Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/DTcgUy_w0zMWIWaSss7TTWzmpoo.roa
File: DTcgUy_w0zMWIWaSss7TTWzmpoo.roa (raw, json)
Hash identifier: 4W+IFNRbwozo1+KNvZpvwTxS64CVgiHwyrEaPcdCdQc=
Subject key identifier: 0D:37:20:53:2F:F0:D3:33:16:21:66:92:B2:CE:D3:4D:6C:E6:A6:8A
Certificate issuer: /CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Certificate serial: 018CC500AD16ABA5F12431748C347F336B40
Authority key identifier: 18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/DTcgUy_w0zMWIWaSss7TTWzmpoo.roa
Signing time: Mon 01 Jan 2024 12:30:05 +0000
ROA not before: Mon 01 Jan 2024 12:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34993
IP address blocks: 193.25.122.0/23 maxlen: 23
185.57.148.0/22 maxlen: 22
37.148.252.0/22 maxlen: 22
141.98.220.0/22 maxlen: 22
193.25.168.0/23 maxlen: 23
89.248.208.0/24 maxlen: 24
89.248.210.0/23 maxlen: 23
185.151.188.0/22 maxlen: 22
2a0a:1580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:ad:16:ab:a5:f1:24:31:74:8c:34:7f:33:6b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933
Validity
Not Before: Jan 1 12:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d3720532ff0d33316216692b2ced34d6ce6a68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:59:d6:ef:1c:0e:64:3e:7a:bf:b4:0c:b0:69:
ad:9a:c9:a1:fe:fa:5e:4d:32:ca:97:0a:2e:4f:c3:
e0:94:62:43:5a:4c:1f:6b:a9:e4:32:6d:37:f6:1d:
61:aa:58:c1:b5:05:62:48:41:8b:3b:22:3d:af:45:
e0:35:27:7d:fd:4d:58:6a:3f:15:d9:d4:32:36:60:
ef:89:ec:76:d6:e8:be:be:db:5f:d9:1e:b0:8a:dc:
04:c8:a3:1c:22:41:d5:5c:95:a3:40:33:d0:f0:6e:
ae:b0:7f:32:94:93:70:10:d1:ad:04:9e:ee:fa:fb:
b7:ab:1a:11:b5:1f:11:25:6c:93:f2:cc:2c:fc:2c:
d2:b9:7b:64:6b:6d:b2:da:1e:d8:5f:e0:7e:8f:cc:
5c:dc:4f:fe:3b:00:f0:b2:25:b3:0c:76:cf:a6:05:
5e:12:c6:ef:7a:0a:38:8c:29:16:87:02:e4:1d:a9:
22:41:48:e9:5b:44:45:67:60:09:3f:26:0d:7b:5a:
9e:31:2d:59:19:fc:69:f3:44:14:84:7e:b9:b1:f9:
00:f8:56:69:e7:5e:48:32:3e:a5:2f:47:30:d3:ab:
16:5f:6b:f4:11:b5:eb:55:db:68:7e:fa:1f:75:93:
93:0f:5c:b4:25:b5:f0:77:6a:1d:33:2f:5f:52:9d:
07:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:37:20:53:2F:F0:D3:33:16:21:66:92:B2:CE:D3:4D:6C:E6:A6:8A
X509v3 Authority Key Identifier:
keyid:18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/DTcgUy_w0zMWIWaSss7TTWzmpoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.252.0/22
89.248.208.0/24
89.248.210.0/23
141.98.220.0/22
185.57.148.0/22
185.151.188.0/22
193.25.122.0/23
193.25.168.0/23
IPv6:
2a0a:1580::/29
Signature Algorithm: sha256WithRSAEncryption
36:a8:1e:34:28:32:57:75:c2:b1:9b:77:ba:bc:29:c8:c9:d8:
b1:bd:b2:cc:3d:78:e6:36:ff:b1:1b:8b:d7:a8:1d:1b:d8:d4:
39:7c:41:d1:d7:a4:78:55:74:13:65:71:27:d7:ea:7b:2b:ae:
fd:82:21:2c:eb:99:cb:5b:ef:62:ae:f7:19:a5:7f:3d:7d:32:
fc:e2:b2:c1:23:94:92:9f:61:16:91:9c:7a:b2:3f:a3:5c:a5:
a3:be:9b:1c:3e:55:a7:02:5a:ec:c3:e5:97:c4:6d:45:9e:37:
e4:ff:5c:e8:f3:42:5d:4e:89:c8:2d:ac:7c:43:24:81:e6:92:
55:67:4b:e3:6c:cb:c4:b8:40:8a:a8:a3:70:96:36:db:c9:ea:
22:0a:b4:78:f8:9d:e3:eb:62:23:d0:ee:e1:ed:28:c9:1a:d8:
31:96:c3:46:89:e5:e9:02:61:92:86:c6:c4:76:f4:2e:29:98:
91:4c:38:5d:ba:bf:53:0f:fe:a6:85:6c:9c:98:fc:c9:d7:21:
6a:8a:77:d5:9d:85:9e:9b:8b:19:62:e4:2b:79:42:7c:f1:1d:
ea:10:0a:b5:85:2a:93:91:c8:7a:6d:0b:d9:48:28:2a:15:c1:
c5:ba:f8:2d:7a:81:ac:e9:91:99:4f:22:dd:d9:64:43:cb:22:
95:40:d6:04
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzFAK0Wq6XxJDF0jDR/M2tAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTBlOWEzZDIwY2ZhYzZjYmUzY2NmNzRhYjU3ODRhNzc2
ODI5MzMwHhcNMjQwMTAxMTIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDM3MjA1MzJmZjBkMzMzMTYyMTY2OTJiMmNlZDM0ZDZjZTZhNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlnW7xwOZD56v7QMsGmtmsmh/vpe
TTLKlwouT8PglGJDWkwfa6nkMm039h1hqljBtQViSEGLOyI9r0XgNSd9/U1Yaj8V
2dQyNmDviex21ui+vttf2R6witwEyKMcIkHVXJWjQDPQ8G6usH8ylJNwENGtBJ7u
+vu3qxoRtR8RJWyT8sws/CzSuXtka22y2h7YX+B+j8xc3E/+OwDwsiWzDHbPpgVe
Esbvego4jCkWhwLkHakiQUjpW0RFZ2AJPyYNe1qeMS1ZGfxp80QUhH65sfkA+FZp
515IMj6lL0cw06sWX2v0EbXrVdtofvofdZOTD1y0JbXwd2odMy9fUp0HcwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFA03IFMv8NMzFiFmkrLO001s5qaKMB8GA1UdIwQY
MBaAFBjg6aPSDPrGy+PM90q1eEp3aCkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMt
OTVhYjgxYjc3NjkxLzEvRFRjZ1V5X3cwek1XSVdhU3NzN1RUV3ptcG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMtOTVhYjgxYjc3Njkx
LzEvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCJZT8AwQA
WfjQAwQBWfjSAwQCjWLcAwQCuTmUAwQCuZe8AwQBwRl6AwQBwRmoMA0EAgACMAcD
BQMqChWAMA0GCSqGSIb3DQEBCwUAA4IBAQA2qB40KDJXdcKxm3e6vCnIydixvbLM
PXjmNv+xG4vXqB0b2NQ5fEHR16R4VXQTZXEn1+p7K679giEs65nLW+9irvcZpX89
fTL84rLBI5SSn2EWkZx6sj+jXKWjvpscPlWnAlrsw+WXxG1Fnjfk/1zo80JdTonI
Lax8QySB5pJVZ0vjbMvEuECKqKNwljbbyeoiCrR4+J3j62Ij0O7h7SjJGtgxlsNG
ieXpAmGShsbEdvQuKZiRTDhdur9TD/6mhWycmPzJ1yFqinfVnYWem4sZYuQreUJ8
8R3qEAq1hSqTkch6bQvZSCgqFcHFuvgteoGs6ZGZTyLd2WRDyyKVQNYE
-----END CERTIFICATE-----
Generated at Sat May 18 22:41:17 2024 by rpki-client on console-fra.rpki-client.org