Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/rBoYPNptXPkpHUop-w-T1egOmWU.roa
File: rBoYPNptXPkpHUop-w-T1egOmWU.roa (raw, json)
Hash identifier: IolY6kdqBe31Xj3+SpfFO56cBhypKH7LjE69EFcQzF0=
Subject key identifier: AC:1A:18:3C:DA:6D:5C:F9:29:1D:4A:29:FB:0F:93:D5:E8:0E:99:65
Certificate issuer: /CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Certificate serial: 018E42ED3298A4B24058937F4E9B5F7E5EEF
Authority key identifier: 22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/rBoYPNptXPkpHUop-w-T1egOmWU.roa
Signing time: Fri 15 Mar 2024 16:23:45 +0000
ROA not before: Fri 15 Mar 2024 16:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 77.75.176.0/21 maxlen: 24
77.75.180.0/24 maxlen: 24
91.209.234.0/24 maxlen: 24
91.219.21.0/24 maxlen: 24
185.154.8.0/22 maxlen: 24
185.184.148.0/22 maxlen: 24
185.193.68.0/22 maxlen: 24
212.121.224.0/19 maxlen: 24
212.121.248.0/24 maxlen: 24
213.148.192.0/19 maxlen: 24
213.148.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:ed:32:98:a4:b2:40:58:93:7f:4e:9b:5f:7e:5e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Validity
Not Before: Mar 15 16:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac1a183cda6d5cf9291d4a29fb0f93d5e80e9965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c7:f3:00:41:97:a8:b9:7a:58:5e:17:bd:8f:
49:0a:4a:6d:36:41:c3:dd:07:3e:34:b5:b7:9e:6d:
95:5d:47:8c:09:8e:dc:b3:08:08:b1:ad:4a:e0:eb:
8d:3a:90:3d:92:58:35:a1:b7:a9:86:39:66:bd:2e:
8d:a3:dd:a3:cf:e8:f2:15:8e:9a:91:73:3b:80:50:
fc:69:63:0a:5d:6e:94:0b:2b:01:4f:d8:e8:8c:12:
eb:5e:a5:6a:64:b7:38:d7:72:46:4a:f4:dc:2e:46:
14:a2:13:45:fd:76:9f:7b:ef:7c:5d:58:c7:6c:9d:
08:46:8e:e2:0a:de:1e:cc:86:41:9d:83:e5:74:30:
09:05:62:77:d3:15:8f:bc:0b:50:68:aa:70:9e:5a:
ac:53:63:6d:f8:2a:c7:f6:9f:bb:65:e8:8d:18:f5:
49:6a:1d:12:dd:d2:01:47:b2:4b:6a:8d:bd:4e:23:
ff:e6:e6:08:0f:04:e3:e0:19:e4:1b:19:94:b3:35:
5e:23:c5:af:8a:dc:6a:7f:fa:ff:a5:fe:b3:06:e9:
87:d9:04:14:a5:f0:4c:eb:72:d3:14:40:3e:6a:e4:
44:4a:2a:7b:15:87:91:ff:7e:4a:26:42:24:37:88:
73:b0:ed:4a:37:7d:2e:37:ec:9a:b7:6c:b1:7a:3e:
7e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1A:18:3C:DA:6D:5C:F9:29:1D:4A:29:FB:0F:93:D5:E8:0E:99:65
X509v3 Authority Key Identifier:
keyid:22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/rBoYPNptXPkpHUop-w-T1egOmWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.176.0/21
91.209.234.0/24
91.219.21.0/24
185.154.8.0/22
185.184.148.0/22
185.193.68.0/22
212.121.224.0/19
213.148.192.0/19
Signature Algorithm: sha256WithRSAEncryption
b5:cb:3b:c2:9b:fa:ba:6c:33:d1:ed:1c:c2:49:e9:ec:82:3d:
9b:6b:9a:a3:76:3e:ab:82:1d:6d:bb:56:3e:02:ff:d5:fc:93:
6b:f0:23:46:a3:46:88:ad:97:ad:1d:20:7c:2a:29:a1:46:15:
1a:21:29:52:e7:87:4e:74:84:7c:2c:f5:e0:c4:a7:a1:a4:dd:
5f:69:30:9a:51:6a:ff:4c:c7:a4:1c:c3:e0:71:2e:60:13:d7:
d5:af:36:31:b2:b9:6c:9d:45:ea:7b:be:31:60:e3:f5:6a:0f:
a9:72:36:75:9d:66:5e:94:ee:59:6f:10:3a:b0:22:a6:99:e5:
7a:25:13:da:86:52:4d:70:f8:d8:df:74:7f:8d:3a:28:bd:e0:
3d:9b:44:75:fa:06:e9:c4:0d:d8:5d:2e:72:e3:5f:da:d8:80:
57:89:1a:4d:7f:a3:07:2b:5a:7b:1a:f6:de:bf:1c:e2:b6:e3:
b4:d5:59:99:16:77:ae:75:79:8b:6b:6b:6a:e9:55:4a:24:83:
cd:be:2c:55:9e:33:98:73:d9:81:6d:d6:99:4d:87:d3:8b:b9:
b3:50:03:73:88:32:aa:b0:79:a4:79:93:d8:df:19:4b:d2:fb:
6b:a8:32:f8:82:26:74:1f:20:4c:f5:86:df:a2:2a:96:97:55:
63:0f:18:09
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY5C7TKYpLJAWJN/Tptffl7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzdjZGE3NWY0ZTE1ZTQ4NmRlZTVhNjUwMWNiZTIwMThi
YzBlMGYwHhcNMjQwMzE1MTYyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzFhMTgzY2RhNmQ1Y2Y5MjkxZDRhMjlmYjBmOTNkNWU4MGU5OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8fzAEGXqLl6WF4XvY9JCkptNkHD
3Qc+NLW3nm2VXUeMCY7cswgIsa1K4OuNOpA9klg1obephjlmvS6No92jz+jyFY6a
kXM7gFD8aWMKXW6UCysBT9jojBLrXqVqZLc413JGSvTcLkYUohNF/Xafe+98XVjH
bJ0IRo7iCt4ezIZBnYPldDAJBWJ30xWPvAtQaKpwnlqsU2Nt+CrH9p+7ZeiNGPVJ
ah0S3dIBR7JLao29TiP/5uYIDwTj4BnkGxmUszVeI8Wvitxqf/r/pf6zBumH2QQU
pfBM63LTFEA+auRESip7FYeR/35KJkIkN4hzsO1KN30uN+yat2yxej5+RQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKwaGDzabVz5KR1KKfsPk9XoDpllMB8GA1UdIwQY
MBaAFCLHzadfThXkht7lplAcviAYvA4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5Nzgt
NzUxYjE3ZDFjNDM3LzEvckJvWVBOcHRYUGtwSFVvcC13LVQxZWdPbVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5NzgtNzUxYjE3ZDFjNDM3
LzEvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDTUuwAwQA
W9HqAwQAW9sVAwQCuZoIAwQCubiUAwQCucFEAwQF1HngAwQF1ZTAMA0GCSqGSIb3
DQEBCwUAA4IBAQC1yzvCm/q6bDPR7RzCSensgj2ba5qjdj6rgh1tu1Y+Av/V/JNr
8CNGo0aIrZetHSB8KimhRhUaISlS54dOdIR8LPXgxKehpN1faTCaUWr/TMekHMPg
cS5gE9fVrzYxsrlsnUXqe74xYOP1ag+pcjZ1nWZelO5ZbxA6sCKmmeV6JRPahlJN
cPjY33R/jTooveA9m0R1+gbpxA3YXS5y41/a2IBXiRpNf6MHK1p7GvbevxzituO0
1VmZFneudXmLa2tq6VVKJIPNvixVnjOYc9mBbdaZTYfTi7mzUANziDKqsHmkeZPY
3xlL0vtrqDL4giZ0HyBM9YbfoiqWl1VjDxgJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:24 2024 by rpki-client on console-fra.rpki-client.org