Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/_fvrwQ-8w5AGqtAlmYLFPx48BAc.roa
File: _fvrwQ-8w5AGqtAlmYLFPx48BAc.roa (raw, json)
Hash identifier: hP/DbrhVbL9CrB6YKT/ScFICHkdfdB7YnHJDZomwyfw=
Subject key identifier: FD:FB:EB:C1:0F:BC:C3:90:06:AA:D0:25:99:82:C5:3F:1E:3C:04:07
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 018CC64B92745F6809705437A35EAEEC0978
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/_fvrwQ-8w5AGqtAlmYLFPx48BAc.roa
Signing time: Mon 01 Jan 2024 18:31:30 +0000
ROA not before: Mon 01 Jan 2024 18:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202228
IP address blocks: 77.65.128.0/22 maxlen: 24
77.65.132.0/23 maxlen: 24
77.65.131.0/24 maxlen: 24
77.65.133.0/24 maxlen: 24
77.65.204.0/24 maxlen: 24
77.65.200.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:92:74:5f:68:09:70:54:37:a3:5e:ae:ec:09:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 18:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdfbebc10fbcc39006aad0259982c53f1e3c0407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:71:e7:2e:0e:78:ed:b2:83:a3:25:e1:f2:4e:
20:47:a1:78:b0:a6:81:d9:17:94:c9:a5:05:4d:01:
a4:e3:22:bf:a7:13:6e:eb:ed:dc:9b:d9:68:f4:53:
01:e6:b3:85:e0:2e:49:9e:a4:74:14:96:46:1c:6f:
bf:57:bd:20:aa:5d:95:8b:c9:c5:88:23:88:58:fd:
0c:89:62:86:04:61:68:85:06:e1:78:96:9b:15:d5:
5b:35:32:a8:3c:c5:93:13:4b:68:72:48:a7:b7:ea:
21:ce:3c:4c:ad:bc:0b:16:86:0e:f8:26:59:f6:bd:
36:d3:22:82:04:bb:f8:c3:9c:8e:33:78:fd:45:db:
c6:8b:4c:18:5b:d6:ef:51:e5:5f:58:9e:b6:2f:c9:
38:98:d8:6b:eb:3e:8f:2d:c8:7d:a1:df:af:10:0a:
76:e1:df:07:17:1d:10:b4:93:ed:fc:80:00:47:33:
9c:f6:c2:2b:0c:f8:3e:2a:d4:d4:7a:92:82:bb:de:
56:b3:d0:91:4e:44:f3:fa:22:49:83:66:96:ff:df:
2b:63:f8:16:c1:f3:c3:58:cd:32:02:93:da:92:91:
30:c5:53:04:51:dd:c3:fb:70:b8:40:4d:18:4c:41:
91:67:85:d3:e4:b5:75:df:a7:f4:0e:1a:1a:13:5f:
47:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FB:EB:C1:0F:BC:C3:90:06:AA:D0:25:99:82:C5:3F:1E:3C:04:07
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/_fvrwQ-8w5AGqtAlmYLFPx48BAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.65.128.0-77.65.133.255
77.65.200.0-77.65.204.255
Signature Algorithm: sha256WithRSAEncryption
4a:2b:18:0f:e8:d1:9f:7b:4a:e7:70:86:35:0b:a1:b1:33:75:
95:ab:51:31:a7:bc:50:7f:b1:f4:13:15:3a:b7:10:35:91:12:
63:6e:c2:d4:f3:a8:14:e8:80:9d:4d:5a:52:00:b1:a6:34:18:
08:6a:2f:44:67:69:67:2e:16:d7:93:56:09:67:e1:f1:0e:bb:
78:43:a1:93:88:05:b8:96:e4:c5:6e:fd:bb:e3:3a:fe:62:ca:
85:6c:18:14:db:9a:3c:5c:16:bc:3d:e6:7a:a2:36:57:44:bd:
2a:1b:70:f6:70:61:be:fe:5e:fc:b4:30:af:c9:af:2b:a8:e4:
bc:53:e9:d6:c6:ff:de:4a:22:4e:ac:ab:1f:43:87:5b:f3:9f:
88:40:68:37:1f:66:12:3f:f6:6d:40:13:60:b8:d3:77:2e:f8:
ab:80:10:6c:49:ab:2a:d2:f4:6d:50:7f:11:74:52:d2:76:8b:
a9:41:00:60:b0:11:44:00:e9:ec:4a:cf:12:c5:75:2f:50:62:
a8:fd:5d:51:5e:30:cd:28:46:01:5a:44:b1:1b:ee:94:08:69:
30:a2:bb:f9:99:ce:e3:da:53:9e:de:07:78:7b:9f:6c:8e:4a:
c0:2e:0c:a4:81:4d:49:b7:7b:c1:0e:32:1f:4b:2f:06:66:1d:
8e:a4:66:83
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGS5J0X2gJcFQ3o16u7Al4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjQwMTAxMTgzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGZiZWJjMTBmYmNjMzkwMDZhYWQwMjU5OTgyYzUzZjFlM2MwNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXHnLg547bKDoyXh8k4gR6F4sKaB
2ReUyaUFTQGk4yK/pxNu6+3cm9lo9FMB5rOF4C5JnqR0FJZGHG+/V70gql2Vi8nF
iCOIWP0MiWKGBGFohQbheJabFdVbNTKoPMWTE0tockint+ohzjxMrbwLFoYO+CZZ
9r020yKCBLv4w5yOM3j9RdvGi0wYW9bvUeVfWJ62L8k4mNhr6z6PLch9od+vEAp2
4d8HFx0QtJPt/IAARzOc9sIrDPg+KtTUepKCu95Ws9CRTkTz+iJJg2aW/98rY/gW
wfPDWM0yApPakpEwxVMEUd3D+3C4QE0YTEGRZ4XT5LV136f0DhoaE19HEQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFP3768EPvMOQBqrQJZmCxT8ePAQHMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvX2Z2cndRLTh3NUFHcXRBbG1ZTEZQeDQ4QkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAdNQYAD
BAFNQYQwDAMEA01ByAMEAE1BzDANBgkqhkiG9w0BAQsFAAOCAQEASisYD+jRn3tK
53CGNQuhsTN1latRMae8UH+x9BMVOrcQNZESY27C1POoFOiAnU1aUgCxpjQYCGov
RGdpZy4W15NWCWfh8Q67eEOhk4gFuJbkxW79u+M6/mLKhWwYFNuaPFwWvD3meqI2
V0S9Khtw9nBhvv5e/LQwr8mvK6jkvFPp1sb/3koiTqyrH0OHW/OfiEBoNx9mEj/2
bUATYLjTdy74q4AQbEmrKtL0bVB/EXRS0naLqUEAYLARRADp7ErPEsV1L1BiqP1d
UV4wzShGAVpEsRvulAhpMKK7+ZnO49pTnt4HeHufbI5KwC4MpIFNSbd7wQ4yH0sv
BmYdjqRmgw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:07 2024 by rpki-client on console-ams.rpki-client.org