Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/FWozddvLuq52XcJBbgt4AlIwmj0.roa
File: FWozddvLuq52XcJBbgt4AlIwmj0.roa (raw, json)
Hash identifier: QP24nRz6dC+uxniRQqT9pPcaGmZSZBY3tBeDJifgyGc=
Subject key identifier: 15:6A:33:75:DB:CB:BA:AE:76:5D:C2:41:6E:0B:78:02:52:30:9A:3D
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018EA488AFDBC1719901C50D8634D793FE41
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/FWozddvLuq52XcJBbgt4AlIwmj0.roa
Signing time: Wed 03 Apr 2024 15:16:45 +0000
ROA not before: Wed 03 Apr 2024 15:16:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 77.221.150.0/24 maxlen: 24
109.120.128.0/24 maxlen: 24
109.120.129.0/24 maxlen: 24
109.120.130.0/24 maxlen: 24
109.120.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:88:af:db:c1:71:99:01:c5:0d:86:34:d7:93:fe:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Apr 3 15:16:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=156a3375dbcbbaae765dc2416e0b780252309a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:70:b0:11:92:aa:6d:7c:57:2b:4d:b9:91:54:
ca:7d:85:87:5f:4b:60:55:4e:1d:67:63:23:44:cc:
a3:2d:7f:67:b7:81:f9:b0:57:28:1d:b5:2d:60:a8:
33:cb:c9:2c:fc:dc:50:cf:eb:c7:6c:50:95:a5:4c:
3c:fd:27:86:bb:89:4a:94:aa:e7:d2:36:1d:1a:10:
85:7a:b8:a0:59:8a:41:e1:2d:af:02:a4:db:54:cd:
e6:2e:f7:cf:b9:2b:52:f5:2a:2c:65:03:7d:de:8b:
ea:c0:21:96:38:d6:bd:7d:d0:0e:fe:6e:4f:4b:8c:
f9:9a:0a:c1:41:42:4e:3a:11:5b:55:ee:99:7e:b1:
35:3d:e2:e2:93:64:67:36:69:d4:eb:5f:ae:af:f6:
fe:ab:64:47:3a:17:65:5c:54:e5:78:7f:35:73:09:
38:e0:10:b0:6f:82:8e:ad:0d:58:b5:50:99:7a:80:
73:21:82:7d:eb:c0:f5:a6:fd:93:f4:34:57:86:60:
71:f8:c3:4a:9d:bb:b0:ac:d0:41:04:05:12:7f:c9:
b9:b4:3e:69:d6:9e:01:8e:53:5e:93:9d:76:3c:c1:
a9:04:2f:c4:53:bf:9c:e7:39:74:be:d7:72:2e:ae:
52:40:78:9d:b5:e1:32:bc:97:b0:a8:17:e0:0f:29:
9e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:6A:33:75:DB:CB:BA:AE:76:5D:C2:41:6E:0B:78:02:52:30:9A:3D
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/FWozddvLuq52XcJBbgt4AlIwmj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.150.0/24
109.120.128.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:58:91:19:67:c7:ec:49:04:99:b5:68:dc:a8:cc:8c:21:89:
33:57:de:1d:45:db:a8:6d:5b:07:fb:da:84:47:61:bc:1a:6a:
ac:7c:62:23:7c:8a:22:70:c4:89:d5:7d:44:be:6a:60:b2:07:
d1:27:b1:00:99:85:b1:61:01:03:49:86:f7:d8:8c:28:c7:64:
b1:c1:92:a4:55:ef:d1:e7:b5:c2:f3:55:fc:e3:3a:c6:68:2f:
ea:8f:15:21:c8:64:02:58:77:96:37:01:b2:90:eb:43:13:63:
d8:b3:2b:4c:5d:ca:60:44:50:f7:f5:78:af:96:52:97:76:a0:
e1:40:ff:c6:53:40:7f:00:d6:e7:2a:99:62:7b:b8:6e:b4:b2:
a3:d7:b3:20:fa:a9:73:77:a5:44:65:ea:ce:25:9a:01:df:a0:
0f:8a:8f:2d:c1:63:09:8a:a9:01:74:f8:db:81:3a:2d:34:be:
c9:ba:cb:43:e3:37:9f:16:5b:2d:30:c5:12:08:ca:33:59:26:
9c:9e:c1:71:4d:91:e7:e6:bf:d2:04:a0:ef:49:e8:60:f6:3f:
93:de:7b:f2:e5:1e:70:35:8e:76:83:ba:e5:09:b0:dd:97:ba:
d7:fe:2f:fa:ea:ee:75:e9:dd:40:2d:d4:c5:62:fe:14:9d:f4:
c1:bb:91:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6kiK/bwXGZAcUNhjTXk/5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNDAzMTUxNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTZhMzM3NWRiY2JiYWFlNzY1ZGMyNDE2ZTBiNzgwMjUyMzA5YTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3CwEZKqbXxXK025kVTKfYWHX0tg
VU4dZ2MjRMyjLX9nt4H5sFcoHbUtYKgzy8ks/NxQz+vHbFCVpUw8/SeGu4lKlKrn
0jYdGhCFerigWYpB4S2vAqTbVM3mLvfPuStS9SosZQN93ovqwCGWONa9fdAO/m5P
S4z5mgrBQUJOOhFbVe6ZfrE1PeLik2RnNmnU61+ur/b+q2RHOhdlXFTleH81cwk4
4BCwb4KOrQ1YtVCZeoBzIYJ968D1pv2T9DRXhmBx+MNKnbuwrNBBBAUSf8m5tD5p
1p4BjlNek512PMGpBC/EU7+c5zl0vtdyLq5SQHidteEyvJewqBfgDyme0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBVqM3Xby7qudl3CQW4LeAJSMJo9MB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvRldvemRkdkx1cTUyWGNKQmJndDRBbEl3bWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATd2WAwQC
bXiAMA0GCSqGSIb3DQEBCwUAA4IBAQCiWJEZZ8fsSQSZtWjcqMyMIYkzV94dRduo
bVsH+9qER2G8GmqsfGIjfIoicMSJ1X1EvmpgsgfRJ7EAmYWxYQEDSYb32Iwox2Sx
wZKkVe/R57XC81X84zrGaC/qjxUhyGQCWHeWNwGykOtDE2PYsytMXcpgRFD39Xiv
llKXdqDhQP/GU0B/ANbnKplie7hutLKj17Mg+qlzd6VEZerOJZoB36APio8twWMJ
iqkBdPjbgTotNL7JustD4zefFlstMMUSCMozWSacnsFxTZHn5r/SBKDvSehg9j+T
3nvy5R5wNY52g7rlCbDdl7rX/i/66u516d1ALdTFYv4UnfTBu5GG
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:28:02 2024 by rpki-client on console-ams.rpki-client.org