Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/d84-0EGT9gGV5xBU8BI8rJPYWd0.roa
File: d84-0EGT9gGV5xBU8BI8rJPYWd0.roa (raw, json)
Hash identifier: +/NdKDdr5u2DNPCyFkRzPfIHUMveMEuTsDFfgMK2gZE=
Subject key identifier: 77:CE:3E:D0:41:93:F6:01:95:E7:10:54:F0:12:3C:AC:93:D8:59:DD
Certificate issuer: /CN=db9bfce35824f6ec9b5c9f39a81150ce16181227
Certificate serial: 019372121CD4C2FE91EE7340E51AA12C6401
Authority key identifier: DB:9B:FC:E3:58:24:F6:EC:9B:5C:9F:39:A8:11:50:CE:16:18:12:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/d84-0EGT9gGV5xBU8BI8rJPYWd0.roa
Signing time: Thu 28 Nov 2024 09:20:09 +0000
ROA not before: Thu 28 Nov 2024 09:20:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35765
IP address blocks: 87.247.192.0/22 maxlen: 22
87.247.196.0/22 maxlen: 22
87.247.200.0/22 maxlen: 22
87.247.204.0/22 maxlen: 22
87.247.208.0/20 maxlen: 20
195.128.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.mft
rsync://rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:12:1c:d4:c2:fe:91:ee:73:40:e5:1a:a1:2c:64:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9bfce35824f6ec9b5c9f39a81150ce16181227
Validity
Not Before: Nov 28 09:20:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77ce3ed04193f60195e71054f0123cac93d859dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:84:67:33:99:bf:7b:d8:67:2e:17:68:d8:
f8:39:fb:22:b6:6f:41:f0:c3:2b:23:17:c1:4b:f6:
a8:10:d5:35:26:19:42:5c:c5:d4:84:1c:a5:6f:1b:
98:f8:74:2a:ff:9c:91:96:5a:19:88:c7:03:5a:aa:
b5:03:6b:b1:37:93:98:1d:bf:d3:de:6e:c5:aa:79:
36:cb:f9:7b:ee:b3:d2:54:9a:8f:e8:92:77:1e:12:
8d:ce:b2:1c:f2:4a:bb:3e:72:be:8f:82:1f:9f:8b:
df:02:12:6c:40:0f:69:cb:1f:89:94:d6:1d:23:dd:
72:b0:64:b6:6b:46:fb:cf:43:a0:41:3b:3b:60:bd:
72:ab:a5:ca:09:4d:c5:7a:20:30:e4:b2:ca:d4:3b:
6e:14:35:24:04:79:f9:11:e3:4c:a3:08:63:c7:5c:
cb:d0:0b:ea:1d:5f:26:e9:df:02:49:39:7d:7c:4e:
62:0c:dd:91:49:e3:07:ea:ec:c6:f8:57:32:39:22:
bf:c2:09:ff:a4:48:57:55:5f:74:ee:45:74:43:65:
95:7a:0a:fd:c9:f2:37:8a:b2:99:3a:5a:70:bc:6d:
3d:39:85:39:b2:e8:7f:48:04:e1:c0:f6:06:71:c6:
f9:da:0e:74:e0:6a:08:f0:2d:0c:b9:4c:91:be:9c:
0f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:CE:3E:D0:41:93:F6:01:95:E7:10:54:F0:12:3C:AC:93:D8:59:DD
X509v3 Authority Key Identifier:
keyid:DB:9B:FC:E3:58:24:F6:EC:9B:5C:9F:39:A8:11:50:CE:16:18:12:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/d84-0EGT9gGV5xBU8BI8rJPYWd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.192.0/19
195.128.104.0/21
Signature Algorithm: sha256WithRSAEncryption
c4:1d:0e:85:83:c2:f1:07:d3:21:b9:64:c0:fa:ae:9c:d1:87:
c2:26:1e:ba:34:6a:d7:e3:d9:46:df:67:1d:e4:46:62:34:0a:
ba:16:d0:17:e1:3d:a3:fb:02:82:74:89:7c:19:13:7e:85:2f:
76:b3:75:60:04:03:fd:9d:4f:33:6b:0e:b2:af:9d:4d:28:92:
cf:ed:54:62:7a:32:93:54:66:50:b6:80:20:7c:1d:9e:a8:15:
58:5e:7a:6c:5e:58:cf:54:12:d1:e2:2e:cb:97:ec:96:6a:0b:
74:7b:24:23:97:e0:39:b3:f6:3b:1d:d2:7e:3c:b8:cb:b9:76:
35:e8:a4:cb:ed:8d:5e:6b:57:35:86:d0:e0:d4:64:a5:f9:79:
37:ab:af:bf:ac:1a:79:f3:e1:03:1a:43:b7:47:03:1c:ae:f9:
79:b2:6c:7f:d3:4c:23:76:23:25:26:32:75:18:d3:2d:5d:45:
8b:da:e7:c8:d8:b9:8e:37:23:e3:02:82:4d:84:23:0e:64:ad:
f4:ae:ff:9c:ac:54:02:91:a8:e4:11:57:c7:bf:6e:eb:71:c1:
62:72:93:ca:6b:fe:c5:c0:5f:e9:5c:e4:41:ce:22:51:23:28:
21:e5:f6:ce:ef:40:7d:73:7b:39:af:21:d7:d8:94:43:29:a3:
89:6f:2f:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNyEhzUwv6R7nNA5RqhLGQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWJmY2UzNTgyNGY2ZWM5YjVjOWYzOWE4MTE1MGNlMTYx
ODEyMjcwHhcNMjQxMTI4MDkyMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2NlM2VkMDQxOTNmNjAxOTVlNzEwNTRmMDEyM2NhYzkzZDg1OWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNuEZzOZv3vYZy4XaNj4Ofsitm9B
8MMrIxfBS/aoENU1JhlCXMXUhBylbxuY+HQq/5yRlloZiMcDWqq1A2uxN5OYHb/T
3m7Fqnk2y/l77rPSVJqP6JJ3HhKNzrIc8kq7PnK+j4Ifn4vfAhJsQA9pyx+JlNYd
I91ysGS2a0b7z0OgQTs7YL1yq6XKCU3FeiAw5LLK1DtuFDUkBHn5EeNMowhjx1zL
0AvqHV8m6d8CSTl9fE5iDN2RSeMH6uzG+FcyOSK/wgn/pEhXVV907kV0Q2WVegr9
yfI3irKZOlpwvG09OYU5suh/SAThwPYGccb52g504GoI8C0MuUyRvpwP6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHfOPtBBk/YBlecQVPASPKyT2FndMB8GA1UdIwQY
MBaAFNub/ONYJPbsm1yfOagRUM4WGBInMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjV2ODQxZ2s5dXliWEo4NXFCRlF6aFlZRWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iMzg3MDctMzljZS00Y2NiLTk3YTAt
OWI3MGQ2MGM0ODAwLzEvZDg0LTBFR1Q5Z0dWNXhCVThCSThySlBZV2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iMzg3MDctMzljZS00Y2NiLTk3YTAtOWI3MGQ2MGM0ODAw
LzEvMjV2ODQxZ2s5dXliWEo4NXFCRlF6aFlZRWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFV/fAAwQD
w4BoMA0GCSqGSIb3DQEBCwUAA4IBAQDEHQ6Fg8LxB9MhuWTA+q6c0YfCJh66NGrX
49lG32cd5EZiNAq6FtAX4T2j+wKCdIl8GRN+hS92s3VgBAP9nU8zaw6yr51NKJLP
7VRiejKTVGZQtoAgfB2eqBVYXnpsXljPVBLR4i7Ll+yWagt0eyQjl+A5s/Y7HdJ+
PLjLuXY16KTL7Y1ea1c1htDg1GSl+Xk3q6+/rBp58+EDGkO3RwMcrvl5smx/00wj
diMlJjJ1GNMtXUWL2ufI2LmONyPjAoJNhCMOZK30rv+crFQCkajkEVfHv27rccFi
cpPKa/7FwF/pXORBziJRIygh5fbO70B9c3s5ryHX2JRDKaOJby/C
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:58:57 2024 by rpki-client on console-fra.rpki-client.org