Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/mFLzpg2In93kVDweWohB3Z8cDz0.roa
File: mFLzpg2In93kVDweWohB3Z8cDz0.roa (raw, json)
Hash identifier: I/EeoGUI7gJ3metUq/KLvR+HI3txrbaCu+hhssHyHOY=
Subject key identifier: 98:52:F3:A6:0D:88:9F:DD:E4:54:3C:1E:5A:88:41:DD:9F:1C:0F:3D
Certificate issuer: /CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Certificate serial: 018CC6B8F89981E26DBC80BC426389856DDE
Authority key identifier: 81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/mFLzpg2In93kVDweWohB3Z8cDz0.roa
Signing time: Mon 01 Jan 2024 20:31:00 +0000
ROA not before: Mon 01 Jan 2024 20:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42808
IP address blocks: 77.247.0.0/24 maxlen: 24
77.247.13.0/24 maxlen: 24
212.11.81.0/24 maxlen: 24
185.71.49.0/24 maxlen: 24
185.71.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f8:99:81:e2:6d:bc:80:bc:42:63:89:85:6d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Validity
Not Before: Jan 1 20:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9852f3a60d889fdde4543c1e5a8841dd9f1c0f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bf:d2:77:0d:2a:3d:b6:a3:18:0f:58:ec:13:
76:8b:ed:45:b5:8a:0b:95:46:c5:5e:cc:29:95:34:
b9:2b:00:c4:5b:95:6b:97:ca:da:4c:9b:5d:64:92:
b6:ca:49:0d:cd:ee:89:77:7b:7d:e6:f4:ff:81:fc:
5a:d5:54:0b:d8:66:6b:54:f0:a6:61:26:81:a0:de:
c5:02:bf:1b:d6:e7:69:7f:cd:fa:3e:e1:7d:71:b3:
f3:1c:f4:43:89:da:13:33:c8:e6:dd:a8:23:44:33:
0d:24:c1:29:44:b4:8a:42:24:a8:0b:46:07:6c:14:
04:8a:97:20:b5:9d:d4:99:59:0a:47:8b:f1:a5:e7:
86:74:3c:ac:77:e0:b5:df:69:89:f5:86:72:b5:2e:
b6:da:a7:8e:c2:e1:2a:7e:08:96:70:06:8f:a2:8a:
30:41:62:42:14:e1:1a:c1:02:32:03:e7:6f:2f:35:
0a:73:a8:be:40:21:99:f2:1f:03:a2:77:ec:c7:dd:
e9:11:2a:8a:7b:e0:71:60:99:65:80:6f:4a:74:76:
ff:62:c2:4c:c1:11:80:41:b5:b7:45:f0:ae:52:7e:
a6:06:44:e5:da:8e:a0:de:b9:71:a6:6b:0a:ca:89:
ba:aa:4f:a5:be:4c:3c:c1:29:e9:a5:55:89:c4:23:
21:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:52:F3:A6:0D:88:9F:DD:E4:54:3C:1E:5A:88:41:DD:9F:1C:0F:3D
X509v3 Authority Key Identifier:
keyid:81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/mFLzpg2In93kVDweWohB3Z8cDz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.0.0/24
77.247.13.0/24
185.71.49.0/24
185.71.51.0/24
212.11.81.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:f9:0a:ef:ee:44:e1:1f:c9:44:3e:45:b2:84:d2:4c:16:3d:
77:2d:51:ac:b2:15:e6:f1:11:29:5d:92:ed:19:b9:67:40:3f:
2d:7e:dd:5b:a3:81:a1:4e:a8:62:74:b4:0d:d8:36:38:13:d4:
0e:63:f4:d5:c8:70:17:6a:0e:11:28:30:5d:67:ca:c6:45:0b:
e6:91:fe:18:8e:1d:61:05:42:fb:90:36:21:b9:d9:ce:79:dd:
2e:ad:ab:19:56:41:fd:e0:48:a9:fd:a4:19:66:73:12:56:40:
1d:e5:a5:8c:1a:09:31:dd:25:62:80:6a:53:df:fa:d3:ea:9e:
7e:9f:cb:0c:01:02:c7:b9:c2:0c:58:02:66:d6:05:e8:ee:6e:
17:be:21:44:09:19:53:e8:a1:be:27:12:cc:31:eb:f2:25:c6:
15:f2:95:c0:b1:a0:a6:fd:05:82:86:1c:9f:47:55:df:26:4b:
f5:ea:41:9d:88:75:c6:54:7d:44:f4:8f:80:8e:95:a9:ab:6d:
ca:df:c9:7d:38:77:a6:24:d2:0a:a1:a3:65:36:77:a1:f7:a2:
70:6c:67:60:41:16:69:60:75:14:38:98:6f:a7:3d:a4:e1:3a:
fb:1b:a0:87:a9:52:a0:82:7c:64:87:03:63:2b:b6:a6:44:3d:
bd:52:50:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzGuPiZgeJtvIC8QmOJhW3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTc4MDUzMmVkMjlhM2Y4MGU3YmE0MTRlZmNiMzc5ZDll
Yzk3YzkwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODUyZjNhNjBkODg5ZmRkZTQ1NDNjMWU1YTg4NDFkZDlmMWMwZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApL/Sdw0qPbajGA9Y7BN2i+1FtYoL
lUbFXswplTS5KwDEW5Vrl8raTJtdZJK2ykkNze6Jd3t95vT/gfxa1VQL2GZrVPCm
YSaBoN7FAr8b1udpf836PuF9cbPzHPRDidoTM8jm3agjRDMNJMEpRLSKQiSoC0YH
bBQEipcgtZ3UmVkKR4vxpeeGdDysd+C132mJ9YZytS622qeOwuEqfgiWcAaPooow
QWJCFOEawQIyA+dvLzUKc6i+QCGZ8h8Donfsx93pESqKe+BxYJllgG9KdHb/YsJM
wRGAQbW3RfCuUn6mBkTl2o6g3rlxpmsKyom6qk+lvkw8wSnppVWJxCMh9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJhS86YNiJ/d5FQ8HlqIQd2fHA89MB8GA1UdIwQY
MBaAFIFXgFMu0po/gOe6QU78s3nZ7JfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYt
ZjYxNTU0YzZjMTQ1LzEvbUZMenBnMkluOTNrVkR3ZVdvaEIzWjhjRHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYtZjYxNTU0YzZjMTQ1
LzEvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATfcAAwQA
TfcNAwQAuUcxAwQAuUczAwQA1AtRMA0GCSqGSIb3DQEBCwUAA4IBAQBu+Qrv7kTh
H8lEPkWyhNJMFj13LVGsshXm8REpXZLtGblnQD8tft1bo4GhTqhidLQN2DY4E9QO
Y/TVyHAXag4RKDBdZ8rGRQvmkf4Yjh1hBUL7kDYhudnOed0urasZVkH94Eip/aQZ
ZnMSVkAd5aWMGgkx3SVigGpT3/rT6p5+n8sMAQLHucIMWAJm1gXo7m4XviFECRlT
6KG+JxLMMevyJcYV8pXAsaCm/QWChhyfR1XfJkv16kGdiHXGVH1E9I+AjpWpq23K
38l9OHemJNIKoaNlNneh96JwbGdgQRZpYHUUOJhvpz2k4Tr7G6CHqVKggnxkhwNj
K7amRD29UlBm
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:06:22 2024 by rpki-client on console-fra.rpki-client.org