Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/DIkn4G6WBOzTyN_riXHTULazgbY.roa
File: DIkn4G6WBOzTyN_riXHTULazgbY.roa (raw, json)
Hash identifier: xpow8jcBSTdfGaYyqh0qIWaM4BYDcx5Cct4OP0uTZ4w=
Subject key identifier: 0C:89:27:E0:6E:96:04:EC:D3:C8:DF:EB:89:71:D3:50:B6:B3:81:B6
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 018CC56E8D8F76BD22BA069D9DBB6C63A143
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/DIkn4G6WBOzTyN_riXHTULazgbY.roa
Signing time: Mon 01 Jan 2024 14:30:05 +0000
ROA not before: Mon 01 Jan 2024 14:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60380
IP address blocks: 83.133.178.0/23 maxlen: 23
81.209.248.0/21 maxlen: 21
83.125.6.0/23 maxlen: 23
80.86.184.0/24 maxlen: 24
80.86.188.0/23 maxlen: 23
83.133.240.0/20 maxlen: 20
2001:7f0:3000::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:8d:8f:76:bd:22:ba:06:9d:9d:bb:6c:63:a1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 14:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c8927e06e9604ecd3c8dfeb8971d350b6b381b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0e:8e:48:c2:8d:96:0d:a2:cc:f6:6d:70:4b:
d1:bf:65:71:2a:96:aa:f6:81:8a:58:c7:a8:76:93:
12:5b:16:42:b3:7e:1a:20:69:14:3d:6d:98:8e:26:
8f:fa:e6:6b:b0:a2:9f:36:65:93:2c:d3:f3:7d:a3:
a7:21:75:da:a5:c7:ad:56:ad:bc:ea:51:79:b2:28:
d5:e0:a4:71:f9:94:b7:b2:bd:df:8a:da:f1:01:06:
4b:30:c0:71:c9:00:50:fe:10:bd:a0:62:4d:dc:e7:
95:79:29:b1:71:5f:96:6d:1f:79:2b:c8:d6:fa:3d:
83:40:17:93:47:51:9b:fb:e2:97:f2:57:11:28:eb:
24:1a:f6:ff:c3:08:db:98:b8:9f:8a:17:e3:4e:7a:
7f:59:a6:30:82:a6:0d:c0:d4:1a:56:c5:2e:6c:c4:
ac:fa:3e:17:75:a6:1a:5e:76:fd:18:25:e7:35:4a:
ed:55:a2:a7:23:d6:60:aa:bd:9e:fe:4d:53:5b:ba:
05:da:0e:35:fb:da:8e:69:e8:ef:6a:b8:f0:b0:41:
36:f1:67:8c:e2:66:e6:ff:c0:52:00:6d:30:11:c1:
01:c6:d5:d9:65:43:5e:d2:df:1d:2f:3c:bb:7a:f3:
6c:4f:e9:0b:06:96:8b:ee:41:c8:f4:76:a6:19:d7:
f1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:89:27:E0:6E:96:04:EC:D3:C8:DF:EB:89:71:D3:50:B6:B3:81:B6
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/DIkn4G6WBOzTyN_riXHTULazgbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.184.0/24
80.86.188.0/23
81.209.248.0/21
83.125.6.0/23
83.133.178.0/23
83.133.240.0/20
IPv6:
2001:7f0:3000::/46
Signature Algorithm: sha256WithRSAEncryption
8c:7a:b6:18:fc:56:7c:98:9f:c7:d9:1b:9c:c7:9d:da:50:b8:
67:14:30:87:05:0b:86:53:65:94:a7:1b:e4:e9:b1:58:c6:2f:
00:99:a6:3f:f2:d4:63:1b:da:1b:d0:34:02:55:09:98:0a:1a:
44:2d:17:d0:ea:de:79:29:99:ab:54:3d:ec:8b:0d:f6:33:ad:
ff:d2:70:d7:08:3c:ed:d6:37:3f:d7:b5:6e:f7:6e:6c:93:e4:
cb:b7:d9:c7:85:80:a0:73:a4:a0:8d:c3:61:4f:a8:be:d1:ac:
fb:a5:90:32:f6:1a:de:85:b7:76:e8:c5:54:c1:4d:f6:9f:02:
11:29:2a:15:65:80:10:95:70:cb:4a:50:cc:e7:45:85:01:81:
0d:99:8b:57:9c:e5:a9:8c:0c:22:c7:8b:a7:4a:6a:69:ef:ad:
5b:6b:34:18:23:6c:39:6e:5c:48:03:95:3a:10:6e:0e:4d:14:
d0:43:22:ad:65:32:25:c1:d4:3b:5c:7e:8d:f6:c8:95:e3:3b:
bb:65:da:5d:88:56:b3:75:ab:dc:ee:94:b2:66:15:81:97:0d:
e5:67:b3:bc:32:f3:7c:72:9f:fb:3d:0c:2b:c8:76:44:a3:7f:
d3:c3:54:41:c5:ef:ce:02:29:a0:87:dc:bb:e7:16:91:67:37:
c3:3a:78:d1
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzFbo2Pdr0iugadnbtsY6FDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjQwMTAxMTQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg5MjdlMDZlOTYwNGVjZDNjOGRmZWI4OTcxZDM1MGI2YjM4MWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA6OSMKNlg2izPZtcEvRv2VxKpaq
9oGKWMeodpMSWxZCs34aIGkUPW2YjiaP+uZrsKKfNmWTLNPzfaOnIXXapcetVq28
6lF5sijV4KRx+ZS3sr3fitrxAQZLMMBxyQBQ/hC9oGJN3OeVeSmxcV+WbR95K8jW
+j2DQBeTR1Gb++KX8lcRKOskGvb/wwjbmLifihfjTnp/WaYwgqYNwNQaVsUubMSs
+j4XdaYaXnb9GCXnNUrtVaKnI9Zgqr2e/k1TW7oF2g41+9qOaejvarjwsEE28WeM
4mbm/8BSAG0wEcEBxtXZZUNe0t8dLzy7evNsT+kLBpaL7kHI9HamGdfx3wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFAyJJ+BulgTs08jf64lx01C2s4G2MB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvRElrbjRHNldCT3pUeU5fcmlYSFRVTGF6Z2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAUFa4AwQB
UFa8AwQDUdH4AwQBU30GAwQBU4WyAwQEU4XwMA8EAgACMAkDBwIgAQfwMAAwDQYJ
KoZIhvcNAQELBQADggEBAIx6thj8VnyYn8fZG5zHndpQuGcUMIcFC4ZTZZSnG+Tp
sVjGLwCZpj/y1GMb2hvQNAJVCZgKGkQtF9Dq3nkpmatUPeyLDfYzrf/ScNcIPO3W
Nz/XtW73bmyT5Mu32ceFgKBzpKCNw2FPqL7RrPulkDL2Gt6Ft3boxVTBTfafAhEp
KhVlgBCVcMtKUMznRYUBgQ2Zi1ec5amMDCLHi6dKamnvrVtrNBgjbDluXEgDlToQ
bg5NFNBDIq1lMiXB1Dtcfo32yJXjO7tl2l2IVrN1q9zulLJmFYGXDeVns7wy83xy
n/s9DCvIdkSjf9PDVEHF784CKaCH3LvnFpFnN8M6eNE=
-----END CERTIFICATE-----
Generated at Sat May 18 07:26:39 2024 by rpki-client on console-fra.rpki-client.org