Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/lNodm1bB0GPqtRUxSA6-6IUWhcM.roa
File: lNodm1bB0GPqtRUxSA6-6IUWhcM.roa (raw, json)
Hash identifier: wOJ4Qij/RckGyrYSI3VJLaSDpIkQYixUmNJOK5JP8oE=
Subject key identifier: 94:DA:1D:9B:56:C1:D0:63:EA:B5:15:31:48:0E:BE:E8:85:16:85:C3
Certificate issuer: /CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Certificate serial: 018CC6B83EC48CF8AE4EA6071F5A158CFDD2
Authority key identifier: BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/lNodm1bB0GPqtRUxSA6-6IUWhcM.roa
Signing time: Mon 01 Jan 2024 20:30:12 +0000
ROA not before: Mon 01 Jan 2024 20:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42310
IP address blocks: 77.72.72.0/23 maxlen: 23
77.72.74.0/23 maxlen: 23
77.72.76.0/23 maxlen: 23
77.72.78.0/24 maxlen: 24
77.72.78.0/23 maxlen: 23
77.72.79.0/24 maxlen: 24
2a01:4b0:1::/48 maxlen: 48
2a01:4b0:2::/48 maxlen: 48
2a01:4b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:3e:c4:8c:f8:ae:4e:a6:07:1f:5a:15:8c:fd:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Validity
Not Before: Jan 1 20:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94da1d9b56c1d063eab51531480ebee8851685c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b7:06:68:56:47:a3:68:52:4e:de:82:de:d7:
7a:ec:71:18:66:5c:da:b4:39:87:54:4b:77:ab:a8:
09:58:73:e1:22:2c:89:c8:a3:ae:21:cb:0e:a8:42:
0b:49:98:fa:c9:c5:c2:fb:65:03:e9:cc:82:93:26:
b9:9d:86:20:6c:dc:27:35:89:65:f9:cf:52:93:8b:
8f:f5:3d:5f:1c:ba:3e:a3:73:06:5f:68:17:a6:53:
95:ca:c6:43:41:bf:0f:81:2a:65:c1:44:86:d0:39:
ea:94:3d:c9:6b:1a:ca:d4:d3:73:ea:ee:96:21:02:
fc:3a:8f:68:a3:8d:d0:16:a9:cc:fa:5b:0d:e4:c8:
bb:bf:92:a4:3a:ee:f8:78:4f:e7:d7:c2:7b:d5:3b:
f2:fb:fd:22:d9:54:5a:8c:d6:82:ad:4e:47:ae:b5:
4d:3a:f5:9a:6f:9a:b5:85:7a:39:68:89:8e:c9:7b:
f9:db:d6:a2:af:67:75:a5:59:b4:81:54:e2:2c:60:
19:90:59:d7:d3:cc:e5:23:80:4e:95:a4:68:7e:4f:
3e:03:cb:c0:55:c8:16:28:9d:85:3b:d9:10:90:d3:
37:89:fc:ea:e0:5c:17:95:bf:5d:bd:4f:12:d9:c1:
d3:8d:e5:89:81:39:01:f2:dd:a6:cf:d1:48:a4:ec:
be:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DA:1D:9B:56:C1:D0:63:EA:B5:15:31:48:0E:BE:E8:85:16:85:C3
X509v3 Authority Key Identifier:
keyid:BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/lNodm1bB0GPqtRUxSA6-6IUWhcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.72.0/21
IPv6:
2a01:4b0::-2a01:4b0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a0:81:ed:cb:e8:08:d9:3f:11:47:aa:03:20:0a:e7:12:e3:24:
f6:44:e8:3a:d8:9c:15:80:bc:43:68:4f:fd:97:a8:3b:6e:11:
7f:e1:1e:8b:6f:57:2c:8d:45:38:95:07:c2:37:76:6e:39:e5:
94:5b:22:2a:00:45:92:b1:7e:07:2b:61:33:84:86:fd:22:55:
33:64:ca:d1:fd:0b:79:77:34:d0:ea:05:70:f3:3c:14:c2:eb:
24:de:71:1b:a6:e6:e1:1a:63:f5:41:26:89:cd:0d:6a:82:76:
1d:b5:a0:77:8d:74:51:d9:76:08:96:e1:87:f3:d8:5f:a1:69:
92:aa:c2:ab:37:fd:f8:b2:5a:ee:0d:63:e6:94:3d:41:7c:93:
06:11:7f:55:e6:69:94:ed:3f:d6:69:90:a4:74:6c:82:97:74:
3e:0a:88:f5:27:8f:47:37:52:5d:22:92:f6:f9:9b:f7:25:61:
93:4b:1d:f8:58:26:e1:b9:de:ac:ed:1d:31:19:66:dd:8c:c2:
69:5f:6c:c8:2d:3e:dd:42:79:eb:b5:54:20:d4:20:d2:ab:63:
54:b9:66:34:12:57:a8:0f:66:d7:35:5e:a1:48:eb:a5:d3:ef:
1e:14:65:81:b1:2b:0b:34:1a:7a:f6:08:70:60:58:df:c6:4f:
18:1f:6a:79
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzGuD7EjPiuTqYHH1oVjP3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNzQxMGY0ZTYyYzc3NzJjNzhkNTc1MGIyMWZjMjE0MzM5
ZTk0YTIwHhcNMjQwMTAxMjAzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGRhMWQ5YjU2YzFkMDYzZWFiNTE1MzE0ODBlYmVlODg1MTY4NWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7cGaFZHo2hSTt6C3td67HEYZlza
tDmHVEt3q6gJWHPhIiyJyKOuIcsOqEILSZj6ycXC+2UD6cyCkya5nYYgbNwnNYll
+c9Sk4uP9T1fHLo+o3MGX2gXplOVysZDQb8PgSplwUSG0DnqlD3JaxrK1NNz6u6W
IQL8Oo9oo43QFqnM+lsN5Mi7v5KkOu74eE/n18J71Tvy+/0i2VRajNaCrU5HrrVN
OvWab5q1hXo5aImOyXv529air2d1pVm0gVTiLGAZkFnX08zlI4BOlaRofk8+A8vA
VcgWKJ2FO9kQkNM3ifzq4FwXlb9dvU8S2cHTjeWJgTkB8t2mz9FIpOy+jwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJTaHZtWwdBj6rUVMUgOvuiFFoXDMB8GA1UdIwQY
MBaAFL10EPTmLHdyx41XULIfwhQznpSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMt
MjY4NDhmZmVlNzY1LzEvbE5vZG0xYkIwR1BxdFJVeFNBNi02SVVXaGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMtMjY4NDhmZmVlNzY1
LzEvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQDTUhIMBgE
AgACMBIwEAMFBCoBBLADBwAqAQSwAAIwDQYJKoZIhvcNAQELBQADggEBAKCB7cvo
CNk/EUeqAyAK5xLjJPZE6DrYnBWAvENoT/2XqDtuEX/hHotvVyyNRTiVB8I3dm45
5ZRbIioARZKxfgcrYTOEhv0iVTNkytH9C3l3NNDqBXDzPBTC6yTecRum5uEaY/VB
JonNDWqCdh21oHeNdFHZdgiW4Yfz2F+haZKqwqs3/fiyWu4NY+aUPUF8kwYRf1Xm
aZTtP9ZpkKR0bIKXdD4KiPUnj0c3Ul0ikvb5m/clYZNLHfhYJuG53qztHTEZZt2M
wmlfbMgtPt1Ceeu1VCDUINKrY1S5ZjQSV6gPZtc1XqFI66XT7x4UZYGxKws0Gnr2
CHBgWN/GTxgfank=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:03:53 2024 by rpki-client on console-fra.rpki-client.org