Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/j6I-BK3Htoikj0ebv48PaWmA8lw.roa
File: j6I-BK3Htoikj0ebv48PaWmA8lw.roa (raw, json)
Hash identifier: re+n2wqm/qbUL9FCx/hhLQCr7SsMB+r38xZwBxHf/V8=
Subject key identifier: 8F:A2:3E:04:AD:C7:B6:88:A4:8F:47:9B:BF:8F:0F:69:69:80:F2:5C
Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial: 018CC348C25ABF92372D4F282604A0019843
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/j6I-BK3Htoikj0ebv48PaWmA8lw.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 185.84.217.0/24 maxlen: 24
185.84.219.0/24 maxlen: 24
2a05:a882:de10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.mft
rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 04:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c2:5a:bf:92:37:2d:4f:28:26:04:a0:01:98:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fa23e04adc7b688a48f479bbf8f0f696980f25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8c:2d:36:14:9f:ed:69:cd:97:fd:5e:0b:3c:
37:b4:2c:9a:ab:a9:03:ad:c1:e8:64:d1:df:ca:48:
00:d1:74:07:2e:6e:b7:6c:8b:74:b7:c4:bd:74:38:
7f:73:d2:0e:bf:26:57:b7:bc:78:75:c8:41:b2:34:
ac:70:2d:39:e6:7c:f2:43:5a:30:1f:0d:de:41:cd:
fa:ff:a6:c5:0e:4b:db:3d:87:d7:9f:bd:48:ab:50:
fb:a2:c7:85:f2:df:e7:1f:73:5b:1f:cb:27:89:2e:
20:b1:35:2f:a3:b2:03:96:8b:61:b5:67:39:95:c5:
1d:21:13:4d:56:30:3b:3e:c9:91:78:56:4f:74:83:
fa:70:44:f2:aa:81:8d:bb:cb:d2:aa:21:0b:cf:4e:
3c:68:c3:99:8b:11:b1:93:88:56:91:66:60:8d:cb:
ed:45:08:e8:49:71:c9:ad:99:ee:e2:74:aa:f7:4f:
ec:68:41:bd:e4:2f:9a:0b:10:fe:c3:43:dc:58:73:
45:8e:2b:95:18:de:41:61:e2:ef:75:29:d5:ca:78:
cd:e9:59:ce:a7:a9:d9:08:68:f6:1d:5b:61:b8:38:
ff:7a:01:19:38:0d:87:ef:2d:6c:54:7b:a8:f7:bf:
c7:1a:65:f8:65:ea:b3:38:19:39:b1:01:45:88:91:
30:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:A2:3E:04:AD:C7:B6:88:A4:8F:47:9B:BF:8F:0F:69:69:80:F2:5C
X509v3 Authority Key Identifier:
keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/j6I-BK3Htoikj0ebv48PaWmA8lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.217.0/24
185.84.219.0/24
IPv6:
2a05:a882:de10::/48
Signature Algorithm: sha256WithRSAEncryption
74:ce:a8:df:c6:36:09:c4:37:13:a5:ed:bc:e3:6e:41:8f:82:
e0:c3:25:2e:a4:63:d0:c6:90:fa:18:1b:b6:84:7d:7d:2f:2a:
51:0a:93:0a:46:8f:24:d2:64:73:34:61:3b:b4:eb:ec:30:f7:
cd:42:ee:e0:9b:d5:6e:b4:2d:f1:6e:e5:e3:28:55:36:03:60:
64:8e:a7:cc:d8:52:a2:f1:5f:df:a3:a0:5b:09:a7:9f:ed:7f:
8f:13:57:39:44:02:99:b9:a1:58:f0:48:f6:d7:49:00:fe:b3:
7d:68:ad:c1:e9:43:de:cc:af:5c:88:f8:af:1a:77:74:4f:c1:
25:9b:03:39:1e:91:57:e9:67:3f:15:c2:07:3c:ae:b1:01:cd:
94:c0:b4:b6:72:d7:7f:74:a5:90:5a:0a:07:e2:2e:9b:81:a3:
ac:de:93:b4:12:df:6a:71:22:55:7e:6f:c1:74:3d:a5:51:95:
de:e0:aa:c8:e4:7f:73:b9:6e:50:d4:9b:73:7a:44:ac:1a:5c:
7f:88:b6:75:ab:91:8c:ab:bd:80:f8:e8:be:30:4c:6a:58:68:
80:f3:db:68:43:bd:c8:1f:a5:bb:8e:e5:34:ec:bf:0c:a6:cf:
f3:f7:31:08:a0:e6:7f:c8:4a:01:ca:20:b7:d8:3b:af:13:9e:
c6:26:a6:8a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSMJav5I3LU8oJgSgAZhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmEyM2UwNGFkYzdiNjg4YTQ4ZjQ3OWJiZjhmMGY2OTY5ODBmMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArowtNhSf7WnNl/1eCzw3tCyaq6kD
rcHoZNHfykgA0XQHLm63bIt0t8S9dDh/c9IOvyZXt7x4dchBsjSscC055nzyQ1ow
Hw3eQc36/6bFDkvbPYfXn71Iq1D7oseF8t/nH3NbH8sniS4gsTUvo7IDlothtWc5
lcUdIRNNVjA7PsmReFZPdIP6cETyqoGNu8vSqiELz048aMOZixGxk4hWkWZgjcvt
RQjoSXHJrZnu4nSq90/saEG95C+aCxD+w0PcWHNFjiuVGN5BYeLvdSnVynjN6VnO
p6nZCGj2HVthuDj/egEZOA2H7y1sVHuo97/HGmX4ZeqzOBk5sQFFiJEwNQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFI+iPgStx7aIpI9Hm7+PD2lpgPJcMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvajZJLUJLM0h0b2lrajBlYnY0OFBhV21BOGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuVTZAwQA
uVTbMA8EAgACMAkDBwAqBaiC3hAwDQYJKoZIhvcNAQELBQADggEBAHTOqN/GNgnE
NxOl7bzjbkGPguDDJS6kY9DGkPoYG7aEfX0vKlEKkwpGjyTSZHM0YTu06+ww981C
7uCb1W60LfFu5eMoVTYDYGSOp8zYUqLxX9+joFsJp5/tf48TVzlEApm5oVjwSPbX
SQD+s31orcHpQ97Mr1yI+K8ad3RPwSWbAzkekVfpZz8Vwgc8rrEBzZTAtLZy1390
pZBaCgfiLpuBo6zek7QS32pxIlV+b8F0PaVRld7gqsjkf3O5blDUm3N6RKwaXH+I
tnWrkYyrvYD46L4wTGpYaIDz22hDvcgfpbuO5TTsvwymz/P3MQig5n/ISgHKILfY
O68TnsYmpoo=
-----END CERTIFICATE-----
Generated at Sat May 4 09:05:15 2024 by rpki-client on console-ams.rpki-client.org