Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/ck0LBQd1k9KD6lOS7NCntS0LN5w.roa
File: ck0LBQd1k9KD6lOS7NCntS0LN5w.roa (raw, json)
Hash identifier: XKv7ooiZFKht+IHAAj61V2pZ5/qClYpECOv5kqcUwoE=
Subject key identifier: 72:4D:0B:05:07:75:93:D2:83:EA:53:92:EC:D0:A7:B5:2D:0B:37:9C
Certificate issuer: /CN=2400b20606314858a7b3f2a975e8e9d919ec753a
Certificate serial: 018CE7B85C6FA90C76779B32D3D69493E056
Authority key identifier: 24:00:B2:06:06:31:48:58:A7:B3:F2:A9:75:E8:E9:D9:19:EC:75:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JACyBgYxSFins_Kpdejp2RnsdTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/ck0LBQd1k9KD6lOS7NCntS0LN5w.roa
Signing time: Mon 08 Jan 2024 06:17:48 +0000
ROA not before: Mon 08 Jan 2024 06:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43578
IP address blocks: 77.246.187.0/24 maxlen: 24
77.246.188.0/24 maxlen: 24
77.246.190.0/24 maxlen: 24
77.246.191.0/24 maxlen: 24
185.74.81.0/24 maxlen: 24
185.74.80.0/24 maxlen: 24
77.246.186.96/27 maxlen: 27
77.246.190.160/27 maxlen: 27
77.246.182.128/29 maxlen: 29
77.246.178.0/24 maxlen: 24
77.246.179.0/24 maxlen: 24
77.246.176.0/24 maxlen: 24
77.246.177.0/24 maxlen: 24
77.246.182.0/24 maxlen: 24
77.246.180.0/24 maxlen: 24
77.246.181.0/24 maxlen: 24
77.246.185.0/24 maxlen: 24
77.246.186.0/24 maxlen: 24
77.246.183.0/24 maxlen: 24
77.246.184.0/24 maxlen: 24
2a05:4700:101::/48 maxlen: 48
2a05:4700:50::/48 maxlen: 48
2a05:4700:b::/48 maxlen: 48
2a05:4700:200::/48 maxlen: 48
2a05:4700:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/JACyBgYxSFins_Kpdejp2RnsdTo.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/JACyBgYxSFins_Kpdejp2RnsdTo.mft
rsync://rpki.ripe.net/repository/DEFAULT/JACyBgYxSFins_Kpdejp2RnsdTo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e7:b8:5c:6f:a9:0c:76:77:9b:32:d3:d6:94:93:e0:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2400b20606314858a7b3f2a975e8e9d919ec753a
Validity
Not Before: Jan 8 06:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=724d0b05077593d283ea5392ecd0a7b52d0b379c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8e:b8:87:75:27:06:a8:96:fb:b2:1e:f3:c7:
2d:e3:30:71:7d:ff:e2:ad:13:1b:26:3c:0b:5c:2e:
1f:60:7b:cb:28:40:30:10:db:e0:5e:b9:12:ee:b3:
7f:fb:b7:d0:7d:0d:1e:66:00:85:ee:fb:82:a7:a3:
69:e8:a1:f9:72:98:9a:39:a1:04:ce:41:e7:51:a8:
26:e0:67:8a:6f:f6:a8:e2:9c:f8:81:78:9e:98:3f:
41:4f:c3:4e:45:b4:e5:3b:b4:94:01:37:19:63:d8:
12:36:36:33:2e:ef:41:22:00:c7:05:95:40:a4:26:
cf:4e:df:9d:23:01:68:ac:38:ab:73:3a:2e:a2:95:
52:de:01:99:79:05:81:d0:37:af:2d:c1:0e:94:dc:
98:4b:12:70:c2:4a:7c:9c:f5:2e:29:ec:6f:b2:dc:
68:c5:03:d3:93:fa:5e:06:57:65:49:1b:75:ac:5c:
b3:cb:45:e4:86:bb:33:8a:26:33:c5:6b:a6:37:88:
c8:79:4e:73:ad:0b:aa:76:49:09:6c:7c:21:8d:4c:
05:d0:4e:21:42:c9:7f:ff:7a:73:ba:3f:95:7a:e9:
65:e8:da:58:46:29:7e:91:e7:0e:3a:4a:ac:97:96:
24:4e:37:94:2c:ec:d3:1b:9a:53:80:9a:42:3b:cc:
07:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:4D:0B:05:07:75:93:D2:83:EA:53:92:EC:D0:A7:B5:2D:0B:37:9C
X509v3 Authority Key Identifier:
keyid:24:00:B2:06:06:31:48:58:A7:B3:F2:A9:75:E8:E9:D9:19:EC:75:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JACyBgYxSFins_Kpdejp2RnsdTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/ck0LBQd1k9KD6lOS7NCntS0LN5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/dbd951-259b-4759-a519-9c5e1deb2c33/1/JACyBgYxSFins_Kpdejp2RnsdTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.176.0-77.246.188.255
77.246.190.0/23
185.74.80.0/23
IPv6:
2a05:4700:b::/48
2a05:4700:50::/48
2a05:4700:100::/47
2a05:4700:200::/48
Signature Algorithm: sha256WithRSAEncryption
6d:18:ed:12:19:70:3e:12:30:d7:33:0e:13:9e:c6:7c:44:81:
98:ba:e7:d7:a6:04:d3:73:18:64:66:0d:23:d1:7f:f6:66:bb:
41:e3:4b:c6:eb:31:d9:88:7f:51:84:ce:e6:13:03:2d:38:c4:
da:f6:d6:b9:4d:10:18:19:3b:e9:7c:04:17:a0:86:2f:a2:72:
fb:7a:1c:b7:e5:67:05:fc:97:8f:2c:7f:7c:38:f1:df:5a:07:
b1:7b:89:b0:8f:03:67:5b:8f:3c:57:a5:67:15:11:5d:fd:9f:
29:d5:83:5e:24:20:ff:28:2a:44:5d:e6:01:23:36:4f:28:f1:
90:43:0f:02:ce:45:b6:f0:19:ec:a6:b2:83:8a:a6:7e:c3:c1:
61:da:ee:46:02:06:9f:bd:5a:5f:e6:79:1d:ce:9b:4c:94:cf:
a8:42:02:d6:76:e1:20:67:d1:31:e7:b1:53:5b:59:c8:3c:10:
cc:b2:a2:b1:ea:3c:f0:3f:2e:2a:cd:9d:d8:96:01:42:31:ee:
fe:e1:ca:e3:51:89:31:70:0f:f6:31:61:b4:31:8e:6c:a3:01:
9a:10:63:d7:21:7d:bb:8a:01:c8:ff:ec:71:e1:c8:6f:ef:05:
8b:42:b0:20:e7:78:e2:7b:12:ab:d2:46:68:fe:6c:c4:a3:b2:
36:d9:50:a2
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYznuFxvqQx2d5sy09aUk+BWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MDBiMjA2MDYzMTQ4NThhN2IzZjJhOTc1ZThlOWQ5MTll
Yzc1M2EwHhcNMjQwMTA4MDYxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjRkMGIwNTA3NzU5M2QyODNlYTUzOTJlY2QwYTdiNTJkMGIzNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI64h3UnBqiW+7Ie88ct4zBxff/i
rRMbJjwLXC4fYHvLKEAwENvgXrkS7rN/+7fQfQ0eZgCF7vuCp6Np6KH5cpiaOaEE
zkHnUagm4GeKb/ao4pz4gXiemD9BT8NORbTlO7SUATcZY9gSNjYzLu9BIgDHBZVA
pCbPTt+dIwForDirczouopVS3gGZeQWB0DevLcEOlNyYSxJwwkp8nPUuKexvstxo
xQPTk/peBldlSRt1rFyzy0XkhrsziiYzxWumN4jIeU5zrQuqdkkJbHwhjUwF0E4h
Qsl//3pzuj+Veull6NpYRil+kecOOkqsl5YkTjeULOzTG5pTgJpCO8wHaQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHJNCwUHdZPSg+pTkuzQp7UtCzecMB8GA1UdIwQY
MBaAFCQAsgYGMUhYp7PyqXXo6dkZ7HU6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkFDeUJnWXhTRmluc19LcGRlanAyUm5zZFRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kYmQ5NTEtMjU5Yi00NzU5LWE1MTkt
OWM1ZTFkZWIyYzMzLzEvY2swTEJRZDFrOUtENmxPUzdOQ250UzBMTjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kYmQ5NTEtMjU5Yi00NzU5LWE1MTktOWM1ZTFkZWIyYzMz
LzEvSkFDeUJnWXhTRmluc19LcGRlanAyUm5zZFRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAgBAIAATAaMAwDBARN9rAD
BABN9rwDBAFN9r4DBAG5SlAwKgQCAAIwJAMHACoFRwAACwMHACoFRwAAUAMHASoF
RwABAAMHACoFRwACADANBgkqhkiG9w0BAQsFAAOCAQEAbRjtEhlwPhIw1zMOE57G
fESBmLrn16YE03MYZGYNI9F/9ma7QeNLxusx2Yh/UYTO5hMDLTjE2vbWuU0QGBk7
6XwEF6CGL6Jy+3oct+VnBfyXjyx/fDjx31oHsXuJsI8DZ1uPPFelZxURXf2fKdWD
XiQg/ygqRF3mASM2TyjxkEMPAs5FtvAZ7Kayg4qmfsPBYdruRgIGn71aX+Z5Hc6b
TJTPqEIC1nbhIGfRMeexU1tZyDwQzLKiseo88D8uKs2d2JYBQjHu/uHK41GJMXAP
9jFhtDGObKMBmhBj1yF9u4oByP/sceHIb+8Fi0KwIOd44nsSq9JGaP5sxKOyNtlQ
og==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:10:45 2024 by rpki-client on console-fra.rpki-client.org