Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1jhDiIYrLpMTHwSdTOr6zy9UsOY.roa
File: 1jhDiIYrLpMTHwSdTOr6zy9UsOY.roa (raw, json)
Hash identifier: Wi2qR68iWH+TphUPVJJP+isZwrg1Z3yZMjsuUFRn34g=
Subject key identifier: D6:38:43:88:86:2B:2E:93:13:1F:04:9D:4C:EA:FA:CF:2F:54:B0:E6
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCCE7F687D0EE1A7E8627141DA666D
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1jhDiIYrLpMTHwSdTOr6zy9UsOY.roa
Signing time: Tue 02 Jan 2024 10:34:03 +0000
ROA not before: Tue 02 Jan 2024 10:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25446
IP address blocks: 77.106.68.0/22 maxlen: 22
2001:67c:1584::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ce:7f:68:7d:0e:e1:a7:e8:62:71:41:da:66:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6384388862b2e93131f049d4ceafacf2f54b0e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a3:c6:06:dc:0a:7d:5b:7a:4a:75:68:8e:9a:
4a:0b:d9:3d:32:e3:ac:79:5b:23:ec:2e:a4:d0:ac:
02:15:6c:b3:b0:01:92:77:2d:91:3f:13:51:0f:5c:
70:1a:76:59:dc:62:04:ce:0d:b9:29:55:ba:a1:43:
de:0e:5c:9f:cc:30:38:bb:86:b8:51:2e:44:c4:52:
61:5e:24:66:8e:f8:9a:9c:d3:91:12:4a:12:1c:02:
32:51:40:4f:f2:fc:9c:ee:c0:b8:f5:dc:21:75:d6:
55:28:40:99:c3:f8:91:6f:a4:22:ce:4d:fd:21:4b:
6e:ce:b4:5e:aa:ef:59:4c:5e:eb:05:99:e1:1b:b0:
40:c2:70:19:e5:45:7c:25:68:89:cb:18:8a:90:ed:
8c:4c:13:22:ff:a5:4c:3b:4f:aa:55:39:47:db:e1:
2b:0b:98:be:fc:8b:47:de:40:9e:36:ce:08:30:e1:
cb:b0:a4:f8:1b:45:64:ff:93:4e:e4:d9:e6:59:eb:
d1:48:98:b7:17:61:61:31:79:24:c5:dd:ca:c0:78:
17:c9:af:cf:b0:01:c7:4b:d0:a4:c1:ec:51:b3:f9:
ee:b4:95:36:82:fd:e3:61:88:72:09:81:b1:05:f7:
11:84:be:7f:7f:dc:11:60:ae:f7:06:ef:bc:ec:24:
e0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:38:43:88:86:2B:2E:93:13:1F:04:9D:4C:EA:FA:CF:2F:54:B0:E6
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1jhDiIYrLpMTHwSdTOr6zy9UsOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.106.68.0/22
IPv6:
2001:67c:1584::/48
Signature Algorithm: sha256WithRSAEncryption
9d:1e:6f:ca:1d:ef:ea:de:7a:14:0b:9f:90:ff:3f:36:54:93:
7b:0d:de:f6:0f:27:ff:b8:12:ea:49:80:32:1d:55:d9:6b:a1:
6a:9a:72:f0:12:fb:b0:2e:4c:bb:6f:52:57:ad:79:a2:ff:f4:
23:78:72:31:34:37:93:01:1a:87:a3:86:1f:0c:ea:5b:e2:0f:
94:00:1a:d1:f8:97:97:a9:de:6e:ee:07:6e:a4:b2:a6:7a:3a:
cd:3c:9c:cb:8f:07:22:80:bd:95:22:4a:4c:06:07:88:c8:50:
51:d3:58:df:40:23:a3:88:d7:36:79:64:11:d1:5a:96:f7:b7:
eb:e6:7c:f8:1c:cd:8f:e4:17:fe:7f:70:17:15:cd:d4:a9:1f:
58:44:94:7a:9c:8e:dc:83:a5:37:91:a0:9f:e6:04:67:8d:a0:
82:d1:58:fd:f1:ee:b1:1d:fb:ed:97:ef:fd:32:01:ca:e6:ec:
22:f1:61:83:b6:3d:0c:03:39:7c:77:99:e8:e8:2d:a1:20:08:
9f:40:2d:be:41:50:d0:a7:45:3b:b6:7a:9f:43:a8:b9:03:fe:
9d:bd:0a:ff:e5:c2:58:d8:a7:4e:f8:33:6d:cd:b8:1b:32:4f:
1d:92:20:60:a7:8e:e5:4c:fb:3d:40:e7:74:83:4b:c2:ce:4b:
cf:fe:a0:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJvM5/aH0O4afoYnFB2mZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM4NDM4ODg2MmIyZTkzMTMxZjA0OWQ0Y2VhZmFjZjJmNTRiMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6PGBtwKfVt6SnVojppKC9k9MuOs
eVsj7C6k0KwCFWyzsAGSdy2RPxNRD1xwGnZZ3GIEzg25KVW6oUPeDlyfzDA4u4a4
US5ExFJhXiRmjvianNOREkoSHAIyUUBP8vyc7sC49dwhddZVKECZw/iRb6Qizk39
IUtuzrRequ9ZTF7rBZnhG7BAwnAZ5UV8JWiJyxiKkO2MTBMi/6VMO0+qVTlH2+Er
C5i+/ItH3kCeNs4IMOHLsKT4G0Vk/5NO5NnmWevRSJi3F2FhMXkkxd3KwHgXya/P
sAHHS9CkwexRs/nutJU2gv3jYYhyCYGxBfcRhL5/f9wRYK73Bu+87CTgVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNY4Q4iGKy6TEx8EnUzq+s8vVLDmMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvMWpoRGlJWXJMcE1USHdTZFRPcjZ6eTlVc09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCTWpEMA8E
AgACMAkDBwAgAQZ8FYQwDQYJKoZIhvcNAQELBQADggEBAJ0eb8od7+reehQLn5D/
PzZUk3sN3vYPJ/+4EupJgDIdVdlroWqacvAS+7AuTLtvUleteaL/9CN4cjE0N5MB
Goejhh8M6lviD5QAGtH4l5ep3m7uB26ksqZ6Os08nMuPByKAvZUiSkwGB4jIUFHT
WN9AI6OI1zZ5ZBHRWpb3t+vmfPgczY/kF/5/cBcVzdSpH1hElHqcjtyDpTeRoJ/m
BGeNoILRWP3x7rEd++2X7/0yAcrm7CLxYYO2PQwDOXx3mejoLaEgCJ9ALb5BUNCn
RTu2ep9DqLkD/p29Cv/lwljYp074M23NuBsyTx2SIGCnjuVM+z1A53SDS8LOS8/+
oKw=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:13:54 2024 by rpki-client on console-ams.rpki-client.org