Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/cw8jJph9Co34aYB24dqNwVuP-tQ.roa
File: cw8jJph9Co34aYB24dqNwVuP-tQ.roa (raw, json)
Hash identifier: lMUDpY1Ub7yE7IbAmOWTCmvarLHjLH0Y8B8K93tW624=
Subject key identifier: 73:0F:23:26:98:7D:0A:8D:F8:69:80:76:E1:DA:8D:C1:5B:8F:FA:D4
Certificate issuer: /CN=9e237f32bae14a81fda27eb29460c3a0eda34240
Certificate serial: 018E84621845121F174370CAB11A9391FFB0
Authority key identifier: 9E:23:7F:32:BA:E1:4A:81:FD:A2:7E:B2:94:60:C3:A0:ED:A3:42:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/niN_MrrhSoH9on6ylGDDoO2jQkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/cw8jJph9Co34aYB24dqNwVuP-tQ.roa
Signing time: Thu 28 Mar 2024 09:26:45 +0000
ROA not before: Thu 28 Mar 2024 09:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42885
IP address blocks: 77.234.96.0/19 maxlen: 19
77.234.96.0/21 maxlen: 21
77.234.104.0/21 maxlen: 21
77.234.112.0/21 maxlen: 21
77.234.120.0/21 maxlen: 21
185.225.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/niN_MrrhSoH9on6ylGDDoO2jQkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/niN_MrrhSoH9on6ylGDDoO2jQkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/niN_MrrhSoH9on6ylGDDoO2jQkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:62:18:45:12:1f:17:43:70:ca:b1:1a:93:91:ff:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e237f32bae14a81fda27eb29460c3a0eda34240
Validity
Not Before: Mar 28 09:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=730f2326987d0a8df8698076e1da8dc15b8ffad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f0:62:b0:e9:5e:bb:ad:32:e9:a7:59:ee:c3:
c1:43:e4:8f:3d:40:b0:3d:1f:98:fb:b2:81:f5:90:
57:90:e7:37:43:85:94:51:e1:92:41:0d:44:82:4c:
12:27:8e:6b:85:00:95:cd:37:77:70:68:ed:52:be:
b9:0c:92:53:f8:27:19:dc:16:ee:41:72:ad:7f:c5:
e8:4f:cb:0f:89:73:9b:bb:92:ee:d7:08:58:ad:84:
fe:c3:85:fa:53:2b:7e:d5:0b:16:37:34:c7:b4:d3:
7c:49:7a:5d:97:64:c9:50:dc:ef:31:64:e9:a2:ba:
46:a2:3d:83:69:e4:e1:9e:c4:a4:0c:36:76:b5:0e:
ad:2b:5c:36:f2:4e:8e:8d:80:0b:78:2f:36:9f:4e:
cf:77:d4:d8:83:08:a6:b5:35:d7:29:d6:1c:fe:3a:
c4:d3:95:ad:2b:49:2f:df:a4:7f:bc:d2:a7:f6:b7:
8f:a6:7b:4c:4d:ad:01:f3:93:08:e7:df:3d:85:20:
42:a4:6e:e5:d3:71:80:8e:4b:13:28:9c:82:c3:5d:
61:f2:7b:fe:40:e9:ca:6c:9f:15:7b:af:b8:ed:13:
de:cd:2f:98:42:d3:6a:23:e2:e7:10:50:72:c6:c6:
33:16:d5:c0:47:5d:85:f9:33:b9:61:66:66:f7:0b:
b9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:0F:23:26:98:7D:0A:8D:F8:69:80:76:E1:DA:8D:C1:5B:8F:FA:D4
X509v3 Authority Key Identifier:
keyid:9E:23:7F:32:BA:E1:4A:81:FD:A2:7E:B2:94:60:C3:A0:ED:A3:42:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/niN_MrrhSoH9on6ylGDDoO2jQkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/cw8jJph9Co34aYB24dqNwVuP-tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/niN_MrrhSoH9on6ylGDDoO2jQkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.234.96.0/19
185.225.120.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:30:22:9c:2a:3c:2f:28:67:75:7d:31:08:ff:20:27:3f:a2:
3b:63:d3:3d:45:9b:55:54:5f:5c:59:29:34:d7:cd:f2:49:4f:
e2:eb:04:65:0f:1a:ad:2a:3e:50:09:b3:9d:51:f3:9a:31:00:
8e:e9:fc:05:68:70:fe:e9:7a:02:38:9e:66:e5:42:7f:32:7b:
36:54:5e:7f:0c:66:50:44:62:68:b3:1f:a8:5f:db:44:d2:d9:
ff:a2:f9:e2:3b:c6:ca:08:7f:84:a3:7b:5d:9a:42:c8:5e:58:
d0:b0:01:fd:f2:58:61:2a:73:a6:55:dc:49:3a:ed:d7:71:48:
49:0a:19:88:24:e6:03:b0:a0:ef:d0:8d:e2:51:a3:a1:e0:fa:
b4:1d:ab:d1:16:ad:fb:76:04:5c:e7:a4:fc:f4:7d:16:0c:6f:
d6:38:08:b1:c8:2d:cc:e7:62:4d:28:71:b5:65:47:10:14:8e:
54:95:a5:7b:a9:f0:28:50:9c:1d:7d:5d:3a:03:5a:36:69:ae:
78:78:a9:7d:77:0c:77:45:68:45:d7:68:80:9a:27:63:b0:04:
3d:67:e1:9a:ff:e7:bf:bb:22:84:8e:27:fe:97:11:97:00:31:
8b:09:72:6d:ef:04:87:47:f8:cd:76:73:9e:5f:d9:dd:82:ba:
da:06:6f:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6EYhhFEh8XQ3DKsRqTkf+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMjM3ZjMyYmFlMTRhODFmZGEyN2ViMjk0NjBjM2EwZWRh
MzQyNDAwHhcNMjQwMzI4MDkyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzBmMjMyNjk4N2QwYThkZjg2OTgwNzZlMWRhOGRjMTViOGZmYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/BisOleu60y6adZ7sPBQ+SPPUCw
PR+Y+7KB9ZBXkOc3Q4WUUeGSQQ1EgkwSJ45rhQCVzTd3cGjtUr65DJJT+CcZ3Bbu
QXKtf8XoT8sPiXObu5Lu1whYrYT+w4X6Uyt+1QsWNzTHtNN8SXpdl2TJUNzvMWTp
orpGoj2DaeThnsSkDDZ2tQ6tK1w28k6OjYALeC82n07Pd9TYgwimtTXXKdYc/jrE
05WtK0kv36R/vNKn9rePpntMTa0B85MI5989hSBCpG7l03GAjksTKJyCw11h8nv+
QOnKbJ8Ve6+47RPezS+YQtNqI+LnEFByxsYzFtXAR12F+TO5YWZm9wu5zwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHMPIyaYfQqN+GmAduHajcFbj/rUMB8GA1UdIwQY
MBaAFJ4jfzK64UqB/aJ+spRgw6Dto0JAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmlOX01ycmhTb0g5b242eWxHRERvTzJqUWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi81ZDZlYmQtYThlZS00NzRjLWI3MWEt
YTY0MmNjODViYzcxLzEvY3c4akpwaDlDbzM0YVlCMjRkcU53VnVQLXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi81ZDZlYmQtYThlZS00NzRjLWI3MWEtYTY0MmNjODViYzcx
LzEvbmlOX01ycmhTb0g5b242eWxHRERvTzJqUWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFTepgAwQC
ueF4MA0GCSqGSIb3DQEBCwUAA4IBAQCPMCKcKjwvKGd1fTEI/yAnP6I7Y9M9RZtV
VF9cWSk0183ySU/i6wRlDxqtKj5QCbOdUfOaMQCO6fwFaHD+6XoCOJ5m5UJ/Mns2
VF5/DGZQRGJosx+oX9tE0tn/ovniO8bKCH+Eo3tdmkLIXljQsAH98lhhKnOmVdxJ
Ou3XcUhJChmIJOYDsKDv0I3iUaOh4Pq0HavRFq37dgRc56T89H0WDG/WOAixyC3M
52JNKHG1ZUcQFI5UlaV7qfAoUJwdfV06A1o2aa54eKl9dwx3RWhF12iAmidjsAQ9
Z+Ga/+e/uyKEjif+lxGXADGLCXJt7wSHR/jNdnOeX9ndgrraBm8Y
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:46:19 2024 by rpki-client on console-fra.rpki-client.org