Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/d7uhiw6hVm_dVwhPBGtWCax-eGI.roa
File: d7uhiw6hVm_dVwhPBGtWCax-eGI.roa (raw, json)
Hash identifier: STc+GcZTSkE+g7DS4xapIIADK4lipy19XvIUGiEGxD0=
Subject key identifier: 77:BB:A1:8B:0E:A1:56:6F:DD:57:08:4F:04:6B:56:09:AC:7E:78:62
Certificate issuer: /CN=44df4fcb8ea51e18d290805c8f50f0df4340dbd5
Certificate serial: 019010DB209EBE81E6434FE0887B93079586
Authority key identifier: 44:DF:4F:CB:8E:A5:1E:18:D2:90:80:5C:8F:50:F0:DF:43:40:DB:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RN9Py46lHhjSkIBcj1Dw30NA29U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/d7uhiw6hVm_dVwhPBGtWCax-eGI.roa
Signing time: Thu 13 Jun 2024 09:08:34 +0000
ROA not before: Thu 13 Jun 2024 09:08:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49747
IP address blocks: 188.64.141.0/24 maxlen: 24
193.200.206.0/24 maxlen: 24
2001:67c:c6c::/48 maxlen: 48
2a14:5f40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/RN9Py46lHhjSkIBcj1Dw30NA29U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/RN9Py46lHhjSkIBcj1Dw30NA29U.mft
rsync://rpki.ripe.net/repository/DEFAULT/RN9Py46lHhjSkIBcj1Dw30NA29U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 02:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:10:db:20:9e:be:81:e6:43:4f:e0:88:7b:93:07:95:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44df4fcb8ea51e18d290805c8f50f0df4340dbd5
Validity
Not Before: Jun 13 09:08:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77bba18b0ea1566fdd57084f046b5609ac7e7862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c1:0a:ea:e2:1b:17:94:4b:2e:a3:59:f4:d5:
d2:44:0d:9a:33:00:c6:d2:4a:f5:ee:86:ee:92:b5:
8c:cf:54:4f:27:b3:68:c0:ec:29:1b:b2:3d:45:7a:
bf:be:88:f2:d3:41:e2:64:26:08:19:a9:69:69:66:
3d:87:27:2c:20:e7:9b:b5:e0:9e:43:f1:8e:25:c6:
a4:ac:31:13:15:46:30:5f:a2:86:42:34:5d:0a:f6:
3e:60:c0:21:34:6b:6b:e8:d4:8f:bf:c3:e9:38:c3:
ab:38:19:0e:8d:6f:11:f9:6f:23:a6:de:2b:b8:c4:
d1:f0:bf:5a:b4:b3:32:cb:71:8a:2f:cc:e7:1d:11:
eb:fb:fb:f2:8c:d1:38:a7:34:b9:62:c1:16:da:36:
87:0d:13:c1:6e:a9:4a:35:2d:52:9a:a1:8e:55:e6:
d2:e2:84:52:fc:c6:41:0d:07:a0:3f:07:a8:64:ef:
19:14:2d:90:f4:c4:6e:ad:9c:4a:95:9a:e8:47:86:
c8:87:28:ee:90:b1:a5:91:8d:73:f6:8d:19:fc:ee:
f4:7d:15:53:af:df:78:f2:66:e9:72:e1:88:10:7b:
79:e7:1d:bc:a1:94:21:7f:8c:4d:aa:11:1c:8e:8a:
24:a6:1c:cb:a1:42:9f:3c:17:d6:ba:a2:d0:3f:d8:
46:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BB:A1:8B:0E:A1:56:6F:DD:57:08:4F:04:6B:56:09:AC:7E:78:62
X509v3 Authority Key Identifier:
keyid:44:DF:4F:CB:8E:A5:1E:18:D2:90:80:5C:8F:50:F0:DF:43:40:DB:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RN9Py46lHhjSkIBcj1Dw30NA29U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/d7uhiw6hVm_dVwhPBGtWCax-eGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7cc183-eba5-4747-8b10-f38c749b6e39/1/RN9Py46lHhjSkIBcj1Dw30NA29U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.141.0/24
193.200.206.0/24
IPv6:
2001:67c:c6c::/48
2a14:5f40:1::/48
Signature Algorithm: sha256WithRSAEncryption
49:85:af:1e:ec:7e:07:ba:e4:86:58:05:d5:2f:99:0f:d3:6f:
1e:62:99:dd:53:71:0c:92:9b:a4:d0:24:4d:ef:fe:45:f6:71:
67:67:f5:81:40:c0:04:e6:1e:bb:ca:22:c5:82:d5:1b:b7:0e:
26:52:cd:36:02:1b:be:06:f5:38:6d:61:71:51:c5:84:9d:96:
28:1a:68:df:6b:01:b8:58:be:af:2c:05:0b:60:67:ef:89:06:
60:81:fc:38:af:66:1b:ab:8f:a6:8a:ed:9b:8d:7a:8a:e7:e6:
8e:2a:b5:18:6f:3d:38:36:90:1c:81:fd:3e:cb:9a:7b:31:5d:
74:82:8b:31:59:d3:c5:10:c5:da:ec:d0:7b:77:87:23:74:76:
cb:e7:f6:40:ca:34:71:61:70:14:c6:4c:fc:dd:a9:e2:a5:2d:
e7:f5:3a:15:64:36:24:ca:b2:98:ac:4b:c9:e3:3c:d1:1a:e3:
6b:5d:d3:61:85:b2:df:45:61:af:69:7a:e4:71:8b:aa:c5:02:
74:5e:68:35:c4:f4:71:c6:64:39:4d:1a:06:00:ae:a9:3f:7a:
4e:8c:85:88:d2:d7:22:06:85:90:f6:70:21:28:32:c1:87:86:
86:9d:e7:35:00:e4:61:ba:c2:af:3e:e6:ba:94:04:57:51:b3:
7a:fe:69:23
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZAQ2yCevoHmQ0/giHuTB5WGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGY0ZmNiOGVhNTFlMThkMjkwODA1YzhmNTBmMGRmNDM0
MGRiZDUwHhcNMjQwNjEzMDkwODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2JiYTE4YjBlYTE1NjZmZGQ1NzA4NGYwNDZiNTYwOWFjN2U3ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMEK6uIbF5RLLqNZ9NXSRA2aMwDG
0kr17obukrWMz1RPJ7NowOwpG7I9RXq/vojy00HiZCYIGalpaWY9hycsIOebteCe
Q/GOJcakrDETFUYwX6KGQjRdCvY+YMAhNGtr6NSPv8PpOMOrOBkOjW8R+W8jpt4r
uMTR8L9atLMyy3GKL8znHRHr+/vyjNE4pzS5YsEW2jaHDRPBbqlKNS1SmqGOVebS
4oRS/MZBDQegPweoZO8ZFC2Q9MRurZxKlZroR4bIhyjukLGlkY1z9o0Z/O70fRVT
r9948mbpcuGIEHt55x28oZQhf4xNqhEcjookphzLoUKfPBfWuqLQP9hGawIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHe7oYsOoVZv3VcITwRrVgmsfnhiMB8GA1UdIwQY
MBaAFETfT8uOpR4Y0pCAXI9Q8N9DQNvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk45UHk0NmxIaGpTa0lCY2oxRHczME5BMjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83Y2MxODMtZWJhNS00NzQ3LThiMTAt
ZjM4Yzc0OWI2ZTM5LzEvZDd1aGl3NmhWbV9kVndoUEJHdFdDYXgtZUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83Y2MxODMtZWJhNS00NzQ3LThiMTAtZjM4Yzc0OWI2ZTM5
LzEvUk45UHk0NmxIaGpTa0lCY2oxRHczME5BMjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAvECNAwQA
wcjOMBgEAgACMBIDBwAgAQZ8DGwDBwAqFF9AAAEwDQYJKoZIhvcNAQELBQADggEB
AEmFrx7sfge65IZYBdUvmQ/Tbx5imd1TcQySm6TQJE3v/kX2cWdn9YFAwATmHrvK
IsWC1Ru3DiZSzTYCG74G9ThtYXFRxYSdligaaN9rAbhYvq8sBQtgZ++JBmCB/Div
Zhurj6aK7ZuNeorn5o4qtRhvPTg2kByB/T7LmnsxXXSCizFZ08UQxdrs0Ht3hyN0
dsvn9kDKNHFhcBTGTPzdqeKlLef1OhVkNiTKspisS8njPNEa42td02GFst9FYa9p
euRxi6rFAnReaDXE9HHGZDlNGgYArqk/ek6MhYjS1yIGhZD2cCEoMsGHhoad5zUA
5GG6wq8+5rqUBFdRs3r+aSM=
-----END CERTIFICATE-----
Generated at Fri Jun 14 12:00:58 2024 by rpki-client on console-ams.rpki-client.org