Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/DmLI3o5EKcGPfGwVYfSu744ZhsM.roa
File: DmLI3o5EKcGPfGwVYfSu744ZhsM.roa (raw, json)
Hash identifier: 9/Kh4KsbS4+BJAWX9nLLvWOPpMZ1wB4r6h11WXnRbGg=
Subject key identifier: 0E:62:C8:DE:8E:44:29:C1:8F:7C:6C:15:61:F4:AE:EF:8E:19:86:C3
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 018CC794485A52BA75CBACE5F1831806C26E
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/DmLI3o5EKcGPfGwVYfSu744ZhsM.roa
Signing time: Tue 02 Jan 2024 00:30:32 +0000
ROA not before: Tue 02 Jan 2024 00:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53767
IP address blocks: 77.67.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:48:5a:52:ba:75:cb:ac:e5:f1:83:18:06:c2:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 2 00:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e62c8de8e4429c18f7c6c1561f4aeef8e1986c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:48:e0:ad:09:89:b5:b7:0f:e1:b7:01:73:41:
ca:f0:ca:f4:02:f2:5f:00:1c:72:2c:01:e0:db:f4:
e5:65:f8:af:f3:f1:4e:e4:a6:d8:51:51:a6:bf:95:
39:29:b6:7a:39:ad:b7:36:e4:1c:c7:1a:c4:f5:69:
6d:da:5b:31:a2:b9:04:68:2f:70:28:20:50:20:2a:
3a:13:6c:67:1e:bd:f2:42:a8:39:ff:59:b9:1d:0d:
04:de:0e:d7:b4:05:2f:e9:30:22:48:7a:a8:2c:03:
f4:c5:33:b1:80:b4:8b:d8:fd:5f:0b:c1:0f:74:de:
10:e3:e4:ab:eb:42:c0:36:4a:40:d7:4c:a6:00:51:
35:42:77:fb:34:99:cd:0b:45:3c:b9:02:82:05:63:
3d:0e:b5:d5:59:c9:57:23:37:f6:46:9d:41:fc:40:
9a:39:d0:bd:da:d0:61:b4:a5:e6:c4:86:cc:47:54:
94:35:b0:f6:05:f6:85:f0:b5:b6:0f:68:72:f1:ba:
76:bc:2a:ca:5e:c3:bc:4c:bf:ac:01:f9:70:58:6a:
4e:96:a5:5b:8a:28:db:91:75:d5:ba:55:ae:d9:13:
b1:38:32:0c:1d:93:ce:1e:c2:e7:21:79:78:6b:4a:
42:4d:47:7a:ed:9c:0e:89:81:58:0b:09:d4:bc:33:
35:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:62:C8:DE:8E:44:29:C1:8F:7C:6C:15:61:F4:AE:EF:8E:19:86:C3
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/DmLI3o5EKcGPfGwVYfSu744ZhsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.67.106.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:28:db:d6:38:d5:68:30:c2:47:df:8b:63:ad:98:e1:81:fe:
65:07:85:6b:92:44:40:a9:10:f6:9c:f6:8d:f4:de:ad:41:76:
f3:4b:a5:c5:16:29:5d:5d:ed:94:ea:d5:36:4b:01:2b:17:1e:
07:e2:41:ce:ed:94:d2:76:2d:81:5c:6e:3b:99:25:17:6a:2b:
64:77:71:29:60:37:eb:fd:7c:57:82:c6:83:18:6c:1d:53:f8:
e0:90:65:c1:4b:e3:f1:d7:a1:18:17:50:02:ff:58:79:c3:f4:
dc:87:4c:63:78:6b:2a:25:5f:f8:ea:02:3d:32:3b:23:07:0b:
0d:3b:cf:50:19:f2:55:28:75:9b:99:00:08:46:67:66:e6:11:
06:30:f5:ca:5a:b1:f8:1d:d8:3d:dc:02:84:28:0b:cc:5c:10:
cf:7a:ea:69:fb:fd:8a:6b:21:55:9e:9d:03:24:22:29:73:49:
bc:9a:13:4f:55:c8:da:7a:f5:48:90:f6:43:4d:8a:98:1c:8c:
ca:69:30:2d:07:2f:28:e1:7e:0e:81:bc:9e:3d:f8:ff:63:7f:
67:27:fb:b1:6e:31:e0:13:93:38:5e:31:eb:19:ff:a7:39:e6:
c9:ad:77:07:b9:c5:88:79:3b:71:94:9c:ec:30:36:57:1b:fe:
89:54:e8:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlEhaUrp1y6zl8YMYBsJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjQwMTAyMDAzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTYyYzhkZThlNDQyOWMxOGY3YzZjMTU2MWY0YWVlZjhlMTk4NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUjgrQmJtbcP4bcBc0HK8Mr0AvJf
ABxyLAHg2/TlZfiv8/FO5KbYUVGmv5U5KbZ6Oa23NuQcxxrE9Wlt2lsxorkEaC9w
KCBQICo6E2xnHr3yQqg5/1m5HQ0E3g7XtAUv6TAiSHqoLAP0xTOxgLSL2P1fC8EP
dN4Q4+Sr60LANkpA10ymAFE1Qnf7NJnNC0U8uQKCBWM9DrXVWclXIzf2Rp1B/ECa
OdC92tBhtKXmxIbMR1SUNbD2BfaF8LW2D2hy8bp2vCrKXsO8TL+sAflwWGpOlqVb
iijbkXXVulWu2ROxODIMHZPOHsLnIXl4a0pCTUd67ZwOiYFYCwnUvDM11QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA5iyN6ORCnBj3xsFWH0ru+OGYbDMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvRG1MSTNvNUVLY0dQZkd3VllmU3U3NDRaaHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUNqMA0G
CSqGSIb3DQEBCwUAA4IBAQDXKNvWONVoMMJH34tjrZjhgf5lB4VrkkRAqRD2nPaN
9N6tQXbzS6XFFildXe2U6tU2SwErFx4H4kHO7ZTSdi2BXG47mSUXaitkd3EpYDfr
/XxXgsaDGGwdU/jgkGXBS+Px16EYF1AC/1h5w/Tch0xjeGsqJV/46gI9MjsjBwsN
O89QGfJVKHWbmQAIRmdm5hEGMPXKWrH4Hdg93AKEKAvMXBDPeupp+/2KayFVnp0D
JCIpc0m8mhNPVcjaevVIkPZDTYqYHIzKaTAtBy8o4X4OgbyePfj/Y39nJ/uxbjHg
E5M4XjHrGf+nOebJrXcHucWIeTtxlJzsMDZXG/6JVOjQ
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:27:26 2024 by rpki-client on console-ams.rpki-client.org