Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/yQp29sJqe9H0wZr5HoBC2mw0i6k.roa
File: yQp29sJqe9H0wZr5HoBC2mw0i6k.roa (raw, json)
Hash identifier: 3MLKHPZ7UMFaQuUdf3i1UxyEIC/OAvrMcr4Ug0IRGZ0=
Subject key identifier: C9:0A:76:F6:C2:6A:7B:D1:F4:C1:9A:F9:1E:80:42:DA:6C:34:8B:A9
Certificate issuer: /CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Certificate serial: 018CC6B8F7BFACF60E6E63FF2015124DE565
Authority key identifier: 81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/yQp29sJqe9H0wZr5HoBC2mw0i6k.roa
Signing time: Mon 01 Jan 2024 20:30:59 +0000
ROA not before: Mon 01 Jan 2024 20:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19806
IP address blocks: 77.247.9.0/24 maxlen: 24
77.247.11.0/24 maxlen: 24
77.247.10.0/24 maxlen: 24
212.11.83.0/24 maxlen: 24
212.11.85.0/24 maxlen: 24
212.11.87.0/24 maxlen: 24
212.11.86.0/24 maxlen: 24
46.235.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f7:bf:ac:f6:0e:6e:63:ff:20:15:12:4d:e5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Validity
Not Before: Jan 1 20:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c90a76f6c26a7bd1f4c19af91e8042da6c348ba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ae:90:8b:69:9c:6c:c9:a3:9c:7b:e8:1a:6a:
14:8c:50:ad:43:64:ad:6b:df:92:1a:24:b4:e7:57:
e5:e5:ad:26:d8:be:b0:38:90:18:d0:bd:85:97:b8:
4a:cd:33:4b:ac:2c:d2:9b:61:f3:5d:74:6e:a3:ce:
eb:3b:fd:3d:93:4a:74:5f:21:c5:d2:e6:e9:20:9f:
e9:4d:66:0f:06:c2:7c:71:70:f5:5a:39:1c:9c:48:
18:35:3d:54:c7:68:a7:4f:f9:2a:25:3c:ba:1d:58:
26:53:7d:94:91:58:d8:ee:19:e7:a7:b5:e4:08:d8:
7d:62:f9:f1:03:d9:3e:f3:9d:dd:e1:ff:86:16:e4:
5d:4f:27:b5:31:f4:f4:10:a6:7c:2a:83:ea:3a:0f:
3b:76:ed:ac:f4:55:95:0e:58:23:26:5e:97:e7:cb:
06:f1:57:91:f1:a5:c1:48:d6:54:51:62:ed:b7:4f:
32:58:23:4a:06:5b:45:8b:f3:29:ef:c3:ed:22:65:
03:c1:c8:d0:f7:b5:3b:ab:56:cc:db:7c:8e:62:06:
b7:24:cf:c2:63:1a:13:2a:9d:f4:04:c5:19:61:a7:
91:c6:5c:1b:39:32:77:f1:31:f9:f7:3e:eb:04:2a:
f3:5b:90:88:da:1f:1d:94:60:36:a8:38:02:d5:84:
9c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0A:76:F6:C2:6A:7B:D1:F4:C1:9A:F9:1E:80:42:DA:6C:34:8B:A9
X509v3 Authority Key Identifier:
keyid:81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/yQp29sJqe9H0wZr5HoBC2mw0i6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.108.0/24
77.247.9.0-77.247.11.255
212.11.83.0/24
212.11.85.0-212.11.87.255
Signature Algorithm: sha256WithRSAEncryption
80:ae:84:41:13:16:39:f1:00:b8:a8:e1:73:f3:23:8f:63:2f:
4b:cf:ff:e5:32:03:f7:24:6e:71:6f:38:26:01:dc:1d:08:dc:
fa:48:b6:2a:00:90:a5:2a:49:d6:cf:98:eb:61:d9:cb:58:0f:
76:bd:45:7d:ef:17:c6:48:73:e0:5b:f4:97:90:55:04:6f:7a:
2d:4c:84:7f:5e:83:8d:1f:08:0d:52:0c:0f:59:dd:ea:ce:30:
fd:20:77:ed:2e:e2:dd:08:a0:d5:4b:21:c8:5b:b1:d1:cd:e0:
b1:ce:9b:0a:98:54:57:f4:46:84:de:97:dc:ee:c0:fa:09:66:
9b:73:c7:56:f1:ae:8c:1d:a0:f8:c7:0c:d7:3e:08:67:bd:ce:
14:7d:a9:05:bd:dc:5b:b3:ca:d3:d9:71:45:5a:e3:60:22:a5:
a8:0e:43:e6:5f:fc:b5:70:61:9a:12:21:d6:0a:a2:fa:94:35:
04:78:dd:f3:d9:b1:f3:00:74:a2:fb:a9:b8:5e:35:ad:e2:ae:
b5:89:75:42:de:93:e0:6d:ca:ac:e9:44:5b:bc:85:d4:e9:da:
15:3e:a5:dd:64:82:d1:01:8a:c4:96:e6:43:f2:4b:97:25:28:
08:b0:2f:da:b8:c1:6f:52:77:e9:9d:24:1d:df:ce:62:73:48:
76:74:e3:8c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzGuPe/rPYObmP/IBUSTeVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTc4MDUzMmVkMjlhM2Y4MGU3YmE0MTRlZmNiMzc5ZDll
Yzk3YzkwHhcNMjQwMTAxMjAzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBhNzZmNmMyNmE3YmQxZjRjMTlhZjkxZTgwNDJkYTZjMzQ4YmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA466Qi2mcbMmjnHvoGmoUjFCtQ2St
a9+SGiS051fl5a0m2L6wOJAY0L2Fl7hKzTNLrCzSm2HzXXRuo87rO/09k0p0XyHF
0ubpIJ/pTWYPBsJ8cXD1WjkcnEgYNT1Ux2inT/kqJTy6HVgmU32UkVjY7hnnp7Xk
CNh9YvnxA9k+853d4f+GFuRdTye1MfT0EKZ8KoPqOg87du2s9FWVDlgjJl6X58sG
8VeR8aXBSNZUUWLtt08yWCNKBltFi/Mp78PtImUDwcjQ97U7q1bM23yOYga3JM/C
YxoTKp30BMUZYaeRxlwbOTJ38TH59z7rBCrzW5CI2h8dlGA2qDgC1YScXQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMkKdvbCanvR9MGa+R6AQtpsNIupMB8GA1UdIwQY
MBaAFIFXgFMu0po/gOe6QU78s3nZ7JfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYt
ZjYxNTU0YzZjMTQ1LzEveVFwMjlzSnFlOUgwd1pyNUhvQkMybXcwaTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYtZjYxNTU0YzZjMTQ1
LzEvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQALutsMAwD
BABN9wkDBAJN9wgDBADUC1MwDAMEANQLVQMEA9QLUDANBgkqhkiG9w0BAQsFAAOC
AQEAgK6EQRMWOfEAuKjhc/Mjj2MvS8//5TID9yRucW84JgHcHQjc+ki2KgCQpSpJ
1s+Y62HZy1gPdr1Ffe8Xxkhz4Fv0l5BVBG96LUyEf16DjR8IDVIMD1nd6s4w/SB3
7S7i3Qig1UshyFux0c3gsc6bCphUV/RGhN6X3O7A+glmm3PHVvGujB2g+McM1z4I
Z73OFH2pBb3cW7PK09lxRVrjYCKlqA5D5l/8tXBhmhIh1gqi+pQ1BHjd89mx8wB0
ovupuF41reKutYl1Qt6T4G3KrOlEW7yF1OnaFT6l3WSC0QGKxJbmQ/JLlyUoCLAv
2rjBb1J36Z0kHd/OYnNIdnTjjA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:02:01 2024 by rpki-client on console-fra.rpki-client.org