Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/G4rTqfZNZKkaGBubcV6EG5BR33I.roa
File: G4rTqfZNZKkaGBubcV6EG5BR33I.roa (raw, json)
Hash identifier: b8G73E3DGy04cqoIaZrn2r8qPuUcFw2Rs3xpnxg9G3M=
Subject key identifier: 1B:8A:D3:A9:F6:4D:64:A9:1A:18:1B:9B:71:5E:84:1B:90:51:DF:72
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF3DFBDC61ACB861EFD3BA1FC5B014
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/G4rTqfZNZKkaGBubcV6EG5BR33I.roa
Signing time: Tue 02 Jan 2024 06:32:02 +0000
ROA not before: Tue 02 Jan 2024 06:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 77.90.159.0/24 maxlen: 24
77.90.158.0/24 maxlen: 24
77.90.165.0/24 maxlen: 24
77.90.160.0/24 maxlen: 24
77.90.163.0/24 maxlen: 24
77.90.161.0/24 maxlen: 24
77.90.162.0/24 maxlen: 24
77.90.171.0/24 maxlen: 24
77.90.172.0/24 maxlen: 24
77.90.167.0/24 maxlen: 24
77.90.170.0/24 maxlen: 24
77.90.168.0/24 maxlen: 24
77.90.169.0/24 maxlen: 24
77.90.174.0/24 maxlen: 24
77.90.177.0/24 maxlen: 24
77.90.175.0/24 maxlen: 24
77.90.182.0/24 maxlen: 24
77.90.186.0/24 maxlen: 24
213.209.131.0/24 maxlen: 24
213.209.139.0/24 maxlen: 24
213.209.137.0/24 maxlen: 24
213.209.135.0/24 maxlen: 24
213.209.152.0/24 maxlen: 24
213.209.154.0/24 maxlen: 24
213.209.155.0/24 maxlen: 24
213.209.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3d:fb:dc:61:ac:b8:61:ef:d3:ba:1f:c5:b0:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b8ad3a9f64d64a91a181b9b715e841b9051df72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f7:9e:2a:5c:c8:b6:b8:86:11:e6:27:0f:79:
89:d9:aa:46:05:e6:4d:fd:fb:3b:c0:6c:01:42:3e:
6e:cf:37:5a:96:be:04:6d:ca:fb:42:20:39:6c:1f:
7e:a8:2e:92:ff:75:ef:6e:f2:59:85:5d:43:95:15:
e7:95:fc:ea:a8:0b:e3:80:5c:58:29:e9:b7:2e:8a:
d9:a3:1e:eb:77:8a:5b:4e:14:9a:9d:83:93:94:09:
7e:3c:69:50:df:18:4d:5e:d2:dd:ec:4a:c1:c3:d5:
fc:ff:c8:be:c9:e5:d5:d8:b4:27:1e:21:55:33:ce:
82:66:58:6e:e5:38:3d:71:f5:34:c2:a1:75:86:22:
f4:18:06:ef:5c:72:0c:da:c0:9d:6e:25:e4:bd:48:
1f:1b:43:e3:a3:ca:22:0e:c5:8a:6a:82:13:88:c1:
e0:fb:1b:9f:a5:cb:dc:da:77:bb:ee:f7:87:ec:f9:
f0:c4:86:c0:0a:59:d2:7a:06:8d:28:ac:be:dd:46:
91:62:6a:33:52:e3:21:2b:a2:63:85:c5:73:bf:a1:
9d:a4:01:1a:63:bb:c6:10:a4:cb:5e:c8:5e:58:eb:
43:22:43:87:44:f8:82:ee:09:66:32:aa:10:8b:84:
79:32:bf:2e:91:ed:cc:3d:52:4d:08:8c:b6:81:d2:
25:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:8A:D3:A9:F6:4D:64:A9:1A:18:1B:9B:71:5E:84:1B:90:51:DF:72
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/G4rTqfZNZKkaGBubcV6EG5BR33I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.158.0-77.90.163.255
77.90.165.0/24
77.90.167.0-77.90.172.255
77.90.174.0/23
77.90.177.0/24
77.90.182.0/24
77.90.186.0/24
213.209.131.0/24
213.209.135.0/24
213.209.137.0/24
213.209.139.0/24
213.209.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:e3:1d:a7:7f:bf:b1:7b:a4:dc:06:2a:01:3d:13:d2:2e:98:
94:bc:f7:79:e8:11:bd:db:c2:cd:65:10:22:5e:9a:b6:a1:21:
bd:df:75:ee:20:54:64:0f:62:24:c4:c6:49:1b:f6:96:f1:c3:
9f:94:00:a1:e0:c6:13:49:fb:d6:1b:88:86:00:24:09:68:28:
32:9d:07:3e:38:a8:d4:db:a3:8c:04:1b:bf:1b:3c:bf:ef:47:
db:64:a7:a8:a1:44:86:39:b6:10:e1:dc:d4:a1:c4:9a:0e:09:
28:a2:04:e2:90:33:33:21:38:6a:f1:01:4c:5d:5e:39:03:3e:
54:07:31:1c:94:b0:fd:43:37:65:11:5e:59:b4:1c:f3:ea:02:
d9:41:a6:78:33:76:2c:52:6c:4e:7f:27:a9:91:25:82:51:40:
86:8a:34:43:79:47:14:d7:c5:4a:b3:58:f0:85:2c:3f:1e:be:
a2:9a:36:34:51:c4:b4:56:97:a3:43:78:51:80:49:82:41:8d:
0d:8a:5c:e6:22:f6:87:1a:bb:0e:f7:e5:1b:67:f0:99:dc:6c:
b6:bf:8c:a9:98:80:0c:0f:5e:eb:0f:e4:04:3d:fb:a8:a1:1f:
3e:82:72:59:af:68:b0:a7:9a:74:b4:d7:08:b6:62:6e:03:8b:
7b:67:cd:8a
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzI3z373GGsuGHv07ofxbAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjhhZDNhOWY2NGQ2NGE5MWExODFiOWI3MTVlODQxYjkwNTFkZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiveeKlzItriGEeYnD3mJ2apGBeZN
/fs7wGwBQj5uzzdalr4Ebcr7QiA5bB9+qC6S/3XvbvJZhV1DlRXnlfzqqAvjgFxY
Kem3LorZox7rd4pbThSanYOTlAl+PGlQ3xhNXtLd7ErBw9X8/8i+yeXV2LQnHiFV
M86CZlhu5Tg9cfU0wqF1hiL0GAbvXHIM2sCdbiXkvUgfG0Pjo8oiDsWKaoITiMHg
+xufpcvc2ne77veH7PnwxIbAClnSegaNKKy+3UaRYmozUuMhK6JjhcVzv6GdpAEa
Y7vGEKTLXsheWOtDIkOHRPiC7glmMqoQi4R5Mr8uke3MPVJNCIy2gdIlAwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFBuK06n2TWSpGhgbm3FehBuQUd9yMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvRzRyVHFmWk5aS2thR0J1YmNWNkVHNUJSMzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBAFNWp4D
BAJNWqADBABNWqUwDAMEAE1apwMEAE1arAMEAU1argMEAE1asQMEAE1atgMEAE1a
ugMEANXRgwMEANXRhwMEANXRiQMEANXRiwMEAtXRmDANBgkqhkiG9w0BAQsFAAOC
AQEAPeMdp3+/sXuk3AYqAT0T0i6YlLz3eegRvdvCzWUQIl6atqEhvd917iBUZA9i
JMTGSRv2lvHDn5QAoeDGE0n71huIhgAkCWgoMp0HPjio1NujjAQbvxs8v+9H22Sn
qKFEhjm2EOHc1KHEmg4JKKIE4pAzMyE4avEBTF1eOQM+VAcxHJSw/UM3ZRFeWbQc
8+oC2UGmeDN2LFJsTn8nqZElglFAhoo0Q3lHFNfFSrNY8IUsPx6+opo2NFHEtFaX
o0N4UYBJgkGNDYpc5iL2hxq7DvflG2fwmdxstr+MqZiADA9e6w/kBD37qKEfPoJy
Wa9osKeadLTXCLZibgOLe2fNig==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:27:21 2024 by rpki-client on console-ams.rpki-client.org