Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DyXUbwpIEDome5ow3Bh9K4jpUYk.roa
File: DyXUbwpIEDome5ow3Bh9K4jpUYk.roa (raw, json)
Hash identifier: 5X926MC42+33sQIuGK3+5uem3apC+MV36YpyhXpHp3o=
Subject key identifier: 0F:25:D4:6F:0A:48:10:3A:26:7B:9A:30:DC:18:7D:2B:88:E9:51:89
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC3B6B8DE200171A67BF4ECC4868E8E51
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DyXUbwpIEDome5ow3Bh9K4jpUYk.roa
Signing time: Mon 01 Jan 2024 06:29:41 +0000
ROA not before: Mon 01 Jan 2024 06:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29657
IP address blocks: 92.52.221.0/24 maxlen: 24
5.180.123.0/24 maxlen: 24
194.41.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b8:de:20:01:71:a6:7b:f4:ec:c4:86:8e:8e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 06:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f25d46f0a48103a267b9a30dc187d2b88e95189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b2:13:2d:f0:66:74:a9:2f:24:e7:f3:fd:1e:
95:36:01:95:21:d6:63:2b:08:98:1c:49:72:c2:22:
3c:10:51:25:fd:b4:82:89:52:76:f2:00:20:5b:25:
4b:ae:41:12:45:76:e0:38:4a:de:f4:18:e7:ec:3f:
3b:70:2a:74:6d:6d:e0:5f:c9:e7:cc:06:32:f6:2d:
5f:42:dc:32:c1:89:93:82:ef:87:c0:00:72:91:e2:
86:d3:47:c2:74:43:39:4f:1c:8f:68:f1:68:cc:1b:
37:0a:c7:a6:de:a0:b7:f4:eb:e7:46:3f:a1:43:5c:
01:ec:35:5e:ef:b3:1a:2a:73:14:6d:09:ae:7b:87:
dd:f3:9c:26:95:0c:fc:3c:40:63:98:21:36:4a:e9:
26:ae:8d:2d:fb:c0:24:56:47:92:d9:c8:c7:5c:0d:
88:08:fd:91:b2:5a:44:8c:6a:d0:9e:87:0b:fa:69:
d4:4e:21:02:b2:c4:16:04:96:04:c8:3f:64:4f:19:
45:85:f5:ea:cf:a0:18:26:f8:f2:84:a3:c0:14:7a:
5c:52:c6:03:fb:70:b5:a1:0a:3f:ad:95:f5:70:22:
2f:87:3b:cd:0f:dd:32:19:7b:4c:60:92:94:40:39:
bc:29:fc:0c:19:c5:db:2e:d1:02:cf:ee:71:78:bc:
38:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:25:D4:6F:0A:48:10:3A:26:7B:9A:30:DC:18:7D:2B:88:E9:51:89
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/DyXUbwpIEDome5ow3Bh9K4jpUYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.123.0/24
92.52.221.0/24
194.41.46.0/24
Signature Algorithm: sha256WithRSAEncryption
70:83:82:f2:00:e7:d6:d1:81:96:27:4e:a8:fc:50:5d:cf:e0:
eb:a6:a0:01:70:ea:b8:e9:f6:21:7a:87:50:8a:43:65:84:d1:
60:fe:d2:b5:9a:b9:bb:ff:be:c9:0e:59:49:5b:bd:aa:af:37:
81:51:5d:2d:22:96:f3:b5:e5:99:ca:27:d0:ce:b1:ab:c0:8e:
bb:67:a5:1d:b1:33:b8:aa:0b:9b:ef:4a:de:83:93:7b:10:97:
f0:2e:69:24:f8:60:23:05:f3:61:44:ec:c6:44:34:d4:70:38:
d1:7d:31:89:97:eb:b4:26:79:cb:e5:83:fe:99:e1:fc:c2:88:
5d:d2:4c:ab:c8:34:91:c0:fd:12:de:31:f7:f4:64:84:9e:8b:
0d:62:1d:56:4d:cf:df:cc:be:4f:72:ad:cf:03:32:b3:5e:fe:
36:17:77:62:1b:56:c7:04:ef:05:c5:d4:09:b6:84:e0:4c:da:
3a:03:16:e5:f3:86:21:9a:ee:a1:77:b1:1a:bf:7e:08:19:ce:
81:dc:73:68:e3:9a:44:fa:10:c9:00:58:44:d8:65:b2:9d:a4:
28:ee:a6:92:e8:55:09:11:e8:92:2f:29:fc:1c:50:74:a8:9d:
22:83:cf:f5:10:8d:7e:90:50:db:8c:95:29:bc:70:c8:5a:57:
6f:4a:ae:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtrjeIAFxpnv07MSGjo5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI1ZDQ2ZjBhNDgxMDNhMjY3YjlhMzBkYzE4N2QyYjg4ZTk1MTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLITLfBmdKkvJOfz/R6VNgGVIdZj
KwiYHElywiI8EFEl/bSCiVJ28gAgWyVLrkESRXbgOEre9Bjn7D87cCp0bW3gX8nn
zAYy9i1fQtwywYmTgu+HwABykeKG00fCdEM5TxyPaPFozBs3Csem3qC39OvnRj+h
Q1wB7DVe77MaKnMUbQmue4fd85wmlQz8PEBjmCE2Sukmro0t+8AkVkeS2cjHXA2I
CP2RslpEjGrQnocL+mnUTiECssQWBJYEyD9kTxlFhfXqz6AYJvjyhKPAFHpcUsYD
+3C1oQo/rZX1cCIvhzvND90yGXtMYJKUQDm8KfwMGcXbLtECz+5xeLw4bwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA8l1G8KSBA6JnuaMNwYfSuI6VGJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvRHlYVWJ3cElFRG9tZTVvdzNCaDlLNGpwVVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbR7AwQA
XDTdAwQAwikuMA0GCSqGSIb3DQEBCwUAA4IBAQBwg4LyAOfW0YGWJ06o/FBdz+Dr
pqABcOq46fYheodQikNlhNFg/tK1mrm7/77JDllJW72qrzeBUV0tIpbzteWZyifQ
zrGrwI67Z6UdsTO4qgub70reg5N7EJfwLmkk+GAjBfNhROzGRDTUcDjRfTGJl+u0
JnnL5YP+meH8wohd0kyryDSRwP0S3jH39GSEnosNYh1WTc/fzL5Pcq3PAzKzXv42
F3diG1bHBO8FxdQJtoTgTNo6Axbl84Yhmu6hd7Eav34IGc6B3HNo45pE+hDJAFhE
2GWynaQo7qaS6FUJEeiSLyn8HFB0qJ0ig8/1EI1+kFDbjJUpvHDIWldvSq4y
-----END CERTIFICATE-----
Generated at Fri May 3 03:24:50 2024 by rpki-client on console-fra.rpki-client.org