Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/DxOSvKPAZs4Q4IH44E7gK03lui4.roa
File: DxOSvKPAZs4Q4IH44E7gK03lui4.roa (raw, json)
Hash identifier: o0KPnodVTv+vmiEE64ziYXwO0jin/W+SdtqR9/MmPPU=
Subject key identifier: 0F:13:92:BC:A3:C0:66:CE:10:E0:81:F8:E0:4E:E0:2B:4D:E5:BA:2E
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 018CC8DE291462EC7BEA050309F5B7CBA607
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/DxOSvKPAZs4Q4IH44E7gK03lui4.roa
Signing time: Tue 02 Jan 2024 06:30:51 +0000
ROA not before: Tue 02 Jan 2024 06:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 193.118.32.0/19 maxlen: 24
185.207.112.0/22 maxlen: 24
23.90.128.0/18 maxlen: 24
193.118.96.0/19 maxlen: 19
192.169.96.0/19 maxlen: 24
192.169.104.0/22 maxlen: 24
199.182.232.0/21 maxlen: 24
104.166.128.0/18 maxlen: 24
2a0b:21c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:29:14:62:ec:7b:ea:05:03:09:f5:b7:cb:a6:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: Jan 2 06:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f1392bca3c066ce10e081f8e04ee02b4de5ba2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9d:83:dc:da:d9:75:00:0e:7f:30:91:78:e6:
1e:99:19:10:7c:ce:2f:3a:4c:7c:ec:2c:6e:4f:73:
e3:4e:5c:7c:a7:96:c6:c8:e7:5f:be:0d:bf:d4:35:
66:00:81:86:fa:80:98:57:82:3a:b9:8d:4f:81:8a:
e3:8a:94:c6:72:e6:38:53:e8:fe:b0:20:12:82:30:
7d:94:5c:d4:90:39:e2:1d:37:b3:17:23:28:54:0b:
cc:7a:ae:19:64:05:84:60:06:d5:80:ac:be:89:02:
34:94:24:4d:07:10:f9:2f:01:d1:ff:26:ad:a6:05:
cb:0b:6a:ed:3e:79:92:d3:f4:17:62:bb:78:6c:f8:
84:4a:2f:48:20:42:2e:a1:66:a6:ef:61:31:74:09:
1c:fb:49:9c:2e:19:a6:23:a3:e9:5e:e6:64:de:5d:
a8:58:b6:fc:e5:48:dc:06:22:99:7a:bc:8b:f7:b4:
7d:f0:6c:2c:b9:bf:9c:55:de:81:38:81:8f:0a:20:
ff:3e:55:29:ce:be:5e:1b:ef:2b:87:fb:a7:4d:51:
16:34:68:43:b7:54:db:93:2d:59:ea:a4:b3:96:fa:
1b:94:c6:51:b8:53:9d:0d:41:61:5c:d8:b3:78:f5:
d0:13:68:c8:1a:d3:36:fd:a6:2b:54:e4:3f:aa:e6:
4b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:13:92:BC:A3:C0:66:CE:10:E0:81:F8:E0:4E:E0:2B:4D:E5:BA:2E
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/DxOSvKPAZs4Q4IH44E7gK03lui4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.90.128.0/18
104.166.128.0/18
185.207.112.0/22
192.169.96.0/19
193.118.32.0/19
193.118.96.0/19
199.182.232.0/21
IPv6:
2a0b:21c0::/29
Signature Algorithm: sha256WithRSAEncryption
60:71:1e:3f:56:db:db:f5:3a:bd:4d:d2:32:3b:c6:0e:45:46:
fd:7f:0b:de:94:fa:40:fe:c0:fa:31:1d:e7:6f:37:3b:d4:c7:
76:ec:dd:99:70:35:ed:ed:65:ec:0d:bc:f4:1e:0d:4f:7c:f7:
78:71:9b:f2:d4:13:12:84:2d:1b:a4:73:e2:73:43:32:24:6f:
e0:b2:e6:c2:ea:33:52:cc:cf:87:64:f9:5f:38:5c:9d:fd:9b:
23:f8:54:b0:71:bb:d1:d7:25:0f:a9:22:d3:0d:ca:0d:5b:19:
80:66:02:04:8e:65:26:77:78:fd:c4:79:35:a4:b3:59:3b:02:
5c:f4:0e:c5:47:10:d3:15:63:4e:e2:60:00:01:bd:d0:12:ad:
7a:56:a6:12:21:b6:43:41:3f:87:9a:19:b2:34:1b:db:92:4f:
77:bc:3a:66:1a:c8:5b:15:9e:c1:1f:c2:1b:8a:ee:e6:6f:ed:
7b:94:3c:dc:4c:39:6e:01:14:de:3d:ea:79:17:28:08:0a:26:
d0:6f:de:b5:eb:a2:98:03:d3:38:a6:89:f6:46:0a:a7:b2:3d:
98:f1:2e:bc:05:4f:70:b6:bb:51:ae:a6:c4:25:4c:27:2d:82:
47:83:ae:0d:92:69:a0:3f:e7:0b:fb:6c:47:e3:4a:33:a8:8b:
a5:7f:b2:bb
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzI3ikUYux76gUDCfW3y6YHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjQwMTAyMDYzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjEzOTJiY2EzYzA2NmNlMTBlMDgxZjhlMDRlZTAyYjRkZTViYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ2D3NrZdQAOfzCReOYemRkQfM4v
Okx87CxuT3PjTlx8p5bGyOdfvg2/1DVmAIGG+oCYV4I6uY1PgYrjipTGcuY4U+j+
sCASgjB9lFzUkDniHTezFyMoVAvMeq4ZZAWEYAbVgKy+iQI0lCRNBxD5LwHR/yat
pgXLC2rtPnmS0/QXYrt4bPiESi9IIEIuoWam72ExdAkc+0mcLhmmI6PpXuZk3l2o
WLb85UjcBiKZeryL97R98Gwsub+cVd6BOIGPCiD/PlUpzr5eG+8rh/unTVEWNGhD
t1Tbky1Z6qSzlvoblMZRuFOdDUFhXNizePXQE2jIGtM2/aYrVOQ/quZLlQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFA8TkryjwGbOEOCB+OBO4CtN5bouMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvRHhPU3ZLUEFaczRRNElINDRFN2dLMDNsdWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQGF1qAAwQG
aKaAAwQCuc9wAwQFwKlgAwQFwXYgAwQFwXZgAwQDx7boMA0EAgACMAcDBQMqCyHA
MA0GCSqGSIb3DQEBCwUAA4IBAQBgcR4/Vtvb9Tq9TdIyO8YORUb9fwvelPpA/sD6
MR3nbzc71Md27N2ZcDXt7WXsDbz0Hg1PfPd4cZvy1BMShC0bpHPic0MyJG/gsubC
6jNSzM+HZPlfOFyd/Zsj+FSwcbvR1yUPqSLTDcoNWxmAZgIEjmUmd3j9xHk1pLNZ
OwJc9A7FRxDTFWNO4mAAAb3QEq16VqYSIbZDQT+HmhmyNBvbkk93vDpmGshbFZ7B
H8Ibiu7mb+17lDzcTDluARTePep5FygICibQb96166KYA9M4pon2Rgqnsj2Y8S68
BU9wtrtRrqbEJUwnLYJHg64NkmmgP+cL+2xH40ozqIulf7K7
-----END CERTIFICATE-----
Generated at Thu May 2 21:29:05 2024 by rpki-client on console-ams.rpki-client.org