Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/DGOE8mQqEucnyQcMiYjeM-SNgRc.roa
File: DGOE8mQqEucnyQcMiYjeM-SNgRc.roa (raw, json)
Hash identifier: yyjBgV1n7kVe8qeTLhROeFsY2QAzyLNUnYM8Bg3GG18=
Subject key identifier: 0C:63:84:F2:64:2A:12:E7:27:C9:07:0C:89:88:DE:33:E4:8D:81:17
Certificate issuer: /CN=dcd246e1830567ab115231db775f2879d99af0a0
Certificate serial: 0191137733E3214FF4BECCFF154AF5B2A57D
Authority key identifier: DC:D2:46:E1:83:05:67:AB:11:52:31:DB:77:5F:28:79:D9:9A:F0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3NJG4YMFZ6sRUjHbd18oedma8KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/DGOE8mQqEucnyQcMiYjeM-SNgRc.roa
Signing time: Fri 02 Aug 2024 14:21:04 +0000
ROA not before: Fri 02 Aug 2024 14:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42314
IP address blocks: 85.114.96.0/24 maxlen: 24
85.114.104.0/24 maxlen: 24
85.114.106.0/24 maxlen: 24
85.114.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/3NJG4YMFZ6sRUjHbd18oedma8KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/3NJG4YMFZ6sRUjHbd18oedma8KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3NJG4YMFZ6sRUjHbd18oedma8KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:77:33:e3:21:4f:f4:be:cc:ff:15:4a:f5:b2:a5:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcd246e1830567ab115231db775f2879d99af0a0
Validity
Not Before: Aug 2 14:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c6384f2642a12e727c9070c8988de33e48d8117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8b:7b:c5:e6:9c:6c:eb:93:97:c5:60:64:c2:
c8:ea:6a:d4:da:52:f3:33:fe:aa:e2:e3:96:62:a6:
45:14:a5:a2:cd:e9:19:30:67:42:5f:7a:29:77:2d:
2d:df:34:38:07:dc:4a:65:e3:10:ba:a4:cb:09:11:
bd:fc:23:c2:5a:a9:8c:63:ec:9c:d0:d2:65:5d:2b:
98:36:85:2a:f6:61:56:b5:37:aa:b2:29:ae:18:6a:
0f:57:80:6c:c3:0b:e7:4b:3e:0d:e0:56:84:b5:5c:
1d:0d:46:df:bb:e2:2e:5c:dc:8c:ea:15:ba:7f:12:
86:85:51:92:c4:ae:98:38:e7:81:cb:3a:67:2d:c9:
70:10:e9:84:bd:f8:27:a1:25:c3:d1:ba:77:54:dc:
17:1c:83:cc:d7:25:e7:8f:e4:ec:e8:4d:de:9d:7e:
1a:18:b6:3d:86:b3:1b:fb:16:44:c2:08:25:6f:fe:
d6:c3:e3:c7:0b:67:68:bf:90:ed:be:87:e5:b1:67:
98:f8:a9:94:0e:b3:1e:44:b9:f1:7a:d2:4a:a9:ea:
f2:f3:af:ac:1e:dc:97:b7:f6:83:dc:82:b7:bf:16:
18:6a:c8:22:07:57:73:17:a9:f4:a1:3d:89:7e:fd:
9b:b3:6a:d7:c2:19:0b:01:99:0c:36:18:f6:88:0a:
d1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:63:84:F2:64:2A:12:E7:27:C9:07:0C:89:88:DE:33:E4:8D:81:17
X509v3 Authority Key Identifier:
keyid:DC:D2:46:E1:83:05:67:AB:11:52:31:DB:77:5F:28:79:D9:9A:F0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3NJG4YMFZ6sRUjHbd18oedma8KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/DGOE8mQqEucnyQcMiYjeM-SNgRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/3NJG4YMFZ6sRUjHbd18oedma8KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.114.96.0/24
85.114.104.0/24
85.114.106.0/23
Signature Algorithm: sha256WithRSAEncryption
23:39:c1:56:68:5a:3b:19:ed:fa:c9:22:3e:dd:43:cf:b3:3c:
78:c8:24:c7:3d:cd:8e:9f:e0:7a:25:5e:19:cf:60:fd:ff:9c:
1e:ae:df:98:55:2f:2d:44:7c:1e:12:00:38:cc:25:f9:2c:22:
cd:e3:dc:40:ba:d0:16:51:76:dc:75:6e:03:da:34:40:4f:a5:
4f:f9:f9:2a:4a:a7:9b:99:a1:4f:17:61:0f:57:ec:ab:72:3d:
e8:bb:61:08:d2:7f:dc:25:93:8d:52:e4:8a:a7:5a:25:f7:47:
8e:89:dc:8e:44:f3:4d:93:92:7f:fa:67:bf:9c:c8:5a:71:69:
e8:07:86:71:ca:ba:44:6b:d0:64:25:b8:78:7b:02:4b:b6:04:
c4:b7:d7:e9:c6:77:b7:6c:19:1d:94:de:3a:6e:9f:24:51:62:
cd:66:1f:21:9b:44:c7:04:9d:3d:eb:06:10:90:65:cb:4d:9e:
d7:e8:3d:e3:ee:32:9e:2d:7d:b3:21:2e:83:30:ec:d0:29:f8:
65:bf:8b:a7:e7:56:65:d8:c6:c0:36:be:77:a5:6a:3a:93:0b:
f6:f0:da:95:5b:1c:29:b5:8e:45:57:a4:49:f9:cb:29:67:72:
ae:a5:a9:0e:47:1d:62:87:d4:00:2c:b1:6e:01:1a:9b:ec:17:
2b:af:14:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZETdzPjIU/0vsz/FUr1sqV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZDI0NmUxODMwNTY3YWIxMTUyMzFkYjc3NWYyODc5ZDk5
YWYwYTAwHhcNMjQwODAyMTQyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzYzODRmMjY0MmExMmU3MjdjOTA3MGM4OTg4ZGUzM2U0OGQ4MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4t7xeacbOuTl8VgZMLI6mrU2lLz
M/6q4uOWYqZFFKWizekZMGdCX3opdy0t3zQ4B9xKZeMQuqTLCRG9/CPCWqmMY+yc
0NJlXSuYNoUq9mFWtTeqsimuGGoPV4BswwvnSz4N4FaEtVwdDUbfu+IuXNyM6hW6
fxKGhVGSxK6YOOeByzpnLclwEOmEvfgnoSXD0bp3VNwXHIPM1yXnj+Ts6E3enX4a
GLY9hrMb+xZEwgglb/7Ww+PHC2dov5DtvoflsWeY+KmUDrMeRLnxetJKqery86+s
HtyXt/aD3IK3vxYYasgiB1dzF6n0oT2Jfv2bs2rXwhkLAZkMNhj2iArR/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAxjhPJkKhLnJ8kHDImI3jPkjYEXMB8GA1UdIwQY
MBaAFNzSRuGDBWerEVIx23dfKHnZmvCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM05KRzRZTUZaNnNSVWpIYmQxOG9lZG1hOEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lMTE2YjYtM2M2ZC00ODVmLWFmY2Qt
YTQxZTYyMGJhM2ViLzEvREdPRThtUXFFdWNueVFjTWlZamVNLVNOZ1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lMTE2YjYtM2M2ZC00ODVmLWFmY2QtYTQxZTYyMGJhM2Vi
LzEvM05KRzRZTUZaNnNSVWpIYmQxOG9lZG1hOEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXJgAwQA
VXJoAwQBVXJqMA0GCSqGSIb3DQEBCwUAA4IBAQAjOcFWaFo7Ge36ySI+3UPPszx4
yCTHPc2On+B6JV4Zz2D9/5wert+YVS8tRHweEgA4zCX5LCLN49xAutAWUXbcdW4D
2jRAT6VP+fkqSqebmaFPF2EPV+yrcj3ou2EI0n/cJZONUuSKp1ol90eOidyORPNN
k5J/+me/nMhacWnoB4ZxyrpEa9BkJbh4ewJLtgTEt9fpxne3bBkdlN46bp8kUWLN
Zh8hm0THBJ096wYQkGXLTZ7X6D3j7jKeLX2zIS6DMOzQKfhlv4un51Zl2MbANr53
pWo6kwv28NqVWxwptY5FV6RJ+cspZ3KupakORx1ih9QALLFuARqb7BcrrxRU
-----END CERTIFICATE-----
Generated at Fri Sep 20 21:15:47 2024 by rpki-client on console-ams.rpki-client.org