Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/cCRc520dfjr-UCliHhCpyDWQ08Q.roa
File: cCRc520dfjr-UCliHhCpyDWQ08Q.roa (raw, json)
Hash identifier: brRpdpSjKlUDxhprIT7P98kOLaKgcvxrPG91OBdYFsA=
Subject key identifier: 70:24:5C:E7:6D:1D:7E:3A:FE:50:29:62:1E:10:A9:C8:35:90:D3:C4
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 018CC64B971BA75F4C5B0A78AAB74C006CC3
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/cCRc520dfjr-UCliHhCpyDWQ08Q.roa
Signing time: Mon 01 Jan 2024 18:31:31 +0000
ROA not before: Mon 01 Jan 2024 18:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207033
IP address blocks: 77.65.171.0/24 maxlen: 24
188.114.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:97:1b:a7:5f:4c:5b:0a:78:aa:b7:4c:00:6c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 18:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70245ce76d1d7e3afe5029621e10a9c83590d3c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3d:7f:4f:79:f0:81:e9:93:72:1b:57:73:a4:
69:bd:3f:c0:81:ed:97:9a:9e:d7:d8:b7:5e:3c:ed:
c4:ae:01:39:b6:aa:09:ce:74:bf:b6:6b:76:17:1d:
20:3b:4c:06:be:f9:11:e1:fc:c3:2a:f7:9c:a9:ed:
c1:6e:17:5d:3d:d2:42:63:85:28:35:7e:da:20:96:
75:43:68:d5:e7:c1:b3:5f:d7:e7:21:0b:24:ec:85:
bb:b5:16:aa:f3:01:b0:11:49:d6:7a:68:2d:fa:3c:
2c:b8:72:45:37:4a:5a:7b:ec:67:df:10:c6:0e:13:
d1:d8:74:2c:86:b4:87:9a:89:a0:cf:28:93:d5:25:
8d:a4:45:ff:6f:63:2c:1f:f7:44:d5:ac:13:80:db:
dc:7a:02:f0:55:77:0c:76:2e:bf:a5:05:df:a7:1b:
49:e2:d7:7d:9a:99:93:df:62:cb:9f:b2:d6:e4:d8:
dd:be:09:1b:63:43:37:40:50:4c:52:45:9a:9c:ea:
13:b5:1a:bc:fa:82:76:c9:3b:f8:67:96:6d:1c:70:
87:97:59:19:c5:42:fd:2a:9f:cf:14:0b:cd:ec:a5:
83:8c:a9:1a:c9:88:0c:74:05:c2:e5:ba:d5:5c:91:
27:99:2a:32:ed:be:82:3d:93:34:4d:80:01:bd:de:
f4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:24:5C:E7:6D:1D:7E:3A:FE:50:29:62:1E:10:A9:C8:35:90:D3:C4
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/cCRc520dfjr-UCliHhCpyDWQ08Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.65.171.0/24
188.114.68.0/24
Signature Algorithm: sha256WithRSAEncryption
47:b4:ea:0f:dd:8c:6e:ad:f5:be:a2:02:97:a4:65:78:17:6f:
b4:b2:d6:dc:27:18:4b:d6:23:c1:25:ac:60:ff:52:6f:ae:90:
ed:8f:8f:7c:b4:65:dd:3a:62:8f:09:9d:60:17:98:b2:cc:97:
81:f1:c8:f4:eb:e7:5d:1d:0d:04:8a:2c:15:6c:59:ed:a2:89:
bd:d2:79:42:8b:22:03:9b:a4:f8:ba:33:93:c2:2b:a6:a1:53:
3d:8e:c9:c8:65:6d:ad:2a:fd:a2:ae:76:07:fa:f8:61:0d:a4:
3d:65:60:39:ae:b2:fc:96:6c:a9:50:98:36:99:ce:b2:b8:09:
f0:ea:46:bb:83:dd:0b:dd:bc:f2:24:ed:16:80:e5:2e:af:5e:
0e:b5:af:86:b8:af:df:dc:bc:20:9a:ca:74:c4:08:39:ce:31:
01:41:eb:53:e8:22:83:5c:8f:aa:4f:2b:e2:03:db:0a:3f:3d:
3a:71:14:b2:64:35:3d:df:d7:93:c3:a5:80:3c:58:e9:2c:9b:
72:1b:5d:c9:e0:d4:43:12:ac:77:83:d8:38:ed:67:d1:ef:90:
fe:38:f8:47:db:47:46:9b:c6:5d:f2:7d:bd:5b:16:82:bc:fe:
5d:a9:f7:01:79:c3:61:99:77:01:46:57:97:0f:4d:3b:11:e8:
62:be:0f:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS5cbp19MWwp4qrdMAGzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjQwMTAxMTgzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDI0NWNlNzZkMWQ3ZTNhZmU1MDI5NjIxZTEwYTljODM1OTBkM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz1/T3nwgemTchtXc6RpvT/Age2X
mp7X2LdePO3ErgE5tqoJznS/tmt2Fx0gO0wGvvkR4fzDKvecqe3BbhddPdJCY4Uo
NX7aIJZ1Q2jV58GzX9fnIQsk7IW7tRaq8wGwEUnWemgt+jwsuHJFN0pae+xn3xDG
DhPR2HQshrSHmomgzyiT1SWNpEX/b2MsH/dE1awTgNvcegLwVXcMdi6/pQXfpxtJ
4td9mpmT32LLn7LW5NjdvgkbY0M3QFBMUkWanOoTtRq8+oJ2yTv4Z5ZtHHCHl1kZ
xUL9Kp/PFAvN7KWDjKkayYgMdAXC5brVXJEnmSoy7b6CPZM0TYABvd70kwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHAkXOdtHX46/lApYh4Qqcg1kNPEMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvY0NSYzUyMGRmanItVUNsaUhoQ3B5RFdRMDhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATUGrAwQA
vHJEMA0GCSqGSIb3DQEBCwUAA4IBAQBHtOoP3YxurfW+ogKXpGV4F2+0stbcJxhL
1iPBJaxg/1JvrpDtj498tGXdOmKPCZ1gF5iyzJeB8cj06+ddHQ0EiiwVbFntoom9
0nlCiyIDm6T4ujOTwiumoVM9jsnIZW2tKv2irnYH+vhhDaQ9ZWA5rrL8lmypUJg2
mc6yuAnw6ka7g90L3bzyJO0WgOUur14Ota+GuK/f3Lwgmsp0xAg5zjEBQetT6CKD
XI+qTyviA9sKPz06cRSyZDU939eTw6WAPFjpLJtyG13J4NRDEqx3g9g47WfR75D+
OPhH20dGm8Zd8n29WxaCvP5dqfcBecNhmXcBRleXD007Eehivg/Y
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:07 2024 by rpki-client on console-ams.rpki-client.org