Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/ex9wcP3yOgo5xCvH8tfFpCqfo1M.roa
File: ex9wcP3yOgo5xCvH8tfFpCqfo1M.roa (raw, json)
Hash identifier: aJfY64AYa3+vzjZK5+MHoi0RXeKm9roywZeImCfHhSo=
Subject key identifier: 7B:1F:70:70:FD:F2:3A:0A:39:C4:2B:C7:F2:D7:C5:A4:2A:9F:A3:53
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 018CC64B9C44B92625BF407EFECAB21A494D
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/ex9wcP3yOgo5xCvH8tfFpCqfo1M.roa
Signing time: Mon 01 Jan 2024 18:31:33 +0000
ROA not before: Mon 01 Jan 2024 18:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210407
IP address blocks: 77.65.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:9c:44:b9:26:25:bf:40:7e:fe:ca:b2:1a:49:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 18:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b1f7070fdf23a0a39c42bc7f2d7c5a42a9fa353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:14:71:70:bf:f1:ea:e3:c0:ba:aa:c6:9f:96:
36:11:32:0b:95:bf:86:4b:23:18:64:c4:d4:ed:a9:
27:4c:23:6a:f4:54:52:27:dc:9d:28:3e:ae:ce:51:
cf:27:dd:be:e6:09:90:42:c6:9b:e4:18:2e:1d:e6:
ee:1f:f9:98:fa:85:f1:f5:39:51:8c:6c:b4:df:3b:
f7:a2:3d:c8:41:32:b9:48:ae:13:10:60:3a:cb:81:
8f:60:1d:45:e2:5b:10:ae:62:c2:ea:22:02:97:9c:
37:c2:1e:e6:e5:94:66:ee:68:fe:3a:e5:11:f2:3c:
0f:c9:ec:8e:53:d7:ef:da:50:10:fa:d1:95:c8:47:
53:1a:32:3d:58:29:06:ab:42:b8:e9:c1:a1:1c:41:
89:4d:aa:3b:1d:62:d3:16:e5:b2:fd:4d:11:a0:67:
54:99:ba:1b:83:cb:75:4f:3b:1f:7e:e1:01:1d:3c:
2f:2d:aa:f6:eb:b3:2c:f3:92:57:a5:bb:0f:9c:c8:
b5:08:5a:dc:90:a5:7e:db:71:90:ab:2d:b6:3d:3f:
2c:14:ab:04:99:37:60:64:e6:84:62:52:40:8e:83:
de:51:0d:ae:0f:2c:00:16:27:f7:b1:5b:d3:e3:9c:
99:42:43:89:df:58:b0:54:ff:e2:55:43:ec:d5:65:
a3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1F:70:70:FD:F2:3A:0A:39:C4:2B:C7:F2:D7:C5:A4:2A:9F:A3:53
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/ex9wcP3yOgo5xCvH8tfFpCqfo1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.65.205.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:4e:b4:2b:28:d0:a5:71:2d:08:ac:af:85:2f:5e:1f:6f:fa:
3e:bf:b9:8f:aa:ed:8e:a5:ad:9e:62:ee:52:53:54:c9:38:c4:
ce:c3:99:d4:9c:63:3d:57:15:58:9a:58:91:aa:95:13:66:f0:
60:e4:dd:ba:97:2d:4f:55:19:5d:26:da:46:4f:37:98:66:64:
30:4e:33:1d:e9:f8:04:74:dd:84:50:b4:cf:a7:0b:dd:d8:60:
e2:3e:8e:c5:7a:8d:8a:5d:cd:42:85:7f:57:ce:3b:24:7d:68:
96:cd:c1:e2:c9:7f:f3:2c:57:97:7e:6e:6f:95:bc:7e:8b:a3:
66:7d:44:c6:8f:98:ea:49:d6:87:bf:d9:a7:15:43:99:c0:64:
56:e8:ac:b7:52:91:c0:7b:e7:6d:03:df:b3:98:21:50:c3:27:
c4:ff:18:32:77:c1:5c:4c:a2:9d:de:ef:30:56:f9:58:bf:cf:
bf:b0:19:a9:63:6b:2c:cf:ff:2e:4c:26:c2:4d:ef:22:61:b5:
3f:0e:9c:b0:35:bd:7e:e0:64:27:66:5f:30:8e:83:0c:f7:18:
c0:6f:57:63:9f:a3:47:74:1b:10:9e:c6:50:03:c6:00:cd:fa:
12:33:f4:5e:59:6c:f3:09:10:3c:c6:4c:2c:35:85:41:2d:af:
65:d6:52:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS5xEuSYlv0B+/sqyGklNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjQwMTAxMTgzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFmNzA3MGZkZjIzYTBhMzljNDJiYzdmMmQ3YzVhNDJhOWZhMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxRxcL/x6uPAuqrGn5Y2ETILlb+G
SyMYZMTU7aknTCNq9FRSJ9ydKD6uzlHPJ92+5gmQQsab5BguHebuH/mY+oXx9TlR
jGy03zv3oj3IQTK5SK4TEGA6y4GPYB1F4lsQrmLC6iICl5w3wh7m5ZRm7mj+OuUR
8jwPyeyOU9fv2lAQ+tGVyEdTGjI9WCkGq0K46cGhHEGJTao7HWLTFuWy/U0RoGdU
mbobg8t1TzsffuEBHTwvLar267Ms85JXpbsPnMi1CFrckKV+23GQqy22PT8sFKsE
mTdgZOaEYlJAjoPeUQ2uDywAFif3sVvT45yZQkOJ31iwVP/iVUPs1WWjNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHsfcHD98joKOcQrx/LXxaQqn6NTMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvZXg5d2NQM3lPZ281eEN2SDh0ZkZwQ3FmbzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUHNMA0G
CSqGSIb3DQEBCwUAA4IBAQA/TrQrKNClcS0IrK+FL14fb/o+v7mPqu2Opa2eYu5S
U1TJOMTOw5nUnGM9VxVYmliRqpUTZvBg5N26ly1PVRldJtpGTzeYZmQwTjMd6fgE
dN2EULTPpwvd2GDiPo7Feo2KXc1ChX9XzjskfWiWzcHiyX/zLFeXfm5vlbx+i6Nm
fUTGj5jqSdaHv9mnFUOZwGRW6Ky3UpHAe+dtA9+zmCFQwyfE/xgyd8FcTKKd3u8w
VvlYv8+/sBmpY2ssz/8uTCbCTe8iYbU/DpywNb1+4GQnZl8wjoMM9xjAb1djn6NH
dBsQnsZQA8YAzfoSM/ReWWzzCRA8xkwsNYVBLa9l1lJ+
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:07 2024 by rpki-client on console-ams.rpki-client.org