Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/u2dXA72zZ-FYk_eNcsIR1xEwf_I.roa
File: u2dXA72zZ-FYk_eNcsIR1xEwf_I.roa (raw, json)
Hash identifier: Wz/r4XiXtFhZrQPehQLnM32GhwcH9CicQOCNV1cc7hk=
Subject key identifier: BB:67:57:03:BD:B3:67:E1:58:93:F7:8D:72:C2:11:D7:11:30:7F:F2
Certificate issuer: /CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Certificate serial: 018CC26D2173224048681EA1BE3CD76221EF
Authority key identifier: D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/u2dXA72zZ-FYk_eNcsIR1xEwf_I.roa
Signing time: Mon 01 Jan 2024 00:29:41 +0000
ROA not before: Mon 01 Jan 2024 00:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 77.232.129.0/24 maxlen: 24
77.232.130.0/24 maxlen: 24
77.232.131.0/24 maxlen: 24
77.232.128.0/24 maxlen: 24
77.232.128.0/22 maxlen: 22
77.232.132.0/22 maxlen: 22
77.232.132.0/24 maxlen: 24
77.232.139.0/24 maxlen: 24
77.232.136.0/24 maxlen: 24
77.232.136.0/22 maxlen: 22
77.232.137.0/24 maxlen: 24
77.232.138.0/24 maxlen: 24
77.232.133.0/24 maxlen: 24
77.232.134.0/24 maxlen: 24
77.232.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:21:73:22:40:48:68:1e:a1:be:3c:d7:62:21:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Validity
Not Before: Jan 1 00:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb675703bdb367e15893f78d72c211d711307ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ce:fc:4c:38:c1:87:2b:48:8f:a7:86:19:22:
b6:a5:db:4d:8b:a4:84:2a:d4:ee:eb:59:13:74:47:
3e:fe:98:65:16:88:ee:b4:aa:dd:d2:24:80:f2:ff:
3d:39:c1:0e:b3:b4:0d:b0:dc:31:02:8a:65:24:3b:
09:aa:a9:a0:11:43:1e:1e:f4:39:b2:db:d3:cf:c8:
c2:35:de:92:e9:b4:b9:a2:6d:19:53:03:32:0e:14:
79:9d:65:6e:83:26:10:04:32:b8:20:54:7e:bc:40:
49:f6:85:10:6b:df:c8:c6:c7:9d:6c:b7:19:a4:eb:
1f:cc:9e:be:f4:6b:43:ca:39:2e:96:a6:7c:e0:a7:
aa:8f:ae:b4:ee:15:74:b4:55:5b:8b:d3:2c:88:36:
b5:f7:0a:88:ec:f4:03:21:35:70:43:42:df:c5:9e:
6a:f4:9d:44:45:e6:7e:6d:b9:cb:e6:d9:80:0c:90:
43:0d:30:44:c7:60:5b:80:f3:aa:68:5d:92:0c:3e:
b6:4f:9f:89:98:69:27:24:c4:00:21:3f:4c:e7:3b:
20:24:2e:98:31:7b:59:de:c4:b6:18:32:93:d8:04:
49:a8:73:57:24:c4:a6:6a:67:b1:52:34:f1:28:f6:
47:ad:04:a8:a9:b6:28:38:2d:9b:64:43:ac:8e:e6:
e9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:67:57:03:BD:B3:67:E1:58:93:F7:8D:72:C2:11:D7:11:30:7F:F2
X509v3 Authority Key Identifier:
keyid:D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/u2dXA72zZ-FYk_eNcsIR1xEwf_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.232.128.0-77.232.139.255
Signature Algorithm: sha256WithRSAEncryption
a4:2b:a6:d5:4d:8a:45:10:b4:0c:02:21:59:90:da:b3:de:5d:
07:52:9a:02:85:62:62:21:0f:2c:6c:aa:6e:1d:ad:09:8e:ea:
7b:5d:75:6a:dc:b1:8f:a6:80:c8:ed:32:88:87:b4:a7:d0:a2:
f7:58:31:c6:29:26:2c:be:17:5b:7e:9e:c9:ca:92:d6:44:ba:
be:e3:d9:04:76:4b:4d:ea:97:73:fb:dc:91:24:a3:0d:fb:86:
48:0a:d7:f4:dd:d8:b6:70:34:2e:44:47:1b:e6:43:0e:28:e4:
ff:73:ae:07:a1:9b:08:08:d3:bb:2a:88:23:b9:0a:14:be:2e:
ba:db:a1:2c:9e:c2:bc:38:40:43:65:66:3f:33:f9:ca:df:76:
d4:42:d2:70:6b:25:a5:94:de:0a:a7:1d:ff:f4:6c:5c:0e:ed:
bd:4d:f4:a9:f3:db:35:ad:79:fc:14:b2:5b:83:86:89:0d:5a:
45:d0:25:18:8e:65:07:1d:15:e3:16:f8:cf:bb:82:d6:79:ae:
d8:ea:18:09:b5:54:15:54:de:1e:05:35:dd:ae:d1:6c:42:af:
7a:92:2c:32:ca:a8:0c:4c:9e:1a:71:9b:8f:02:56:75:02:37:
62:b7:78:17:17:a5:0e:ab:4a:ce:5b:18:d1:c8:2f:21:af:71:
07:a2:94:e3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbSFzIkBIaB6hvjzXYiHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDRlNjQxZTU1YTQ4YWVlMDE0MWUyYzBkMjYyMjcxMDJj
YWE2ZDQwHhcNMjQwMTAxMDAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY3NTcwM2JkYjM2N2UxNTg5M2Y3OGQ3MmMyMTFkNzExMzA3ZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs78TDjBhytIj6eGGSK2pdtNi6SE
KtTu61kTdEc+/phlFojutKrd0iSA8v89OcEOs7QNsNwxAoplJDsJqqmgEUMeHvQ5
stvTz8jCNd6S6bS5om0ZUwMyDhR5nWVugyYQBDK4IFR+vEBJ9oUQa9/IxsedbLcZ
pOsfzJ6+9GtDyjkulqZ84Keqj6607hV0tFVbi9MsiDa19wqI7PQDITVwQ0LfxZ5q
9J1EReZ+bbnL5tmADJBDDTBEx2BbgPOqaF2SDD62T5+JmGknJMQAIT9M5zsgJC6Y
MXtZ3sS2GDKT2ARJqHNXJMSmamexUjTxKPZHrQSoqbYoOC2bZEOsjubp/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLtnVwO9s2fhWJP3jXLCEdcRMH/yMB8GA1UdIwQY
MBaAFNUE5kHlWkiu4BQeLA0mInECyqbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEt
NmJmZmNiN2MwZjBhLzEvdTJkWEE3MnpaLUZZa19lTmNzSVIxeEV3Zl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEtNmJmZmNiN2MwZjBh
LzEvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAdN6IAD
BAJN6IgwDQYJKoZIhvcNAQELBQADggEBAKQrptVNikUQtAwCIVmQ2rPeXQdSmgKF
YmIhDyxsqm4drQmO6ntddWrcsY+mgMjtMoiHtKfQovdYMcYpJiy+F1t+nsnKktZE
ur7j2QR2S03ql3P73JEkow37hkgK1/Td2LZwNC5ERxvmQw4o5P9zrgehmwgI07sq
iCO5ChS+LrrboSyewrw4QENlZj8z+crfdtRC0nBrJaWU3gqnHf/0bFwO7b1N9Knz
2zWtefwUsluDhokNWkXQJRiOZQcdFeMW+M+7gtZ5rtjqGAm1VBVU3h4FNd2u0WxC
r3qSLDLKqAxMnhpxm48CVnUCN2K3eBcXpQ6rSs5bGNHILyGvcQeilOM=
-----END CERTIFICATE-----
Generated at Fri May 17 10:20:06 2024 by rpki-client on console-fra.rpki-client.org