Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/y3w4ETTqstMaPLA6xy2xBvSIRiM.roa
File: y3w4ETTqstMaPLA6xy2xBvSIRiM.roa (raw, json)
Hash identifier: X9y/3aqIJ54xW0YOCEY0N2uzFAM2RD+9jafi4raTwds=
Subject key identifier: CB:7C:38:11:34:EA:B2:D3:1A:3C:B0:3A:C7:2D:B1:06:F4:88:46:23
Certificate issuer: /CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Certificate serial: 018CC492367CED9052D67C7267891A322FBE
Authority key identifier: F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/y3w4ETTqstMaPLA6xy2xBvSIRiM.roa
Signing time: Mon 01 Jan 2024 10:29:25 +0000
ROA not before: Mon 01 Jan 2024 10:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29286
IP address blocks: 77.246.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.mft
rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:36:7c:ed:90:52:d6:7c:72:67:89:1a:32:2f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Validity
Not Before: Jan 1 10:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb7c381134eab2d31a3cb03ac72db106f4884623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:21:6f:31:4f:69:dc:f3:16:95:c8:c5:8c:cb:
66:a2:1f:70:ae:3c:69:6d:8d:f5:9b:58:f5:e8:3f:
ae:94:89:46:0c:9d:89:b9:2e:61:a0:c8:f0:81:81:
aa:d4:b6:f0:d9:5c:30:cf:36:8d:02:d3:6f:7b:cb:
95:cf:c9:2f:ba:1d:86:b5:e7:3f:c3:15:83:6f:88:
96:1a:4e:20:53:0e:c6:49:73:c5:3d:85:47:86:9d:
8e:54:23:97:1d:ec:ef:0b:48:85:08:ee:23:92:40:
3b:77:9d:59:9c:35:4f:1d:21:0c:86:ed:a5:ad:79:
a4:74:da:5a:ce:93:04:5b:4a:c2:02:25:64:40:ba:
ab:d5:53:ef:dd:28:04:76:c8:5b:fa:d1:6f:b1:e9:
1e:44:37:59:57:73:33:4b:0d:fb:ca:05:69:4b:3c:
a1:1d:9d:c9:42:87:79:5b:f0:b7:a0:c2:34:7e:82:
51:40:6b:50:7f:82:bc:cc:48:05:20:f9:2b:64:b7:
da:a2:c2:14:af:c0:6c:27:e2:f4:19:f6:a1:5a:11:
7c:f0:5f:f4:0f:0e:8e:61:a8:61:46:ab:19:b9:43:
7c:6e:73:79:e4:14:9e:7f:70:25:6d:41:bc:21:99:
67:3b:31:fd:12:de:08:54:82:5a:16:60:2b:d7:43:
8c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7C:38:11:34:EA:B2:D3:1A:3C:B0:3A:C7:2D:B1:06:F4:88:46:23
X509v3 Authority Key Identifier:
keyid:F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/y3w4ETTqstMaPLA6xy2xBvSIRiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.60.0/24
Signature Algorithm: sha256WithRSAEncryption
66:8e:da:8a:58:bc:72:78:13:22:91:43:52:e4:a5:99:2c:51:
41:cb:a9:5b:7f:b3:6e:fd:7a:f2:b6:66:66:f3:71:2a:38:aa:
24:09:23:13:31:4b:cf:47:f9:f4:57:67:5c:14:e3:e5:68:66:
c8:e8:8e:3a:50:28:80:d0:49:7f:20:f4:61:37:24:e9:e8:b8:
5d:05:e0:a9:5e:2c:90:48:b7:ae:5f:cc:43:e7:10:93:ce:8e:
5f:17:dc:e6:24:41:f2:d7:34:bb:6d:a3:47:4f:4e:4b:85:37:
82:a4:a4:de:ed:f8:ed:dc:ff:69:07:07:2b:4d:56:1e:9b:0a:
fe:30:ec:5b:b2:dd:c9:ef:3b:14:31:97:39:3b:8a:1b:8e:d2:
d8:3e:4d:48:19:9d:d7:c3:20:7a:06:7f:dc:37:af:54:61:82:
e1:a1:3e:6d:e4:58:19:af:05:85:63:6d:c4:1a:b2:5c:22:88:
6a:13:84:04:00:cf:7a:87:b0:b8:a6:b7:29:9d:7f:4b:45:df:
6f:b1:d6:83:d6:2b:2c:68:00:17:84:68:33:4e:60:21:ec:cb:
d2:6c:b8:da:b5:63:53:e9:41:ca:b2:16:02:e9:71:d7:f4:fd:
65:13:aa:c0:b6:34:f5:1e:7c:60:4c:20:c8:fe:9b:53:c5:4d:
20:ac:b6:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkjZ87ZBS1nxyZ4kaMi++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OTc2NzNjNzhlZmFlNWY2YmQ4MGEyNWFjZTNkM2MzNzE5
M2U3ODkwHhcNMjQwMTAxMTAyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdjMzgxMTM0ZWFiMmQzMWEzY2IwM2FjNzJkYjEwNmY0ODg0NjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCFvMU9p3PMWlcjFjMtmoh9wrjxp
bY31m1j16D+ulIlGDJ2JuS5hoMjwgYGq1Lbw2VwwzzaNAtNve8uVz8kvuh2Gtec/
wxWDb4iWGk4gUw7GSXPFPYVHhp2OVCOXHezvC0iFCO4jkkA7d51ZnDVPHSEMhu2l
rXmkdNpazpMEW0rCAiVkQLqr1VPv3SgEdshb+tFvsekeRDdZV3MzSw37ygVpSzyh
HZ3JQod5W/C3oMI0foJRQGtQf4K8zEgFIPkrZLfaosIUr8BsJ+L0GfahWhF88F/0
Dw6OYahhRqsZuUN8bnN55BSef3AlbUG8IZlnOzH9Et4IVIJaFmAr10OMeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMt8OBE06rLTGjywOsctsQb0iEYjMB8GA1UdIwQY
MBaAFPSXZzx4765fa9gKJazj08Nxk+eJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYt
NmUwNjk2ZmVlOGU2LzEveTN3NEVUVHFzdE1hUExBNnh5MnhCdlNJUmlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYtNmUwNjk2ZmVlOGU2
LzEvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATfY8MA0G
CSqGSIb3DQEBCwUAA4IBAQBmjtqKWLxyeBMikUNS5KWZLFFBy6lbf7Nu/XrytmZm
83EqOKokCSMTMUvPR/n0V2dcFOPlaGbI6I46UCiA0El/IPRhNyTp6LhdBeCpXiyQ
SLeuX8xD5xCTzo5fF9zmJEHy1zS7baNHT05LhTeCpKTe7fjt3P9pBwcrTVYemwr+
MOxbst3J7zsUMZc5O4objtLYPk1IGZ3XwyB6Bn/cN69UYYLhoT5t5FgZrwWFY23E
GrJcIohqE4QEAM96h7C4prcpnX9LRd9vsdaD1issaAAXhGgzTmAh7MvSbLjatWNT
6UHKshYC6XHX9P1lE6rAtjT1HnxgTCDI/ptTxU0grLYn
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:02:54 2024 by rpki-client on console-ams.rpki-client.org