Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/S7GiFR-bu_FB2gjMUFA79eXuOAY.roa
File: S7GiFR-bu_FB2gjMUFA79eXuOAY.roa (raw, json)
Hash identifier: 9Q7VuJiwKGcIktV01VyOXxgKoIPMv5LugACwNKMlU3o=
Subject key identifier: 4B:B1:A2:15:1F:9B:BB:F1:41:DA:08:CC:50:50:3B:F5:E5:EE:38:06
Certificate issuer: /CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Certificate serial: 018CC6B83E3BF39951A15FD1D0A2A760E318
Authority key identifier: BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/S7GiFR-bu_FB2gjMUFA79eXuOAY.roa
Signing time: Mon 01 Jan 2024 20:30:12 +0000
ROA not before: Mon 01 Jan 2024 20:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 786
IP address blocks: 77.72.76.0/23 maxlen: 23
77.72.72.0/23 maxlen: 23
77.72.74.0/23 maxlen: 23
2a01:4b0:1::/48 maxlen: 48
2a01:4b0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:3e:3b:f3:99:51:a1:5f:d1:d0:a2:a7:60:e3:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Validity
Not Before: Jan 1 20:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bb1a2151f9bbbf141da08cc50503bf5e5ee3806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b3:a1:94:62:ef:b8:cc:a2:30:8b:66:fc:c8:
fe:e9:d5:0a:4f:5b:8f:f6:6e:00:2b:65:12:09:db:
8d:e8:d6:8e:6e:80:45:37:f3:bc:dc:4c:0d:95:76:
ed:62:ae:e2:74:f2:bc:0b:a8:00:6e:03:57:0d:c8:
e1:e3:00:98:6f:2a:46:6b:53:b6:ec:5d:c1:32:92:
a2:5e:5f:22:23:07:57:2c:f6:24:e7:cc:53:5b:26:
d6:8c:31:2b:76:1e:d6:eb:51:51:81:23:e0:52:9d:
b8:78:7d:a2:3f:dd:05:4c:e3:2d:f3:22:6c:03:9e:
7f:86:66:0b:26:88:22:8b:56:87:16:99:e0:89:63:
94:88:4d:8f:b8:e6:11:82:11:16:01:d5:97:e7:ae:
d2:41:b8:f7:4c:17:0e:5c:2e:20:09:9d:c4:c0:9e:
de:a0:8b:61:4a:74:96:a2:d7:f3:67:33:1e:45:5a:
75:4f:f4:8b:2d:5c:75:f6:a8:67:83:9e:98:cf:57:
2a:60:30:8d:40:32:0e:91:e0:aa:cc:08:a9:4f:59:
e7:1b:84:ff:bc:84:57:d3:fe:13:e9:26:14:50:20:
0b:4d:28:2a:25:fb:07:1e:a7:11:7a:4e:1b:68:cb:
97:e6:1f:4f:f4:9c:4c:2a:87:f2:9c:f3:58:5b:86:
2c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B1:A2:15:1F:9B:BB:F1:41:DA:08:CC:50:50:3B:F5:E5:EE:38:06
X509v3 Authority Key Identifier:
keyid:BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/S7GiFR-bu_FB2gjMUFA79eXuOAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.72.0-77.72.77.255
IPv6:
2a01:4b0:1::-2a01:4b0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
49:7a:17:ad:e5:9c:65:12:9e:d9:f0:ca:28:0e:2d:f5:65:a1:
d7:0e:42:9f:a8:c6:c3:80:69:68:0e:c3:56:f8:9d:e6:7b:84:
76:bc:3f:3b:d6:74:66:c7:80:a0:0c:73:7f:52:64:27:da:72:
02:46:ba:e2:cc:d1:eb:2e:42:e7:86:83:2c:2a:32:07:f5:fe:
e4:87:1d:a1:12:0e:ba:1c:85:a0:12:19:9c:43:40:13:86:32:
4f:c3:29:34:33:78:6f:ca:95:6c:77:96:57:6e:9e:c5:71:62:
96:22:55:27:71:6a:6b:f7:32:0e:fb:21:0f:71:59:14:61:cf:
7c:21:f7:0c:b8:5b:53:c8:15:4d:83:56:b7:ee:f5:44:7b:ae:
4f:22:26:6e:a9:87:be:66:05:12:14:85:60:6c:5b:96:6e:44:
4e:b3:8d:7f:96:31:30:09:cf:8b:5b:74:33:42:8f:d5:99:28:
8c:2c:3d:f0:be:f5:2a:1b:31:bd:13:5a:8b:9b:ca:42:d8:32:
08:cb:a1:86:2e:4d:c7:71:29:b7:7f:6f:19:23:30:ab:a4:ee:
33:df:07:ce:7d:45:e1:76:01:e9:c2:b6:20:62:7b:c4:e8:09:
40:b6:22:66:34:79:14:86:00:6b:eb:81:74:fe:74:46:d7:b1:
53:0e:7c:28
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzGuD4785lRoV/R0KKnYOMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNzQxMGY0ZTYyYzc3NzJjNzhkNTc1MGIyMWZjMjE0MzM5
ZTk0YTIwHhcNMjQwMTAxMjAzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmIxYTIxNTFmOWJiYmYxNDFkYTA4Y2M1MDUwM2JmNWU1ZWUzODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubOhlGLvuMyiMItm/Mj+6dUKT1uP
9m4AK2USCduN6NaOboBFN/O83EwNlXbtYq7idPK8C6gAbgNXDcjh4wCYbypGa1O2
7F3BMpKiXl8iIwdXLPYk58xTWybWjDErdh7W61FRgSPgUp24eH2iP90FTOMt8yJs
A55/hmYLJogii1aHFpngiWOUiE2PuOYRghEWAdWX567SQbj3TBcOXC4gCZ3EwJ7e
oIthSnSWotfzZzMeRVp1T/SLLVx19qhng56Yz1cqYDCNQDIOkeCqzAipT1nnG4T/
vIRX0/4T6SYUUCALTSgqJfsHHqcRek4baMuX5h9P9JxMKofynPNYW4Ys4wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEuxohUfm7vxQdoIzFBQO/Xl7jgGMB8GA1UdIwQY
MBaAFL10EPTmLHdyx41XULIfwhQznpSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMt
MjY4NDhmZmVlNzY1LzEvUzdHaUZSLWJ1X0ZCMmdqTVVGQTc5ZVh1T0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMtMjY4NDhmZmVlNzY1
LzEvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBANNSEgD
BAFNSEwwGgQCAAIwFDASAwcAKgEEsAABAwcAKgEEsAACMA0GCSqGSIb3DQEBCwUA
A4IBAQBJehet5ZxlEp7Z8MooDi31ZaHXDkKfqMbDgGloDsNW+J3me4R2vD871nRm
x4CgDHN/UmQn2nICRrrizNHrLkLnhoMsKjIH9f7khx2hEg66HIWgEhmcQ0AThjJP
wyk0M3hvypVsd5ZXbp7FcWKWIlUncWpr9zIO+yEPcVkUYc98IfcMuFtTyBVNg1a3
7vVEe65PIiZuqYe+ZgUSFIVgbFuWbkROs41/ljEwCc+LW3QzQo/VmSiMLD3wvvUq
GzG9E1qLm8pC2DIIy6GGLk3HcSm3f28ZIzCrpO4z3wfOfUXhdgHpwrYgYnvE6AlA
tiJmNHkUhgBr64F0/nRG17FTDnwo
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:04:22 2024 by rpki-client on console-ams.rpki-client.org