Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/I0xIjW4_1gMifBBZqMoGsuV3IOw.roa
File: I0xIjW4_1gMifBBZqMoGsuV3IOw.roa (raw, json)
Hash identifier: ovT/r2UOu84vs7XCnocp2wlt5G468aRkG2ckeFAOprY=
Subject key identifier: 23:4C:48:8D:6E:3F:D6:03:22:7C:10:59:A8:CA:06:B2:E5:77:20:EC
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CFA416DF1D6A5FE20814DFC4EBE448110
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/I0xIjW4_1gMifBBZqMoGsuV3IOw.roa
Signing time: Thu 11 Jan 2024 20:40:41 +0000
ROA not before: Thu 11 Jan 2024 20:40:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202673
IP address blocks: 77.83.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fa:41:6d:f1:d6:a5:fe:20:81:4d:fc:4e:be:44:81:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 11 20:40:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=234c488d6e3fd603227c1059a8ca06b2e57720ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:86:69:30:40:ef:f3:f7:91:50:69:3a:39:61:
d7:5a:06:cc:b2:2b:16:86:c6:14:8e:85:d5:01:96:
d0:5d:0b:f0:8d:40:b3:6e:20:cd:81:68:c1:c3:2e:
79:91:69:14:a6:f8:42:f2:e8:b5:62:0e:44:c5:7c:
eb:98:76:99:b0:37:a1:2a:25:d0:78:13:15:76:f0:
1c:8b:a5:9c:30:c4:00:4a:8f:f0:39:14:bb:fd:bf:
b0:62:d8:04:91:88:2e:d2:12:54:6b:1c:62:48:dd:
77:6e:37:e2:20:00:05:86:52:23:c3:88:be:38:75:
ed:85:15:55:fb:e2:30:bb:15:f6:45:04:9c:1c:2f:
8c:1d:eb:97:d3:f0:39:b1:2c:8f:46:93:b6:06:47:
16:41:2e:78:2e:0a:cc:aa:a7:7b:4f:74:12:4f:53:
d3:d9:74:d3:c8:dc:6b:4e:6a:30:99:be:9d:e3:f0:
60:4b:19:40:2a:6c:ba:a6:13:5b:44:c3:31:81:44:
5b:c6:d7:6a:c5:5e:e5:fe:df:f8:f9:df:6d:ae:25:
71:c1:de:5d:a8:9c:12:f6:c2:dc:21:31:9e:00:3c:
38:c1:35:b8:97:ff:7d:27:1f:f7:2f:a7:70:e9:9f:
34:28:ce:d4:27:72:66:ec:84:44:b5:9a:11:c1:4d:
8c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4C:48:8D:6E:3F:D6:03:22:7C:10:59:A8:CA:06:B2:E5:77:20:EC
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/I0xIjW4_1gMifBBZqMoGsuV3IOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.39.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:19:07:a9:71:74:8a:85:d1:80:bc:c3:a4:5a:17:4f:b0:26:
69:fa:ca:0d:12:38:54:53:e7:aa:21:1f:fb:b3:fc:12:97:44:
18:f4:c2:91:de:21:66:d9:53:15:9a:e7:b2:64:01:74:9d:ac:
a6:e4:d3:97:66:1d:35:21:41:b0:f6:57:a2:ca:93:62:97:04:
20:b4:fb:26:3f:e4:2e:26:84:72:d1:0a:29:85:c3:db:84:49:
e4:e0:5f:c9:53:5e:3b:27:fa:74:84:1c:66:0e:6e:70:a4:c0:
61:2a:a7:2b:62:d1:3b:82:a3:d9:5f:d3:a2:9b:45:5b:d1:15:
66:f2:dc:56:21:bb:4b:4c:b3:2d:73:22:81:c9:7f:44:8b:df:
f1:9a:4a:82:80:c8:04:be:90:eb:18:61:55:37:d9:2e:0c:f7:
e9:c8:e7:22:f1:b0:73:b5:d5:1b:f2:76:4f:a5:c0:92:74:be:
13:7d:9c:8f:50:34:cf:fd:b0:87:af:15:12:0b:ff:62:07:f9:
23:8e:46:95:f0:f0:45:50:88:f9:fd:c9:29:e0:4f:2e:64:17:
b2:9e:57:a0:94:9b:7d:1a:01:1b:d0:79:01:99:6d:88:a7:6d:
92:18:78:a2:d3:4f:aa:ca:a4:7d:5b:41:fc:f4:7f:f5:02:91:
ac:34:32:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz6QW3x1qX+IIFN/E6+RIEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTExMjA0MDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzRjNDg4ZDZlM2ZkNjAzMjI3YzEwNTlhOGNhMDZiMmU1NzcyMGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4ZpMEDv8/eRUGk6OWHXWgbMsisW
hsYUjoXVAZbQXQvwjUCzbiDNgWjBwy55kWkUpvhC8ui1Yg5ExXzrmHaZsDehKiXQ
eBMVdvAci6WcMMQASo/wORS7/b+wYtgEkYgu0hJUaxxiSN13bjfiIAAFhlIjw4i+
OHXthRVV++IwuxX2RQScHC+MHeuX0/A5sSyPRpO2BkcWQS54LgrMqqd7T3QST1PT
2XTTyNxrTmowmb6d4/BgSxlAKmy6phNbRMMxgURbxtdqxV7l/t/4+d9triVxwd5d
qJwS9sLcITGeADw4wTW4l/99Jx/3L6dw6Z80KM7UJ3Jm7IREtZoRwU2MLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNMSI1uP9YDInwQWajKBrLldyDsMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSTB4SWpXNF8xZ01pZkJCWnFNb0dzdVYzSU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVMnMA0G
CSqGSIb3DQEBCwUAA4IBAQChGQepcXSKhdGAvMOkWhdPsCZp+soNEjhUU+eqIR/7
s/wSl0QY9MKR3iFm2VMVmueyZAF0naym5NOXZh01IUGw9leiypNilwQgtPsmP+Qu
JoRy0QophcPbhEnk4F/JU147J/p0hBxmDm5wpMBhKqcrYtE7gqPZX9Oim0Vb0RVm
8txWIbtLTLMtcyKByX9Ei9/xmkqCgMgEvpDrGGFVN9kuDPfpyOci8bBztdUb8nZP
pcCSdL4TfZyPUDTP/bCHrxUSC/9iB/kjjkaV8PBFUIj5/ckp4E8uZBeynleglJt9
GgEb0HkBmW2Ip22SGHii00+qyqR9W0H89H/1ApGsNDIZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:47:20 2024 by rpki-client on console-fra.rpki-client.org