Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/1d0o3VSeXWst7lp6Q7f0dBckjxU.roa
File: 1d0o3VSeXWst7lp6Q7f0dBckjxU.roa (raw, json)
Hash identifier: th4KkmYxbhSy13J4CKXgQuchJJbKX2pOgze+TY5nRWc=
Subject key identifier: D5:DD:28:DD:54:9E:5D:6B:2D:EE:5A:7A:43:B7:F4:74:17:24:8F:15
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 018F18AA1E0E2D408E7E5D90FA580E29753B
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/1d0o3VSeXWst7lp6Q7f0dBckjxU.roa
Signing time: Fri 26 Apr 2024 04:29:13 +0000
ROA not before: Fri 26 Apr 2024 04:29:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:18:aa:1e:0e:2d:40:8e:7e:5d:90:fa:58:0e:29:75:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Apr 26 04:29:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5dd28dd549e5d6b2dee5a7a43b7f47417248f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ba:83:88:09:d7:a9:af:74:43:fb:5b:32:69:
78:82:76:fe:53:19:33:16:56:c0:71:57:73:fd:5e:
37:6d:f8:c0:57:ae:89:b8:1c:41:98:66:99:0d:e1:
6a:6c:e5:ee:95:1a:8a:61:94:7e:e9:f7:bc:f0:57:
21:4a:44:58:1f:65:cc:de:16:c8:eb:ed:07:c6:83:
12:80:65:66:de:ed:e6:0c:88:af:16:42:e2:85:b1:
8a:ce:31:a0:fe:b1:04:d6:ac:6c:8d:ea:5e:da:8e:
d3:20:d2:03:13:1c:d4:a7:b4:e2:34:6b:25:71:11:
e8:f5:8e:ed:5c:46:ac:57:92:3c:15:62:79:78:3f:
22:9f:36:ce:b7:5f:58:7b:ce:8e:c2:f8:f8:4a:09:
59:23:7b:04:7a:be:72:ce:2a:46:2c:b7:33:a8:8d:
5b:71:88:bd:63:57:0c:8f:34:41:d4:a6:a4:97:8f:
94:11:35:20:db:1b:06:67:3c:95:7f:e8:cb:31:17:
aa:29:00:b2:7a:c2:7a:2f:a5:d9:7b:6f:4c:43:4b:
39:ae:e2:d4:a1:27:82:d3:27:35:15:ea:cd:2c:c5:
1b:5d:6d:b3:ce:75:07:8a:86:35:c9:f9:8e:0f:d6:
70:12:21:ef:f2:29:22:17:0e:5b:95:e4:d6:a0:d8:
da:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DD:28:DD:54:9E:5D:6B:2D:EE:5A:7A:43:B7:F4:74:17:24:8F:15
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/1d0o3VSeXWst7lp6Q7f0dBckjxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.16.0/22
83.147.21.0/24
83.147.36.0/22
Signature Algorithm: sha256WithRSAEncryption
46:d6:b3:04:8b:7d:f8:70:a5:31:c4:55:dd:c4:ce:e3:ad:1b:
3b:c5:af:6c:c7:06:c4:96:5c:9f:6e:52:0d:ff:9d:14:d4:14:
c6:32:d6:d6:0b:d3:a4:5a:2f:81:91:bb:dc:74:0d:b5:d3:e8:
e3:51:15:75:b7:d7:e5:a7:07:43:b8:65:57:6e:8c:2f:3d:c9:
d5:25:79:b4:9c:aa:34:5e:46:f2:14:90:e9:07:99:f3:b6:40:
02:b4:da:d9:3e:c1:88:be:7e:68:21:eb:eb:46:3d:cf:c5:7c:
5e:93:93:10:b4:51:ca:cd:d1:db:b7:fe:3b:93:40:2c:f4:e3:
06:17:c8:f3:25:fd:2e:de:41:ec:fc:af:dc:91:ed:2d:a8:4f:
45:4c:39:75:b3:f7:d3:25:c3:e2:d0:73:c5:03:8c:17:67:70:
76:0b:44:ba:28:dc:a8:06:1e:30:be:0f:cc:92:d9:93:ef:39:
82:b3:b6:c5:76:79:a7:df:2e:b4:f9:38:ca:c7:24:9c:d0:f3:
cf:dc:d4:b4:6c:70:2b:5b:a3:22:ea:95:51:42:ff:5b:fc:eb:
72:e0:4d:e5:d2:53:88:46:08:43:2f:b0:72:22:02:4a:7b:cd:
a9:ed:00:cf:61:c2:a1:f3:28:0e:f7:33:1b:e0:fc:7e:b0:61:
3d:4e:0c:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8Yqh4OLUCOfl2Q+lgOKXU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwNDI2MDQyOTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWRkMjhkZDU0OWU1ZDZiMmRlZTVhN2E0M2I3ZjQ3NDE3MjQ4ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrqDiAnXqa90Q/tbMml4gnb+Uxkz
FlbAcVdz/V43bfjAV66JuBxBmGaZDeFqbOXulRqKYZR+6fe88FchSkRYH2XM3hbI
6+0HxoMSgGVm3u3mDIivFkLihbGKzjGg/rEE1qxsjepe2o7TINIDExzUp7TiNGsl
cRHo9Y7tXEasV5I8FWJ5eD8inzbOt19Ye86Owvj4SglZI3sEer5yzipGLLczqI1b
cYi9Y1cMjzRB1Kakl4+UETUg2xsGZzyVf+jLMReqKQCyesJ6L6XZe29MQ0s5ruLU
oSeC0yc1FerNLMUbXW2zznUHioY1yfmOD9ZwEiHv8ikiFw5bleTWoNjabQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNXdKN1Unl1rLe5aekO39HQXJI8VMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvMWQwbzNWU2VYV3N0N2xwNlE3ZjBkQmNranhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5MAAwQC
U5MQAwQAU5MVAwQCU5MkMA0GCSqGSIb3DQEBCwUAA4IBAQBG1rMEi334cKUxxFXd
xM7jrRs7xa9sxwbEllyfblIN/50U1BTGMtbWC9OkWi+BkbvcdA210+jjURV1t9fl
pwdDuGVXbowvPcnVJXm0nKo0XkbyFJDpB5nztkACtNrZPsGIvn5oIevrRj3PxXxe
k5MQtFHKzdHbt/47k0As9OMGF8jzJf0u3kHs/K/cke0tqE9FTDl1s/fTJcPi0HPF
A4wXZ3B2C0S6KNyoBh4wvg/MktmT7zmCs7bFdnmn3y60+TjKxySc0PPP3NS0bHAr
W6Mi6pVRQv9b/Oty4E3l0lOIRghDL7ByIgJKe82p7QDPYcKh8ygO9zMb4Px+sGE9
Tgwc
-----END CERTIFICATE-----
Generated at Sat Apr 27 20:22:50 2024 by rpki-client on console.sobornost.net