Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/77CzRTI9zz1MAZAY_RIvJI8dmHU.roa
File: 77CzRTI9zz1MAZAY_RIvJI8dmHU.roa (raw, json)
Hash identifier: I+hsfpksFu5Oedz7hC0K/+eer12ZMWrGpGOpXn+VdTk=
Subject key identifier: EF:B0:B3:45:32:3D:CF:3D:4C:01:90:18:FD:12:2F:24:8F:1D:98:75
Certificate issuer: /CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Certificate serial: 018CC42484E5118BA6CBFAF29BAC7A4E9A5B
Authority key identifier: 61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/77CzRTI9zz1MAZAY_RIvJI8dmHU.roa
Signing time: Mon 01 Jan 2024 08:29:36 +0000
ROA not before: Mon 01 Jan 2024 08:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200596
IP address blocks: 147.12.16.0/20 maxlen: 24
185.101.196.0/22 maxlen: 24
91.212.42.0/24 maxlen: 24
135.84.148.0/22 maxlen: 24
85.184.228.0/22 maxlen: 24
2a00:5ea0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:84:e5:11:8b:a6:cb:fa:f2:9b:ac:7a:4e:9a:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Validity
Not Before: Jan 1 08:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efb0b345323dcf3d4c019018fd122f248f1d9875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:18:1e:ac:69:e7:9d:ad:1f:ca:3b:6f:75:48:
bb:c0:38:60:15:fa:3a:46:f6:9c:64:7f:73:95:e7:
50:7b:0c:f4:2b:3c:ea:a8:63:1b:fd:9a:16:30:e3:
67:de:96:5b:73:a1:42:55:59:01:01:fc:14:0f:c0:
a5:13:81:0d:48:55:dd:c6:5d:ac:b3:b8:b4:4e:52:
73:01:21:97:b6:7f:ae:56:76:ee:40:39:dc:dd:b8:
86:3b:46:8d:c2:fa:75:a8:21:b1:93:6d:e2:c1:0c:
72:73:3e:4b:af:54:6b:5d:1d:4a:89:42:2a:71:63:
e3:21:e1:a5:dc:7c:ff:d4:72:bc:bf:22:30:54:c5:
0d:6f:56:fd:9e:59:6e:8d:89:5d:d6:7c:29:36:97:
7f:b9:dd:46:6a:2c:cb:45:20:15:09:be:ec:7b:26:
bf:6b:21:66:ad:35:61:b7:13:5d:e2:bf:52:be:fc:
d4:3a:74:2d:0b:f2:5a:fb:65:24:0b:e7:0a:0b:c5:
3c:86:ea:86:e8:f8:57:4c:8b:23:2d:dd:c2:75:32:
b6:85:4a:7e:3f:ed:a2:7d:1f:5e:7e:4e:61:31:bb:
40:30:cc:f2:2f:76:61:8d:f2:33:89:64:aa:53:bf:
f0:35:70:7c:78:3c:f9:9a:10:cb:78:5f:5e:9a:80:
7c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B0:B3:45:32:3D:CF:3D:4C:01:90:18:FD:12:2F:24:8F:1D:98:75
X509v3 Authority Key Identifier:
keyid:61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/77CzRTI9zz1MAZAY_RIvJI8dmHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.184.228.0/22
91.212.42.0/24
135.84.148.0/22
147.12.16.0/20
185.101.196.0/22
IPv6:
2a00:5ea0::/29
Signature Algorithm: sha256WithRSAEncryption
38:af:7a:3c:20:26:eb:aa:51:a3:48:18:71:7f:56:35:20:0e:
46:3e:45:d9:90:a2:44:d9:6c:d7:2d:45:29:55:a8:0d:02:4e:
a6:b8:02:a6:d4:92:e1:ce:ed:0c:99:3a:0e:16:a0:3d:e9:15:
32:55:97:9e:39:75:96:2a:02:37:15:bf:ff:47:92:3f:0b:cb:
09:51:c6:ea:53:21:fa:58:4a:3e:1f:20:a7:71:d7:80:be:f3:
56:a3:9c:f0:f4:f1:5b:0b:4c:69:3a:80:3c:3d:0c:12:be:0c:
ce:99:12:f7:9d:86:b9:7a:84:8a:1c:f0:28:9c:f5:4a:3e:12:
a9:63:79:c8:eb:c3:9d:fc:f9:1d:3b:8f:71:2a:b0:44:d3:a7:
45:bb:e3:47:f1:54:50:43:73:1f:3c:88:03:eb:66:34:e4:1d:
b1:0a:70:5b:c7:c4:2b:3a:2c:48:67:10:41:ad:d6:c3:57:3c:
18:97:0d:7c:6c:f9:71:5b:cf:5c:92:bb:7f:37:88:f6:b5:ec:
28:68:9f:8c:68:2b:27:65:89:83:bc:7e:cf:6a:3c:a6:4b:9a:
a5:55:a1:8d:69:8f:10:8e:31:fa:82:aa:1b:49:5e:84:eb:3f:
cc:b2:9e:19:22:dc:99:d8:81:33:34:e8:de:95:c0:85:ee:10:
c4:6f:80:c0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEJITlEYumy/rym6x6TppbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxN2NkOGQ0OGI1ZDE1NjY3YmYxMzEzOTZkNGE2YzU5ZDdk
MTY3YzAwHhcNMjQwMTAxMDgyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmIwYjM0NTMyM2RjZjNkNGMwMTkwMThmZDEyMmYyNDhmMWQ5ODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhgerGnnna0fyjtvdUi7wDhgFfo6
RvacZH9zledQewz0KzzqqGMb/ZoWMONn3pZbc6FCVVkBAfwUD8ClE4ENSFXdxl2s
s7i0TlJzASGXtn+uVnbuQDnc3biGO0aNwvp1qCGxk23iwQxycz5Lr1RrXR1KiUIq
cWPjIeGl3Hz/1HK8vyIwVMUNb1b9nllujYld1nwpNpd/ud1GaizLRSAVCb7seya/
ayFmrTVhtxNd4r9SvvzUOnQtC/Ja+2UkC+cKC8U8huqG6PhXTIsjLd3CdTK2hUp+
P+2ifR9efk5hMbtAMMzyL3ZhjfIziWSqU7/wNXB8eDz5mhDLeF9emoB8lwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFO+ws0UyPc89TAGQGP0SLySPHZh1MB8GA1UdIwQY
MBaAFGF82NSLXRVme/ExOW1KbFnX0WfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEt
YmY2ZTk3ZGRkMDc5LzEvNzdDelJUSTl6ejFNQVpBWV9SSXZKSThkbUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEtYmY2ZTk3ZGRkMDc5
LzEvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCVbjkAwQA
W9QqAwQCh1SUAwQEkwwQAwQCuWXEMA0EAgACMAcDBQMqAF6gMA0GCSqGSIb3DQEB
CwUAA4IBAQA4r3o8ICbrqlGjSBhxf1Y1IA5GPkXZkKJE2WzXLUUpVagNAk6muAKm
1JLhzu0MmToOFqA96RUyVZeeOXWWKgI3Fb//R5I/C8sJUcbqUyH6WEo+HyCncdeA
vvNWo5zw9PFbC0xpOoA8PQwSvgzOmRL3nYa5eoSKHPAonPVKPhKpY3nI68Od/Pkd
O49xKrBE06dFu+NH8VRQQ3MfPIgD62Y05B2xCnBbx8QrOixIZxBBrdbDVzwYlw18
bPlxW89ckrt/N4j2tewoaJ+MaCsnZYmDvH7PajymS5qlVaGNaY8QjjH6gqobSV6E
6z/Msp4ZItyZ2IEzNOjelcCF7hDEb4DA
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:01:15 2024 by rpki-client on console-fra.rpki-client.org