Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/Y7qgt-O_vFOFdhn7xGFblYSyZ80.roa
File: Y7qgt-O_vFOFdhn7xGFblYSyZ80.roa (raw, json)
Hash identifier: gZcChJHOLrEGx2qvapxMUnXuet/ONKZyE78b6p7yu5U=
Subject key identifier: 63:BA:A0:B7:E3:BF:BC:53:85:76:19:FB:C4:61:5B:95:84:B2:67:CD
Certificate issuer: /CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Certificate serial: 018CC6B90F24E394C572CFD3906290D2689F
Authority key identifier: B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/Y7qgt-O_vFOFdhn7xGFblYSyZ80.roa
Signing time: Mon 01 Jan 2024 20:31:05 +0000
ROA not before: Mon 01 Jan 2024 20:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.77.2.0/24 maxlen: 24
185.77.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/tOxsCl6-xYF9kbkeeaa8YTLrnSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/tOxsCl6-xYF9kbkeeaa8YTLrnSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 22:03:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:0f:24:e3:94:c5:72:cf:d3:90:62:90:d2:68:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Validity
Not Before: Jan 1 20:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63baa0b7e3bfbc53857619fbc4615b9584b267cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:99:62:1a:d6:c9:70:0d:af:66:36:4c:93:e2:
36:8d:36:bc:95:1e:ba:52:bd:bc:1d:04:d4:09:9d:
4f:fb:53:09:ba:de:f5:77:f7:00:2d:bc:d3:b7:4b:
6e:d1:b1:06:90:df:3e:d4:05:54:b0:ca:96:89:c0:
55:75:37:fe:c8:58:52:c9:fc:ae:25:80:42:6a:b2:
5a:89:50:69:69:d1:66:16:fa:b5:9c:5f:e0:ee:b5:
32:8e:a5:46:e0:f3:48:d9:dd:63:2a:79:2d:fb:5b:
5f:c8:65:5e:70:a4:d8:65:5f:d6:ae:22:19:ed:2b:
56:78:e0:1c:20:72:d5:39:63:b8:83:65:88:af:22:
7a:5c:e1:6a:2a:15:39:ed:14:5e:35:f8:95:13:1e:
bc:bf:6a:5d:ed:b2:19:96:30:f5:e0:87:58:fe:b1:
21:93:fa:fc:ad:ba:d6:41:83:0d:a0:b7:e9:3d:0a:
82:b0:52:1a:9c:9d:bc:fb:50:69:92:12:6e:34:06:
d2:bf:45:39:d0:91:c2:54:7f:cf:7d:a1:74:04:be:
a6:eb:9a:6b:2b:6b:25:42:d7:c4:13:6e:76:58:51:
d2:a0:c2:ef:d8:12:66:eb:fa:70:a7:f9:f0:73:29:
cf:81:f8:0f:8b:dd:71:ce:e0:c7:2f:a3:83:0b:3a:
e5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BA:A0:B7:E3:BF:BC:53:85:76:19:FB:C4:61:5B:95:84:B2:67:CD
X509v3 Authority Key Identifier:
keyid:B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/Y7qgt-O_vFOFdhn7xGFblYSyZ80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/tOxsCl6-xYF9kbkeeaa8YTLrnSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.1.0-185.77.2.255
Signature Algorithm: sha256WithRSAEncryption
9e:62:cc:79:70:c2:d4:c1:87:3c:e1:fd:53:75:1d:0a:ce:e4:
e0:3d:e8:67:6b:3a:14:50:fa:e4:6b:ca:6d:85:26:d1:ee:61:
71:41:45:0f:17:4b:b9:07:71:4b:82:bf:b1:98:de:66:69:24:
c1:ac:50:0c:ea:ab:30:72:8c:62:99:d4:9e:69:fe:4b:99:58:
b6:d1:2c:b7:b2:70:9d:a1:c1:b7:0e:32:dd:3a:35:a6:9d:a6:
1e:3b:c2:26:b5:0b:7a:0e:2b:db:31:fd:8f:52:21:c0:b0:91:
7e:59:9d:c6:2b:2f:70:1e:3c:0b:33:1b:84:88:a9:b2:4d:e6:
d9:f9:59:94:b4:d0:a1:8a:b7:e1:16:5d:78:1f:27:8f:9d:38:
23:ec:2e:24:4a:68:04:d5:81:29:68:75:07:72:71:2b:01:b0:
b5:c9:49:3f:ff:46:a5:4b:e2:67:d4:18:a2:dd:89:6a:66:c5:
6d:a2:df:c7:1e:c5:7c:eb:51:e3:9f:c9:b2:95:c8:74:65:ee:
01:05:93:d5:25:78:f0:fb:4c:20:4c:6e:84:d1:d4:f2:c4:aa:
4d:ef:b4:6b:33:67:d0:0b:ac:90:81:99:45:63:83:55:06:41:
7d:76:13:e6:3c:c0:6f:54:a6:3e:a3:01:37:4e:35:54:ee:b7:
e8:ed:56:a5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGuQ8k45TFcs/TkGKQ0mifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZWM2YzBhNWViZWM1ODE3ZDkxYjkxZTc5YTZiYzYxMzJl
YjlkMmMwHhcNMjQwMTAxMjAzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2JhYTBiN2UzYmZiYzUzODU3NjE5ZmJjNDYxNWI5NTg0YjI2N2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZliGtbJcA2vZjZMk+I2jTa8lR66
Ur28HQTUCZ1P+1MJut71d/cALbzTt0tu0bEGkN8+1AVUsMqWicBVdTf+yFhSyfyu
JYBCarJaiVBpadFmFvq1nF/g7rUyjqVG4PNI2d1jKnkt+1tfyGVecKTYZV/WriIZ
7StWeOAcIHLVOWO4g2WIryJ6XOFqKhU57RReNfiVEx68v2pd7bIZljD14IdY/rEh
k/r8rbrWQYMNoLfpPQqCsFIanJ28+1BpkhJuNAbSv0U50JHCVH/PfaF0BL6m65pr
K2slQtfEE252WFHSoMLv2BJm6/pwp/nwcynPgfgPi91xzuDHL6ODCzrliQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGO6oLfjv7xThXYZ+8RhW5WEsmfNMB8GA1UdIwQY
MBaAFLTsbApevsWBfZG5HnmmvGEy650sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWIt
MTNmYjdhNTEzMGNhLzEvWTdxZ3QtT192Rk9GZGhuN3hHRmJsWVN5WjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWItMTNmYjdhNTEzMGNh
LzEvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5TQED
BAC5TQIwDQYJKoZIhvcNAQELBQADggEBAJ5izHlwwtTBhzzh/VN1HQrO5OA96Gdr
OhRQ+uRrym2FJtHuYXFBRQ8XS7kHcUuCv7GY3mZpJMGsUAzqqzByjGKZ1J5p/kuZ
WLbRLLeycJ2hwbcOMt06Naadph47wia1C3oOK9sx/Y9SIcCwkX5ZncYrL3AePAsz
G4SIqbJN5tn5WZS00KGKt+EWXXgfJ4+dOCPsLiRKaATVgSlodQdycSsBsLXJST//
RqVL4mfUGKLdiWpmxW2i38cexXzrUeOfybKVyHRl7gEFk9UlePD7TCBMboTR1PLE
qk3vtGszZ9ALrJCBmUVjg1UGQX12E+Y8wG9Upj6jATdONVTut+jtVqU=
-----END CERTIFICATE-----
Generated at Thu May 2 06:35:06 2024 by rpki-client on console-fra.rpki-client.org