Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/DDgnC0FAmFoiGJWfJ2SBWKDCKnQ.roa
File: DDgnC0FAmFoiGJWfJ2SBWKDCKnQ.roa (raw, json)
Hash identifier: CkBh42GZ8OxmxZq7RjbxtG7LCTgwJUN10wrEJD6uT04=
Subject key identifier: 0C:38:27:0B:41:40:98:5A:22:18:95:9F:27:64:81:58:A0:C2:2A:74
Certificate issuer: /CN=5e7ceb9c931cb1795e227ae2c86475513ae4915c
Certificate serial: 018CC7952E943A4D4E747F9C600CC725D307
Authority key identifier: 5E:7C:EB:9C:93:1C:B1:79:5E:22:7A:E2:C8:64:75:51:3A:E4:91:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XnzrnJMcsXleInriyGR1UTrkkVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/DDgnC0FAmFoiGJWfJ2SBWKDCKnQ.roa
Signing time: Tue 02 Jan 2024 00:31:31 +0000
ROA not before: Tue 02 Jan 2024 00:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49597
IP address blocks: 185.165.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/XnzrnJMcsXleInriyGR1UTrkkVw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/XnzrnJMcsXleInriyGR1UTrkkVw.mft
rsync://rpki.ripe.net/repository/DEFAULT/XnzrnJMcsXleInriyGR1UTrkkVw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2e:94:3a:4d:4e:74:7f:9c:60:0c:c7:25:d3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e7ceb9c931cb1795e227ae2c86475513ae4915c
Validity
Not Before: Jan 2 00:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c38270b4140985a2218959f27648158a0c22a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fa:d6:e3:dc:6d:e8:ee:00:ab:8b:3e:b4:dd:
9f:b2:ae:0d:79:d9:b7:aa:9d:b8:4d:4d:ff:a2:9f:
ff:9b:c4:54:ed:2d:4b:18:5c:aa:69:ce:86:09:36:
af:9e:73:1f:e0:73:92:ec:9e:b8:77:da:b4:c5:70:
91:89:43:ea:77:69:7a:7c:be:4c:bb:9e:63:43:ac:
a2:59:9b:bc:4c:bc:4d:a3:a4:94:76:2f:83:cd:84:
dc:53:7f:29:71:8b:96:b1:b7:f8:0e:bf:00:8a:45:
36:44:7a:9f:96:fb:0c:68:ca:c2:47:37:fe:c0:b4:
e1:d3:7c:ed:dc:56:76:cf:0b:50:67:f0:1f:ad:46:
f7:b3:86:08:17:a3:43:48:69:3f:83:30:8a:3c:d1:
38:05:0f:a3:52:c9:71:67:f8:61:5a:59:e2:07:f5:
05:6a:0c:a7:34:b7:70:74:db:33:4d:fd:3d:a6:65:
f8:40:7c:8a:46:99:e7:d0:8b:bf:e5:d5:be:d3:a7:
d5:7e:eb:bf:37:b4:4e:14:e2:ad:0d:4e:cc:c9:1e:
6e:14:05:39:6b:0a:91:ec:91:99:63:53:7a:91:3c:
41:d4:c7:fd:00:d9:cd:7e:20:61:27:ee:b8:73:f6:
56:76:ab:f4:33:12:da:c0:1e:6f:b8:1c:0b:7e:22:
a1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:38:27:0B:41:40:98:5A:22:18:95:9F:27:64:81:58:A0:C2:2A:74
X509v3 Authority Key Identifier:
keyid:5E:7C:EB:9C:93:1C:B1:79:5E:22:7A:E2:C8:64:75:51:3A:E4:91:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XnzrnJMcsXleInriyGR1UTrkkVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/DDgnC0FAmFoiGJWfJ2SBWKDCKnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/722703-06a7-4fbd-930f-2422abf342ac/1/XnzrnJMcsXleInriyGR1UTrkkVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.56.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:4a:5c:9d:06:37:b2:00:1c:05:b1:0d:25:34:29:dd:a6:b0:
55:4a:1c:2d:c7:0c:b9:43:ac:10:b8:76:4d:db:5a:9b:49:0b:
76:30:df:03:e8:22:ff:44:31:54:4a:f5:2c:e6:6b:aa:f6:92:
b3:ed:10:ba:28:5d:6b:09:dc:91:43:11:2e:48:38:8d:c6:bf:
62:7a:16:56:72:3a:28:7b:10:84:9d:e9:f1:68:86:41:e5:6d:
d5:ac:25:c7:12:f2:03:5a:3f:62:85:62:a4:2f:22:ad:28:54:
47:67:06:8a:72:3d:6c:ed:4b:c3:a9:bd:ec:fd:16:51:28:6c:
df:0f:86:4b:18:62:d8:20:d6:43:0a:64:cb:4e:df:a1:35:ef:
ab:a8:33:59:04:58:e8:76:b7:2a:07:c4:e0:10:41:d2:44:f6:
ff:d6:b2:d9:0e:8e:3f:ff:d2:2e:17:37:54:a3:bc:ea:3d:a2:
26:4f:7b:cd:25:ad:0b:81:8f:32:c5:81:97:4e:ea:8a:04:f3:
f4:b2:7c:2d:68:70:55:40:07:86:1d:fe:6a:81:33:9b:d7:db:
2d:d3:e4:0f:35:0c:bf:2a:35:d6:b8:32:20:10:3c:93:74:7f:
ae:0a:ea:b4:3c:9b:75:16:7a:97:9c:a2:01:ff:bf:38:3e:b0:
6a:b6:9b:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlS6UOk1OdH+cYAzHJdMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlN2NlYjljOTMxY2IxNzk1ZTIyN2FlMmM4NjQ3NTUxM2Fl
NDkxNWMwHhcNMjQwMTAyMDAzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzM4MjcwYjQxNDA5ODVhMjIxODk1OWYyNzY0ODE1OGEwYzIyYTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvrW49xt6O4Aq4s+tN2fsq4Nedm3
qp24TU3/op//m8RU7S1LGFyqac6GCTavnnMf4HOS7J64d9q0xXCRiUPqd2l6fL5M
u55jQ6yiWZu8TLxNo6SUdi+DzYTcU38pcYuWsbf4Dr8AikU2RHqflvsMaMrCRzf+
wLTh03zt3FZ2zwtQZ/AfrUb3s4YIF6NDSGk/gzCKPNE4BQ+jUslxZ/hhWlniB/UF
agynNLdwdNszTf09pmX4QHyKRpnn0Iu/5dW+06fVfuu/N7ROFOKtDU7MyR5uFAU5
awqR7JGZY1N6kTxB1Mf9ANnNfiBhJ+64c/ZWdqv0MxLawB5vuBwLfiKhYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAw4JwtBQJhaIhiVnydkgVigwip0MB8GA1UdIwQY
MBaAFF5865yTHLF5XiJ64shkdVE65JFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG56cm5KTWNzWGxlSW5yaXlHUjFVVHJra1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjI3MDMtMDZhNy00ZmJkLTkzMGYt
MjQyMmFiZjM0MmFjLzEvRERnbkMwRkFtRm9pR0pXZkoyU0JXS0RDS25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjI3MDMtMDZhNy00ZmJkLTkzMGYtMjQyMmFiZjM0MmFj
LzEvWG56cm5KTWNzWGxlSW5yaXlHUjFVVHJra1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaU4MA0G
CSqGSIb3DQEBCwUAA4IBAQCcSlydBjeyABwFsQ0lNCndprBVShwtxwy5Q6wQuHZN
21qbSQt2MN8D6CL/RDFUSvUs5muq9pKz7RC6KF1rCdyRQxEuSDiNxr9iehZWcjoo
exCEnenxaIZB5W3VrCXHEvIDWj9ihWKkLyKtKFRHZwaKcj1s7UvDqb3s/RZRKGzf
D4ZLGGLYINZDCmTLTt+hNe+rqDNZBFjodrcqB8TgEEHSRPb/1rLZDo4//9IuFzdU
o7zqPaImT3vNJa0LgY8yxYGXTuqKBPP0snwtaHBVQAeGHf5qgTOb19st0+QPNQy/
KjXWuDIgEDyTdH+uCuq0PJt1FnqXnKIB/784PrBqtpvX
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:44:39 2024 by rpki-client on console-fra.rpki-client.org