Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/oKR_t0pzXsl4bCd5hasJVOgmvLw.roa
File: oKR_t0pzXsl4bCd5hasJVOgmvLw.roa (raw, json)
Hash identifier: VtvTeJOBs5xWGpuoqu0EVVnDq+SDu/2IxsoOfhE5HqY=
Subject key identifier: A0:A4:7F:B7:4A:73:5E:C9:78:6C:27:79:85:AB:09:54:E8:26:BC:BC
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 019054A5D22BEDA26FF6BE201D82FC5ECA00
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/oKR_t0pzXsl4bCd5hasJVOgmvLw.roa
Signing time: Wed 26 Jun 2024 13:04:31 +0000
ROA not before: Wed 26 Jun 2024 13:04:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5377
IP address blocks: 77.70.128.0/17 maxlen: 17
77.70.128.0/19 maxlen: 19
77.70.144.0/20 maxlen: 20
77.70.160.0/20 maxlen: 20
77.70.176.0/22 maxlen: 24
77.70.181.0/24 maxlen: 24
77.70.184.0/21 maxlen: 24
77.70.192.0/19 maxlen: 19
77.70.207.0/24 maxlen: 24
77.70.240.0/20 maxlen: 20
77.70.254.0/24 maxlen: 24
77.70.255.0/24 maxlen: 24
193.219.192.0/18 maxlen: 18
193.219.196.0/24 maxlen: 24
193.220.0.0/16 maxlen: 16
193.220.88.0/21 maxlen: 21
193.220.94.0/24 maxlen: 24
193.220.165.0/24 maxlen: 24
193.220.174.0/23 maxlen: 24
193.220.220.0/22 maxlen: 22
193.220.224.0/20 maxlen: 20
193.220.240.0/20 maxlen: 24
2a02:6600::/29 maxlen: 32
2a02:6600:f000::/48 maxlen: 48
2a02:6600:f001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:54:a5:d2:2b:ed:a2:6f:f6:be:20:1d:82:fc:5e:ca:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Jun 26 13:04:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0a47fb74a735ec9786c277985ab0954e826bcbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6b:78:98:b4:69:bf:7b:31:7a:30:9d:f1:86:
7c:94:f2:ac:61:1b:aa:35:04:14:99:0f:7d:1a:b6:
ff:01:a4:6e:1a:56:b2:81:b7:52:fe:d4:75:b6:da:
cf:e7:de:d2:d5:9a:c4:78:1e:a5:ee:7f:77:f5:2c:
f3:f8:84:28:62:05:03:2d:92:a0:57:f4:d1:4f:eb:
2c:eb:ba:cc:6c:52:34:8c:02:44:aa:82:c2:f0:2c:
47:b4:23:85:2e:c0:3b:fe:8c:a4:43:99:b6:b8:8b:
b5:6a:b9:08:71:69:a1:8e:6e:36:63:d1:cc:a0:3d:
f2:f0:84:72:92:89:3a:48:57:17:b1:47:09:b2:c6:
ac:b8:81:cf:9d:98:66:08:20:71:25:ff:49:19:cc:
73:c9:54:c5:0a:d1:90:d3:58:09:80:f2:41:06:b2:
a4:0c:ff:7a:dd:35:06:08:ae:2b:69:7e:98:b4:3e:
c9:05:38:c1:99:f1:f8:36:86:24:a9:e4:c7:c4:4d:
9c:32:57:67:43:63:a2:b5:3b:09:8c:5f:a7:aa:fb:
b8:5d:8f:e4:83:24:87:50:17:2e:71:08:28:a2:c2:
3b:e4:0f:57:e9:ad:4d:4b:28:fa:8d:dc:25:97:36:
7e:46:bf:e6:8f:20:e9:ab:a2:b7:d2:5d:0d:22:36:
e4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A4:7F:B7:4A:73:5E:C9:78:6C:27:79:85:AB:09:54:E8:26:BC:BC
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/oKR_t0pzXsl4bCd5hasJVOgmvLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.128.0/17
193.219.192.0-193.220.255.255
IPv6:
2a02:6600::/29
Signature Algorithm: sha256WithRSAEncryption
3f:31:a5:13:1e:94:23:d7:66:fc:dd:e8:85:27:ff:0b:d2:1e:
86:5c:78:d8:a5:5b:e1:3d:b1:27:47:c6:2e:d1:3e:97:19:48:
e6:80:d2:b4:18:82:9d:e5:dd:04:7c:00:03:5b:d3:e3:6c:94:
e5:b8:08:08:00:9d:bd:c5:ae:de:97:59:75:a0:d9:59:c7:a4:
05:45:af:9e:6e:f4:66:7e:18:29:93:59:22:db:a6:65:f9:f8:
9f:e0:4f:16:3d:e5:a1:b8:f1:d5:35:1d:35:60:2a:cb:4f:09:
3a:f9:fe:23:dd:f4:1e:b4:35:d7:8d:ba:83:24:ea:5b:50:fb:
1f:59:04:83:33:15:53:79:7d:2d:f5:cb:7f:9b:3f:33:39:03:
27:96:40:3c:b1:87:4b:cd:96:f2:c7:87:31:f1:86:9e:64:e5:
bf:40:1d:2d:c7:f2:87:d4:40:d7:9f:f7:8b:1e:52:3b:2b:37:
b3:3e:e1:6f:7c:84:16:f7:91:7b:4e:48:6d:49:e1:e3:09:d3:
be:e1:84:00:a3:a5:f4:2c:62:10:21:5e:91:4f:aa:f5:b6:27:
26:34:23:65:21:17:93:ef:ce:7d:c7:27:a2:25:f7:f2:65:af:
49:0d:af:5b:43:54:d9:bf:81:40:cc:bb:fe:40:a2:92:da:c0:
ac:ff:83:d5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZBUpdIr7aJv9r4gHYL8XsoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjQwNjI2MTMwNDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGE0N2ZiNzRhNzM1ZWM5Nzg2YzI3Nzk4NWFiMDk1NGU4MjZiY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2t4mLRpv3sxejCd8YZ8lPKsYRuq
NQQUmQ99Grb/AaRuGlaygbdS/tR1ttrP597S1ZrEeB6l7n939Szz+IQoYgUDLZKg
V/TRT+ss67rMbFI0jAJEqoLC8CxHtCOFLsA7/oykQ5m2uIu1arkIcWmhjm42Y9HM
oD3y8IRykok6SFcXsUcJssasuIHPnZhmCCBxJf9JGcxzyVTFCtGQ01gJgPJBBrKk
DP963TUGCK4raX6YtD7JBTjBmfH4NoYkqeTHxE2cMldnQ2OitTsJjF+nqvu4XY/k
gySHUBcucQgoosI75A9X6a1NSyj6jdwllzZ+Rr/mjyDpq6K30l0NIjbkhwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKCkf7dKc17JeGwneYWrCVToJry8MB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvb0tSX3QwcHpYc2w0YkNkNWhhc0pWT2dtdkx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwQHTUaAMAsD
BAbB28ADAwDB3DANBAIAAjAHAwUDKgJmADANBgkqhkiG9w0BAQsFAAOCAQEAPzGl
Ex6UI9dm/N3ohSf/C9Iehlx42KVb4T2xJ0fGLtE+lxlI5oDStBiCneXdBHwAA1vT
42yU5bgICACdvcWu3pdZdaDZWcekBUWvnm70Zn4YKZNZItumZfn4n+BPFj3lobjx
1TUdNWAqy08JOvn+I930HrQ11426gyTqW1D7H1kEgzMVU3l9LfXLf5s/MzkDJ5ZA
PLGHS82W8seHMfGGnmTlv0AdLcfyh9RA15/3ix5SOys3sz7hb3yEFveRe05IbUnh
4wnTvuGEAKOl9CxiECFekU+q9bYnJjQjZSEXk+/OfccnoiX38mWvSQ2vW0NU2b+B
QMy7/kCiktrArP+D1Q==
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:31:46 2024 by rpki-client on console-ams.rpki-client.org