Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KgfsR_XFUJ-rCOtkwLfjQDiJjOI.roa
File: KgfsR_XFUJ-rCOtkwLfjQDiJjOI.roa (raw, json)
Hash identifier: hcuq6MHrkRs/rn1L1r4ylHQeITEuRlD7t0ipX9a07GQ=
Subject key identifier: 2A:07:EC:47:F5:C5:50:9F:AB:08:EB:64:C0:B7:E3:40:38:89:8C:E2
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF3AECE50302666DC3775E15AB852F
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KgfsR_XFUJ-rCOtkwLfjQDiJjOI.roa
Signing time: Tue 02 Jan 2024 06:32:01 +0000
ROA not before: Tue 02 Jan 2024 06:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 77.90.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3a:ec:e5:03:02:66:6d:c3:77:5e:15:ab:85:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a07ec47f5c5509fab08eb64c0b7e34038898ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:79:84:ec:b1:8d:e7:b1:8b:92:1b:e7:1a:71:
65:1c:45:7a:24:c7:b7:78:3f:dc:c8:9b:56:b8:b2:
2c:8d:17:22:81:ce:b4:a8:fc:07:c8:61:be:b3:4e:
0c:1e:0a:5d:de:06:50:d0:05:b2:5a:28:9c:fd:48:
66:eb:ed:ee:a6:3c:44:ac:6f:c6:52:8f:0b:7c:8b:
c1:bf:27:0f:ac:c3:af:09:8e:15:5c:96:57:53:a3:
60:5c:c3:18:d6:a6:95:78:66:6d:0e:40:44:03:5c:
42:73:64:95:f4:97:59:3f:5f:1f:29:dd:ed:0f:66:
85:21:70:43:04:50:4d:cc:27:1a:88:fe:9a:ed:12:
62:3d:e3:46:85:fe:40:9d:66:57:3a:49:44:c8:51:
bd:fc:06:ad:d8:d7:eb:0e:61:ca:b3:97:b0:9e:f9:
0e:24:7c:ee:8d:a8:47:82:db:50:a3:1a:36:03:64:
1c:7b:a0:89:b2:11:a7:2d:07:c7:4c:30:81:06:c7:
f5:ac:85:ba:28:b8:00:96:ec:89:4d:a3:6a:ee:85:
cc:a5:6b:a8:cd:4b:33:aa:aa:eb:55:83:55:6d:cd:
1f:0d:97:25:4d:5d:0e:89:27:5b:fb:bf:70:5d:d5:
78:41:0d:50:62:51:9a:b7:0e:aa:68:24:88:9d:c1:
6b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:07:EC:47:F5:C5:50:9F:AB:08:EB:64:C0:B7:E3:40:38:89:8C:E2
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/KgfsR_XFUJ-rCOtkwLfjQDiJjOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.178.0/24
Signature Algorithm: sha256WithRSAEncryption
71:5f:62:22:ff:00:72:78:7a:8a:58:95:93:98:15:4f:af:f9:
55:ee:3d:28:3d:7c:db:10:7b:f8:8e:1c:1f:8a:c6:1e:9e:32:
2a:07:bf:4b:54:e6:2f:37:39:c5:3b:08:b5:7c:e3:46:e4:e4:
05:29:e5:f1:97:ef:89:8b:74:83:f6:43:e8:f9:fc:b0:a3:dc:
a1:35:7d:ef:53:7a:7a:ac:40:0d:ea:1a:6f:b2:c9:fb:c1:30:
6b:ee:c1:48:9b:d2:4e:e3:b2:a3:1b:94:57:60:da:5e:0e:c7:
b8:ee:c7:7d:b1:eb:e7:69:79:ec:c4:aa:30:b8:3b:74:e5:c8:
e8:23:17:e2:b8:63:52:c1:ea:41:a0:f3:89:c2:16:d0:f7:12:
2a:82:22:80:55:78:a4:21:98:9e:53:6b:da:38:76:08:a1:0c:
2e:cb:95:a2:41:0b:19:fd:11:a2:56:22:68:eb:62:18:73:04:
a5:0f:49:6a:54:a0:6d:87:2d:09:39:dc:c1:17:19:47:70:67:
d7:b0:68:83:b8:5e:73:26:ff:74:7f:2d:f5:34:9d:30:33:41:
c7:43:32:ff:73:a0:74:4d:c0:f5:c1:72:64:0a:bf:0c:44:98:
97:c0:48:78:f9:95:97:23:51:1b:a5:7e:e5:8a:77:90:9d:1c:
b9:55:0f:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3zrs5QMCZm3Dd14Vq4UvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA3ZWM0N2Y1YzU1MDlmYWIwOGViNjRjMGI3ZTM0MDM4ODk4Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3mE7LGN57GLkhvnGnFlHEV6JMe3
eD/cyJtWuLIsjRcigc60qPwHyGG+s04MHgpd3gZQ0AWyWiic/Uhm6+3upjxErG/G
Uo8LfIvBvycPrMOvCY4VXJZXU6NgXMMY1qaVeGZtDkBEA1xCc2SV9JdZP18fKd3t
D2aFIXBDBFBNzCcaiP6a7RJiPeNGhf5AnWZXOklEyFG9/Aat2NfrDmHKs5ewnvkO
JHzujahHgttQoxo2A2Qce6CJshGnLQfHTDCBBsf1rIW6KLgAluyJTaNq7oXMpWuo
zUszqqrrVYNVbc0fDZclTV0OiSdb+79wXdV4QQ1QYlGatw6qaCSIncFr1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCoH7Ef1xVCfqwjrZMC340A4iYziMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvS2dmc1JfWEZVSi1yQ090a3dMZmpRRGlKak9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVqyMA0G
CSqGSIb3DQEBCwUAA4IBAQBxX2Ii/wByeHqKWJWTmBVPr/lV7j0oPXzbEHv4jhwf
isYenjIqB79LVOYvNznFOwi1fONG5OQFKeXxl++Ji3SD9kPo+fywo9yhNX3vU3p6
rEAN6hpvssn7wTBr7sFIm9JO47KjG5RXYNpeDse47sd9sevnaXnsxKowuDt05cjo
IxfiuGNSwepBoPOJwhbQ9xIqgiKAVXikIZieU2vaOHYIoQwuy5WiQQsZ/RGiViJo
62IYcwSlD0lqVKBthy0JOdzBFxlHcGfXsGiDuF5zJv90fy31NJ0wM0HHQzL/c6B0
TcD1wXJkCr8MRJiXwEh4+ZWXI1EbpX7lineQnRy5VQ8b
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:39:54 2024 by rpki-client on console-fra.rpki-client.org