Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/9JkrLop9gQHB-bU5bxzV0hNuHVo.roa
File: 9JkrLop9gQHB-bU5bxzV0hNuHVo.roa (raw, json)
Hash identifier: fnttLNhVnBWrFTFw+VFMaEC7xGE+un8vwc8djTvXlIM=
Subject key identifier: F4:99:2B:2E:8A:7D:81:01:C1:F9:B5:39:6F:1C:D5:D2:13:6E:1D:5A
Certificate issuer: /CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Certificate serial: 018E7A39FFA8B498415C71DB769C7BE9ABC8
Authority key identifier: 34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/9JkrLop9gQHB-bU5bxzV0hNuHVo.roa
Signing time: Tue 26 Mar 2024 10:06:45 +0000
ROA not before: Tue 26 Mar 2024 10:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51162
IP address blocks: 77.220.206.0/24 maxlen: 24
91.103.106.0/24 maxlen: 24
91.103.107.0/24 maxlen: 24
91.147.112.0/24 maxlen: 24
91.147.113.0/24 maxlen: 24
91.216.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:39:ff:a8:b4:98:41:5c:71:db:76:9c:7b:e9:ab:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Validity
Not Before: Mar 26 10:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4992b2e8a7d8101c1f9b5396f1cd5d2136e1d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:59:2a:0b:81:bd:6c:3c:6d:f8:73:53:c9:dd:
41:e1:fa:9f:e1:d0:1f:ae:fb:da:d0:06:3b:50:9b:
af:19:a2:f7:13:44:66:dc:2b:b7:da:0c:14:e6:b4:
a1:b6:84:2c:8e:4e:20:6f:67:9f:84:c1:1c:eb:b0:
f7:c3:4f:a2:34:d8:c2:2e:b6:fb:0f:9d:2b:02:cb:
34:74:95:4c:e0:bb:13:91:b0:fb:86:76:f5:aa:02:
b0:65:70:20:3e:96:e4:c1:bf:78:2c:37:05:60:d4:
0e:27:1e:b3:8e:18:46:0d:d9:3e:a5:9c:08:43:bb:
86:cc:2f:66:c0:50:77:61:82:5e:0e:14:d6:9a:ab:
af:4b:61:21:b2:2f:ae:d0:1e:20:39:d2:63:0a:ea:
4f:db:75:54:30:a6:28:2b:37:31:60:4c:13:61:1a:
64:f8:43:33:41:19:a7:14:0d:6a:a7:80:df:36:ff:
e0:1d:6f:6d:d1:2d:a3:53:b8:9b:e5:25:15:91:0c:
22:71:aa:00:f6:e3:a6:de:c5:d1:a6:8e:cc:03:91:
4a:af:ca:d7:b8:67:b2:bf:26:ea:30:12:4d:36:7c:
08:c8:e7:a2:58:77:3f:4e:e6:23:a2:18:da:7b:61:
3d:78:fa:08:58:cb:af:63:11:40:ca:27:f3:70:9a:
f7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:99:2B:2E:8A:7D:81:01:C1:F9:B5:39:6F:1C:D5:D2:13:6E:1D:5A
X509v3 Authority Key Identifier:
keyid:34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/9JkrLop9gQHB-bU5bxzV0hNuHVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.206.0/24
91.103.106.0/23
91.147.112.0/23
91.216.178.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:43:aa:17:ab:cc:1a:3a:5b:4c:e8:7c:c8:a2:43:6d:f9:e4:
c9:3b:57:47:bd:20:d4:3c:e8:70:da:2c:b5:84:1e:7d:a0:54:
d1:0e:2a:c8:96:07:66:11:f6:42:e3:7e:d2:a8:a6:25:8d:00:
a0:a8:9f:9a:1a:8a:05:db:86:04:4a:9a:40:e3:f2:97:3e:3f:
c5:ea:27:9a:ff:2f:c5:c8:d2:65:a8:b6:1d:84:e2:a2:56:a7:
ce:d7:71:b4:35:6d:89:84:f4:75:a2:b5:76:8e:a3:28:d4:cf:
ff:a5:33:32:77:7e:b2:49:b5:a2:28:ef:0b:cf:06:e9:3f:c9:
8b:bf:7a:f5:d9:8f:7f:62:3e:ad:7a:23:4f:41:e5:d0:d1:b0:
4d:c6:3d:fb:fa:b4:ad:9a:79:ba:77:cf:80:33:a3:b9:e1:09:
77:d2:39:10:72:1d:48:be:c7:ae:1d:c1:7e:2b:23:90:5f:10:
ff:75:fc:f3:7d:ed:ae:73:da:8b:98:03:43:e1:70:55:ed:d6:
a4:d4:7d:be:5d:2c:85:c7:04:e4:12:f7:3b:f8:7d:c8:12:eb:
5a:16:bc:a4:61:6b:b4:ad:b6:d8:73:2a:3f:52:6a:b9:00:41:
c5:1c:44:c2:e5:fc:a7:64:74:1d:8e:79:18:2f:79:15:e4:15:
42:68:23:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY56Of+otJhBXHHbdpx76avIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmNhOTRmNmI2MWUxMDEwMGRjM2E3MTg2ZmZhM2Y5YjAw
YzY5ZGQwHhcNMjQwMzI2MTAwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk5MmIyZThhN2Q4MTAxYzFmOWI1Mzk2ZjFjZDVkMjEzNmUxZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlkqC4G9bDxt+HNTyd1B4fqf4dAf
rvva0AY7UJuvGaL3E0Rm3Cu32gwU5rShtoQsjk4gb2efhMEc67D3w0+iNNjCLrb7
D50rAss0dJVM4LsTkbD7hnb1qgKwZXAgPpbkwb94LDcFYNQOJx6zjhhGDdk+pZwI
Q7uGzC9mwFB3YYJeDhTWmquvS2Ehsi+u0B4gOdJjCupP23VUMKYoKzcxYEwTYRpk
+EMzQRmnFA1qp4DfNv/gHW9t0S2jU7ib5SUVkQwicaoA9uOm3sXRpo7MA5FKr8rX
uGeyvybqMBJNNnwIyOeiWHc/TuYjohjae2E9ePoIWMuvYxFAyifzcJr3IwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPSZKy6KfYEBwfm1OW8c1dITbh1aMB8GA1UdIwQY
MBaAFDS8qU9rYeEBANw6cYb/o/mwDGndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMt
NzA5ZjAzNjI0ZTdlLzEvOUprckxvcDlnUUhCLWJVNWJ4elYwaE51SFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMtNzA5ZjAzNjI0ZTdl
LzEvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATdzOAwQB
W2dqAwQBW5NwAwQAW9iyMA0GCSqGSIb3DQEBCwUAA4IBAQA7Q6oXq8waOltM6HzI
okNt+eTJO1dHvSDUPOhw2iy1hB59oFTRDirIlgdmEfZC437SqKYljQCgqJ+aGooF
24YESppA4/KXPj/F6iea/y/FyNJlqLYdhOKiVqfO13G0NW2JhPR1orV2jqMo1M//
pTMyd36ySbWiKO8LzwbpP8mLv3r12Y9/Yj6teiNPQeXQ0bBNxj37+rStmnm6d8+A
M6O54Ql30jkQch1IvseuHcF+KyOQXxD/dfzzfe2uc9qLmAND4XBV7dak1H2+XSyF
xwTkEvc7+H3IEutaFrykYWu0rbbYcyo/Umq5AEHFHETC5fynZHQdjnkYL3kV5BVC
aCPV
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:33 2024 by rpki-client on console-fra.rpki-client.org