Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/lAQM25ATXuNbiDA17Im54YwMK5g.roa
File: lAQM25ATXuNbiDA17Im54YwMK5g.roa (raw, json)
Hash identifier: 72/5Sk5g6WAymh7OwofTx9SlPLXS0EZRdFoRWX61zxw=
Subject key identifier: 94:04:0C:DB:90:13:5E:E3:5B:88:30:35:EC:89:B9:E1:8C:0C:2B:98
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018CCA2BBEB551FC057226F457C0254D2068
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/lAQM25ATXuNbiDA17Im54YwMK5g.roa
Signing time: Tue 02 Jan 2024 12:35:13 +0000
ROA not before: Tue 02 Jan 2024 12:35:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200094
IP address blocks: 77.79.252.0/22 maxlen: 22
77.79.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 06:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:be:b5:51:fc:05:72:26:f4:57:c0:25:4d:20:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 12:35:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94040cdb90135ee35b883035ec89b9e18c0c2b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ae:ad:f9:dd:51:29:5f:96:dd:95:1a:38:5d:
41:2f:7d:22:d6:23:b6:57:2b:e7:c9:82:20:d4:68:
fc:2c:0e:f7:4d:f4:42:d4:e9:1e:80:53:b5:55:86:
8b:d5:de:e5:32:2f:56:b8:0f:15:43:5c:66:a4:b1:
c2:69:1c:08:24:0f:9c:64:bb:85:74:56:5b:5d:6e:
20:cc:65:7f:3d:1f:28:8b:32:a1:57:56:f7:e5:c1:
59:b0:d2:46:47:3a:07:12:5b:d6:ae:65:fa:8f:32:
4f:72:21:ea:18:22:32:b1:99:06:ba:40:fe:20:11:
22:d6:42:73:c9:bb:3f:71:b6:c4:94:c1:06:0c:c2:
24:11:e7:30:c3:76:0b:bd:33:8b:e5:31:da:45:5f:
70:9d:e9:5e:6f:c8:fe:07:0e:fb:ef:d5:ce:c1:d8:
ce:1e:df:35:3a:23:34:56:44:c8:5f:f1:41:22:32:
a6:f2:0d:9c:13:55:30:3d:29:fd:00:c9:d1:7f:25:
65:38:8b:fa:bb:5c:fd:20:8d:7f:25:3e:95:e4:cf:
b2:97:7e:59:45:54:ce:a1:62:da:9d:e8:4e:47:3d:
d2:fe:c6:fe:f0:3a:9b:34:52:50:99:6b:a4:b6:69:
5d:1d:57:b1:6a:70:5c:b4:4a:bc:50:d4:5e:df:76:
eb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:04:0C:DB:90:13:5E:E3:5B:88:30:35:EC:89:B9:E1:8C:0C:2B:98
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/lAQM25ATXuNbiDA17Im54YwMK5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.79.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:a4:28:e4:6c:6f:9e:c8:a2:99:ba:7c:f5:4a:ff:b5:38:9e:
c9:bc:8d:b1:46:2a:5e:1f:14:0e:36:6f:f6:15:ce:50:03:fa:
5a:1e:65:f3:15:03:c1:0e:0c:4d:21:cd:7d:48:6e:88:42:7a:
a2:39:7f:68:de:04:a5:df:55:93:64:75:e8:e9:44:93:73:65:
3f:41:57:c6:94:4f:91:2a:71:05:e1:13:ae:33:d3:58:58:92:
d7:00:38:ee:d1:92:57:c0:c2:bc:9e:53:4d:c9:1e:82:b3:82:
94:41:f1:57:38:22:43:e4:8c:b1:c4:cd:df:dd:51:45:ae:33:
9c:fd:3f:4c:68:4d:84:6c:5f:a0:37:64:a2:74:39:e9:41:79:
5a:09:8b:14:44:51:8b:19:90:f2:01:b8:aa:6d:6e:33:70:eb:
99:15:6b:69:85:93:86:2d:4c:0f:ed:c0:8d:1c:e3:d5:a4:22:
5a:cf:0c:b7:6b:dc:8d:96:09:6f:82:d9:97:e8:ec:11:b5:11:
fb:97:48:ed:db:f4:7f:2c:bd:c4:86:1e:ec:ac:8b:43:33:34:
02:c3:c4:46:e3:4d:4b:96:e2:5d:cc:37:e4:2e:11:8e:c8:66:
1a:80:ec:88:33:1b:6e:55:99:bc:f6:96:79:83:7b:44:da:ba:
3f:c9:30:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK761UfwFcib0V8AlTSBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjQwMTAyMTIzNTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA0MGNkYjkwMTM1ZWUzNWI4ODMwMzVlYzg5YjllMThjMGMyYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj66t+d1RKV+W3ZUaOF1BL30i1iO2
VyvnyYIg1Gj8LA73TfRC1OkegFO1VYaL1d7lMi9WuA8VQ1xmpLHCaRwIJA+cZLuF
dFZbXW4gzGV/PR8oizKhV1b35cFZsNJGRzoHElvWrmX6jzJPciHqGCIysZkGukD+
IBEi1kJzybs/cbbElMEGDMIkEecww3YLvTOL5THaRV9wneleb8j+Bw7779XOwdjO
Ht81OiM0VkTIX/FBIjKm8g2cE1UwPSn9AMnRfyVlOIv6u1z9II1/JT6V5M+yl35Z
RVTOoWLanehORz3S/sb+8DqbNFJQmWuktmldHVexanBctEq8UNRe33briwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQEDNuQE17jW4gwNeyJueGMDCuYMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvbEFRTTI1QVRYdU5iaURBMTdJbTU0WXdNSzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTU/8MA0G
CSqGSIb3DQEBCwUAA4IBAQCjpCjkbG+eyKKZunz1Sv+1OJ7JvI2xRipeHxQONm/2
Fc5QA/paHmXzFQPBDgxNIc19SG6IQnqiOX9o3gSl31WTZHXo6USTc2U/QVfGlE+R
KnEF4ROuM9NYWJLXADju0ZJXwMK8nlNNyR6Cs4KUQfFXOCJD5IyxxM3f3VFFrjOc
/T9MaE2EbF+gN2SidDnpQXlaCYsURFGLGZDyAbiqbW4zcOuZFWtphZOGLUwP7cCN
HOPVpCJazwy3a9yNlglvgtmX6OwRtRH7l0jt2/R/LL3Ehh7srItDMzQCw8RG401L
luJdzDfkLhGOyGYagOyIMxtuVZm89pZ5g3tE2ro/yTAA
-----END CERTIFICATE-----
Generated at Mon Jun 3 13:57:00 2024 by rpki-client on console-ams.rpki-client.org