Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/d9L7i7eavo4KcT7yhBKglycpvOQ.roa
File: d9L7i7eavo4KcT7yhBKglycpvOQ.roa (raw, json)
Hash identifier: K2s6N+OpPcc1gM5yX4y5XAHrlCkHAxropCnZUDIUf8U=
Subject key identifier: 77:D2:FB:8B:B7:9A:BE:8E:0A:71:3E:F2:84:12:A0:97:27:29:BC:E4
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 0190CAAB3F47C2213BBBD9322210F8863AF7
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/d9L7i7eavo4KcT7yhBKglycpvOQ.roa
Signing time: Fri 19 Jul 2024 11:05:38 +0000
ROA not before: Fri 19 Jul 2024 11:05:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207353
IP address blocks: 77.220.216.0/21 maxlen: 24
185.62.100.0/24 maxlen: 24
2a03:220:f001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ca:ab:3f:47:c2:21:3b:bb:d9:32:22:10:f8:86:3a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jul 19 11:05:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77d2fb8bb79abe8e0a713ef28412a0972729bce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:31:8e:92:cb:63:79:fa:d0:53:73:b9:83:b9:
d5:64:89:c2:81:cb:98:f0:cb:5d:d2:4c:61:03:41:
20:a7:a9:c0:d0:b9:7d:ff:c7:e1:95:4f:17:62:7d:
73:e1:78:a3:34:27:51:67:27:48:59:a2:62:9b:93:
69:58:35:56:5f:ae:78:8e:29:05:9b:c9:b1:04:0d:
9e:7a:2b:5a:26:b2:a2:cc:0c:a7:7e:30:2c:de:82:
ca:3d:c9:8a:7f:12:fc:d3:e1:3d:b6:c4:4d:a3:52:
13:6c:f0:f4:59:7e:5d:32:fd:9c:09:86:e8:e8:63:
77:62:5e:23:26:61:c1:f9:e8:52:9a:44:85:25:8c:
5b:a1:5d:f0:76:36:16:c6:44:d5:40:7f:f4:e9:5f:
16:f5:06:fa:44:02:4c:8c:53:cf:af:73:57:63:c3:
c4:85:94:f0:9a:5f:a7:12:40:08:28:e4:bc:79:08:
54:f8:b3:65:f0:4c:78:b0:c4:72:be:6f:23:b4:08:
12:f4:e4:76:91:b6:3a:6d:a4:43:9a:90:95:fe:50:
98:7a:1c:31:44:4d:7f:9d:a9:b5:a9:f8:8d:e1:f9:
2d:94:8c:15:93:ff:c7:8d:87:e0:7b:f3:ea:60:bd:
c1:bd:ee:f6:95:2a:db:28:ca:d8:d7:bf:ef:5a:5d:
d7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D2:FB:8B:B7:9A:BE:8E:0A:71:3E:F2:84:12:A0:97:27:29:BC:E4
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/d9L7i7eavo4KcT7yhBKglycpvOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.216.0/21
185.62.100.0/24
IPv6:
2a03:220:f001::/48
Signature Algorithm: sha256WithRSAEncryption
38:61:ef:61:cf:06:15:c5:ec:a6:b5:ea:af:37:33:96:59:bd:
23:82:1f:0f:8a:d5:70:e1:db:54:a4:36:52:96:ec:20:66:d7:
57:c2:c3:63:81:15:d9:f1:6a:cc:0e:4d:87:18:35:9f:a5:a7:
25:5b:d0:cf:aa:a9:8f:0d:9b:0e:db:5e:3a:ce:a3:60:16:b7:
4a:18:dc:07:8d:5d:e5:dc:53:52:36:12:fb:1d:8f:58:04:20:
1b:ed:e4:b8:2a:03:a7:bd:b7:08:e8:91:c2:1c:e1:a4:48:3c:
ce:25:64:15:58:59:09:32:8f:32:59:d4:40:dc:06:15:6c:b9:
da:8b:4c:2c:be:9a:72:28:75:60:d5:3b:44:a9:b9:e4:6e:ba:
d9:66:07:75:f2:82:6f:fb:53:16:12:ed:bf:1f:46:95:22:2e:
21:ef:c2:2b:05:c3:12:75:fa:ac:17:b0:60:0a:8a:26:e3:9b:
34:14:ad:9c:2f:97:aa:c0:f8:f1:17:3c:41:14:e7:93:33:fe:
05:88:92:c5:6f:cf:a9:c8:d7:e0:c0:c3:19:71:87:ca:e6:6c:
6f:c7:9e:10:cd:46:d6:ee:6e:f0:7c:e7:e8:bc:7a:9e:62:e0:
8d:61:e8:11:3c:af:a7:31:5a:b4:c2:37:93:2f:a8:38:00:6c:
9c:31:aa:88
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZDKqz9HwiE7u9kyIhD4hjr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjQwNzE5MTEwNTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2QyZmI4YmI3OWFiZThlMGE3MTNlZjI4NDEyYTA5NzI3MjliY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTGOkstjefrQU3O5g7nVZInCgcuY
8Mtd0kxhA0Egp6nA0Ll9/8fhlU8XYn1z4XijNCdRZydIWaJim5NpWDVWX654jikF
m8mxBA2eeitaJrKizAynfjAs3oLKPcmKfxL80+E9tsRNo1ITbPD0WX5dMv2cCYbo
6GN3Yl4jJmHB+ehSmkSFJYxboV3wdjYWxkTVQH/06V8W9Qb6RAJMjFPPr3NXY8PE
hZTwml+nEkAIKOS8eQhU+LNl8Ex4sMRyvm8jtAgS9OR2kbY6baRDmpCV/lCYehwx
RE1/nam1qfiN4fktlIwVk//HjYfge/PqYL3Bve72lSrbKMrY17/vWl3XwQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHfS+4u3mr6OCnE+8oQSoJcnKbzkMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvZDlMN2k3ZWF2bzRLY1Q3eWhCS2dseWNwdk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDTdzYAwQA
uT5kMA8EAgACMAkDBwAqAwIg8AEwDQYJKoZIhvcNAQELBQADggEBADhh72HPBhXF
7Ka16q83M5ZZvSOCHw+K1XDh21SkNlKW7CBm11fCw2OBFdnxaswOTYcYNZ+lpyVb
0M+qqY8Nmw7bXjrOo2AWt0oY3AeNXeXcU1I2Evsdj1gEIBvt5LgqA6e9twjokcIc
4aRIPM4lZBVYWQkyjzJZ1EDcBhVsudqLTCy+mnIodWDVO0SpueRuutlmB3Xygm/7
UxYS7b8fRpUiLiHvwisFwxJ1+qwXsGAKiibjmzQUrZwvl6rA+PEXPEEU55Mz/gWI
ksVvz6nI1+DAwxlxh8rmbG/HnhDNRtbubvB85+i8ep5i4I1h6BE8r6cxWrTCN5Mv
qDgAbJwxqog=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:09 2024 by rpki-client on console-fra.rpki-client.org