Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/dc5c07-eb30-408f-858a-ea469c860dc6/1/yCCSv64yKjziXUfq0c_jn-N3rRk.roa
File: yCCSv64yKjziXUfq0c_jn-N3rRk.roa (raw, json)
Hash identifier: kLtxGZTwQJP0bUha/IEcfy6qHmpfmHDJcJsOxfQE05g=
Subject key identifier: C8:20:92:BF:AE:32:2A:3C:E2:5D:47:EA:D1:CF:E3:9F:E3:77:AD:19
Certificate issuer: /CN=9d26649e4f2c795ffe540f9d97f26e99c5c5e3ff
Certificate serial: 018CC9BC14DF907007221FC8067F6A5EAE57
Authority key identifier: 9D:26:64:9E:4F:2C:79:5F:FE:54:0F:9D:97:F2:6E:99:C5:C5:E3:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSZknk8seV_-VA-dl_JumcXF4_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/dc5c07-eb30-408f-858a-ea469c860dc6/1/yCCSv64yKjziXUfq0c_jn-N3rRk.roa
Signing time: Tue 02 Jan 2024 10:33:15 +0000
ROA not before: Tue 02 Jan 2024 10:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 786
IP address blocks: 77.87.24.0/21 maxlen: 24
87.32.0.0/12 maxlen: 24
45.144.8.0/22 maxlen: 24
91.193.188.0/22 maxlen: 24
91.123.224.0/20 maxlen: 24
193.1.0.0/16 maxlen: 24
2001:770::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/dc5c07-eb30-408f-858a-ea469c860dc6/1/nSZknk8seV_-VA-dl_JumcXF4_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/dc5c07-eb30-408f-858a-ea469c860dc6/1/nSZknk8seV_-VA-dl_JumcXF4_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSZknk8seV_-VA-dl_JumcXF4_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:14:df:90:70:07:22:1f:c8:06:7f:6a:5e:ae:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d26649e4f2c795ffe540f9d97f26e99c5c5e3ff
Validity
Not Before: Jan 2 10:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c82092bfae322a3ce25d47ead1cfe39fe377ad19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b6:36:8c:10:b3:30:6d:58:d5:43:e2:59:3c:
6a:57:e9:ed:7d:97:d2:dc:a5:79:bd:09:fb:bc:ff:
de:be:81:ea:61:b0:2d:10:07:80:e4:31:9c:27:a4:
0c:83:42:8c:dd:d4:b6:95:ee:b8:cc:c1:3e:b9:21:
a9:ba:52:f4:2d:0e:65:84:35:3b:c0:d1:f3:27:3a:
69:b5:b7:04:38:9c:80:1e:c5:08:2d:0e:28:d8:f0:
ca:db:8b:b9:ac:36:55:c0:79:7c:c2:4d:4d:fe:31:
8e:f4:23:89:bb:02:0f:f0:a1:df:81:6f:bc:e8:e4:
1c:08:f2:9e:7f:06:3f:a6:97:68:fd:61:88:c5:b8:
19:a6:e7:8c:d7:23:2d:af:e7:e6:32:4d:6e:10:69:
ca:d7:46:46:46:03:44:e0:34:d0:a9:32:26:55:d6:
cd:a0:5c:18:b5:87:ad:48:c8:d9:62:ce:e7:f2:ff:
40:f7:7b:b3:2d:d6:61:04:d3:d4:1f:b3:30:79:34:
a4:05:35:0b:34:e4:9b:92:d2:9a:7f:2f:8a:6d:0f:
cf:d7:6b:28:28:fc:e2:6a:b2:fa:e2:52:9c:c9:56:
7c:8c:28:f9:2b:ef:17:87:e3:36:f6:c0:e0:2d:47:
96:83:6f:2d:66:b0:b8:0e:fe:2c:f7:99:d5:72:74:
61:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:20:92:BF:AE:32:2A:3C:E2:5D:47:EA:D1:CF:E3:9F:E3:77:AD:19
X509v3 Authority Key Identifier:
keyid:9D:26:64:9E:4F:2C:79:5F:FE:54:0F:9D:97:F2:6E:99:C5:C5:E3:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSZknk8seV_-VA-dl_JumcXF4_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc5c07-eb30-408f-858a-ea469c860dc6/1/yCCSv64yKjziXUfq0c_jn-N3rRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/dc5c07-eb30-408f-858a-ea469c860dc6/1/nSZknk8seV_-VA-dl_JumcXF4_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.8.0/22
77.87.24.0/21
87.32.0.0/12
91.123.224.0/20
91.193.188.0/22
193.1.0.0/16
IPv6:
2001:770::/32
Signature Algorithm: sha256WithRSAEncryption
69:af:77:d1:4c:b0:78:2c:1a:c0:2e:31:92:1c:4d:43:61:30:
48:43:66:1b:68:71:8d:5a:3e:f3:c4:90:8c:41:92:27:69:e2:
8d:69:f1:bf:08:da:3b:42:e6:ba:d0:86:b4:d0:cb:6e:b5:9a:
8e:39:af:81:b0:fc:2a:25:4d:2a:65:18:48:31:ba:a8:33:4c:
43:b6:2c:17:61:3d:64:4e:df:2c:94:1c:dd:31:4d:5a:ea:3e:
4c:a6:b9:bc:ad:7d:66:e2:3e:f8:07:b2:ee:96:c2:63:15:8b:
8c:16:92:ef:9b:79:fc:59:19:e6:3e:44:0f:45:c7:c3:f1:cd:
5c:47:03:2a:60:17:f3:b6:68:8b:23:47:57:78:ba:44:5f:f1:
c6:93:c4:ff:11:d2:52:3c:59:80:e6:0f:79:1d:10:b1:91:04:
c2:20:09:e6:5b:9b:f0:15:27:a9:ed:c2:38:e7:4a:f2:51:10:
63:1b:fc:d2:9d:89:12:62:9e:52:4d:16:67:70:25:7b:a7:78:
6c:b5:d5:4a:8a:a0:aa:89:a5:9f:af:7c:35:4b:94:2d:64:78:
d4:47:c2:30:ba:8d:a8:3a:5b:18:14:bd:59:ce:47:24:13:dc:
4f:80:2f:db:35:3a:75:36:90:22:b2:89:ff:b8:ac:a5:d0:e5:
0e:13:24:0b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzJvBTfkHAHIh/IBn9qXq5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjY2NDllNGYyYzc5NWZmZTU0MGY5ZDk3ZjI2ZTk5YzVj
NWUzZmYwHhcNMjQwMTAyMTAzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODIwOTJiZmFlMzIyYTNjZTI1ZDQ3ZWFkMWNmZTM5ZmUzNzdhZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7Y2jBCzMG1Y1UPiWTxqV+ntfZfS
3KV5vQn7vP/evoHqYbAtEAeA5DGcJ6QMg0KM3dS2le64zME+uSGpulL0LQ5lhDU7
wNHzJzpptbcEOJyAHsUILQ4o2PDK24u5rDZVwHl8wk1N/jGO9COJuwIP8KHfgW+8
6OQcCPKefwY/ppdo/WGIxbgZpueM1yMtr+fmMk1uEGnK10ZGRgNE4DTQqTImVdbN
oFwYtYetSMjZYs7n8v9A93uzLdZhBNPUH7MweTSkBTULNOSbktKafy+KbQ/P12so
KPziarL64lKcyVZ8jCj5K+8Xh+M29sDgLUeWg28tZrC4Dv4s95nVcnRhKQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFMggkr+uMio84l1H6tHP45/jd60ZMB8GA1UdIwQY
MBaAFJ0mZJ5PLHlf/lQPnZfybpnFxeP/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNaa25rOHNlVl8tVkEtZGxfSnVtY1hGNF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kYzVjMDctZWIzMC00MDhmLTg1OGEt
ZWE0NjljODYwZGM2LzEveUNDU3Y2NHlLanppWFVmcTBjX2puLU4zclJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kYzVjMDctZWIzMC00MDhmLTg1OGEtZWE0NjljODYwZGM2
LzEvblNaa25rOHNlVl8tVkEtZGxfSnVtY1hGNF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiAwQCLZAIAwQD
TVcYAwMEVyADBARbe+ADBAJbwbwDAwDBATANBAIAAjAHAwUAIAEHcDANBgkqhkiG
9w0BAQsFAAOCAQEAaa930UyweCwawC4xkhxNQ2EwSENmG2hxjVo+88SQjEGSJ2ni
jWnxvwjaO0LmutCGtNDLbrWajjmvgbD8KiVNKmUYSDG6qDNMQ7YsF2E9ZE7fLJQc
3TFNWuo+TKa5vK19ZuI++Aey7pbCYxWLjBaS75t5/FkZ5j5ED0XHw/HNXEcDKmAX
87ZoiyNHV3i6RF/xxpPE/xHSUjxZgOYPeR0QsZEEwiAJ5lub8BUnqe3COOdK8lEQ
Yxv80p2JEmKeUk0WZ3Ale6d4bLXVSoqgqomln698NUuULWR41EfCMLqNqDpbGBS9
Wc5HJBPcT4Av2zU6dTaQIrKJ/7ispdDlDhMkCw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:10:42 2024 by rpki-client on console-ams.rpki-client.org