Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/IqPOiSfZWqJjB175iLPHrUlUqkw.roa
File: IqPOiSfZWqJjB175iLPHrUlUqkw.roa (raw, json)
Hash identifier: kNnXuyA78fVsMaXFi6Q7t6pB8LRC7eIRNP0U9hV3gR4=
Subject key identifier: 22:A3:CE:89:27:D9:5A:A2:63:07:5E:F9:88:B3:C7:AD:49:54:AA:4C
Certificate issuer: /CN=0a39f9a00278e69d1b3dddaa0bf0cd17d2e66708
Certificate serial: 018CC9BCE21DAC3191C9CA026717D3918639
Authority key identifier: 0A:39:F9:A0:02:78:E6:9D:1B:3D:DD:AA:0B:F0:CD:17:D2:E6:67:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cjn5oAJ45p0bPd2qC_DNF9LmZwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/IqPOiSfZWqJjB175iLPHrUlUqkw.roa
Signing time: Tue 02 Jan 2024 10:34:08 +0000
ROA not before: Tue 02 Jan 2024 10:34:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8866
IP address blocks: 77.76.16.0/20 maxlen: 24
77.76.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/Cjn5oAJ45p0bPd2qC_DNF9LmZwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/Cjn5oAJ45p0bPd2qC_DNF9LmZwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cjn5oAJ45p0bPd2qC_DNF9LmZwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 04:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e2:1d:ac:31:91:c9:ca:02:67:17:d3:91:86:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a39f9a00278e69d1b3dddaa0bf0cd17d2e66708
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22a3ce8927d95aa263075ef988b3c7ad4954aa4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0d:74:4d:54:32:02:ba:11:74:3d:77:23:c1:
b8:08:8f:b9:ea:c0:7a:8c:95:77:39:d8:7b:80:c7:
5e:8b:9d:71:79:18:f8:e7:9b:5f:f6:49:1b:2e:66:
06:f8:5f:c9:b3:dd:62:ab:a8:57:05:95:ea:91:9f:
ba:8f:39:9d:ac:eb:de:61:78:2f:f3:0a:56:eb:d8:
0e:ce:65:92:8e:4e:62:c2:da:d4:a9:3d:e6:bf:54:
ea:83:66:d1:c5:cf:10:fc:14:a3:2f:7c:01:c1:10:
65:ce:22:86:87:4b:90:0d:5f:84:59:bd:00:25:5e:
4b:df:33:c1:4e:13:cb:28:21:e4:16:fa:dd:43:56:
f4:be:07:83:c2:97:00:34:d9:08:6e:6a:f4:08:6b:
3a:61:6a:ed:f7:68:92:2d:86:49:5a:27:de:17:da:
f0:65:ce:0a:40:ae:5e:d6:06:1f:a3:30:fc:12:a5:
4d:b4:e2:39:74:8e:d5:ca:c6:35:2b:50:e4:1b:f8:
e1:ea:d4:e6:bd:d1:de:ff:a6:ad:14:35:6c:68:3f:
12:0e:69:a1:0d:8c:a8:6e:a6:a7:3a:0e:2c:13:b3:
94:24:bd:94:11:22:30:c9:63:7d:2b:f4:09:e5:60:
6f:78:77:0f:95:6b:01:0b:ea:0b:9e:8a:43:5f:86:
5d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A3:CE:89:27:D9:5A:A2:63:07:5E:F9:88:B3:C7:AD:49:54:AA:4C
X509v3 Authority Key Identifier:
keyid:0A:39:F9:A0:02:78:E6:9D:1B:3D:DD:AA:0B:F0:CD:17:D2:E6:67:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cjn5oAJ45p0bPd2qC_DNF9LmZwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/IqPOiSfZWqJjB175iLPHrUlUqkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/a9af0e-e91a-4f1c-b72c-1e2b1c87d317/1/Cjn5oAJ45p0bPd2qC_DNF9LmZwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.16.0-77.76.63.255
Signature Algorithm: sha256WithRSAEncryption
13:9e:f9:84:4f:8e:6e:fc:fb:ca:54:6d:2c:f7:03:64:24:aa:
8b:e6:83:15:ca:35:20:8f:a5:19:05:69:1c:79:25:a5:96:2d:
8d:a2:07:6f:ef:86:89:c4:17:53:42:64:92:c9:86:83:67:73:
a1:81:90:de:d9:40:af:5b:be:de:9f:7b:e6:00:be:7d:38:12:
9b:31:25:aa:8d:cc:dc:b3:14:f2:ad:dc:21:b9:18:b8:71:1b:
3f:89:d8:8f:9c:ff:19:73:1d:45:27:9c:3e:d3:c5:6c:b4:7f:
7f:2d:26:62:6e:d5:eb:77:d1:29:16:0a:66:68:91:35:37:82:
fa:29:ac:f2:82:3d:cf:e8:48:ff:5b:51:1f:f3:89:63:f6:75:
e8:51:85:82:b1:a5:7d:6c:13:1e:80:fe:4d:73:26:07:76:c6:
5e:08:b7:0b:53:2c:d9:c1:76:b9:8d:b6:fd:e5:0e:ef:07:8a:
56:57:b1:4e:d0:32:4f:89:18:ed:77:ad:52:4c:37:a0:26:fe:
b9:52:77:17:98:4b:63:53:25:e6:13:fb:41:1c:c2:34:c7:07:
b5:b7:2c:aa:92:71:57:4e:e1:d7:af:93:e7:90:03:6f:4b:f7:
66:96:03:5b:e9:51:b3:eb:9f:f5:fc:c1:12:37:79:f5:67:3b:
78:aa:94:0e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJvOIdrDGRycoCZxfTkYY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzlmOWEwMDI3OGU2OWQxYjNkZGRhYTBiZjBjZDE3ZDJl
NjY3MDgwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmEzY2U4OTI3ZDk1YWEyNjMwNzVlZjk4OGIzYzdhZDQ5NTRhYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ10TVQyAroRdD13I8G4CI+56sB6
jJV3Odh7gMdei51xeRj455tf9kkbLmYG+F/Js91iq6hXBZXqkZ+6jzmdrOveYXgv
8wpW69gOzmWSjk5iwtrUqT3mv1Tqg2bRxc8Q/BSjL3wBwRBlziKGh0uQDV+EWb0A
JV5L3zPBThPLKCHkFvrdQ1b0vgeDwpcANNkIbmr0CGs6YWrt92iSLYZJWifeF9rw
Zc4KQK5e1gYfozD8EqVNtOI5dI7VysY1K1DkG/jh6tTmvdHe/6atFDVsaD8SDmmh
DYyobqanOg4sE7OUJL2UESIwyWN9K/QJ5WBveHcPlWsBC+oLnopDX4ZdlwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCKjzokn2VqiYwde+Yizx61JVKpMMB8GA1UdIwQY
MBaAFAo5+aACeOadGz3dqgvwzRfS5mcIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2puNW9BSjQ1cDBiUGQycUNfRE5GOUxtWndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hOWFmMGUtZTkxYS00ZjFjLWI3MmMt
MWUyYjFjODdkMzE3LzEvSXFQT2lTZlpXcUpqQjE3NWlMUEhyVWxVcWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9hOWFmMGUtZTkxYS00ZjFjLWI3MmMtMWUyYjFjODdkMzE3
LzEvQ2puNW9BSjQ1cDBiUGQycUNfRE5GOUxtWndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARNTBAD
BAZNTAAwDQYJKoZIhvcNAQELBQADggEBABOe+YRPjm78+8pUbSz3A2QkqovmgxXK
NSCPpRkFaRx5JaWWLY2iB2/vhonEF1NCZJLJhoNnc6GBkN7ZQK9bvt6fe+YAvn04
EpsxJaqNzNyzFPKt3CG5GLhxGz+J2I+c/xlzHUUnnD7TxWy0f38tJmJu1et30SkW
CmZokTU3gvoprPKCPc/oSP9bUR/ziWP2dehRhYKxpX1sEx6A/k1zJgd2xl4ItwtT
LNnBdrmNtv3lDu8HilZXsU7QMk+JGO13rVJMN6Am/rlSdxeYS2NTJeYT+0EcwjTH
B7W3LKqScVdO4devk+eQA29L92aWA1vpUbPrn/X8wRI3efVnO3iqlA4=
-----END CERTIFICATE-----
Generated at Mon May 20 13:26:03 2024 by rpki-client on console-fra.rpki-client.org