Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KTVcb8xkg0-ghR7KF_OasaE4Tx0.roa
File: KTVcb8xkg0-ghR7KF_OasaE4Tx0.roa (raw, json)
Hash identifier: roWLKh74c+OTSpHHyjWgqMap3HlfDfD0j4KTnMkq3WE=
Subject key identifier: 29:35:5C:6F:CC:64:83:4F:A0:85:1E:CA:17:F3:9A:B1:A1:38:4F:1D
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EBDAE7DAE436E46C0F47D5A0E5F63E262
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KTVcb8xkg0-ghR7KF_OasaE4Tx0.roa
Signing time: Mon 08 Apr 2024 12:28:33 +0000
ROA not before: Mon 08 Apr 2024 12:28:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64429
IP address blocks: 77.72.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:ae:7d:ae:43:6e:46:c0:f4:7d:5a:0e:5f:63:e2:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 8 12:28:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29355c6fcc64834fa0851eca17f39ab1a1384f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7f:d5:1d:fc:6b:cb:74:4a:57:d0:ce:0b:3e:
98:e9:c1:8f:e9:42:55:e3:3a:07:fe:0c:a5:af:bd:
b6:c9:59:80:d1:82:4f:e9:94:c7:76:a8:41:98:e0:
7a:75:ef:2f:da:8c:27:18:f6:86:fb:3f:2d:9e:33:
d7:74:80:2b:00:9d:43:ab:95:cd:17:2b:b4:91:67:
a6:eb:53:40:05:6c:10:8f:5d:94:10:0a:fe:c4:7d:
46:90:23:89:75:0b:11:fa:6c:42:fc:fd:12:71:bb:
a1:2e:90:f4:9c:b9:f8:f8:f9:42:a8:92:ea:06:d9:
79:67:07:bd:1f:e7:48:71:f0:12:c0:6a:67:e9:a2:
0e:0d:26:c2:08:4e:20:23:9a:ce:a2:e3:3b:92:9c:
2d:ac:d5:e1:12:f8:5d:51:8a:23:36:9f:8a:38:c4:
48:8b:a0:34:36:40:b3:5e:46:c0:1b:c5:58:0f:44:
bf:f9:d2:6e:9d:f0:35:d9:ea:22:2f:76:4e:f1:26:
a4:c9:3d:c4:a4:0e:95:97:71:91:48:f4:a8:fc:22:
03:6d:19:70:de:51:47:86:63:27:f4:e2:25:5c:c4:
13:c0:76:2a:28:07:3c:53:8b:81:65:72:7a:eb:aa:
cc:57:15:c3:db:76:45:a8:ec:b3:3c:7c:4d:80:2b:
df:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:35:5C:6F:CC:64:83:4F:A0:85:1E:CA:17:F3:9A:B1:A1:38:4F:1D
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/KTVcb8xkg0-ghR7KF_OasaE4Tx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.86.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ba:ef:ff:54:2c:91:44:57:ea:7f:a6:0c:00:71:88:71:57:
68:e1:ef:8e:b7:3e:9d:fc:5f:53:74:2b:98:9e:d8:62:84:79:
78:d2:97:8e:dd:5e:b3:c0:9e:2e:0a:d9:68:18:1f:57:45:af:
ac:fc:d2:9f:81:db:80:cd:b2:a4:ac:53:95:8a:fe:a5:51:3e:
88:5b:a3:34:09:bb:b4:c4:14:2b:10:83:c0:7d:a7:21:73:bd:
5e:96:64:b3:6a:89:b1:0b:0b:53:e9:3c:bc:47:56:af:24:b2:
89:27:14:f0:75:bf:8b:05:9b:ac:8a:d3:40:e6:d4:8f:b9:1c:
e5:62:62:94:6d:fd:eb:eb:5b:b6:be:81:c5:e5:fd:26:c8:42:
22:58:c4:e3:e0:8d:7a:b6:57:59:ce:cd:f6:82:f3:0f:a3:c0:
ce:36:b7:79:bb:6e:22:88:15:54:98:ea:3e:9b:b4:f9:1b:29:
b6:db:5e:7d:30:92:08:6d:78:cc:eb:8d:ad:fa:1d:29:47:f2:
e0:95:8f:8f:2e:c4:7e:27:cf:18:80:5d:9e:7b:1a:b3:7f:c7:
16:48:eb:ee:f5:77:9a:4a:c2:1e:af:ee:b2:ce:17:9b:5b:b3:
82:2e:cd:68:6f:8d:dd:72:bf:24:78:40:f0:f4:ec:99:f5:51:
0f:3b:31:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY69rn2uQ25GwPR9Wg5fY+JiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDA4MTIyODMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTM1NWM2ZmNjNjQ4MzRmYTA4NTFlY2ExN2YzOWFiMWExMzg0ZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3/VHfxry3RKV9DOCz6Y6cGP6UJV
4zoH/gylr722yVmA0YJP6ZTHdqhBmOB6de8v2ownGPaG+z8tnjPXdIArAJ1Dq5XN
Fyu0kWem61NABWwQj12UEAr+xH1GkCOJdQsR+mxC/P0ScbuhLpD0nLn4+PlCqJLq
Btl5Zwe9H+dIcfASwGpn6aIODSbCCE4gI5rOouM7kpwtrNXhEvhdUYojNp+KOMRI
i6A0NkCzXkbAG8VYD0S/+dJunfA12eoiL3ZO8SakyT3EpA6Vl3GRSPSo/CIDbRlw
3lFHhmMn9OIlXMQTwHYqKAc8U4uBZXJ666rMVxXD23ZFqOyzPHxNgCvfKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCk1XG/MZINPoIUeyhfzmrGhOE8dMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvS1RWY2I4eGtnMC1naFI3S0ZfT2FzYUU0VHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUhWMA0G
CSqGSIb3DQEBCwUAA4IBAQBouu//VCyRRFfqf6YMAHGIcVdo4e+Otz6d/F9TdCuY
nthihHl40peO3V6zwJ4uCtloGB9XRa+s/NKfgduAzbKkrFOViv6lUT6IW6M0Cbu0
xBQrEIPAfachc71elmSzaomxCwtT6Ty8R1avJLKJJxTwdb+LBZusitNA5tSPuRzl
YmKUbf3r61u2voHF5f0myEIiWMTj4I16tldZzs32gvMPo8DONrd5u24iiBVUmOo+
m7T5Gym22159MJIIbXjM642t+h0pR/LglY+PLsR+J88YgF2eexqzf8cWSOvu9Xea
SsIer+6yzhebW7OCLs1ob43dcr8keEDw9OyZ9VEPOzGw
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:45:56 2024 by rpki-client on console-fra.rpki-client.org