Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/1-UCcZ1uSjRKd8PLkzEsyhw03z7g.roa
File: 1-UCcZ1uSjRKd8PLkzEsyhw03z7g.roa (raw, json)
Hash identifier: g/Emjbpb5zaFHfVseRmRMMFNipNweX5/GVyqhAQHrJQ=
Subject key identifier: F9:40:9C:67:5B:92:8D:12:9D:F0:F2:E4:CC:4B:32:87:0D:37:CF:B8
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 018CCA99A01729E9DA387C0E30AA85F22DF2
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/1-UCcZ1uSjRKd8PLkzEsyhw03z7g.roa
Signing time: Tue 02 Jan 2024 14:35:14 +0000
ROA not before: Tue 02 Jan 2024 14:35:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205191
IP address blocks: 77.224.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:a0:17:29:e9:da:38:7c:0e:30:aa:85:f2:2d:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jan 2 14:35:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9409c675b928d129df0f2e4cc4b32870d37cfb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ba:d7:d8:62:e1:91:0a:a2:f8:f0:24:d0:64:
8b:bc:d9:ef:ce:b8:5b:41:0b:0e:f7:08:65:71:08:
6c:35:66:27:f9:93:0d:19:c0:25:c1:e3:f7:cc:4d:
78:cb:17:c9:fe:2b:ed:8c:df:7d:48:17:3d:0f:4d:
15:d1:b5:a3:f3:99:c0:5e:19:8c:ee:98:84:00:5e:
5b:a4:29:48:66:99:4d:b2:f9:02:3f:00:30:9f:5b:
8b:7a:60:66:6a:57:47:31:49:f6:e7:33:53:28:84:
60:3d:d4:25:63:df:b9:5a:01:4c:68:99:6c:e3:32:
51:8c:d5:3d:a7:11:30:4b:b8:bb:90:bd:78:e5:0f:
de:50:13:ee:15:40:1a:28:34:0d:b1:64:c8:f2:f3:
71:ac:5a:1d:df:45:51:af:d4:34:1c:da:f0:dc:8e:
6e:d3:c1:b7:b1:36:df:e1:8d:d0:35:24:97:5b:0e:
24:8d:19:95:d5:bc:65:c3:b4:98:d5:33:8b:62:69:
6d:c2:c8:03:c9:d6:26:98:3e:0e:62:ed:ab:5c:e7:
59:07:e6:9f:29:de:7f:2f:4e:4e:aa:99:ec:98:50:
ee:26:e0:a7:c2:74:d9:dc:15:88:06:2a:f5:96:8f:
cd:64:77:3f:1a:de:f6:75:23:3e:60:b2:ee:b5:d4:
9f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:40:9C:67:5B:92:8D:12:9D:F0:F2:E4:CC:4B:32:87:0D:37:CF:B8
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/1-UCcZ1uSjRKd8PLkzEsyhw03z7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.224.68.0/24
Signature Algorithm: sha256WithRSAEncryption
68:35:a1:35:eb:6d:9e:a0:9b:a2:d3:62:26:11:54:cd:5c:e9:
e8:40:58:a1:0b:9c:d1:2a:8b:c4:52:e6:63:ed:a8:09:5e:c4:
aa:0b:ad:60:34:28:85:00:80:1b:51:e3:d8:68:a9:5a:47:79:
10:bf:02:8c:fd:17:b0:84:dc:4e:ab:45:5a:4b:d4:d5:bb:8f:
64:66:f6:f3:aa:19:e0:87:b0:59:97:c7:91:fc:a5:f7:37:a4:
da:ac:3b:e1:01:2e:87:88:c5:c1:34:dc:42:66:7b:97:04:10:
01:40:72:07:8c:8e:19:08:af:84:a3:de:02:3c:22:df:a9:02:
94:66:bd:e2:88:b6:c9:12:e5:80:46:04:10:dd:83:ca:e7:70:
5c:ce:d6:08:d3:98:21:ce:d3:1b:fd:cc:a1:31:52:2d:93:ad:
d6:76:d5:a3:23:95:86:51:1e:b6:9c:4a:8d:ea:f1:54:24:7f:
b8:af:1f:a5:20:ae:26:9c:84:75:31:66:7b:8b:7d:0e:19:1d:
62:d1:a6:31:f8:f0:0c:ac:7e:33:69:6f:8a:fb:3f:20:ce:f1:
2e:9f:36:f4:01:9f:63:72:be:71:0b:fc:9c:be:b3:b6:21:e8:
09:f9:a0:03:38:38:67:ec:0d:42:e5:4f:10:b8:1e:c1:0a:ca:
64:fe:5a:06
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKmaAXKenaOHwOMKqF8i3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjQwMTAyMTQzNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQwOWM2NzViOTI4ZDEyOWRmMGYyZTRjYzRiMzI4NzBkMzdjZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrrX2GLhkQqi+PAk0GSLvNnvzrhb
QQsO9whlcQhsNWYn+ZMNGcAlweP3zE14yxfJ/ivtjN99SBc9D00V0bWj85nAXhmM
7piEAF5bpClIZplNsvkCPwAwn1uLemBmaldHMUn25zNTKIRgPdQlY9+5WgFMaJls
4zJRjNU9pxEwS7i7kL145Q/eUBPuFUAaKDQNsWTI8vNxrFod30VRr9Q0HNrw3I5u
08G3sTbf4Y3QNSSXWw4kjRmV1bxlw7SY1TOLYmltwsgDydYmmD4OYu2rXOdZB+af
Kd5/L05OqpnsmFDuJuCnwnTZ3BWIBir1lo/NZHc/Gt72dSM+YLLutdSf5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlAnGdbko0SnfDy5MxLMocNN8+4MB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvMS1VQ2NaMXVTalJLZDhQTGt6RXN5aHcwM3o3Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjcvYzU1YWIwLWVhMjItNGExOS04YjMzLTI1MDUwYzU5M2Fh
MS8xL05TcmpPeEd6YWpHYnFCTkgyRkpJRFk1MHlIMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE3gRDAN
BgkqhkiG9w0BAQsFAAOCAQEAaDWhNettnqCbotNiJhFUzVzp6EBYoQuc0SqLxFLm
Y+2oCV7EqgutYDQohQCAG1Hj2GipWkd5EL8CjP0XsITcTqtFWkvU1buPZGb286oZ
4IewWZfHkfyl9zek2qw74QEuh4jFwTTcQmZ7lwQQAUByB4yOGQivhKPeAjwi36kC
lGa94oi2yRLlgEYEEN2DyudwXM7WCNOYIc7TG/3MoTFSLZOt1nbVoyOVhlEetpxK
jerxVCR/uK8fpSCuJpyEdTFme4t9DhkdYtGmMfjwDKx+M2lvivs/IM7xLp829AGf
Y3K+cQv8nL6ztiHoCfmgAzg4Z+wNQuVPELgewQrKZP5aBg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:37:04 2024 by rpki-client on console-ams.rpki-client.org