Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/KORxHWyQyPXJ2bzo8VZwhcrvq2I.roa
File: KORxHWyQyPXJ2bzo8VZwhcrvq2I.roa (raw, json)
Hash identifier: 6QJVb6bycyUSibnB6y/9KE0u2mYGn8CS3q3rqMAIx/Y=
Subject key identifier: 28:E4:71:1D:6C:90:C8:F5:C9:D9:BC:E8:F1:56:70:85:CA:EF:AB:62
Certificate issuer: /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial: 018CC56EDD5ACEC7C6748829A252E4DBA564
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/KORxHWyQyPXJ2bzo8VZwhcrvq2I.roa
Signing time: Mon 01 Jan 2024 14:30:26 +0000
ROA not before: Mon 01 Jan 2024 14:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43179
IP address blocks: 77.74.226.0/24 maxlen: 24
77.74.224.0/24 maxlen: 24
77.74.227.0/24 maxlen: 24
109.105.206.0/24 maxlen: 24
109.105.204.0/24 maxlen: 24
109.105.202.0/24 maxlen: 24
109.105.203.0/24 maxlen: 24
109.105.201.0/24 maxlen: 24
109.105.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:dd:5a:ce:c7:c6:74:88:29:a2:52:e4:db:a5:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Validity
Not Before: Jan 1 14:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28e4711d6c90c8f5c9d9bce8f1567085caefab62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7b:4c:1d:e4:1f:52:fe:63:fd:d5:56:11:a1:
43:44:28:93:14:f7:44:97:a0:1d:5b:eb:99:c3:a1:
d3:da:23:74:a6:89:79:a2:7f:5f:2b:35:5f:b4:ce:
a6:c2:46:ad:c5:f7:cc:8e:68:d1:13:b8:d0:22:fd:
8c:f6:d5:ad:96:51:a4:c8:29:4e:0e:9e:81:e8:8e:
6b:dc:cc:c0:03:de:02:8f:59:b8:10:11:3f:f4:5a:
2e:e6:78:aa:b1:d3:88:57:1f:bd:2d:4a:bb:8f:6a:
38:d9:d3:4e:82:dd:52:09:14:5e:69:a6:84:19:3b:
d7:2f:45:53:95:32:a3:85:26:6a:7e:5a:39:c2:8e:
e7:45:76:ae:c5:e9:d7:fd:7c:55:cd:e7:fb:a1:c8:
91:d2:dc:28:fd:a5:97:7e:20:77:8b:d9:e4:05:fd:
46:b2:f5:a4:a8:3c:8a:c9:81:db:83:9e:3d:9e:9f:
30:fe:35:79:c7:fa:44:83:67:39:74:9e:e0:4b:0c:
b9:c3:ae:35:bd:a9:47:33:05:ea:83:9b:e3:81:2f:
a5:01:0a:30:3c:34:d1:41:3c:72:05:d9:cc:e1:a9:
88:76:a4:04:1d:03:ce:1c:02:af:6f:3e:d0:58:68:
12:25:3b:5b:34:3b:d3:17:b9:5b:d9:2c:fb:f2:df:
8d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E4:71:1D:6C:90:C8:F5:C9:D9:BC:E8:F1:56:70:85:CA:EF:AB:62
X509v3 Authority Key Identifier:
keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/KORxHWyQyPXJ2bzo8VZwhcrvq2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.224.0/24
77.74.226.0/23
109.105.200.0-109.105.204.255
109.105.206.0/24
Signature Algorithm: sha256WithRSAEncryption
92:8b:24:5d:6a:e8:30:ce:f8:22:d3:c9:8e:95:04:b1:bd:a6:
ee:aa:80:6c:c3:a1:91:19:c5:65:fc:3b:5e:aa:3b:f6:fc:f6:
06:b8:eb:d9:68:7a:f2:ec:5f:79:9c:25:d5:05:95:22:2f:d0:
a8:5a:e6:94:26:75:1d:f8:70:ef:15:15:ad:31:d2:45:4e:53:
af:58:e5:88:72:dc:ab:8b:2c:f6:4b:4f:18:d4:bd:91:11:8b:
da:82:fa:ca:ff:97:d9:e4:1f:cd:60:92:bf:20:c8:73:ed:a0:
f0:1e:e5:e7:4c:a1:79:da:bb:7d:76:22:80:83:78:8f:7d:a7:
00:27:d6:09:07:7e:f3:f6:fc:b0:a8:fe:32:ca:e4:40:3a:7a:
d7:06:3b:4b:d4:16:7a:7b:11:b0:8f:fb:16:a8:8c:99:46:12:
9c:de:54:a6:e3:a4:88:4a:c0:2e:27:3e:bd:d4:65:63:c3:b2:
30:1a:29:3a:90:12:a0:f8:48:43:4b:03:94:fa:88:59:ce:4a:
f6:68:29:48:a9:a0:02:ac:4a:70:93:b7:2c:29:c5:fa:a3:cb:
1b:96:51:5f:16:ba:dc:69:a7:7c:ba:a2:f2:93:b9:cf:42:de:
15:cc:d8:53:02:52:61:4b:0e:4b:de:d3:0a:b1:84:e3:3a:5c:
7f:9f:45:cf
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFbt1azsfGdIgpolLk26VkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGU0NzExZDZjOTBjOGY1YzlkOWJjZThmMTU2NzA4NWNhZWZhYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3tMHeQfUv5j/dVWEaFDRCiTFPdE
l6AdW+uZw6HT2iN0pol5on9fKzVftM6mwkatxffMjmjRE7jQIv2M9tWtllGkyClO
Dp6B6I5r3MzAA94Cj1m4EBE/9Fou5niqsdOIVx+9LUq7j2o42dNOgt1SCRReaaaE
GTvXL0VTlTKjhSZqflo5wo7nRXauxenX/XxVzef7ociR0two/aWXfiB3i9nkBf1G
svWkqDyKyYHbg549np8w/jV5x/pEg2c5dJ7gSwy5w641valHMwXqg5vjgS+lAQow
PDTRQTxyBdnM4amIdqQEHQPOHAKvbz7QWGgSJTtbNDvTF7lb2Sz78t+N/wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCjkcR1skMj1ydm86PFWcIXK76tiMB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvS09SeEhXeVF5UFhKMmJ6bzhWWndoY3J2cTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATUrgAwQB
TUriMAwDBANtacgDBABtacwDBABtac4wDQYJKoZIhvcNAQELBQADggEBAJKLJF1q
6DDO+CLTyY6VBLG9pu6qgGzDoZEZxWX8O16qO/b89ga469loevLsX3mcJdUFlSIv
0Kha5pQmdR34cO8VFa0x0kVOU69Y5Yhy3KuLLPZLTxjUvZERi9qC+sr/l9nkH81g
kr8gyHPtoPAe5edMoXnau312IoCDeI99pwAn1gkHfvP2/LCo/jLK5EA6etcGO0vU
Fnp7EbCP+xaojJlGEpzeVKbjpIhKwC4nPr3UZWPDsjAaKTqQEqD4SENLA5T6iFnO
SvZoKUipoAKsSnCTtywpxfqjyxuWUV8Wutxpp3y6ovKTuc9C3hXM2FMCUmFLDkve
0wqxhOM6XH+fRc8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:54 2024 by rpki-client on console-ams.rpki-client.org