Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/eKadihRG3mqRcANCeqwVlHafxkc.roa
File: eKadihRG3mqRcANCeqwVlHafxkc.roa (raw, json)
Hash identifier: AUPrf2gCCIifTRaEnvyK1QUu8G7NSdq5Mt4YRYFpDT4=
Subject key identifier: 78:A6:9D:8A:14:46:DE:6A:91:70:03:42:7A:AC:15:94:76:9F:C6:47
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 019243732A9300308FD1938E46C4EAD6433E
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/eKadihRG3mqRcANCeqwVlHafxkc.roa
Signing time: Mon 30 Sep 2024 15:01:13 +0000
ROA not before: Mon 30 Sep 2024 15:01:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41998
IP address blocks: 77.90.154.0/24 maxlen: 24
185.230.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:73:2a:93:00:30:8f:d1:93:8e:46:c4:ea:d6:43:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Sep 30 15:01:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78a69d8a1446de6a917003427aac1594769fc647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:78:f3:f9:ca:d7:b4:b2:ce:56:15:f7:a2:61:
c7:f4:b8:9f:78:f9:a9:ae:c2:4f:19:0a:99:d8:80:
30:fa:08:e8:b9:f1:25:1e:2a:b2:5d:a4:d3:9d:32:
84:6a:15:fc:65:87:d8:cb:74:b5:58:c5:31:ff:2d:
67:b1:33:a4:a2:6e:3e:a7:39:71:4e:81:27:b5:b4:
61:3b:19:cb:90:03:dd:6c:c0:dc:ae:51:b1:c2:23:
11:f4:bc:f1:5d:1f:c0:fd:13:b4:fe:06:6c:1e:0a:
22:bf:08:39:b5:ce:8a:37:52:76:14:4f:3c:8d:40:
64:bc:9a:4c:c2:38:dd:0f:29:77:b2:05:f4:50:37:
17:ed:8f:35:ba:0b:3c:e3:f2:37:77:d0:15:8f:8b:
7d:42:79:49:64:80:f3:82:e4:bc:5e:f4:f0:11:65:
ab:8c:99:84:7a:13:6f:04:0f:fa:03:c6:92:ab:56:
3b:14:0c:4a:1a:98:75:18:d3:3f:51:d2:81:d0:88:
e1:35:d2:99:c2:dd:f8:ad:12:db:53:3a:94:7d:1b:
17:06:2d:7a:33:97:18:67:e1:b8:77:24:b6:30:59:
3c:21:30:22:8b:38:b8:be:e1:15:0c:4f:a2:50:8e:
8b:9c:88:f6:20:2d:e5:21:36:15:ea:12:fb:e9:f0:
b8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A6:9D:8A:14:46:DE:6A:91:70:03:42:7A:AC:15:94:76:9F:C6:47
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/eKadihRG3mqRcANCeqwVlHafxkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.154.0/24
185.230.14.0/24
Signature Algorithm: sha256WithRSAEncryption
16:b5:e6:1b:ef:55:94:98:6e:1d:a5:a8:e5:7a:e5:1a:ec:b2:
af:43:78:fc:ab:f7:9d:3e:f6:b6:02:9d:96:eb:a7:44:5a:19:
bd:50:5a:41:33:30:3a:dd:50:0c:64:94:92:e5:12:ba:ae:ff:
80:f5:5e:d1:e8:95:52:a2:08:e2:80:30:bb:d3:99:36:c8:34:
ef:d2:90:79:d1:ac:74:49:c4:e5:85:e9:11:9a:fc:6b:41:e1:
a3:01:01:c9:de:29:f6:58:7f:2a:3e:8c:7f:df:5a:63:a9:4e:
71:aa:9b:fc:76:ad:f2:da:9f:2b:7b:71:88:65:24:53:84:40:
eb:12:56:df:e5:0a:0e:5c:db:6a:ee:48:cf:15:c5:bb:b0:ba:
fd:04:bb:c8:bf:df:55:19:5b:b8:19:bd:ab:79:f5:46:6b:9b:
06:ef:92:8a:e5:1e:f0:9d:17:96:ea:01:3f:6c:2f:5c:79:d9:
6b:86:cd:40:79:98:c5:5d:11:61:49:72:98:e9:22:0f:e4:7f:
08:e7:88:f3:24:68:42:61:45:f1:e0:94:62:70:c6:9a:09:46:
33:c0:7e:72:b5:50:99:5a:de:24:a0:ba:ba:49:41:3e:35:5f:
43:d4:3f:f4:7f:e7:42:ae:92:66:38:50:63:60:ca:c7:25:e4:
d5:12:1e:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJDcyqTADCP0ZOORsTq1kM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwOTMwMTUwMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE2OWQ4YTE0NDZkZTZhOTE3MDAzNDI3YWFjMTU5NDc2OWZjNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnjz+crXtLLOVhX3omHH9LifePmp
rsJPGQqZ2IAw+gjoufElHiqyXaTTnTKEahX8ZYfYy3S1WMUx/y1nsTOkom4+pzlx
ToEntbRhOxnLkAPdbMDcrlGxwiMR9LzxXR/A/RO0/gZsHgoivwg5tc6KN1J2FE88
jUBkvJpMwjjdDyl3sgX0UDcX7Y81ugs84/I3d9AVj4t9QnlJZIDzguS8XvTwEWWr
jJmEehNvBA/6A8aSq1Y7FAxKGph1GNM/UdKB0IjhNdKZwt34rRLbUzqUfRsXBi16
M5cYZ+G4dyS2MFk8ITAiizi4vuEVDE+iUI6LnIj2IC3lITYV6hL76fC4dQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHimnYoURt5qkXADQnqsFZR2n8ZHMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZUthZGloUkczbXFSY0FOQ2Vxd1ZsSGFmeGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVqaAwQA
ueYOMA0GCSqGSIb3DQEBCwUAA4IBAQAWteYb71WUmG4dpajleuUa7LKvQ3j8q/ed
Pva2Ap2W66dEWhm9UFpBMzA63VAMZJSS5RK6rv+A9V7R6JVSogjigDC705k2yDTv
0pB50ax0ScTlhekRmvxrQeGjAQHJ3in2WH8qPox/31pjqU5xqpv8dq3y2p8re3GI
ZSRThEDrElbf5QoOXNtq7kjPFcW7sLr9BLvIv99VGVu4Gb2refVGa5sG75KK5R7w
nReW6gE/bC9cedlrhs1AeZjFXRFhSXKY6SIP5H8I54jzJGhCYUXx4JRicMaaCUYz
wH5ytVCZWt4koLq6SUE+NV9D1D/0f+dCrpJmOFBjYMrHJeTVEh6x
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:27:12 2024 by rpki-client on console-fra.rpki-client.org