Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/pb4r-8TBR8KYKmjG0hb12MrQAG8.roa
File: pb4r-8TBR8KYKmjG0hb12MrQAG8.roa (raw, json)
Hash identifier: TCZXfPFaEnKw/pc1ohls8/cBQomB9TQ0mDYVBfp5Nw8=
Subject key identifier: A5:BE:2B:FB:C4:C1:47:C2:98:2A:68:C6:D2:16:F5:D8:CA:D0:00:6F
Certificate issuer: /CN=0692c5f16313653425bc467105875e3a297cff9b
Certificate serial: 018CCA2A9140AAB22D5FD6DE37FFED5FEC69
Authority key identifier: 06:92:C5:F1:63:13:65:34:25:BC:46:71:05:87:5E:3A:29:7C:FF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BpLF8WMTZTQlvEZxBYdeOil8_5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/pb4r-8TBR8KYKmjG0hb12MrQAG8.roa
Signing time: Tue 02 Jan 2024 12:33:56 +0000
ROA not before: Tue 02 Jan 2024 12:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 77.91.96.0/24 maxlen: 24
77.91.112.0/24 maxlen: 24
77.91.115.0/24 maxlen: 24
77.91.114.0/24 maxlen: 24
77.91.113.0/24 maxlen: 24
77.91.118.0/24 maxlen: 24
77.91.117.0/24 maxlen: 24
77.91.116.0/24 maxlen: 24
77.91.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/BpLF8WMTZTQlvEZxBYdeOil8_5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/BpLF8WMTZTQlvEZxBYdeOil8_5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/BpLF8WMTZTQlvEZxBYdeOil8_5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:91:40:aa:b2:2d:5f:d6:de:37:ff:ed:5f:ec:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0692c5f16313653425bc467105875e3a297cff9b
Validity
Not Before: Jan 2 12:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5be2bfbc4c147c2982a68c6d216f5d8cad0006f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ec:b7:44:d9:84:59:27:23:64:bd:32:84:01:
f0:7f:6d:d2:22:7a:a2:a2:b8:91:37:28:ef:79:93:
83:74:30:1e:19:ca:83:38:f9:9a:fa:9a:d9:15:ea:
7b:77:59:e8:ab:75:f2:e5:32:57:98:fa:b6:83:38:
91:d8:f1:ab:03:6d:b0:38:0e:fc:a9:a8:a8:25:13:
ba:3b:14:59:09:eb:b5:23:3f:15:74:5e:81:51:c4:
fa:72:9d:b3:42:20:db:c2:62:f2:5f:6e:5e:95:40:
ae:b4:8b:7b:89:92:bf:82:ba:ba:29:ad:56:42:8d:
41:74:ec:49:53:32:0e:4d:f4:e2:eb:85:8a:01:59:
d2:94:d2:7d:d2:2e:c1:40:7e:1d:33:46:e5:69:bb:
c6:8b:1b:00:53:25:d7:3b:c6:7b:e6:4d:01:c2:49:
12:96:a6:44:5f:f0:7e:1f:e2:64:8e:d6:29:8f:00:
2d:8e:90:4a:74:fa:2f:89:b4:61:87:33:55:ef:74:
10:88:5d:8a:c8:98:6d:9d:cf:1a:2b:6f:8b:85:78:
c5:b0:b2:ad:5c:43:df:69:43:e3:34:3f:32:81:bc:
bc:ed:f0:c5:8d:94:a7:8f:8c:6f:de:6f:02:34:3e:
95:a7:af:e4:3f:09:b8:dc:99:40:11:c1:1b:c1:c7:
e7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BE:2B:FB:C4:C1:47:C2:98:2A:68:C6:D2:16:F5:D8:CA:D0:00:6F
X509v3 Authority Key Identifier:
keyid:06:92:C5:F1:63:13:65:34:25:BC:46:71:05:87:5E:3A:29:7C:FF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BpLF8WMTZTQlvEZxBYdeOil8_5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/pb4r-8TBR8KYKmjG0hb12MrQAG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/779928-881c-433a-b243-c9f57e959ef1/1/BpLF8WMTZTQlvEZxBYdeOil8_5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.96.0/24
77.91.112.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:4d:c7:50:ff:76:7a:ea:c0:97:e5:00:ce:34:2d:8f:73:59:
d5:d1:9f:3e:0b:bb:e1:3d:ec:d6:f5:ca:b8:60:24:42:38:3f:
d7:b0:be:e4:57:36:f2:a4:ae:70:23:a5:8d:70:39:9c:42:87:
59:f0:a5:4c:9b:01:c8:1b:28:8d:b2:c9:dc:1a:05:03:a5:7b:
57:69:c7:26:a3:6f:fa:5d:8f:3e:31:87:37:ec:71:7b:35:5a:
62:0d:d4:59:de:65:22:d3:b1:c4:b7:cd:76:9b:9b:94:be:dc:
17:c8:06:43:26:15:8f:fd:5b:00:47:46:a6:f3:b9:31:f7:bd:
b0:d5:4a:fb:66:ad:00:0d:a1:d7:25:ef:ab:63:a0:eb:d5:e7:
47:9e:1a:f3:de:64:73:ed:c9:0a:f4:67:80:bb:9d:f3:6e:8e:
12:68:4c:75:2e:fb:a6:0b:ad:3e:6b:99:72:56:60:b8:95:c0:
4a:2f:65:a2:5c:35:31:6c:33:d0:93:e5:3d:2e:7b:c3:a2:87:
d2:29:2a:e6:3b:52:c7:d4:24:c1:67:38:74:f1:4e:12:03:9e:
7e:25:e9:ed:a3:01:99:76:ea:0d:94:37:21:f5:01:00:e7:88:
77:99:07:bd:5b:c2:04:67:06:fb:85:15:40:a0:4c:69:f8:86:
4b:70:c0:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKpFAqrItX9beN//tX+xpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OTJjNWYxNjMxMzY1MzQyNWJjNDY3MTA1ODc1ZTNhMjk3
Y2ZmOWIwHhcNMjQwMTAyMTIzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJlMmJmYmM0YzE0N2MyOTgyYTY4YzZkMjE2ZjVkOGNhZDAwMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhey3RNmEWScjZL0yhAHwf23SInqi
oriRNyjveZODdDAeGcqDOPma+prZFep7d1noq3Xy5TJXmPq2gziR2PGrA22wOA78
qaioJRO6OxRZCeu1Iz8VdF6BUcT6cp2zQiDbwmLyX25elUCutIt7iZK/grq6Ka1W
Qo1BdOxJUzIOTfTi64WKAVnSlNJ90i7BQH4dM0blabvGixsAUyXXO8Z75k0BwkkS
lqZEX/B+H+JkjtYpjwAtjpBKdPovibRhhzNV73QQiF2KyJhtnc8aK2+LhXjFsLKt
XEPfaUPjND8ygby87fDFjZSnj4xv3m8CND6Vp6/kPwm43JlAEcEbwcfnDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKW+K/vEwUfCmCpoxtIW9djK0ABvMB8GA1UdIwQY
MBaAFAaSxfFjE2U0JbxGcQWHXjopfP+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnBMRjhXTVRaVFFsdkVaeEJZZGVPaWw4XzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Nzk5MjgtODgxYy00MzNhLWIyNDMt
YzlmNTdlOTU5ZWYxLzEvcGI0ci04VEJSOEtZS21qRzBoYjEyTXJRQUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Nzk5MjgtODgxYy00MzNhLWIyNDMtYzlmNTdlOTU5ZWYx
LzEvQnBMRjhXTVRaVFFsdkVaeEJZZGVPaWw4XzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVtgAwQD
TVtwMA0GCSqGSIb3DQEBCwUAA4IBAQA+TcdQ/3Z66sCX5QDONC2Pc1nV0Z8+C7vh
PezW9cq4YCRCOD/XsL7kVzbypK5wI6WNcDmcQodZ8KVMmwHIGyiNssncGgUDpXtX
accmo2/6XY8+MYc37HF7NVpiDdRZ3mUi07HEt812m5uUvtwXyAZDJhWP/VsAR0am
87kx972w1Ur7Zq0ADaHXJe+rY6Dr1edHnhrz3mRz7ckK9GeAu53zbo4SaEx1Lvum
C60+a5lyVmC4lcBKL2WiXDUxbDPQk+U9LnvDoofSKSrmO1LH1CTBZzh08U4SA55+
JentowGZduoNlDch9QEA54h3mQe9W8IEZwb7hRVAoExp+IZLcMD+
-----END CERTIFICATE-----
Generated at Mon May 6 04:07:25 2024 by rpki-client on console-fra.rpki-client.org