Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/iwBYiC4TYMqq0kLanYf7qlK11Ic.roa
File: iwBYiC4TYMqq0kLanYf7qlK11Ic.roa (raw, json)
Hash identifier: JUvuOyGbiVZ7rhNl4bG7P+5wTm+fpxwcWWY+HGOO5b0=
Subject key identifier: 8B:00:58:88:2E:13:60:CA:AA:D2:42:DA:9D:87:FB:AA:52:B5:D4:87
Certificate issuer: /CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Certificate serial: 018FE863D64844C500528F1B5AF0E9BDDBB1
Authority key identifier: 79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/iwBYiC4TYMqq0kLanYf7qlK11Ic.roa
Signing time: Wed 05 Jun 2024 12:33:27 +0000
ROA not before: Wed 05 Jun 2024 12:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42532
IP address blocks: 77.73.64.0/23 maxlen: 23
77.73.71.0/24 maxlen: 24
94.242.48.0/24 maxlen: 24
185.145.245.0/24 maxlen: 24
185.155.119.0/24 maxlen: 24
185.242.104.0/22 maxlen: 22
185.242.106.0/23 maxlen: 23
212.6.44.0/24 maxlen: 24
2a0c:16c0::/32 maxlen: 32
2a0c:16c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:63:d6:48:44:c5:00:52:8f:1b:5a:f0:e9:bd:db:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Validity
Not Before: Jun 5 12:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b0058882e1360caaad242da9d87fbaa52b5d487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1c:3d:36:e1:ae:26:bb:a2:d6:c9:90:38:d4:
bb:29:86:21:c9:fa:5c:75:92:a7:6c:b1:21:fa:b2:
7f:92:e8:90:5a:04:aa:ae:2b:c2:8a:be:56:26:54:
dd:5f:52:d4:69:0e:04:7d:cc:2c:ef:4b:e4:61:e0:
83:0f:f5:0f:f6:f1:c7:ee:47:d2:c1:c8:8d:cf:ae:
cc:e2:3b:65:b1:a8:42:6f:95:59:b1:64:33:74:f0:
e4:6e:ff:dd:d2:cb:bf:93:49:27:43:a1:9b:78:b0:
31:1f:61:2c:60:74:0c:58:7c:cf:39:85:36:b1:b8:
2c:6c:31:1e:ef:8f:28:bb:f3:d0:53:f2:1c:99:c8:
2c:24:28:5b:f1:df:84:fc:91:7a:2e:ce:6f:58:47:
e8:a5:d0:39:fa:01:06:d8:41:de:c8:fc:f6:ce:55:
47:15:55:6e:35:7a:cf:42:65:b2:fc:82:cc:fe:2e:
60:c4:0d:ac:21:1a:7d:d2:53:d6:9b:9c:ee:73:5c:
84:a9:ae:f6:c0:40:20:4a:67:86:e5:c7:4f:71:2d:
19:3c:29:12:4d:27:46:7b:26:49:22:a9:90:1a:7a:
87:7f:f3:42:d6:c9:b2:cf:31:22:48:88:4f:4d:81:
72:80:6b:a8:91:83:f7:22:8e:3d:0c:94:16:25:19:
09:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:00:58:88:2E:13:60:CA:AA:D2:42:DA:9D:87:FB:AA:52:B5:D4:87
X509v3 Authority Key Identifier:
keyid:79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/iwBYiC4TYMqq0kLanYf7qlK11Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.64.0/23
77.73.71.0/24
94.242.48.0/24
185.145.245.0/24
185.155.119.0/24
185.242.104.0/22
212.6.44.0/24
IPv6:
2a0c:16c0::/31
Signature Algorithm: sha256WithRSAEncryption
19:d7:65:f1:e8:5f:e6:d2:c9:e5:db:e3:be:78:03:6a:14:4d:
d5:7a:23:34:6b:9a:b1:5f:47:33:c2:ad:fc:0b:fa:aa:81:d4:
3a:20:83:f8:d3:2a:48:6c:3e:7b:b2:f4:66:d3:69:5a:20:03:
a0:64:ac:44:f6:ce:f7:3a:ac:25:01:a8:97:4d:89:eb:5f:f8:
ab:92:b4:8c:97:d5:c4:ac:31:7b:d0:49:88:29:f3:fc:6d:d1:
92:cc:da:37:7d:bf:5b:3a:ee:33:5e:9f:cc:29:bf:89:24:9f:
bd:dc:cf:95:49:a9:5f:0b:76:d6:a8:d1:34:8b:7d:7a:c8:2b:
6f:01:59:e4:14:d6:60:e1:47:6b:2e:4c:6f:c8:5f:fb:19:ec:
11:20:86:79:90:42:f2:ea:c5:75:81:65:af:f7:32:a1:2f:66:
b0:4b:c4:75:80:bf:51:fb:fd:e3:9b:8b:fe:8e:dd:31:fd:d4:
88:97:2f:76:d4:9e:5d:3f:8c:d1:9f:5b:41:5f:84:e2:4f:c3:
f9:cb:c0:1c:78:39:25:7a:24:21:7a:f6:0d:1b:e1:2c:97:79:
e2:a7:8d:98:67:8e:3e:c4:12:f0:46:74:63:cc:d2:65:66:d0:
9b:55:e5:02:df:58:be:b7:57:18:35:92:ce:4a:3e:8a:73:d7:
28:76:aa:53
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY/oY9ZIRMUAUo8bWvDpvduxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZTI0YjQ3Zjg5NDNjYWQ2ZTA0YzlmNjQ2Y2IxMDc3YzE0
MGZkZmIwHhcNMjQwNjA1MTIzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjAwNTg4ODJlMTM2MGNhYWFkMjQyZGE5ZDg3ZmJhYTUyYjVkNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBw9NuGuJrui1smQONS7KYYhyfpc
dZKnbLEh+rJ/kuiQWgSqrivCir5WJlTdX1LUaQ4Efcws70vkYeCDD/UP9vHH7kfS
wciNz67M4jtlsahCb5VZsWQzdPDkbv/d0su/k0knQ6GbeLAxH2EsYHQMWHzPOYU2
sbgsbDEe748ou/PQU/IcmcgsJChb8d+E/JF6Ls5vWEfopdA5+gEG2EHeyPz2zlVH
FVVuNXrPQmWy/ILM/i5gxA2sIRp90lPWm5zuc1yEqa72wEAgSmeG5cdPcS0ZPCkS
TSdGeyZJIqmQGnqHf/NC1smyzzEiSIhPTYFygGuokYP3Io49DJQWJRkJ5wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIsAWIguE2DKqtJC2p2H+6pStdSHMB8GA1UdIwQY
MBaAFHniS0f4lDytbgTJ9kbLEHfBQP37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQt
YmM1ODRiMzZjYmVmLzEvaXdCWWlDNFRZTXFxMGtMYW5ZZjdxbEsxMUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQtYmM1ODRiMzZjYmVm
LzEvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQBTUlAAwQA
TUlHAwQAXvIwAwQAuZH1AwQAuZt3AwQCufJoAwQA1AYsMA0EAgACMAcDBQEqDBbA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZ12Xx6F/m0snl2+O+eANqFE3VeiM0a5qxX0cz
wq38C/qqgdQ6IIP40ypIbD57svRm02laIAOgZKxE9s73OqwlAaiXTYnrX/irkrSM
l9XErDF70EmIKfP8bdGSzNo3fb9bOu4zXp/MKb+JJJ+93M+VSalfC3bWqNE0i316
yCtvAVnkFNZg4UdrLkxvyF/7GewRIIZ5kELy6sV1gWWv9zKhL2awS8R1gL9R+/3j
m4v+jt0x/dSIly921J5dP4zRn1tBX4TiT8P5y8AceDkleiQhevYNG+Esl3nip42Y
Z44+xBLwRnRjzNJlZtCbVeUC31i+t1cYNZLOSj6Kc9codqpT
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:09:07 2024 by rpki-client on console-ams.rpki-client.org