Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/0Y1QVjPl16vcydWFWV5l8SkWsVI.roa
File: 0Y1QVjPl16vcydWFWV5l8SkWsVI.roa (raw, json)
Hash identifier: c+dv9UNX7ASMrTmZ2OHuxpNlrRO33vLlB6gYevRD93k=
Subject key identifier: D1:8D:50:56:33:E5:D7:AB:DC:C9:D5:85:59:5E:65:F1:29:16:B1:52
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01934FEC5985340EF945FD480CE6AB36EE6E
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/0Y1QVjPl16vcydWFWV5l8SkWsVI.roa
Signing time: Thu 21 Nov 2024 18:11:49 +0000
ROA not before: Thu 21 Nov 2024 18:11:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4f:ec:59:85:34:0e:f9:45:fd:48:0c:e6:ab:36:ee:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Nov 21 18:11:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d18d505633e5d7abdcc9d585595e65f12916b152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:32:b6:c7:56:4e:a3:fc:36:ec:1a:f1:9f:13:
8a:8f:c1:d2:c1:d8:54:00:53:77:6d:00:88:60:e7:
2b:dc:fc:d9:b3:bc:02:b6:4c:0f:dd:24:cb:b3:a0:
1a:26:e1:72:97:4e:c4:bf:c3:e6:c5:9e:2d:5e:55:
46:86:d0:7b:df:13:33:0e:29:7b:45:81:43:66:d0:
6a:11:4e:9f:2a:c7:19:cd:a0:aa:82:e8:52:93:24:
ee:4e:6d:55:5b:4a:f9:37:8a:a3:1a:11:64:fc:24:
1d:c1:13:98:4e:a4:50:0d:33:f8:d6:8d:7c:43:46:
6d:d2:07:ce:d1:15:76:6a:73:8f:3d:2c:5e:6c:0a:
fd:8f:77:31:2d:4d:ec:2e:19:f3:e2:e2:02:c3:a9:
e3:a2:2f:98:33:e4:e2:cf:46:a7:88:8f:8d:84:20:
af:5f:41:dc:20:50:2c:b0:3d:ca:c4:3c:69:53:69:
dd:5a:52:2e:a3:30:63:7b:8c:eb:95:bf:77:ac:50:
1b:48:84:31:8b:5b:e7:1e:b6:c1:d7:22:bb:5e:1f:
25:9d:94:1a:b4:b8:c4:7c:82:c6:d0:46:a2:d0:d4:
a8:11:e8:c3:ed:d9:92:26:47:49:d5:b3:e9:34:dd:
05:3f:b3:93:f4:c8:19:6b:e2:09:99:ee:06:0e:b5:
a9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8D:50:56:33:E5:D7:AB:DC:C9:D5:85:59:5E:65:F1:29:16:B1:52
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/0Y1QVjPl16vcydWFWV5l8SkWsVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.86.0/24
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
86:b7:4a:cc:2f:fb:d6:eb:b3:c0:87:8d:5a:6b:f1:55:44:b4:
07:cc:6d:9f:2d:f3:41:39:67:8c:4d:ca:2e:dd:81:e3:b8:0f:
84:79:91:13:9a:88:f1:61:6a:58:1b:1a:7a:02:2a:4c:5e:51:
1b:b8:65:40:9a:9b:91:6d:02:97:99:bc:43:8f:35:a3:a1:0d:
4b:ed:71:6a:14:cd:58:88:eb:6c:bc:48:c3:d9:6a:be:c6:e0:
0e:4b:27:75:57:17:1c:f1:06:5a:68:e4:2f:fe:7a:32:37:5f:
31:f4:1b:27:9a:18:93:91:2f:d1:b2:c3:96:ea:2b:c0:98:77:
48:4b:ff:bc:a7:69:b8:c5:df:6f:d3:18:66:a9:0f:5e:55:50:
74:60:32:8a:1d:3e:db:e8:66:a3:4c:1d:d4:22:74:a7:fb:5a:
57:75:07:2d:09:b2:74:44:04:39:9e:0b:fb:ce:52:0f:5f:12:
7c:f7:79:78:a1:63:cd:1a:f2:2b:be:18:bc:23:36:2d:f5:6c:
59:0f:e9:04:d8:e6:16:0e:ab:3a:ed:50:2b:8b:d8:8f:b7:f1:
70:ea:99:ea:5e:8e:05:10:33:b6:3f:03:0e:03:e1:a0:ab:5f:
2b:0a:13:21:49:c8:89:23:fd:92:d0:75:9f:4b:a9:3f:48:b0:
b2:0d:c6:6f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZNP7FmFNA75Rf1IDOarNu5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQxMTIxMTgxMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMThkNTA1NjMzZTVkN2FiZGNjOWQ1ODU1OTVlNjVmMTI5MTZiMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjK2x1ZOo/w27BrxnxOKj8HSwdhU
AFN3bQCIYOcr3PzZs7wCtkwP3STLs6AaJuFyl07Ev8PmxZ4tXlVGhtB73xMzDil7
RYFDZtBqEU6fKscZzaCqguhSkyTuTm1VW0r5N4qjGhFk/CQdwROYTqRQDTP41o18
Q0Zt0gfO0RV2anOPPSxebAr9j3cxLU3sLhnz4uICw6njoi+YM+Tiz0aniI+NhCCv
X0HcIFAssD3KxDxpU2ndWlIuozBje4zrlb93rFAbSIQxi1vnHrbB1yK7Xh8lnZQa
tLjEfILG0Eai0NSoEejD7dmSJkdJ1bPpNN0FP7OT9MgZa+IJme4GDrWpMwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNGNUFYz5der3MnVhVleZfEpFrFSMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvMFkxUVZqUGwxNnZjeWRXRldWNWw4U2tXc1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBTVyOAwQA
TVyYAwQATodWMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcNAQELBQADggEBAIa3
Sswv+9brs8CHjVpr8VVEtAfMbZ8t80E5Z4xNyi7dgeO4D4R5kROaiPFhalgbGnoC
KkxeURu4ZUCam5FtApeZvEOPNaOhDUvtcWoUzViI62y8SMPZar7G4A5LJ3VXFxzx
Blpo5C/+ejI3XzH0GyeaGJORL9Gyw5bqK8CYd0hL/7ynabjF32/TGGapD15VUHRg
MoodPtvoZqNMHdQidKf7Wld1By0JsnREBDmeC/vOUg9fEnz3eXihY80a8iu+GLwj
Ni31bFkP6QTY5hYOqzrtUCuL2I+38XDqmepejgUQM7Y/Aw4D4aCrXysKEyFJyIkj
/ZLQdZ9LqT9IsLINxm8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:39:12 2024 by rpki-client on console-ams.rpki-client.org