Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/duyGpoRiUSXpX71VT4XYnZHmGlA.roa
File: duyGpoRiUSXpX71VT4XYnZHmGlA.roa (raw, json)
Hash identifier: BUaqTN98K6qCPpPRz7Abj2KUlyE692OgtKSmoKCDJkM=
Subject key identifier: 76:EC:86:A6:84:62:51:25:E9:5F:BD:55:4F:85:D8:9D:91:E6:1A:50
Certificate issuer: /CN=9e237f32bae14a81fda27eb29460c3a0eda34240
Certificate serial: 019424B3C63156BF27F683AB3C98D11AC1BF
Authority key identifier: 9E:23:7F:32:BA:E1:4A:81:FD:A2:7E:B2:94:60:C3:A0:ED:A3:42:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/niN_MrrhSoH9on6ylGDDoO2jQkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/duyGpoRiUSXpX71VT4XYnZHmGlA.roa
Signing time: Thu 02 Jan 2025 01:49:08 +0000
ROA not before: Thu 02 Jan 2025 01:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42885
IP address blocks: 77.234.96.0/19 maxlen: 19
77.234.96.0/21 maxlen: 21
77.234.104.0/21 maxlen: 21
77.234.112.0/21 maxlen: 21
77.234.120.0/21 maxlen: 21
185.225.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/niN_MrrhSoH9on6ylGDDoO2jQkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/niN_MrrhSoH9on6ylGDDoO2jQkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/niN_MrrhSoH9on6ylGDDoO2jQkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c6:31:56:bf:27:f6:83:ab:3c:98:d1:1a:c1:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e237f32bae14a81fda27eb29460c3a0eda34240
Validity
Not Before: Jan 2 01:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76ec86a684625125e95fbd554f85d89d91e61a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:07:f1:fa:9c:aa:85:f2:c2:f4:3f:e5:19:c2:
34:62:1d:63:a3:7b:46:57:5d:2a:a4:73:8e:e3:59:
4d:de:14:43:ec:77:62:28:72:85:ee:79:62:07:e0:
18:24:6a:c8:14:2b:6a:2e:71:db:b4:ec:be:e2:f7:
1f:be:0f:a7:e6:da:91:f7:71:89:80:1e:3a:c8:c5:
21:d6:6d:43:98:a8:31:32:1c:27:c5:a7:5d:fe:8d:
bf:92:af:9f:09:a1:7a:28:2a:1e:27:36:c3:13:8e:
52:32:6c:34:2b:eb:92:ce:35:ea:d2:99:8b:6f:b9:
e1:b2:1f:11:20:03:9d:03:17:5f:71:58:28:82:ba:
86:69:31:70:9a:48:66:88:65:b2:9c:16:fc:8d:6d:
a7:09:48:a6:fc:db:16:0c:73:64:0f:33:92:d7:2b:
a3:e2:91:c3:de:d2:a7:34:5b:0f:b1:b1:42:6e:af:
53:2b:48:3c:ca:df:da:ff:71:b0:9f:08:e0:0b:2e:
8e:fc:3b:4b:59:b3:4a:85:29:da:9a:ab:63:54:3b:
61:3b:0b:a6:05:89:79:68:0b:a6:3d:f2:05:e2:61:
82:a7:c3:73:ac:1d:8c:33:b8:da:20:db:53:a6:df:
04:c8:05:2f:af:46:2c:ab:79:72:1c:26:fa:53:95:
62:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EC:86:A6:84:62:51:25:E9:5F:BD:55:4F:85:D8:9D:91:E6:1A:50
X509v3 Authority Key Identifier:
keyid:9E:23:7F:32:BA:E1:4A:81:FD:A2:7E:B2:94:60:C3:A0:ED:A3:42:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/niN_MrrhSoH9on6ylGDDoO2jQkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/duyGpoRiUSXpX71VT4XYnZHmGlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5d6ebd-a8ee-474c-b71a-a642cc85bc71/1/niN_MrrhSoH9on6ylGDDoO2jQkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.234.96.0/19
185.225.120.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:8a:78:69:6d:bd:7b:98:22:81:cb:e2:c7:00:1c:21:58:83:
ce:92:1e:dd:e8:c2:f5:72:0e:49:ad:69:c1:b7:77:6e:28:93:
ad:75:84:3d:56:4a:c3:03:88:30:a6:81:87:a6:9c:31:a0:40:
5f:fc:bb:4c:fb:3b:c2:b7:08:d7:05:27:01:76:ef:18:5a:7a:
4f:7e:8e:9f:2f:22:74:85:ab:f6:7b:fe:3f:91:b3:85:ea:29:
c3:f2:ca:42:c3:f8:de:95:0b:7a:07:82:aa:9a:4d:98:8d:46:
70:82:6b:d7:4f:ca:0c:c5:0c:39:dd:15:55:1f:69:3a:6d:fd:
34:4e:d9:90:d2:c3:06:3a:d9:16:29:79:58:c0:fa:b3:7d:0a:
db:f4:97:03:de:5f:ac:1f:45:c2:a6:88:df:2b:25:b0:98:22:
86:d5:27:1d:5a:8c:8a:67:9d:f4:28:9c:49:b8:3b:cc:a7:34:
84:89:f6:8b:ff:49:41:d5:45:df:5b:16:95:d1:45:76:74:df:
f4:d5:06:b1:c1:05:da:77:74:bd:80:57:e4:84:79:94:aa:f9:
3a:ec:55:5b:93:0e:11:1b:35:6d:69:96:dd:e5:87:e3:2e:b4:
b5:92:21:73:bb:8b:9e:93:6b:88:b8:20:11:00:79:98:e3:74:
27:61:2c:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks8YxVr8n9oOrPJjRGsG/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMjM3ZjMyYmFlMTRhODFmZGEyN2ViMjk0NjBjM2EwZWRh
MzQyNDAwHhcNMjUwMTAyMDE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVjODZhNjg0NjI1MTI1ZTk1ZmJkNTU0Zjg1ZDg5ZDkxZTYxYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowfx+pyqhfLC9D/lGcI0Yh1jo3tG
V10qpHOO41lN3hRD7HdiKHKF7nliB+AYJGrIFCtqLnHbtOy+4vcfvg+n5tqR93GJ
gB46yMUh1m1DmKgxMhwnxadd/o2/kq+fCaF6KCoeJzbDE45SMmw0K+uSzjXq0pmL
b7nhsh8RIAOdAxdfcVgogrqGaTFwmkhmiGWynBb8jW2nCUim/NsWDHNkDzOS1yuj
4pHD3tKnNFsPsbFCbq9TK0g8yt/a/3GwnwjgCy6O/DtLWbNKhSnamqtjVDthOwum
BYl5aAumPfIF4mGCp8NzrB2MM7jaINtTpt8EyAUvr0Ysq3lyHCb6U5Vi+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHbshqaEYlEl6V+9VU+F2J2R5hpQMB8GA1UdIwQY
MBaAFJ4jfzK64UqB/aJ+spRgw6Dto0JAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmlOX01ycmhTb0g5b242eWxHRERvTzJqUWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi81ZDZlYmQtYThlZS00NzRjLWI3MWEt
YTY0MmNjODViYzcxLzEvZHV5R3BvUmlVU1hwWDcxVlQ0WFluWkhtR2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi81ZDZlYmQtYThlZS00NzRjLWI3MWEtYTY0MmNjODViYzcx
LzEvbmlOX01ycmhTb0g5b242eWxHRERvTzJqUWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFTepgAwQC
ueF4MA0GCSqGSIb3DQEBCwUAA4IBAQBtinhpbb17mCKBy+LHABwhWIPOkh7d6ML1
cg5JrWnBt3duKJOtdYQ9VkrDA4gwpoGHppwxoEBf/LtM+zvCtwjXBScBdu8YWnpP
fo6fLyJ0hav2e/4/kbOF6inD8spCw/jelQt6B4Kqmk2YjUZwgmvXT8oMxQw53RVV
H2k6bf00TtmQ0sMGOtkWKXlYwPqzfQrb9JcD3l+sH0XCpojfKyWwmCKG1ScdWoyK
Z530KJxJuDvMpzSEifaL/0lB1UXfWxaV0UV2dN/01QaxwQXad3S9gFfkhHmUqvk6
7FVbkw4RGzVtaZbd5YfjLrS1kiFzu4uek2uIuCARAHmY43QnYSy1
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:32 2025 by rpki-client