Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/756505-2062-49e7-94fe-04777c198ef1/1/d6e4gvjOtgew1Ma0LKZMddCY1KQ.roa
File: d6e4gvjOtgew1Ma0LKZMddCY1KQ.roa (raw, json)
Hash identifier: ngwMUWVjVQptKzurUePFwLG1RBeVXAFHrRxiqwwczQQ=
Subject key identifier: 77:A7:B8:82:F8:CE:B6:07:B0:D4:C6:B4:2C:A6:4C:75:D0:98:D4:A4
Certificate issuer: /CN=d7880ed1021d0ecac71205673b004813b39dfc99
Certificate serial: 018CC3B6FEBA33A7750AC38DD1EB3B6C4A9F
Authority key identifier: D7:88:0E:D1:02:1D:0E:CA:C7:12:05:67:3B:00:48:13:B3:9D:FC:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/14gO0QIdDsrHEgVnOwBIE7Od_Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/756505-2062-49e7-94fe-04777c198ef1/1/d6e4gvjOtgew1Ma0LKZMddCY1KQ.roa
Signing time: Mon 01 Jan 2024 06:29:59 +0000
ROA not before: Mon 01 Jan 2024 06:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29680
IP address blocks: 151.252.112.0/21 maxlen: 21
178.23.208.0/21 maxlen: 24
193.238.52.0/22 maxlen: 22
217.18.224.0/21 maxlen: 21
217.18.232.0/22 maxlen: 22
217.18.239.0/24 maxlen: 24
217.18.237.0/24 maxlen: 24
217.18.236.0/24 maxlen: 24
176.28.88.0/21 maxlen: 23
193.22.119.0/24 maxlen: 24
2a00:d60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/756505-2062-49e7-94fe-04777c198ef1/1/14gO0QIdDsrHEgVnOwBIE7Od_Jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/756505-2062-49e7-94fe-04777c198ef1/1/14gO0QIdDsrHEgVnOwBIE7Od_Jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/14gO0QIdDsrHEgVnOwBIE7Od_Jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:fe:ba:33:a7:75:0a:c3:8d:d1:eb:3b:6c:4a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7880ed1021d0ecac71205673b004813b39dfc99
Validity
Not Before: Jan 1 06:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77a7b882f8ceb607b0d4c6b42ca64c75d098d4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:61:97:0b:cc:99:1e:ab:56:da:45:91:d9:4f:
e7:42:e6:78:97:cc:8c:16:39:e9:66:9f:c6:29:5b:
7e:f6:d5:7a:a4:60:a8:5d:aa:b4:00:d1:bd:e3:88:
d1:85:b4:59:97:b0:87:7f:18:91:ab:70:d5:08:94:
e6:fd:97:63:90:5b:91:45:5a:9e:07:7e:82:aa:5c:
86:3d:01:0b:df:ca:f6:d2:ea:d3:86:b5:d7:39:f5:
dd:72:e9:78:e6:b4:9d:59:0b:4f:86:91:ba:93:85:
26:44:69:25:5b:94:d4:a7:0c:ed:af:80:d9:ff:bc:
25:de:a9:17:ee:2b:68:6e:b7:8f:f9:5b:12:bf:04:
18:97:b8:27:bb:1b:be:9e:37:0f:e2:66:29:75:b3:
51:d9:e8:04:79:e8:4c:a8:61:61:d5:2a:f5:b6:f8:
24:6b:b8:43:49:e4:a4:63:78:40:b4:87:3e:64:7d:
2c:18:7d:f4:56:50:44:d1:f8:d4:34:3c:77:f5:44:
68:36:fe:a5:67:1c:46:b4:c8:58:d1:cb:c7:64:de:
2f:e3:15:9d:3a:3e:21:97:20:c2:ae:b8:23:ee:0b:
fd:3c:a6:9e:cf:7d:e3:fb:20:b3:02:d0:21:b8:17:
89:e8:42:e1:f6:fd:b1:12:69:aa:9b:4a:12:4e:52:
13:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A7:B8:82:F8:CE:B6:07:B0:D4:C6:B4:2C:A6:4C:75:D0:98:D4:A4
X509v3 Authority Key Identifier:
keyid:D7:88:0E:D1:02:1D:0E:CA:C7:12:05:67:3B:00:48:13:B3:9D:FC:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/14gO0QIdDsrHEgVnOwBIE7Od_Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/756505-2062-49e7-94fe-04777c198ef1/1/d6e4gvjOtgew1Ma0LKZMddCY1KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/756505-2062-49e7-94fe-04777c198ef1/1/14gO0QIdDsrHEgVnOwBIE7Od_Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.252.112.0/21
176.28.88.0/21
178.23.208.0/21
193.22.119.0/24
193.238.52.0/22
217.18.224.0-217.18.237.255
217.18.239.0/24
IPv6:
2a00:d60::/32
Signature Algorithm: sha256WithRSAEncryption
27:6b:f8:14:6b:61:e5:95:0b:cf:5c:26:dc:a3:d9:66:cf:eb:
03:a5:0f:03:c3:0c:8c:3c:f6:49:03:82:d4:67:7e:e6:c8:cf:
8b:50:0b:96:b1:43:26:88:a2:da:af:1e:7d:fb:54:41:2e:88:
94:fc:e8:28:d0:39:eb:30:cd:6d:14:36:32:53:69:05:6c:01:
55:e4:21:20:70:a7:3c:e9:4a:a0:a0:b8:6c:7f:04:07:6b:dc:
82:6c:56:08:dc:13:35:01:c5:42:84:fd:5c:c0:9c:64:68:d5:
61:de:b3:c1:4a:89:73:8e:70:bb:1e:c9:16:91:17:1b:b0:39:
db:72:9a:3a:3c:7f:0e:df:e0:63:48:af:52:3d:c4:7d:cc:62:
9a:29:17:c0:81:c5:ab:25:22:31:ca:e0:57:98:b4:63:f2:60:
9a:c5:d1:d4:1d:6e:ae:14:10:a2:58:cb:04:0a:ed:7d:3e:53:
b6:cd:49:ca:2a:68:e2:e3:16:bd:fb:83:95:5f:1e:f4:00:13:
a1:8b:4b:24:58:91:95:5c:47:55:e8:a6:38:dc:5c:a4:50:74:
c9:5e:f3:e1:59:c5:35:78:d3:9b:8c:ce:96:5a:ea:56:f9:9f:
7a:4d:3d:61:45:38:f4:94:c3:d8:9f:6e:52:55:79:10:85:0b:
fe:6e:84:1c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzDtv66M6d1CsON0es7bEqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ODgwZWQxMDIxZDBlY2FjNzEyMDU2NzNiMDA0ODEzYjM5
ZGZjOTkwHhcNMjQwMTAxMDYyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E3Yjg4MmY4Y2ViNjA3YjBkNGM2YjQyY2E2NGM3NWQwOThkNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimGXC8yZHqtW2kWR2U/nQuZ4l8yM
FjnpZp/GKVt+9tV6pGCoXaq0ANG944jRhbRZl7CHfxiRq3DVCJTm/ZdjkFuRRVqe
B36CqlyGPQEL38r20urThrXXOfXdcul45rSdWQtPhpG6k4UmRGklW5TUpwztr4DZ
/7wl3qkX7itobreP+VsSvwQYl7gnuxu+njcP4mYpdbNR2egEeehMqGFh1Sr1tvgk
a7hDSeSkY3hAtIc+ZH0sGH30VlBE0fjUNDx39URoNv6lZxxGtMhY0cvHZN4v4xWd
Oj4hlyDCrrgj7gv9PKaez33j+yCzAtAhuBeJ6ELh9v2xEmmqm0oSTlITZwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFHenuIL4zrYHsNTGtCymTHXQmNSkMB8GA1UdIwQY
MBaAFNeIDtECHQ7KxxIFZzsASBOznfyZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTRnTzBRSWREc3JIRWdWbk93QklFN09kX0prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC83NTY1MDUtMjA2Mi00OWU3LTk0ZmUt
MDQ3NzdjMTk4ZWYxLzEvZDZlNGd2ak90Z2V3MU1hMExLWk1kZENZMUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC83NTY1MDUtMjA2Mi00OWU3LTk0ZmUtMDQ3NzdjMTk4ZWYx
LzEvMTRnTzBRSWREc3JIRWdWbk93QklFN09kX0prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQDl/xwAwQD
sBxYAwQDshfQAwQAwRZ3AwQCwe40MAwDBAXZEuADBAHZEuwDBADZEu8wDQQCAAIw
BwMFACoADWAwDQYJKoZIhvcNAQELBQADggEBACdr+BRrYeWVC89cJtyj2WbP6wOl
DwPDDIw89kkDgtRnfubIz4tQC5axQyaIotqvHn37VEEuiJT86CjQOeswzW0UNjJT
aQVsAVXkISBwpzzpSqCguGx/BAdr3IJsVgjcEzUBxUKE/VzAnGRo1WHes8FKiXOO
cLseyRaRFxuwOdtymjo8fw7f4GNIr1I9xH3MYpopF8CBxaslIjHK4FeYtGPyYJrF
0dQdbq4UEKJYywQK7X0+U7bNScoqaOLjFr37g5VfHvQAE6GLSyRYkZVcR1Xopjjc
XKRQdMle8+FZxTV405uMzpZa6lb5n3pNPWFFOPSUw9ifblJVeRCFC/5uhBw=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:49:16 2024 by rpki-client on console-fra.rpki-client.org