Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/kjdI05Z_2ng5FX3Yo_ttlFODTcA.roa
File: kjdI05Z_2ng5FX3Yo_ttlFODTcA.roa (raw, json)
Hash identifier: SQlNldMBRbosTQVwZjYr24FDgibHgnwRXF3qEiUzOlI=
Subject key identifier: 92:37:48:D3:96:7F:DA:78:39:15:7D:D8:A3:FB:6D:94:53:83:4D:C0
Certificate issuer: /CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Certificate serial: 018CCA29021AB869BC8C63A77A6F6BE1B110
Authority key identifier: 77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/kjdI05Z_2ng5FX3Yo_ttlFODTcA.roa
Signing time: Tue 02 Jan 2024 12:32:14 +0000
ROA not before: Tue 02 Jan 2024 12:32:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.77.72.0/24 maxlen: 24
195.245.201.0/24 maxlen: 24
195.157.4.0/24 maxlen: 24
2001:67c:27dc::/48 maxlen: 48
2001:67c:1088::/48 maxlen: 48
2001:a88:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:02:1a:b8:69:bc:8c:63:a7:7a:6f:6b:e1:b1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Validity
Not Before: Jan 2 12:32:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=923748d3967fda7839157dd8a3fb6d9453834dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:60:b4:3e:4a:e7:9e:02:ad:0a:40:d7:44:48:
35:40:8d:b9:a8:f6:c4:0d:60:ff:a2:62:0b:37:61:
25:cd:80:f4:21:8e:80:6a:5a:81:a3:18:00:b3:50:
5d:1b:7f:b4:fd:13:32:20:59:b6:72:1b:73:a9:71:
de:fc:6d:ea:c9:06:d8:90:9a:70:f6:c6:0e:4d:ea:
83:29:02:33:37:d2:f6:f4:ba:fd:7b:19:86:8c:03:
d4:7a:9f:bc:48:11:d6:a5:7e:01:86:44:ab:cc:68:
10:d6:9f:c3:e8:d9:66:da:e1:ff:11:a1:f2:30:16:
48:af:f1:93:f7:7b:0e:e4:8d:9e:6e:cb:74:aa:24:
ad:28:fd:76:e2:62:8d:a1:91:4f:2a:45:b7:b2:2e:
e8:c1:eb:77:a6:a2:19:a1:a7:f8:6e:26:cc:1b:da:
d2:27:bf:be:04:00:17:65:f7:ca:00:d4:da:e5:15:
88:1a:50:45:c8:8c:48:7a:77:2b:89:33:72:0c:95:
7d:96:ea:1a:3d:41:e8:30:ec:92:3d:be:57:dc:7c:
3f:9d:90:ae:fb:68:9e:63:7e:44:22:47:2c:95:9c:
fe:ee:e2:c6:b0:85:2c:38:92:f0:80:ff:01:83:34:
8f:e9:a5:4a:05:fe:b3:d0:5e:6d:64:b4:b4:fa:2d:
8b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:37:48:D3:96:7F:DA:78:39:15:7D:D8:A3:FB:6D:94:53:83:4D:C0
X509v3 Authority Key Identifier:
keyid:77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/kjdI05Z_2ng5FX3Yo_ttlFODTcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.72.0/24
195.157.4.0/24
195.245.201.0/24
IPv6:
2001:67c:1088::/48
2001:67c:27dc::/48
2001:a88:8::/48
Signature Algorithm: sha256WithRSAEncryption
7a:94:14:0c:f3:19:81:8c:0a:93:3f:1c:b8:0b:7b:fe:df:12:
1e:60:2c:e2:58:b0:d9:ee:d6:bc:71:25:7a:72:81:a0:ad:6e:
4e:c2:b9:fa:e4:2d:38:fe:68:6e:62:2c:70:cf:92:8a:55:8a:
4b:c8:00:ae:72:e3:bc:c2:04:fe:7e:b6:bd:43:de:9d:f8:5c:
24:55:70:2c:7b:06:b2:ad:10:d6:af:63:ee:34:44:b1:53:f2:
bd:ba:76:e5:97:6f:07:42:2b:c4:56:00:15:2c:6c:a0:1b:63:
e1:c2:8e:23:08:56:05:85:38:4a:b9:38:98:a5:80:fd:71:1d:
2d:69:8b:54:4d:74:41:c9:61:0d:8c:f7:ba:4f:43:22:51:e4:
89:16:99:10:f0:37:23:b4:f7:e0:7d:76:1a:ad:61:9e:45:21:
fb:7f:30:d9:75:e5:c2:3e:d5:57:01:8a:b9:72:78:1a:e7:ca:
18:17:d1:7c:d3:9f:f8:48:62:b4:f3:d6:42:18:aa:50:f9:67:
87:b0:2d:3b:a7:73:9c:33:77:c3:96:89:46:c9:7e:96:eb:9e:
14:87:85:e0:ad:35:4c:62:80:38:47:72:ad:43:4d:14:57:78:
fc:df:18:b7:94:1d:00:8f:6b:30:be:a3:dc:30:40:05:e1:6a:
e0:a5:45:ca
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzKKQIauGm8jGOnem9r4bEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjhjZjQ1NGIwOTYyZDE2YTQ4NTU4MDhmZDNhYmMxNTg1
MmJiZDgwHhcNMjQwMTAyMTIzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjM3NDhkMzk2N2ZkYTc4MzkxNTdkZDhhM2ZiNmQ5NDUzODM0ZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumC0PkrnngKtCkDXREg1QI25qPbE
DWD/omILN2ElzYD0IY6AalqBoxgAs1BdG3+0/RMyIFm2chtzqXHe/G3qyQbYkJpw
9sYOTeqDKQIzN9L29Lr9exmGjAPUep+8SBHWpX4BhkSrzGgQ1p/D6Nlm2uH/EaHy
MBZIr/GT93sO5I2ebst0qiStKP124mKNoZFPKkW3si7owet3pqIZoaf4bibMG9rS
J7++BAAXZffKANTa5RWIGlBFyIxIencriTNyDJV9luoaPUHoMOySPb5X3Hw/nZCu
+2ieY35EIkcslZz+7uLGsIUsOJLwgP8BgzSP6aVKBf6z0F5tZLS0+i2LfwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJI3SNOWf9p4ORV92KP7bZRTg03AMB8GA1UdIwQY
MBaAFHe4z0VLCWLRakhVgI/Tq8FYUrvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYt
YTRmYzllMjQ1OGVjLzEva2pkSTA1Wl8ybmc1RlgzWW9fdHRsRk9EVGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYtYTRmYzllMjQ1OGVj
LzEvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAuU1IAwQA
w50EAwQAw/XJMCEEAgACMBsDBwAgAQZ8EIgDBwAgAQZ8J9wDBwAgAQqIAAgwDQYJ
KoZIhvcNAQELBQADggEBAHqUFAzzGYGMCpM/HLgLe/7fEh5gLOJYsNnu1rxxJXpy
gaCtbk7CufrkLTj+aG5iLHDPkopVikvIAK5y47zCBP5+tr1D3p34XCRVcCx7BrKt
ENavY+40RLFT8r26duWXbwdCK8RWABUsbKAbY+HCjiMIVgWFOEq5OJilgP1xHS1p
i1RNdEHJYQ2M97pPQyJR5IkWmRDwNyO09+B9dhqtYZ5FIft/MNl15cI+1VcBirly
eBrnyhgX0XzTn/hIYrTz1kIYqlD5Z4ewLTunc5wzd8OWiUbJfpbrnhSHheCtNUxi
gDhHcq1DTRRXePzfGLeUHQCPazC+o9wwQAXhauClRco=
-----END CERTIFICATE-----
Generated at Mon Nov 25 00:02:57 2024 by rpki-client on console-fra.rpki-client.org