Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/DJdOcFHDcDoZRiuDm5v8P8YdPe0.roa
File: DJdOcFHDcDoZRiuDm5v8P8YdPe0.roa (raw, json)
Hash identifier: sRqhWg9gO8tC2x86ayT3L7E/pqRT6KjNdDe2d6gaWno=
Subject key identifier: 0C:97:4E:70:51:C3:70:3A:19:46:2B:83:9B:9B:FC:3F:C6:1D:3D:ED
Certificate issuer: /CN=d0ce1b9ffb2e73d2c97f0893063cabb2cb746790
Certificate serial: 018CC348EEEB8B2AE3BD557A08C17BB70478
Authority key identifier: D0:CE:1B:9F:FB:2E:73:D2:C9:7F:08:93:06:3C:AB:B2:CB:74:67:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0M4bn_suc9LJfwiTBjyrsst0Z5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/DJdOcFHDcDoZRiuDm5v8P8YdPe0.roa
Signing time: Mon 01 Jan 2024 04:29:46 +0000
ROA not before: Mon 01 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44746
IP address blocks: 91.214.88.0/22 maxlen: 22
91.202.156.0/22 maxlen: 22
185.19.252.0/22 maxlen: 22
2a05:b880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/0M4bn_suc9LJfwiTBjyrsst0Z5A.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/0M4bn_suc9LJfwiTBjyrsst0Z5A.mft
rsync://rpki.ripe.net/repository/DEFAULT/0M4bn_suc9LJfwiTBjyrsst0Z5A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ee:eb:8b:2a:e3:bd:55:7a:08:c1:7b:b7:04:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ce1b9ffb2e73d2c97f0893063cabb2cb746790
Validity
Not Before: Jan 1 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c974e7051c3703a19462b839b9bfc3fc61d3ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e0:29:e9:03:b3:41:5d:e9:c9:a3:2f:9f:c9:
c3:dc:87:d3:7e:79:3a:25:8d:19:be:bd:88:17:8a:
50:cb:46:be:90:a8:12:af:57:62:19:1f:e6:37:35:
68:d1:de:42:f4:a0:c5:55:d2:c5:16:c4:00:5d:52:
ac:53:47:64:f1:09:1f:ed:75:50:96:87:cb:99:13:
41:38:99:51:5c:6c:af:be:64:c6:81:96:b6:1c:0e:
60:79:2c:a4:64:53:c2:7c:09:65:19:7a:bd:95:10:
e2:1d:0c:a4:09:a4:53:af:9c:d1:ac:48:24:90:ab:
43:4a:1b:cf:51:ab:d8:d4:64:63:60:9e:8b:57:c6:
9e:bd:f7:9a:ce:1f:96:52:c8:2b:bd:e9:8d:09:ba:
6a:ec:8c:5b:bb:a6:d7:af:7d:71:b5:f1:12:a3:b4:
03:98:34:5f:f2:ee:bc:80:15:20:81:0b:bb:98:82:
63:ec:84:4c:19:5c:a7:75:eb:25:ca:ef:7d:29:2f:
62:f6:a3:ed:8f:bf:ff:a6:1c:49:c4:36:25:5c:0e:
a5:ff:42:a1:a7:e4:98:c4:9d:44:48:09:24:de:03:
1b:29:35:c9:36:6c:88:23:e0:c7:36:1f:f3:3f:6d:
96:4c:81:b3:53:40:25:28:71:1e:41:17:c2:8c:ca:
21:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:97:4E:70:51:C3:70:3A:19:46:2B:83:9B:9B:FC:3F:C6:1D:3D:ED
X509v3 Authority Key Identifier:
keyid:D0:CE:1B:9F:FB:2E:73:D2:C9:7F:08:93:06:3C:AB:B2:CB:74:67:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0M4bn_suc9LJfwiTBjyrsst0Z5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/DJdOcFHDcDoZRiuDm5v8P8YdPe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e51322-0141-4d16-8168-b9fb53a2f03c/1/0M4bn_suc9LJfwiTBjyrsst0Z5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.156.0/22
91.214.88.0/22
185.19.252.0/22
IPv6:
2a05:b880::/29
Signature Algorithm: sha256WithRSAEncryption
2a:ca:22:ed:67:9b:3f:28:32:1f:1d:9e:b7:64:05:e2:aa:55:
70:cf:e3:8a:f9:0a:a7:3d:35:ac:33:b7:cf:64:40:f5:6b:0e:
35:12:09:65:0d:51:cd:4c:e5:db:51:65:86:d9:54:b4:e3:3d:
ba:f3:59:3a:0f:fd:61:7e:2c:98:50:b3:fc:af:bf:34:f3:bf:
b1:d2:14:ff:4b:fc:40:61:f4:6b:3d:14:45:c1:1b:e1:b0:d2:
3f:3e:22:4b:17:eb:34:bb:9e:0a:69:10:d0:4e:16:e2:5c:56:
38:f8:16:d9:9a:8a:d6:70:be:cf:d1:b6:4a:81:42:72:c3:bc:
4a:b6:8c:fd:57:9b:9a:40:a5:91:d1:fa:61:2f:3b:9a:2e:9a:
3b:b4:70:f8:57:0e:05:ab:dc:20:2e:7a:83:7b:85:56:ef:7a:
46:10:2e:77:1d:06:10:36:25:00:f3:6c:80:41:2e:15:e6:a2:
ae:d1:f6:1c:a5:f6:55:7e:3d:86:78:b8:76:69:58:ac:5e:e6:
7e:3d:75:cf:27:7a:91:6e:34:7c:7c:87:42:d2:77:4b:d0:a6:
08:2d:a1:24:d3:2d:47:42:c6:b3:49:ff:90:7b:b2:b7:8f:d8:
a6:57:a3:08:3e:0b:ca:6b:8c:bf:6b:af:c5:ef:5d:70:01:cc:
bc:65:37:c8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSO7riyrjvVV6CMF7twR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwY2UxYjlmZmIyZTczZDJjOTdmMDg5MzA2M2NhYmIyY2I3
NDY3OTAwHhcNMjQwMTAxMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk3NGU3MDUxYzM3MDNhMTk0NjJiODM5YjliZmMzZmM2MWQzZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluAp6QOzQV3pyaMvn8nD3IfTfnk6
JY0Zvr2IF4pQy0a+kKgSr1diGR/mNzVo0d5C9KDFVdLFFsQAXVKsU0dk8Qkf7XVQ
lofLmRNBOJlRXGyvvmTGgZa2HA5geSykZFPCfAllGXq9lRDiHQykCaRTr5zRrEgk
kKtDShvPUavY1GRjYJ6LV8aevfeazh+WUsgrvemNCbpq7Ixbu6bXr31xtfESo7QD
mDRf8u68gBUggQu7mIJj7IRMGVyndeslyu99KS9i9qPtj7//phxJxDYlXA6l/0Kh
p+SYxJ1ESAkk3gMbKTXJNmyII+DHNh/zP22WTIGzU0AlKHEeQRfCjMoh2QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAyXTnBRw3A6GUYrg5ub/D/GHT3tMB8GA1UdIwQY
MBaAFNDOG5/7LnPSyX8IkwY8q7LLdGeQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME00Ym5fc3VjOUxKZndpVEJqeXJzc3QwWjVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lNTEzMjItMDE0MS00ZDE2LTgxNjgt
YjlmYjUzYTJmMDNjLzEvREpkT2NGSERjRG9aUml1RG01djhQOFlkUGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lNTEzMjItMDE0MS00ZDE2LTgxNjgtYjlmYjUzYTJmMDNj
LzEvME00Ym5fc3VjOUxKZndpVEJqeXJzc3QwWjVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8qcAwQC
W9ZYAwQCuRP8MA0EAgACMAcDBQMqBbiAMA0GCSqGSIb3DQEBCwUAA4IBAQAqyiLt
Z5s/KDIfHZ63ZAXiqlVwz+OK+QqnPTWsM7fPZED1aw41EgllDVHNTOXbUWWG2VS0
4z2681k6D/1hfiyYULP8r78087+x0hT/S/xAYfRrPRRFwRvhsNI/PiJLF+s0u54K
aRDQThbiXFY4+BbZmorWcL7P0bZKgUJyw7xKtoz9V5uaQKWR0fphLzuaLpo7tHD4
Vw4Fq9wgLnqDe4VW73pGEC53HQYQNiUA82yAQS4V5qKu0fYcpfZVfj2GeLh2aVis
XuZ+PXXPJ3qRbjR8fIdC0ndL0KYILaEk0y1HQsazSf+Qe7K3j9imV6MIPgvKa4y/
a6/F711wAcy8ZTfI
-----END CERTIFICATE-----
Generated at Fri Nov 15 18:52:43 2024 by rpki-client on console-ams.rpki-client.org