Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/D1pEXhqX4mvNWJZ5Ssy-dBOE-Vw.roa
File: D1pEXhqX4mvNWJZ5Ssy-dBOE-Vw.roa (raw, json)
Hash identifier: /J9K8jdcIJD/LKbrpG0jWB2zG/XFsDifkAcU/q5yovQ=
Subject key identifier: 0F:5A:44:5E:1A:97:E2:6B:CD:58:96:79:4A:CC:BE:74:13:84:F9:5C
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF39E9CFD6D46A0AACA59D1013B122
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/D1pEXhqX4mvNWJZ5Ssy-dBOE-Vw.roa
Signing time: Tue 02 Jan 2024 06:32:01 +0000
ROA not before: Tue 02 Jan 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51765
IP address blocks: 77.90.187.0/24 maxlen: 24
213.209.132.0/24 maxlen: 24
213.209.148.0/24 maxlen: 24
77.90.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:39:e9:cf:d6:d4:6a:0a:ac:a5:9d:10:13:b1:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f5a445e1a97e26bcd5896794accbe741384f95c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:76:60:83:87:b5:71:1c:8d:da:8a:39:8d:ec:
22:bb:4b:90:24:21:e8:af:4e:7f:9e:85:7f:40:38:
fb:3c:3d:08:ec:73:ea:06:e1:a3:62:6a:62:e1:84:
1d:a6:7a:f2:27:ed:9e:83:c6:6c:ec:5d:5f:30:63:
74:35:9b:fd:ed:c8:c2:f0:d4:af:22:7c:9f:f6:9d:
51:a2:38:a2:d1:85:e8:06:a0:a1:44:43:21:7c:29:
96:9d:c5:7c:06:9e:07:40:74:b5:6f:59:db:c9:7c:
3b:f9:d0:28:e4:47:c4:c0:ee:af:93:cf:b7:7b:93:
f2:39:16:34:35:c3:6b:1a:d3:95:af:86:ea:59:33:
3d:a9:19:6d:b0:4a:c5:6d:02:27:fe:5d:99:33:8e:
60:0e:2f:01:ae:06:c4:27:a6:61:48:1f:2d:08:8e:
7a:f2:2d:5f:0f:39:9e:18:70:2e:32:a3:f3:b6:39:
bd:f2:ee:9b:ac:f4:fb:6c:fa:91:3b:a6:fe:85:84:
0c:4a:9d:46:a5:34:ad:0f:2c:23:10:a9:49:d7:9a:
2c:84:9f:71:b0:a1:41:1d:66:92:ab:00:22:1e:20:
18:33:fa:e3:bd:ff:c9:c0:f6:89:8e:4c:4e:bb:d3:
35:34:de:c6:4c:f2:76:8f:1d:c8:f0:d7:ce:7c:6b:
b4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:5A:44:5E:1A:97:E2:6B:CD:58:96:79:4A:CC:BE:74:13:84:F9:5C
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/D1pEXhqX4mvNWJZ5Ssy-dBOE-Vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.176.0/24
77.90.187.0/24
213.209.132.0/24
213.209.148.0/24
Signature Algorithm: sha256WithRSAEncryption
91:8f:e8:2b:1a:b2:fa:b3:97:67:ac:89:17:83:ce:b8:25:b0:
0a:5b:d3:01:2f:e8:2a:6a:d9:cd:95:2d:49:8d:7c:65:9b:28:
a6:2f:e4:df:f3:18:0d:eb:a1:28:1c:d8:45:65:5e:1a:fa:5e:
2b:de:73:7d:4a:b3:76:2a:d0:2b:0f:e0:41:6b:c8:18:d9:ed:
d1:0d:ce:de:10:80:e9:78:40:53:b2:05:08:15:1d:cd:21:19:
0f:97:a5:29:1e:7e:6d:48:27:c9:ff:f0:fd:6c:34:a1:ee:4f:
ec:88:7d:1e:a6:6c:ee:d1:c7:08:40:dd:22:71:6a:ef:12:e9:
6a:77:82:f3:ac:3b:35:1e:1d:d0:ab:40:58:fb:a5:83:65:23:
60:cb:82:cb:fb:d8:a1:f6:02:37:4b:76:7d:bb:3d:41:68:0c:
f4:18:68:19:e8:c9:ab:7d:fb:b7:0e:99:0d:9e:47:2b:e2:6f:
f1:22:84:a0:c2:d7:d9:f6:95:a1:f4:67:b8:49:12:5b:b4:c9:
6d:a6:bd:32:88:a6:45:9a:9e:af:cf:3a:3f:ba:a7:8c:49:88:
b9:d7:b0:cf:6b:f7:d5:80:4b:77:7d:4c:b3:ff:8b:50:ae:1e:
ed:ba:76:b5:c0:27:bc:37:75:4c:9b:c5:09:a0:7f:c6:c7:f0:
2f:08:f0:07
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3znpz9bUagqspZ0QE7EiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjVhNDQ1ZTFhOTdlMjZiY2Q1ODk2Nzk0YWNjYmU3NDEzODRmOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHZgg4e1cRyN2oo5jewiu0uQJCHo
r05/noV/QDj7PD0I7HPqBuGjYmpi4YQdpnryJ+2eg8Zs7F1fMGN0NZv97cjC8NSv
Inyf9p1Rojii0YXoBqChREMhfCmWncV8Bp4HQHS1b1nbyXw7+dAo5EfEwO6vk8+3
e5PyORY0NcNrGtOVr4bqWTM9qRltsErFbQIn/l2ZM45gDi8BrgbEJ6ZhSB8tCI56
8i1fDzmeGHAuMqPztjm98u6brPT7bPqRO6b+hYQMSp1GpTStDywjEKlJ15oshJ9x
sKFBHWaSqwAiHiAYM/rjvf/JwPaJjkxOu9M1NN7GTPJ2jx3I8NfOfGu0PwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA9aRF4al+JrzViWeUrMvnQThPlcMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRDFwRVhocVg0bXZOV0paNVNzeS1kQk9FLVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATVqwAwQA
TVq7AwQA1dGEAwQA1dGUMA0GCSqGSIb3DQEBCwUAA4IBAQCRj+grGrL6s5dnrIkX
g864JbAKW9MBL+gqatnNlS1JjXxlmyimL+Tf8xgN66EoHNhFZV4a+l4r3nN9SrN2
KtArD+BBa8gY2e3RDc7eEIDpeEBTsgUIFR3NIRkPl6UpHn5tSCfJ//D9bDSh7k/s
iH0epmzu0ccIQN0icWrvEulqd4LzrDs1Hh3Qq0BY+6WDZSNgy4LL+9ih9gI3S3Z9
uz1BaAz0GGgZ6Mmrffu3DpkNnkcr4m/xIoSgwtfZ9pWh9Ge4SRJbtMltpr0yiKZF
mp6vzzo/uqeMSYi517DPa/fVgEt3fUyz/4tQrh7tuna1wCe8N3VMm8UJoH/Gx/Av
CPAH
-----END CERTIFICATE-----
Generated at Thu May 2 12:11:00 2024 by rpki-client on console-fra.rpki-client.org