Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/bP72NvFLhP7k1vFnBDjyI6195s8.roa
File: bP72NvFLhP7k1vFnBDjyI6195s8.roa (raw, json)
Hash identifier: kw0XtIH42mLABTud1HvTQ4NFeAOjaGEp4yMWnK9EqGE=
Subject key identifier: 6C:FE:F6:36:F1:4B:84:FE:E4:D6:F1:67:04:38:F2:23:AD:7D:E6:CF
Certificate issuer: /CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
Certificate serial: 0192D13EF45C93E7A4114836B7D914FA8C21
Authority key identifier: 77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/bP72NvFLhP7k1vFnBDjyI6195s8.roa
Signing time: Mon 28 Oct 2024 03:50:16 +0000
ROA not before: Mon 28 Oct 2024 03:50:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41750
IP address blocks: 77.235.0.0/19 maxlen: 19
77.235.0.0/20 maxlen: 20
77.235.6.0/24 maxlen: 24
77.235.7.0/24 maxlen: 24
77.235.16.0/20 maxlen: 20
77.235.22.0/24 maxlen: 24
92.245.96.0/19 maxlen: 19
92.245.96.0/20 maxlen: 20
92.245.112.0/20 maxlen: 20
109.201.160.0/19 maxlen: 19
158.181.0.0/19 maxlen: 19
158.181.0.0/20 maxlen: 20
158.181.16.0/20 maxlen: 20
158.181.128.0/17 maxlen: 17
158.181.128.0/20 maxlen: 20
158.181.144.0/20 maxlen: 20
158.181.160.0/20 maxlen: 20
158.181.176.0/20 maxlen: 20
158.181.192.0/20 maxlen: 20
158.181.208.0/20 maxlen: 20
158.181.224.0/20 maxlen: 20
158.181.240.0/20 maxlen: 20
176.123.224.0/19 maxlen: 19
185.138.100.0/22 maxlen: 22
2a04:5600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.mft
rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d1:3e:f4:5c:93:e7:a4:11:48:36:b7:d9:14:fa:8c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
Validity
Not Before: Oct 28 03:50:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cfef636f14b84fee4d6f1670438f223ad7de6cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:27:d4:1a:0f:e9:d3:5e:dd:73:47:a1:d8:cf:
b8:5b:39:48:63:7b:51:42:48:e2:7c:f0:8b:a9:81:
85:5c:1a:6d:01:0f:66:c0:75:9f:cf:1d:25:e9:2f:
b9:4b:0f:5f:3e:fd:37:c1:c5:57:48:dc:16:7d:ad:
ad:46:0f:44:b4:dc:3e:85:25:f2:25:ac:a9:87:73:
b2:6d:6c:a4:d9:15:85:df:54:71:6a:0d:e9:e1:88:
19:45:27:00:28:95:96:8e:f4:93:20:e8:51:2f:e8:
65:37:1e:a1:66:08:4c:47:ff:0b:19:a7:dc:22:1c:
1e:34:0f:dc:1d:35:9d:c0:89:58:26:b7:90:1d:fa:
e0:fe:ac:9d:ac:b5:7d:f6:ac:a0:21:d0:d9:84:1d:
48:97:45:89:e5:96:55:db:8f:93:55:18:41:91:b6:
15:ea:03:3c:5c:9a:2b:59:ba:70:02:99:26:61:32:
9d:bc:34:86:92:7c:fb:44:36:53:af:7d:f0:1f:db:
be:01:ee:9c:ea:53:1c:1c:f7:7e:65:c6:da:94:c7:
5e:a1:31:1b:49:53:4a:93:83:98:55:8d:fc:7f:6e:
31:13:18:a4:50:f6:9d:3b:9e:0b:fb:04:ce:b6:8f:
95:bf:51:df:cd:be:0f:4c:5e:8e:ee:73:73:64:02:
19:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:FE:F6:36:F1:4B:84:FE:E4:D6:F1:67:04:38:F2:23:AD:7D:E6:CF
X509v3 Authority Key Identifier:
keyid:77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/bP72NvFLhP7k1vFnBDjyI6195s8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.0.0/19
92.245.96.0/19
109.201.160.0/19
158.181.0.0/19
158.181.128.0/17
176.123.224.0/19
185.138.100.0/22
IPv6:
2a04:5600::/29
Signature Algorithm: sha256WithRSAEncryption
81:93:89:39:87:7b:95:ef:4e:aa:90:7e:79:00:e3:b6:bf:42:
79:12:04:4a:5b:a0:e5:6c:d6:c9:31:10:1d:35:25:08:a7:6e:
9d:4a:e2:8f:b1:77:1e:a7:49:57:28:80:c7:ba:26:90:50:8f:
6d:20:c4:3b:84:8c:2d:de:94:55:61:41:1c:96:5f:cf:b0:23:
ae:f9:f8:79:c1:85:e6:0e:d3:cb:7b:1d:24:f1:82:ab:bf:5a:
35:e6:77:91:d5:36:06:e5:bb:cf:2f:b2:2e:2c:46:b4:7c:e3:
b3:03:55:91:70:91:6f:58:b7:dd:f3:7e:76:cb:92:42:4b:a9:
0f:f3:dd:f0:29:54:c4:ef:b9:fa:29:59:97:70:6c:95:35:e4:
11:4d:41:fd:24:14:74:9b:b6:fe:d2:e2:77:6c:97:30:9e:d4:
61:db:7a:b6:af:c6:28:d3:35:71:26:3f:66:2b:91:5f:c6:5f:
1c:a8:08:a1:88:53:ea:aa:7a:da:cf:8c:95:ea:aa:1d:ae:b5:
f4:85:6b:4c:81:a0:2a:52:f3:c9:e0:1e:86:aa:39:d7:11:ca:
6d:32:7c:02:71:10:6a:da:89:a0:0b:8c:7f:ed:b9:ae:1a:5b:
7f:66:b3:ab:f5:4f:30:c1:cf:2f:01:8e:bd:84:d4:cc:60:ee:
e9:7d:f3:f6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZLRPvRck+ekEUg2t9kU+owhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZTNjMjkwMGI1OTk3NTQyODNmMjdmM2I0ZThkN2Y2YzQ1
MTA5NzIwHhcNMjQxMDI4MDM1MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ZlZjYzNmYxNGI4NGZlZTRkNmYxNjcwNDM4ZjIyM2FkN2RlNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSfUGg/p017dc0eh2M+4WzlIY3tR
QkjifPCLqYGFXBptAQ9mwHWfzx0l6S+5Sw9fPv03wcVXSNwWfa2tRg9EtNw+hSXy
Jayph3OybWyk2RWF31Rxag3p4YgZRScAKJWWjvSTIOhRL+hlNx6hZghMR/8LGafc
IhweNA/cHTWdwIlYJreQHfrg/qydrLV99qygIdDZhB1Il0WJ5ZZV24+TVRhBkbYV
6gM8XJorWbpwApkmYTKdvDSGknz7RDZTr33wH9u+Ae6c6lMcHPd+ZcbalMdeoTEb
SVNKk4OYVY38f24xExikUPadO54L+wTOto+Vv1Hfzb4PTF6O7nNzZAIZzQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGz+9jbxS4T+5NbxZwQ48iOtfebPMB8GA1UdIwQY
MBaAFHfjwpALWZdUKD8n87To1/bEUQlyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEt
ZDNjNTVkNGZkYTlkLzEvYlA3Mk52RkxoUDdrMXZGbkJEanlJNjE5NXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEtZDNjNTVkNGZkYTlk
LzEvZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFTesAAwQF
XPVgAwQFbcmgAwQFnrUAAwQHnrWAAwQFsHvgAwQCuYpkMA0EAgACMAcDBQMqBFYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCBk4k5h3uV706qkH55AOO2v0J5EgRKW6DlbNbJ
MRAdNSUIp26dSuKPsXcep0lXKIDHuiaQUI9tIMQ7hIwt3pRVYUEcll/PsCOu+fh5
wYXmDtPLex0k8YKrv1o15neR1TYG5bvPL7IuLEa0fOOzA1WRcJFvWLfd8352y5JC
S6kP893wKVTE77n6KVmXcGyVNeQRTUH9JBR0m7b+0uJ3bJcwntRh23q2r8Yo0zVx
Jj9mK5Ffxl8cqAihiFPqqnraz4yV6qodrrX0hWtMgaAqUvPJ4B6GqjnXEcptMnwC
cRBq2omgC4x/7bmuGlt/ZrOr9U8wwc8vAY69hNTMYO7pffP2
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:14:01 2024 by rpki-client on console-ams.rpki-client.org