Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-MgrQ52c6wpg5vDLfGv9PJTyNcA.roa
File: 1-MgrQ52c6wpg5vDLfGv9PJTyNcA.roa (raw, json)
Hash identifier: dg459/tzCiI+rEJCUOOxpOAkskWRL3ECaTkchA+6ALw=
Subject key identifier: F8:C8:2B:43:9D:9C:EB:0A:60:E6:F0:CB:7C:6B:FD:3C:94:F2:35:C0
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0192B54DF2AA9A79D8257ABF617F243D0933
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-MgrQ52c6wpg5vDLfGv9PJTyNcA.roa
Signing time: Tue 22 Oct 2024 17:37:17 +0000
ROA not before: Tue 22 Oct 2024 17:37:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48314
IP address blocks: 77.90.0.0/24 maxlen: 24
77.90.2.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
77.90.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:4d:f2:aa:9a:79:d8:25:7a:bf:61:7f:24:3d:09:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 22 17:37:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8c82b439d9ceb0a60e6f0cb7c6bfd3c94f235c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:45:22:06:f8:a6:ca:21:14:10:88:eb:8a:33:
1f:1e:b0:0b:75:60:18:36:7a:a0:8e:35:4e:9f:cb:
e6:93:d6:99:96:e7:81:80:e2:20:ca:12:b1:c5:b3:
6a:4d:54:2f:7b:cb:ed:82:d1:16:e6:a2:c5:4b:bc:
39:91:94:64:38:0e:18:9f:32:fb:59:e5:b0:b7:f3:
08:15:ab:25:90:99:c4:10:2f:27:81:30:39:60:56:
8d:f9:7f:e6:e0:da:a3:82:5b:d5:99:26:81:72:04:
b2:1d:56:eb:1f:4a:3e:fa:6f:ba:a3:a4:2d:53:24:
8e:6b:68:5f:13:60:52:d6:9b:f7:d4:69:ca:b9:c0:
03:b3:f8:aa:7d:ee:3c:87:bc:d1:8f:68:96:63:4a:
36:8f:88:70:6d:b8:a1:71:50:4b:13:f1:8a:97:f9:
20:fe:54:e2:43:14:7a:55:61:22:4c:be:62:ca:23:
41:41:d3:22:65:74:8c:a3:bb:ae:fd:3e:12:60:5e:
ce:1a:b5:ed:d1:6f:56:17:8c:cb:61:95:78:25:1e:
d8:ad:91:05:70:5d:9b:be:f7:4d:c4:32:8d:ba:8d:
79:d0:95:57:c6:2b:9e:92:d7:66:6d:71:45:71:ee:
4e:bc:75:27:66:4b:c9:ce:52:64:f7:64:e8:b8:69:
1c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C8:2B:43:9D:9C:EB:0A:60:E6:F0:CB:7C:6B:FD:3C:94:F2:35:C0
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-MgrQ52c6wpg5vDLfGv9PJTyNcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.0.0/24
77.90.2.0/24
77.90.8.0/24
77.90.13.0/24
77.90.51.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:99:2b:be:51:9e:e2:8f:63:74:22:2c:c1:ff:20:96:c8:7f:
7a:3c:f6:f7:fc:61:31:28:9a:92:06:e8:c4:e5:35:bd:ed:6d:
58:6d:a0:7e:9d:d9:00:dd:b3:13:39:40:1c:e4:44:14:eb:47:
13:c5:c3:6b:5b:04:ab:fc:fa:41:a9:f8:d7:21:2e:76:02:88:
a3:4f:22:ce:21:98:cc:24:be:89:ab:65:15:f7:a7:2d:01:de:
29:5d:57:ed:bf:fd:b6:5e:55:37:f6:af:21:ed:82:23:70:a9:
b9:ba:ef:e8:04:6d:56:a9:03:58:83:e5:d1:05:ff:0d:f4:4d:
57:fe:bc:43:2c:0a:e1:c7:07:28:53:db:e9:df:a4:f0:96:a1:
98:15:00:52:f1:f3:b8:5f:1e:21:cf:2f:5b:21:03:ee:5b:73:
5f:df:da:f2:f7:4e:c2:a9:ec:52:ee:a2:5a:30:79:ba:a8:a0:
ff:0c:e7:94:d8:01:e2:12:75:26:e9:86:09:ec:1d:af:c0:5b:
b3:4a:15:5e:94:5e:aa:73:d2:ba:c1:8e:40:33:af:c9:ca:5a:
d5:8c:b0:85:a9:3b:a8:a1:17:cb:98:7d:70:f5:2a:cb:c8:c0:
26:12:ae:55:64:e1:c2:32:c8:7c:b4:6b:6b:40:70:14:5e:c4:
82:ed:67:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZK1TfKqmnnYJXq/YX8kPQkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMDIyMTczNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGM4MmI0MzlkOWNlYjBhNjBlNmYwY2I3YzZiZmQzYzk0ZjIzNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUUiBvimyiEUEIjrijMfHrALdWAY
NnqgjjVOn8vmk9aZlueBgOIgyhKxxbNqTVQve8vtgtEW5qLFS7w5kZRkOA4YnzL7
WeWwt/MIFaslkJnEEC8ngTA5YFaN+X/m4NqjglvVmSaBcgSyHVbrH0o++m+6o6Qt
UySOa2hfE2BS1pv31GnKucADs/iqfe48h7zRj2iWY0o2j4hwbbihcVBLE/GKl/kg
/lTiQxR6VWEiTL5iyiNBQdMiZXSMo7uu/T4SYF7OGrXt0W9WF4zLYZV4JR7YrZEF
cF2bvvdNxDKNuo150JVXxiuektdmbXFFce5OvHUnZkvJzlJk92TouGkc9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjIK0OdnOsKYObwy3xr/TyU8jXAMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMS1NZ3JRNTJjNndwZzV2RExmR3Y5UEpUeU5jQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTAvOTY1ODM3LTUyY2ItNDZiNC1hZWRiLWUxYmQ4OGQzZmQw
Ny8xL1BtQ1hhWWFHNFZWZlVmYklnN3hhV0ZTYkkySS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAE1aAAME
AE1aAgMEAE1aCAMEAE1aDQMEAE1aMzANBgkqhkiG9w0BAQsFAAOCAQEAqJkrvlGe
4o9jdCIswf8glsh/ejz29/xhMSiakgboxOU1ve1tWG2gfp3ZAN2zEzlAHOREFOtH
E8XDa1sEq/z6Qan41yEudgKIo08iziGYzCS+iatlFfenLQHeKV1X7b/9tl5VN/av
Ie2CI3Cpubrv6ARtVqkDWIPl0QX/DfRNV/68QywK4ccHKFPb6d+k8JahmBUAUvHz
uF8eIc8vWyED7ltzX9/a8vdOwqnsUu6iWjB5uqig/wznlNgB4hJ1JumGCewdr8Bb
s0oVXpReqnPSusGOQDOvycpa1Yywhak7qKEXy5h9cPUqy8jAJhKuVWThwjLIfLRr
a0BwFF7Egu1nXg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:44 2024 by rpki-client on console-ams.rpki-client.org