Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/oRuFB3pFspLpqLYa9_uc9LIgfRk.roa
File: oRuFB3pFspLpqLYa9_uc9LIgfRk.roa (raw, json)
Hash identifier: XMpH472rjjeOzqqnL2MDIJEQEQc3M0bGj7nBs1slLjI=
Subject key identifier: A1:1B:85:07:7A:45:B2:92:E9:A8:B6:1A:F7:FB:9C:F4:B2:20:7D:19
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 018CC64B799B4FCE23E5685101AED48E005C
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/oRuFB3pFspLpqLYa9_uc9LIgfRk.roa
Signing time: Mon 01 Jan 2024 18:31:24 +0000
ROA not before: Mon 01 Jan 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57782
IP address blocks: 185.202.104.0/24 maxlen: 24
79.110.168.0/23 maxlen: 24
139.28.206.0/24 maxlen: 24
2a0d:9cc0::/29 maxlen: 48
2a0d:1a45::/32 maxlen: 48
2a06:1e83:caff::/48 maxlen: 48
2a0d:1a40::/29 maxlen: 48
2a06:1e85::/32 maxlen: 48
2a06:1e83:cafe::/48 maxlen: 48
2a0d:1a40:5500::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:79:9b:4f:ce:23:e5:68:51:01:ae:d4:8e:00:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a11b85077a45b292e9a8b61af7fb9cf4b2207d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:69:dd:9b:6c:e8:d5:aa:f3:63:22:43:a4:6d:
e5:c1:e4:d4:47:bf:0a:fa:8e:ae:6d:b6:39:63:43:
54:9e:f6:8b:30:34:4e:04:85:ef:23:65:a9:6d:e4:
f4:8f:21:c3:d1:58:37:09:37:78:02:f0:cf:53:81:
a8:09:cb:b3:c6:18:78:18:fe:09:74:4d:5c:58:a8:
5c:6a:35:7e:67:40:27:81:e4:10:f0:81:80:5e:84:
22:34:9f:4b:5c:24:a2:fe:2b:2e:61:22:91:ab:f9:
b4:c1:48:18:c1:71:93:b3:55:05:07:3b:9c:3e:d3:
57:9a:20:32:94:77:a1:41:e1:ee:0d:49:75:f8:ae:
35:2c:2f:49:d1:8e:5d:0e:34:a5:bf:a4:53:23:97:
c5:c7:c2:87:f9:eb:0c:d8:9e:50:55:6b:68:60:3a:
5f:a1:90:63:ae:3f:21:20:28:e4:7c:32:c0:89:58:
5e:1c:2b:b5:53:a7:ae:d7:7a:fe:0d:f0:8b:f1:25:
5d:fe:f5:7e:69:9d:0a:66:e2:78:99:df:9f:5b:54:
e0:e6:cb:24:e2:92:2c:31:71:98:bb:4b:38:3a:4c:
9f:9b:d2:87:c1:e5:c2:72:d5:94:91:dc:65:37:d5:
22:e4:ae:9b:86:31:53:42:e0:8c:29:82:cb:97:af:
27:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1B:85:07:7A:45:B2:92:E9:A8:B6:1A:F7:FB:9C:F4:B2:20:7D:19
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/oRuFB3pFspLpqLYa9_uc9LIgfRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.168.0/23
139.28.206.0/24
185.202.104.0/24
IPv6:
2a06:1e83:cafe::/47
2a06:1e85::/32
2a0d:1a40::/29
2a0d:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:11:ad:de:d1:c5:9e:06:51:13:52:a8:9b:df:a6:f8:6d:95:
8b:cf:bd:03:72:bd:2c:a4:22:21:0d:d0:d7:aa:85:25:5a:a3:
32:45:3f:83:9b:40:8b:f9:3e:43:29:61:fe:34:46:8c:ec:bc:
2c:50:b6:23:be:78:79:11:04:23:15:59:2e:7d:ba:f8:1b:fb:
ba:54:1f:91:6d:ce:40:e3:b9:d3:c2:ff:35:29:ae:62:34:48:
16:8d:d8:fe:6c:b4:97:a6:2d:6f:93:8d:40:48:e9:0e:b6:39:
4f:73:80:77:9a:e6:d8:09:12:fb:e9:18:f9:da:90:0f:78:c2:
3a:4e:fc:9c:da:20:36:12:d0:6b:3a:06:c3:d6:91:20:3a:a8:
8f:71:44:43:8b:0c:d2:7d:98:f9:38:e9:45:a1:c7:64:5b:b0:
5b:2d:9a:e2:43:60:eb:13:a5:ba:a9:2d:0a:33:1b:ce:ad:1b:
05:34:59:8e:89:08:65:23:0c:79:bc:8d:55:68:86:80:fe:c0:
8d:a9:16:96:af:2e:fb:26:bc:0e:76:02:00:9c:51:fe:a3:8b:
4f:ae:69:57:8f:56:10:bb:e4:af:58:73:6d:05:29:e5:d5:86:
0e:b1:16:f0:81:db:6a:87:96:eb:9a:cc:e2:f5:5a:b5:6d:93:
f7:0a:e0:66
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzGS3mbT84j5WhRAa7UjgBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFiODUwNzdhNDViMjkyZTlhOGI2MWFmN2ZiOWNmNGIyMjA3ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWndm2zo1arzYyJDpG3lweTUR78K
+o6ubbY5Y0NUnvaLMDROBIXvI2WpbeT0jyHD0Vg3CTd4AvDPU4GoCcuzxhh4GP4J
dE1cWKhcajV+Z0AngeQQ8IGAXoQiNJ9LXCSi/isuYSKRq/m0wUgYwXGTs1UFBzuc
PtNXmiAylHehQeHuDUl1+K41LC9J0Y5dDjSlv6RTI5fFx8KH+esM2J5QVWtoYDpf
oZBjrj8hICjkfDLAiVheHCu1U6eu13r+DfCL8SVd/vV+aZ0KZuJ4md+fW1Tg5ssk
4pIsMXGYu0s4Okyfm9KHweXCctWUkdxlN9Ui5K6bhjFTQuCMKYLLl68noQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKEbhQd6RbKS6ai2Gvf7nPSyIH0ZMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvb1J1RkIzcEZzcExwcUxZYTlfdWM5TElnZlJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAYBAIAATASAwQBT26oAwQA
ixzOAwQAucpoMCQEAgACMB4DBwEqBh6Dyv4DBQAqBh6FAwUDKg0aQAMFAyoNnMAw
DQYJKoZIhvcNAQELBQADggEBAF0Rrd7RxZ4GURNSqJvfpvhtlYvPvQNyvSykIiEN
0NeqhSVaozJFP4ObQIv5PkMpYf40RozsvCxQtiO+eHkRBCMVWS59uvgb+7pUH5Ft
zkDjudPC/zUprmI0SBaN2P5stJemLW+TjUBI6Q62OU9zgHea5tgJEvvpGPnakA94
wjpO/JzaIDYS0Gs6BsPWkSA6qI9xREOLDNJ9mPk46UWhx2RbsFstmuJDYOsTpbqp
LQozG86tGwU0WY6JCGUjDHm8jVVohoD+wI2pFpavLvsmvA52AgCcUf6ji0+uaVeP
VhC75K9Yc20FKeXVhg6xFvCB22qHluuazOL1WrVtk/cK4GY=
-----END CERTIFICATE-----
Generated at Tue May 21 07:25:52 2024 by rpki-client on console-ams.rpki-client.org