
keyid:A8:30:5C:6E:58:29:4A:D0:ED:51:62:FA:84:29:DA:51:65:65:39:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qDBcblgpStDtUWL6hCnaUWVlOTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/DGd_nQA9s6gY7y5x6kYUhNc4dS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/4c15d9-79e6-452f-aa32-02db8b77d087/1/qDBcblgpStDtUWL6hCnaUWVlOTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.218.0/24
IPv6:
2001:67c:2d70::/48
Signature Algorithm: sha256WithRSAEncryption
33:c6:8c:03:16:ed:fa:ac:f3:c2:04:11:22:19:4e:19:37:6d:
df:d9:1d:63:60:9b:5f:2f:a3:54:88:dc:32:00:c5:12:3b:6a:
7f:53:e1:bd:b6:e6:4b:6e:b4:ef:be:c1:78:46:e9:fe:6d:1c:
7d:f4:9f:79:35:18:e3:e7:e5:dd:f1:a1:ea:28:51:2e:5d:67:
bd:56:94:3b:63:83:ae:84:83:20:6d:a9:c1:74:60:48:a5:5a:
01:6f:52:05:89:d3:5e:e2:94:63:87:ab:bb:cc:30:d2:c9:67:
d7:19:76:4c:88:0f:52:f3:58:af:8a:df:3a:7a:7d:eb:0c:88:
6a:cf:84:17:2c:34:17:38:df:ba:70:db:a7:87:a0:b1:58:dd:
8a:b6:b9:96:1a:1f:db:fc:bb:fd:82:80:99:11:da:12:95:d7:
a3:f0:bf:c2:81:88:da:49:99:28:80:c3:10:6a:28:4c:69:ab:
a0:e9:b3:31:21:28:b1:b7:0a:e4:32:1a:d0:53:d7:92:ea:e6:
77:f3:ed:d6:eb:35:a8:5a:bb:cd:d8:2c:60:ed:b4:d6:6d:52:
cb:83:6f:3f:79:52:e2:e0:92:b5:b4:c9:5d:93:79:27:cd:3c:
fd:0f:6e:5c:94:95:61:e3:33:3d:6c:c3:73:94:92:a4:38:5b:
fb:75:96:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC2wB5GfvIi5c1c8yVegDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MzA1YzZlNTgyOTRhZDBlZDUxNjJmYTg0MjlkYTUxNjU2
NTM5MzAwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzY3N2Y5ZDAwM2RiM2E4MThlZjJlNzFlYTQ2MTQ4NGQ3Mzg3NTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs5sh9Nc9mqK2VBH6BB7V2+rVzQd
0sLOaoiad0DU8gqTPCDk3UP1CWgnaUWbE0vAs/TAixUJ/c60pckGEP+s7jdINUiU
iy8ORLt8evky23mat5+5882/yl4Ep7w9ihxA4Mhkjiz3v+yJuGzVvMiEkOxS4g0U
3/aXhtoX8J9dqMYzDtamc7/La05+hca98JvJIBN7iNOzoHxIB+A+iA1b6B04qg6U
rh/UVolHHcwfDqW5blCoMFS3AIpuh/rnzk0X42/4VGlvUi9Ey/lFfS1nxhcDZKqB
zGPHjV4kvE5uGh7J8kfmQ/iXiebmy+9vjScWKSCFA6SbkRNFdF8dOIyF6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAxnf50APbOoGO8ucepGFITXOHUvMB8GA1UdIwQY
MBaAFKgwXG5YKUrQ7VFi+oQp2lFlZTkwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcURCY2JsZ3BTdER0VVdMNmhDbmFVV1ZsT1RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS80YzE1ZDktNzllNi00NTJmLWFhMzIt
MDJkYjhiNzdkMDg3LzEvREdkX25RQTlzNmdZN3k1eDZrWVVoTmM0ZFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS80YzE1ZDktNzllNi00NTJmLWFhMzItMDJkYjhiNzdkMDg3
LzEvcURCY2JsZ3BTdER0VVdMNmhDbmFVV1ZsT1RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8faMA8E
AgACMAkDBwAgAQZ8LXAwDQYJKoZIhvcNAQELBQADggEBADPGjAMW7fqs88IEESIZ
Thk3bd/ZHWNgm18vo1SI3DIAxRI7an9T4b225ktutO++wXhG6f5tHH30n3k1GOPn
5d3xoeooUS5dZ71WlDtjg66EgyBtqcF0YEilWgFvUgWJ017ilGOHq7vMMNLJZ9cZ
dkyID1LzWK+K3zp6fesMiGrPhBcsNBc437pw26eHoLFY3Yq2uZYaH9v8u/2CgJkR
2hKV16Pwv8KBiNpJmSiAwxBqKExpq6DpszEhKLG3CuQyGtBT15Lq5nfz7dbrNaha
u83YLGDttNZtUsuDbz95UuLgkrW0yV2TeSfNPP0PblyUlWHjMz1sw3OUkqQ4W/t1
loQ=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:44:49 2024 by rpki-client on console-fra.rpki-client.org