Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/PY4uM5Q-IzXLhqVfK9Tis1EsjU4.roa
File: PY4uM5Q-IzXLhqVfK9Tis1EsjU4.roa (raw, json)
Hash identifier: HqBEZC2zpMpCTlrr3heurIavjYaZLXngzCDfQfkYvvc=
Subject key identifier: 3D:8E:2E:33:94:3E:23:35:CB:86:A5:5F:2B:D4:E2:B3:51:2C:8D:4E
Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Certificate serial: 018CC26D212AFBE424B67FD6078B4960A43E
Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/PY4uM5Q-IzXLhqVfK9Tis1EsjU4.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 217.77.24.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.mft
rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:21:2a:fb:e4:24:b6:7f:d6:07:8b:49:60:a4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d8e2e33943e2335cb86a55f2bd4e2b3512c8d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0f:82:23:4d:9a:ee:66:d2:5a:f4:8a:e3:1d:
04:c6:97:20:4d:34:b3:65:e9:cb:0c:f3:2a:c4:c0:
61:73:10:09:3e:80:7a:8d:b5:45:5a:39:cb:6c:39:
e6:34:d6:ef:65:09:5c:5b:52:2e:17:5f:e1:10:28:
a6:de:96:55:22:6b:48:bf:86:a8:2e:9b:a0:ec:89:
36:85:70:e9:f8:c5:94:67:1b:c9:78:3a:98:7b:42:
9f:e1:de:ba:ee:5c:82:46:30:73:e1:8a:0b:3e:66:
bd:3d:86:62:ec:03:6c:4a:41:59:eb:04:9b:2c:57:
45:bf:57:8d:6b:3e:bd:1e:04:1a:b9:d9:63:70:3c:
9b:02:d6:ca:38:2c:8e:e2:b0:86:28:40:85:36:de:
52:f6:78:55:b2:89:66:bf:bf:d1:54:53:17:d6:2b:
d0:68:33:92:be:97:a9:92:dc:7c:71:5e:ca:a6:24:
9f:3b:24:c5:72:84:92:40:57:22:08:1c:a5:4c:e2:
4b:bc:af:a4:56:3a:55:a7:e1:15:b0:fc:49:52:73:
78:40:f8:d1:88:1c:bb:a4:6e:54:f7:28:e6:a2:ca:
de:2b:5e:93:b3:b5:41:06:db:e4:29:12:90:25:93:
20:bf:81:d8:3b:76:9c:6c:9d:ae:11:4c:d7:da:9f:
d2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8E:2E:33:94:3E:23:35:CB:86:A5:5F:2B:D4:E2:B3:51:2C:8D:4E
X509v3 Authority Key Identifier:
keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/PY4uM5Q-IzXLhqVfK9Tis1EsjU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.77.24.0/21
Signature Algorithm: sha256WithRSAEncryption
83:ab:d7:2d:c0:09:b6:6c:13:45:f0:75:3d:0e:a9:a7:27:0d:
7f:5f:eb:2b:4e:f2:7d:bf:75:d8:80:d6:4c:15:03:18:b1:e7:
f9:93:e7:7a:38:0a:04:90:09:56:a7:68:42:99:27:d6:42:62:
6d:70:84:a1:49:fb:fd:65:eb:e7:2b:11:2f:73:b7:fb:44:8a:
0c:af:1b:32:ea:d5:0b:d1:85:49:5c:ae:21:db:2f:7e:f3:3e:
86:33:bc:0f:c7:14:26:ba:70:a2:93:6f:a3:d9:e1:ec:75:64:
bd:97:1f:f0:aa:8b:28:3b:6c:77:34:c0:b6:10:3a:bd:e1:b3:
02:cd:60:88:cb:00:d3:16:59:24:25:0c:70:03:f0:c5:3d:8b:
84:f3:e7:ea:9c:66:e3:9a:73:a3:59:32:95:d0:0f:09:74:20:
1e:e2:6f:70:6d:0c:ff:ab:36:a9:a2:64:e4:b0:07:32:70:a2:
8e:e9:11:f2:ad:75:f8:23:47:63:d4:18:80:5c:eb:81:b4:6d:
e9:5e:73:8e:59:e7:be:68:42:27:30:91:3b:b3:fa:d5:ae:18:
9a:c9:b4:8c:7d:dc:02:51:f9:03:96:3f:a7:c6:6f:21:aa:a7:
6c:56:fa:5d:4b:1c:58:e9:2f:76:69:c3:69:d0:62:eb:e9:2b:
da:2c:72:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbSEq++Qktn/WB4tJYKQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz
NDQ5Y2EwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhlMmUzMzk0M2UyMzM1Y2I4NmE1NWYyYmQ0ZTJiMzUxMmM4ZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA+CI02a7mbSWvSK4x0ExpcgTTSz
ZenLDPMqxMBhcxAJPoB6jbVFWjnLbDnmNNbvZQlcW1IuF1/hECim3pZVImtIv4ao
Lpug7Ik2hXDp+MWUZxvJeDqYe0Kf4d667lyCRjBz4YoLPma9PYZi7ANsSkFZ6wSb
LFdFv1eNaz69HgQaudljcDybAtbKOCyO4rCGKECFNt5S9nhVsolmv7/RVFMX1ivQ
aDOSvpepktx8cV7KpiSfOyTFcoSSQFciCBylTOJLvK+kVjpVp+EVsPxJUnN4QPjR
iBy7pG5U9yjmosreK16Ts7VBBtvkKRKQJZMgv4HYO3acbJ2uEUzX2p/SDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2OLjOUPiM1y4alXyvU4rNRLI1OMB8GA1UdIwQY
MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt
ZGEwM2JmN2EyZWMyLzEvUFk0dU01US1JelhMaHFWZks5VGlzMUVzalU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEtZGEwM2JmN2EyZWMy
LzEvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2U0YMA0G
CSqGSIb3DQEBCwUAA4IBAQCDq9ctwAm2bBNF8HU9DqmnJw1/X+srTvJ9v3XYgNZM
FQMYsef5k+d6OAoEkAlWp2hCmSfWQmJtcIShSfv9ZevnKxEvc7f7RIoMrxsy6tUL
0YVJXK4h2y9+8z6GM7wPxxQmunCik2+j2eHsdWS9lx/wqosoO2x3NMC2EDq94bMC
zWCIywDTFlkkJQxwA/DFPYuE8+fqnGbjmnOjWTKV0A8JdCAe4m9wbQz/qzapomTk
sAcycKKO6RHyrXX4I0dj1BiAXOuBtG3pXnOOWee+aEInMJE7s/rVrhiaybSMfdwC
UfkDlj+nxm8hqqdsVvpdSxxY6S92acNp0GLr6SvaLHLg
-----END CERTIFICATE-----
Generated at Mon May 13 10:23:50 2024 by rpki-client on console-fra.rpki-client.org