Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/93901a-043b-49c8-ad37-ac7f21b6b74d/1/ChRdFkd5gvZseUaPOyQJ01iKoCI.roa
File: ChRdFkd5gvZseUaPOyQJ01iKoCI.roa (raw, json)
Hash identifier: T94s2+Y6cio8CtD8P0TgFqcLAhR38WdXcFmbR7pqeLQ=
Subject key identifier: 0A:14:5D:16:47:79:82:F6:6C:79:46:8F:3B:24:09:D3:58:8A:A0:22
Certificate issuer: /CN=8f2ae45c509041a796a968953581f51d45bfce55
Certificate serial: 018CC86FAE8E29ECAB5466BBD7FEFD4D0DE3
Authority key identifier: 8F:2A:E4:5C:50:90:41:A7:96:A9:68:95:35:81:F5:1D:45:BF:CE:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jyrkXFCQQaeWqWiVNYH1HUW_zlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/93901a-043b-49c8-ad37-ac7f21b6b74d/1/ChRdFkd5gvZseUaPOyQJ01iKoCI.roa
Signing time: Tue 02 Jan 2024 04:30:11 +0000
ROA not before: Tue 02 Jan 2024 04:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42917
IP address blocks: 77.75.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/93901a-043b-49c8-ad37-ac7f21b6b74d/1/jyrkXFCQQaeWqWiVNYH1HUW_zlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/93901a-043b-49c8-ad37-ac7f21b6b74d/1/jyrkXFCQQaeWqWiVNYH1HUW_zlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jyrkXFCQQaeWqWiVNYH1HUW_zlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ae:8e:29:ec:ab:54:66:bb:d7:fe:fd:4d:0d:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2ae45c509041a796a968953581f51d45bfce55
Validity
Not Before: Jan 2 04:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a145d16477982f66c79468f3b2409d3588aa022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ea:2f:c2:03:e6:66:05:51:ff:aa:02:0d:9d:
1a:cf:a4:fd:bd:de:c2:c5:4d:a3:d9:72:d9:35:1c:
b3:15:27:78:12:9a:09:9e:e5:17:ca:2b:fa:77:b2:
5a:d9:bd:56:2a:ba:37:60:35:63:c1:13:c0:17:ab:
b5:f9:92:09:90:40:2a:e4:59:bb:cf:77:3b:f2:ed:
bc:e2:23:e9:09:5c:ba:62:e3:57:dd:8d:d6:1a:be:
31:cf:03:e7:40:6c:d3:fa:3e:b6:2c:ef:8b:b6:1e:
8f:5b:88:4f:e3:c7:92:ac:dc:2a:63:3a:82:35:e8:
f8:83:c6:53:4e:28:a9:d2:1b:c3:07:b8:83:de:18:
2d:38:79:e7:df:1a:8e:5e:ad:a3:3b:67:c3:13:82:
0d:da:67:7d:62:11:2f:23:de:c8:85:e3:37:1d:79:
bb:2a:ec:4b:ab:47:96:fe:1f:b8:e4:47:5a:2c:b2:
7f:68:46:d6:c8:42:c9:be:ee:f3:f6:6f:c0:c2:ee:
ea:d3:99:99:b7:19:84:33:7c:e9:66:32:3d:47:81:
31:8a:56:04:51:cd:e1:fa:06:75:2c:ca:0d:69:36:
7b:df:7c:d5:43:9c:93:4f:44:88:71:af:79:19:fb:
b4:16:a9:96:72:43:9b:af:2a:3d:01:bb:e8:89:4b:
b9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:14:5D:16:47:79:82:F6:6C:79:46:8F:3B:24:09:D3:58:8A:A0:22
X509v3 Authority Key Identifier:
keyid:8F:2A:E4:5C:50:90:41:A7:96:A9:68:95:35:81:F5:1D:45:BF:CE:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jyrkXFCQQaeWqWiVNYH1HUW_zlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/93901a-043b-49c8-ad37-ac7f21b6b74d/1/ChRdFkd5gvZseUaPOyQJ01iKoCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/93901a-043b-49c8-ad37-ac7f21b6b74d/1/jyrkXFCQQaeWqWiVNYH1HUW_zlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.112.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:ba:c8:66:d2:c5:12:b4:d8:b2:b6:a3:e3:cb:0b:6a:8b:ef:
58:8e:fa:4b:73:01:c3:c4:0f:9b:96:96:63:47:cb:a0:6f:4a:
d2:29:17:eb:48:bc:8c:6a:24:94:c1:67:c2:32:ec:ec:b3:92:
99:99:6c:a1:ba:af:a1:63:7e:e8:1e:e0:67:16:4f:52:78:b8:
c1:b2:3a:ad:43:28:49:4d:34:78:a5:92:01:75:d9:ea:38:e6:
d5:a8:fc:8b:ed:18:c4:2f:4b:7a:ba:3f:37:13:fa:73:bd:02:
f5:a6:42:3d:be:a3:b3:9a:7d:56:61:e4:96:c9:c8:31:9c:9f:
d4:02:c8:12:d7:c3:2b:87:34:37:d1:9c:70:81:53:7b:51:73:
15:60:e8:fc:ce:4b:91:38:aa:cc:13:1f:59:c8:25:ab:38:b5:
b4:ba:19:dc:cc:e0:57:95:40:9b:9e:67:64:91:0c:5f:0d:98:
96:f2:a9:66:9e:97:79:49:ec:05:8c:d1:c4:cc:c3:57:f0:a4:
05:d6:a3:3d:61:bb:c6:21:1f:a1:36:3e:00:fc:cc:43:9f:9b:
94:df:23:ad:54:e9:82:9c:b4:07:2a:5f:28:3d:d6:ab:3f:b1:
0b:f2:c5:68:81:72:aa:0b:b4:28:63:cf:95:fc:46:70:38:c9:
17:8c:63:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb66OKeyrVGa71/79TQ3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMmFlNDVjNTA5MDQxYTc5NmE5Njg5NTM1ODFmNTFkNDVi
ZmNlNTUwHhcNMjQwMTAyMDQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE0NWQxNjQ3Nzk4MmY2NmM3OTQ2OGYzYjI0MDlkMzU4OGFhMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+ovwgPmZgVR/6oCDZ0az6T9vd7C
xU2j2XLZNRyzFSd4EpoJnuUXyiv6d7Ja2b1WKro3YDVjwRPAF6u1+ZIJkEAq5Fm7
z3c78u284iPpCVy6YuNX3Y3WGr4xzwPnQGzT+j62LO+Lth6PW4hP48eSrNwqYzqC
Nej4g8ZTTiip0hvDB7iD3hgtOHnn3xqOXq2jO2fDE4IN2md9YhEvI97IheM3HXm7
KuxLq0eW/h+45EdaLLJ/aEbWyELJvu7z9m/Awu7q05mZtxmEM3zpZjI9R4ExilYE
Uc3h+gZ1LMoNaTZ733zVQ5yTT0SIca95Gfu0FqmWckObryo9AbvoiUu5FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoUXRZHeYL2bHlGjzskCdNYiqAiMB8GA1UdIwQY
MBaAFI8q5FxQkEGnlqlolTWB9R1Fv85VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlya1hGQ1FRYWVXcVdpVk5ZSDFIVVdfemxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85MzkwMWEtMDQzYi00OWM4LWFkMzct
YWM3ZjIxYjZiNzRkLzEvQ2hSZEZrZDVndlpzZVVhUE95UUowMWlLb0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85MzkwMWEtMDQzYi00OWM4LWFkMzctYWM3ZjIxYjZiNzRk
LzEvanlya1hGQ1FRYWVXcVdpVk5ZSDFIVVdfemxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTUtwMA0G
CSqGSIb3DQEBCwUAA4IBAQB9ushm0sUStNiytqPjywtqi+9YjvpLcwHDxA+blpZj
R8ugb0rSKRfrSLyMaiSUwWfCMuzss5KZmWyhuq+hY37oHuBnFk9SeLjBsjqtQyhJ
TTR4pZIBddnqOObVqPyL7RjEL0t6uj83E/pzvQL1pkI9vqOzmn1WYeSWycgxnJ/U
AsgS18MrhzQ30ZxwgVN7UXMVYOj8zkuROKrMEx9ZyCWrOLW0uhnczOBXlUCbnmdk
kQxfDZiW8qlmnpd5SewFjNHEzMNX8KQF1qM9YbvGIR+hNj4A/MxDn5uU3yOtVOmC
nLQHKl8oPdarP7EL8sVogXKqC7QoY8+V/EZwOMkXjGMl
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:22:01 2024 by rpki-client on console-fra.rpki-client.org