Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/CsusnRnaw2LCtfoNmPUd1GKf7o8.roa
File: CsusnRnaw2LCtfoNmPUd1GKf7o8.roa (raw, json)
Hash identifier: i/eOjTcyd4KBBKwZVy8WRK0LfrKGbguFVP8NWLMlyJM=
Subject key identifier: 0A:CB:AC:9D:19:DA:C3:62:C2:B5:FA:0D:98:F5:1D:D4:62:9F:EE:8F
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018CC56EDD8EEA7262D02EC115CB3DF14D42
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/CsusnRnaw2LCtfoNmPUd1GKf7o8.roa
Signing time: Mon 01 Jan 2024 14:30:26 +0000
ROA not before: Mon 01 Jan 2024 14:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60588
IP address blocks: 77.74.226.0/24 maxlen: 24
77.74.224.0/24 maxlen: 24
77.74.227.0/24 maxlen: 24
109.105.206.0/24 maxlen: 24
109.105.204.0/24 maxlen: 24
109.105.205.0/24 maxlen: 24
109.105.203.0/24 maxlen: 24
109.105.201.0/24 maxlen: 24
109.105.202.0/24 maxlen: 24
109.105.200.0/24 maxlen: 24
109.105.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:dd:8e:ea:72:62:d0:2e:c1:15:cb:3d:f1:4d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 1 14:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0acbac9d19dac362c2b5fa0d98f51dd4629fee8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b6:61:ed:9d:43:59:bb:55:01:2c:77:c1:56:
96:a4:91:3c:94:91:ab:f6:df:4c:0e:e5:c5:b0:f4:
b8:49:b0:e2:7d:1e:a8:57:1e:e2:89:99:e8:74:c7:
4d:e0:9d:ed:da:51:0f:40:29:2f:e7:87:86:48:07:
f4:25:d5:07:07:4b:e0:45:c8:68:ab:3d:9e:ba:61:
07:05:cb:e3:2a:cb:7c:c6:ae:fd:d0:7f:6c:4a:79:
66:17:46:38:bb:96:a2:18:7d:03:34:c4:a1:96:d8:
b6:72:e1:71:63:f9:67:eb:08:47:3b:a3:da:0f:34:
0e:9d:68:ba:f5:4e:05:e8:98:bd:c6:65:6f:28:1d:
6c:f4:7b:ea:e5:e7:0c:4b:90:4b:bc:49:fd:46:f1:
7f:73:ce:5d:c7:f4:33:6c:7d:0d:ad:39:4e:81:aa:
ba:5f:d8:43:19:98:e2:10:42:ca:8b:d3:a7:84:f5:
fe:51:1d:67:2c:af:1a:22:ed:db:e3:74:b0:36:82:
2d:c6:58:8f:7c:7a:23:71:d2:8c:0f:c5:2d:83:c8:
ee:c1:14:c5:d7:f2:2d:a9:b9:26:c1:60:e9:e1:fc:
c1:41:55:ab:e5:1a:1a:61:1a:7e:07:7a:aa:0e:e8:
c1:f7:ca:5f:93:ad:f6:2f:8f:90:63:c6:b2:a3:f0:
12:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CB:AC:9D:19:DA:C3:62:C2:B5:FA:0D:98:F5:1D:D4:62:9F:EE:8F
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/CsusnRnaw2LCtfoNmPUd1GKf7o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.224.0/24
77.74.226.0/23
109.105.200.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:d2:8d:14:9f:b2:1b:69:82:34:98:bd:b4:cd:ff:23:d1:1c:
7a:28:04:1f:39:2e:18:87:5c:e6:70:33:ad:bc:96:45:9a:07:
f4:03:d7:a1:e0:2a:19:ed:23:2e:00:6a:0d:20:6d:02:60:ce:
1b:ce:a6:21:79:a3:31:33:91:a3:dd:ac:cb:32:c4:71:73:34:
ef:0f:40:68:b4:7d:ca:5e:83:2a:a4:9b:9f:ef:c3:2a:04:2a:
4b:f8:2f:7e:33:64:7d:8b:df:3b:de:27:18:f1:99:ea:f6:c3:
13:53:d9:93:61:32:1b:11:71:5f:57:f8:62:ec:16:76:9e:87:
36:c1:5d:18:6a:6b:d6:37:c9:7c:f6:e8:44:3c:84:fc:fc:4d:
7d:30:12:ed:2e:0d:26:4e:74:fd:52:6c:57:be:4a:84:f7:e0:
9b:b4:37:65:47:db:b7:5a:34:50:8c:27:57:57:35:e9:e9:1d:
35:41:53:bf:7f:67:2f:84:5a:12:c9:cb:c9:c4:bc:36:88:b1:
14:f7:1c:2e:4f:52:42:db:89:a9:a7:e6:11:de:b4:93:71:bf:
10:1d:40:9e:7e:fe:4b:68:34:23:f5:64:71:9a:7e:50:e0:78:
6f:0b:1c:c3:5e:79:70:82:32:bc:4f:ee:52:d4:53:22:57:b5:
48:c4:b1:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbt2O6nJi0C7BFcs98U1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNiYWM5ZDE5ZGFjMzYyYzJiNWZhMGQ5OGY1MWRkNDYyOWZlZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLZh7Z1DWbtVASx3wVaWpJE8lJGr
9t9MDuXFsPS4SbDifR6oVx7iiZnodMdN4J3t2lEPQCkv54eGSAf0JdUHB0vgRcho
qz2eumEHBcvjKst8xq790H9sSnlmF0Y4u5aiGH0DNMShlti2cuFxY/ln6whHO6Pa
DzQOnWi69U4F6Ji9xmVvKB1s9Hvq5ecMS5BLvEn9RvF/c85dx/QzbH0NrTlOgaq6
X9hDGZjiEELKi9OnhPX+UR1nLK8aIu3b43SwNoItxliPfHojcdKMD8Utg8juwRTF
1/ItqbkmwWDp4fzBQVWr5RoaYRp+B3qqDujB98pfk632L4+QY8ayo/ASkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFArLrJ0Z2sNiwrX6DZj1HdRin+6PMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvQ3N1c25SbmF3MkxDdGZvTm1QVWQxR0tmN284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATUrgAwQB
TUriAwQDbWnIMA0GCSqGSIb3DQEBCwUAA4IBAQCM0o0Un7IbaYI0mL20zf8j0Rx6
KAQfOS4Yh1zmcDOtvJZFmgf0A9eh4CoZ7SMuAGoNIG0CYM4bzqYheaMxM5Gj3azL
MsRxczTvD0BotH3KXoMqpJuf78MqBCpL+C9+M2R9i9873icY8Znq9sMTU9mTYTIb
EXFfV/hi7BZ2noc2wV0YamvWN8l89uhEPIT8/E19MBLtLg0mTnT9UmxXvkqE9+Cb
tDdlR9u3WjRQjCdXVzXp6R01QVO/f2cvhFoSycvJxLw2iLEU9xwuT1JC24mpp+YR
3rSTcb8QHUCefv5LaDQj9WRxmn5Q4HhvCxzDXnlwgjK8T+5S1FMiV7VIxLEE
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:45 2024 by rpki-client on console-fra.rpki-client.org