Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/m7gMzHfBB3F7DJuN8-9yg3_6v-k.roa
File: m7gMzHfBB3F7DJuN8-9yg3_6v-k.roa (raw, json)
Hash identifier: Jz5VS86MCMlOSS7tOVRGTJ86JhmpAD1F2l8+/vAWlFI=
Subject key identifier: 9B:B8:0C:CC:77:C1:07:71:7B:0C:9B:8D:F3:EF:72:83:7F:FA:BF:E9
Certificate issuer: /CN=e30f8894f308172ace92fbe6052eec23853eadad
Certificate serial: 019191C268FF626C032AA560438310A55DAC
Authority key identifier: E3:0F:88:94:F3:08:17:2A:CE:92:FB:E6:05:2E:EC:23:85:3E:AD:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/m7gMzHfBB3F7DJuN8-9yg3_6v-k.roa
Signing time: Tue 27 Aug 2024 02:55:22 +0000
ROA not before: Tue 27 Aug 2024 02:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3920
IP address blocks: 77.247.111.0/24 maxlen: 24
117.18.118.0/24 maxlen: 24
117.55.202.0/24 maxlen: 24
117.55.203.0/24 maxlen: 24
185.53.91.0/24 maxlen: 24
212.237.231.0/24 maxlen: 24
2a13:adc0::/48 maxlen: 48
2a13:adc0:1::/48 maxlen: 48
2a13:adc0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/4w-IlPMIFyrOkvvmBS7sI4U-ra0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/4w-IlPMIFyrOkvvmBS7sI4U-ra0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:91:c2:68:ff:62:6c:03:2a:a5:60:43:83:10:a5:5d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e30f8894f308172ace92fbe6052eec23853eadad
Validity
Not Before: Aug 27 02:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bb80ccc77c107717b0c9b8df3ef72837ffabfe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a8:3e:46:65:55:aa:ce:fa:7a:9f:91:54:db:
5d:12:26:04:06:57:94:29:93:11:48:f5:d8:0b:ee:
66:c9:48:4a:4b:6e:b6:d6:4d:30:d0:b6:55:a5:c0:
bc:59:19:eb:4d:51:cb:c5:c7:7d:24:50:d4:bd:27:
66:76:ff:32:86:94:06:cd:5d:9f:ae:0c:2d:cb:c2:
bc:b8:fa:a2:fd:cf:ff:3b:6b:13:25:d2:84:0e:de:
1c:3b:cb:60:78:fc:cd:01:df:f3:d1:77:0c:c0:8a:
01:44:e2:b3:da:72:db:b3:f7:14:fb:d3:82:7c:08:
24:05:f6:2e:53:20:32:bf:60:b5:c4:b6:97:70:69:
ce:a0:9d:da:78:a8:ee:d7:5b:f7:e9:dd:ee:be:2f:
9f:3a:9e:f6:5b:b8:a1:46:50:18:d7:28:0a:a5:06:
f3:8a:6b:2a:a9:1e:9e:94:7d:60:d3:0b:b2:7d:52:
7e:ba:0a:40:94:83:b2:0e:76:54:7d:fa:fa:27:34:
1a:a5:42:74:15:56:e6:40:35:72:53:b2:60:bb:ef:
02:ac:72:e3:5e:4c:6c:2c:ff:23:f4:df:dd:2d:a7:
26:cc:f7:14:71:32:c1:87:8a:03:8d:63:12:b2:a9:
cf:c9:4a:a3:46:35:53:2e:b9:a3:3d:e4:a2:67:53:
0b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B8:0C:CC:77:C1:07:71:7B:0C:9B:8D:F3:EF:72:83:7F:FA:BF:E9
X509v3 Authority Key Identifier:
keyid:E3:0F:88:94:F3:08:17:2A:CE:92:FB:E6:05:2E:EC:23:85:3E:AD:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/m7gMzHfBB3F7DJuN8-9yg3_6v-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/4w-IlPMIFyrOkvvmBS7sI4U-ra0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.111.0/24
117.18.118.0/24
117.55.202.0/23
185.53.91.0/24
212.237.231.0/24
IPv6:
2a13:adc0::-2a13:adc0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:0e:3b:69:71:86:ab:ce:a6:10:98:b5:42:0e:c1:37:e5:90:
33:b5:17:af:ad:d0:8b:bb:ed:a5:de:f1:b1:00:a1:1b:4e:8e:
15:c7:77:ef:52:16:81:04:22:60:66:1e:8a:54:c4:4b:3a:0e:
cf:f7:b7:38:f7:0c:b1:7f:2e:dc:c9:1e:29:13:09:4e:37:2c:
dc:8e:bf:47:75:8a:0b:28:cf:07:cf:a8:d0:f7:d4:30:0b:f5:
e5:95:06:3d:84:b2:4b:86:1e:49:8d:7e:0e:3f:94:ff:72:04:
fc:21:a0:d9:81:4e:10:6f:ba:c8:38:a9:86:bd:fd:c2:4e:a1:
b7:f9:02:78:85:8a:b7:ba:51:ec:21:7b:2d:80:b7:a9:86:e4:
51:ae:83:d0:50:4f:1c:a0:1e:03:31:b6:f9:24:a0:1e:a0:a1:
33:81:a5:51:34:68:0a:af:ad:28:6d:69:c0:79:be:17:94:9a:
dc:dd:e8:5f:2e:17:f8:1a:a4:01:99:06:b4:62:5d:20:a1:a8:
00:d6:2d:50:96:68:99:9e:4d:47:66:70:bf:1e:a2:cb:c1:ce:
2e:7b:98:e1:ee:8b:89:9c:38:b6:f9:fb:d0:dd:41:64:69:e1:
20:3f:92:b6:d9:85:7d:ff:e1:11:93:39:d9:a2:80:17:bd:5d:
9f:d5:c1:ab
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZGRwmj/YmwDKqVgQ4MQpV2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMGY4ODk0ZjMwODE3MmFjZTkyZmJlNjA1MmVlYzIzODUz
ZWFkYWQwHhcNMjQwODI3MDI1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI4MGNjYzc3YzEwNzcxN2IwYzliOGRmM2VmNzI4MzdmZmFiZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKg+RmVVqs76ep+RVNtdEiYEBleU
KZMRSPXYC+5myUhKS2621k0w0LZVpcC8WRnrTVHLxcd9JFDUvSdmdv8yhpQGzV2f
rgwty8K8uPqi/c//O2sTJdKEDt4cO8tgePzNAd/z0XcMwIoBROKz2nLbs/cU+9OC
fAgkBfYuUyAyv2C1xLaXcGnOoJ3aeKju11v36d3uvi+fOp72W7ihRlAY1ygKpQbz
imsqqR6elH1g0wuyfVJ+ugpAlIOyDnZUffr6JzQapUJ0FVbmQDVyU7Jgu+8CrHLj
XkxsLP8j9N/dLacmzPcUcTLBh4oDjWMSsqnPyUqjRjVTLrmjPeSiZ1MLtQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJu4DMx3wQdxewybjfPvcoN/+r/pMB8GA1UdIwQY
MBaAFOMPiJTzCBcqzpL75gUu7COFPq2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHctSWxQTUlGeXJPa3Z2bUJTN3NJNFUtcmEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81ODc0NjAtZWFiNy00MGQ5LWE1MTIt
M2U2NjBkMDI1MmRiLzEvbTdnTXpIZkJCM0Y3REp1TjgtOXlnM182di1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81ODc0NjAtZWFiNy00MGQ5LWE1MTItM2U2NjBkMDI1MmRi
LzEvNHctSWxQTUlGeXJPa3Z2bUJTN3NJNFUtcmEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQATfdvAwQA
dRJ2AwQBdTfKAwQAuTVbAwQA1O3nMBgEAgACMBIwEAMFBioTrcADBwAqE63AAAIw
DQYJKoZIhvcNAQELBQADggEBACYOO2lxhqvOphCYtUIOwTflkDO1F6+t0Iu77aXe
8bEAoRtOjhXHd+9SFoEEImBmHopUxEs6Ds/3tzj3DLF/LtzJHikTCU43LNyOv0d1
igsozwfPqND31DAL9eWVBj2EskuGHkmNfg4/lP9yBPwhoNmBThBvusg4qYa9/cJO
obf5AniFire6Uewhey2At6mG5FGug9BQTxygHgMxtvkkoB6goTOBpVE0aAqvrSht
acB5vheUmtzd6F8uF/gapAGZBrRiXSChqADWLVCWaJmeTUdmcL8eosvBzi57mOHu
i4mcOLb5+9DdQWRp4SA/krbZhX3/4RGTOdmigBe9XZ/Vwas=
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:04:19 2024 by rpki-client on console-fra.rpki-client.org