Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/m5zwjcPbqv5CExGmpe-bk2VSXQk.roa
File: m5zwjcPbqv5CExGmpe-bk2VSXQk.roa (raw, json)
Hash identifier: /SgTRGz75eMsINd1vSfAu/J+RsYTcNJ4QfZ+v50SUew=
Subject key identifier: 9B:9C:F0:8D:C3:DB:AA:FE:42:13:11:A6:A5:EF:9B:93:65:52:5D:09
Certificate issuer: /CN=16f145727d34ae6607a615301283eeebd5d6291c
Certificate serial: 018CC9BB9B11C4725EAB8EA6350015D2346E
Authority key identifier: 16:F1:45:72:7D:34:AE:66:07:A6:15:30:12:83:EE:EB:D5:D6:29:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FvFFcn00rmYHphUwEoPu69XWKRw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/m5zwjcPbqv5CExGmpe-bk2VSXQk.roa
Signing time: Tue 02 Jan 2024 10:32:44 +0000
ROA not before: Tue 02 Jan 2024 10:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10310
IP address blocks: 77.238.189.0/24 maxlen: 25
2a00:1288:f03e::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/FvFFcn00rmYHphUwEoPu69XWKRw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/FvFFcn00rmYHphUwEoPu69XWKRw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FvFFcn00rmYHphUwEoPu69XWKRw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:9b:11:c4:72:5e:ab:8e:a6:35:00:15:d2:34:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16f145727d34ae6607a615301283eeebd5d6291c
Validity
Not Before: Jan 2 10:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b9cf08dc3dbaafe421311a6a5ef9b9365525d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:28:19:ae:95:da:cc:cd:a1:5e:6b:f5:58:59:
90:24:ad:8f:87:5f:51:07:07:55:58:f9:9d:d9:12:
42:92:40:be:dd:44:ca:1c:89:51:1e:61:22:70:4c:
15:51:e7:61:cf:5e:62:44:60:20:00:00:38:2c:0b:
c6:7b:e5:eb:0f:24:75:47:5e:96:19:ce:02:ea:45:
ac:4c:c5:ca:3a:45:9c:33:81:24:0b:49:87:04:84:
26:0f:af:79:d3:99:ce:95:3c:97:5c:43:3d:04:5f:
ec:e4:c4:14:fb:33:34:cf:14:1e:5a:a5:b7:1c:c6:
1b:90:d4:14:11:c2:f1:ef:4e:f6:c7:07:91:0b:e8:
4e:8c:56:8e:bc:25:31:83:60:ad:c7:ae:92:48:ac:
32:82:dc:ea:a2:78:5c:7a:5b:68:77:14:68:87:5d:
92:52:0d:95:3e:39:1d:50:ad:d1:7d:15:7f:d1:fd:
87:95:c2:b4:2b:b3:ca:43:17:96:f2:75:93:a8:64:
f9:b5:20:5a:78:f6:c6:6e:83:6c:bc:6d:98:a3:f7:
fe:4d:82:79:f8:2b:14:1d:88:14:01:c8:f1:1d:c1:
a0:be:31:bd:76:a6:5e:85:5e:94:d9:2c:5e:3c:65:
4b:88:a5:50:84:48:d5:37:2f:0b:09:f2:2e:4a:fc:
67:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:9C:F0:8D:C3:DB:AA:FE:42:13:11:A6:A5:EF:9B:93:65:52:5D:09
X509v3 Authority Key Identifier:
keyid:16:F1:45:72:7D:34:AE:66:07:A6:15:30:12:83:EE:EB:D5:D6:29:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FvFFcn00rmYHphUwEoPu69XWKRw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/m5zwjcPbqv5CExGmpe-bk2VSXQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/6c808e-0015-4d62-81d8-ecb7ae2722c1/1/FvFFcn00rmYHphUwEoPu69XWKRw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.238.189.0/24
IPv6:
2a00:1288:f03e::/48
Signature Algorithm: sha256WithRSAEncryption
0d:17:3c:fe:95:11:5a:9d:80:38:57:a7:1d:5a:55:29:38:81:
72:68:5c:75:d8:0b:dd:8c:39:10:1d:52:72:af:a2:43:3b:4f:
be:d0:a5:00:b7:d5:b9:29:2f:41:b2:62:75:98:ea:f2:f2:92:
0e:2c:7a:04:5f:b5:ce:d7:d1:f9:f8:f2:2e:5b:3a:12:d0:13:
c2:ff:fd:ca:53:86:49:01:a0:45:e7:9a:3b:7d:02:06:a0:d2:
b3:b5:87:a3:aa:ce:56:e2:e2:c4:ea:99:1d:5c:8e:96:2c:cf:
e4:5c:e7:f2:0d:eb:22:6d:f0:46:09:93:2d:7b:80:31:62:1a:
06:6b:5f:25:19:ff:ee:07:df:8c:81:ea:e2:25:cd:83:5e:12:
7d:47:97:2d:11:98:8d:e5:a9:7b:2b:0c:c4:2c:cd:03:bb:d0:
80:8c:77:8a:67:28:66:46:56:b5:63:7b:31:ad:de:ff:02:2b:
f4:d8:8e:da:89:61:fe:a1:d9:ee:a6:cd:20:d2:06:e7:3b:03:
d2:24:a8:99:5f:c5:68:fe:ca:97:b5:96:ab:32:45:6f:b3:f8:
ca:79:a0:6b:13:cf:4b:14:90:d8:1f:77:35:73:ad:aa:16:65:
e7:81:75:e8:24:6a:12:da:c0:ea:67:15:16:87:c0:cd:d5:8e:
16:1c:3a:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJu5sRxHJeq46mNQAV0jRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZjE0NTcyN2QzNGFlNjYwN2E2MTUzMDEyODNlZWViZDVk
NjI5MWMwHhcNMjQwMTAyMTAzMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjljZjA4ZGMzZGJhYWZlNDIxMzExYTZhNWVmOWI5MzY1NTI1ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCgZrpXazM2hXmv1WFmQJK2Ph19R
BwdVWPmd2RJCkkC+3UTKHIlRHmEicEwVUedhz15iRGAgAAA4LAvGe+XrDyR1R16W
Gc4C6kWsTMXKOkWcM4EkC0mHBIQmD69505nOlTyXXEM9BF/s5MQU+zM0zxQeWqW3
HMYbkNQUEcLx7072xweRC+hOjFaOvCUxg2Ctx66SSKwygtzqonhceltodxRoh12S
Ug2VPjkdUK3RfRV/0f2HlcK0K7PKQxeW8nWTqGT5tSBaePbGboNsvG2Yo/f+TYJ5
+CsUHYgUAcjxHcGgvjG9dqZehV6U2SxePGVLiKVQhEjVNy8LCfIuSvxnxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJuc8I3D26r+QhMRpqXvm5NlUl0JMB8GA1UdIwQY
MBaAFBbxRXJ9NK5mB6YVMBKD7uvV1ikcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnZGRmNuMDBybVlIcGhVd0VvUHU2OVhXS1J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82YzgwOGUtMDAxNS00ZDYyLTgxZDgt
ZWNiN2FlMjcyMmMxLzEvbTV6d2pjUGJxdjVDRXhHbXBlLWJrMlZTWFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82YzgwOGUtMDAxNS00ZDYyLTgxZDgtZWNiN2FlMjcyMmMx
LzEvRnZGRmNuMDBybVlIcGhVd0VvUHU2OVhXS1J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQATe69MA8E
AgACMAkDBwAqABKI8D4wDQYJKoZIhvcNAQELBQADggEBAA0XPP6VEVqdgDhXpx1a
VSk4gXJoXHXYC92MORAdUnKvokM7T77QpQC31bkpL0GyYnWY6vLykg4segRftc7X
0fn48i5bOhLQE8L//cpThkkBoEXnmjt9Agag0rO1h6Oqzlbi4sTqmR1cjpYsz+Rc
5/IN6yJt8EYJky17gDFiGgZrXyUZ/+4H34yB6uIlzYNeEn1Hly0RmI3lqXsrDMQs
zQO70ICMd4pnKGZGVrVjezGt3v8CK/TYjtqJYf6h2e6mzSDSBuc7A9IkqJlfxWj+
ype1lqsyRW+z+Mp5oGsTz0sUkNgfdzVzraoWZeeBdegkahLawOpnFRaHwM3VjhYc
Oj4=
-----END CERTIFICATE-----
Generated at Wed May 15 17:55:46 2024 by rpki-client on console-fra.rpki-client.org