Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/RFAJ_u4CMded_OSDUCbkZctSfaI.roa
File: RFAJ_u4CMded_OSDUCbkZctSfaI.roa (raw, json)
Hash identifier: BlT5NSoYmGhPvmIUH5YbzGp7pwffGsMaj59W/sMqRYE=
Subject key identifier: 44:50:09:FE:EE:02:31:D7:9D:FC:E4:83:50:26:E4:65:CB:52:7D:A2
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 018E5B00877DD74B3A1FD40E2BC204436895
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/RFAJ_u4CMded_OSDUCbkZctSfaI.roa
Signing time: Wed 20 Mar 2024 08:35:45 +0000
ROA not before: Wed 20 Mar 2024 08:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 77.221.145.0/24 maxlen: 24
92.243.74.0/24 maxlen: 24
92.243.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:00:87:7d:d7:4b:3a:1f:d4:0e:2b:c2:04:43:68:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Mar 20 08:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=445009feee0231d79dfce4835026e465cb527da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a9:ca:f2:dd:e5:13:74:12:3c:46:eb:5b:59:
34:41:24:83:57:db:f5:29:cc:91:89:e9:e2:b1:ce:
72:d6:d9:82:01:30:b9:8b:72:ce:82:39:42:bd:6b:
6d:41:c5:a9:ad:9e:78:67:44:22:c6:9a:f1:3e:f7:
50:25:17:c7:37:d8:22:09:fa:87:25:57:ae:e9:ba:
9e:01:68:88:fc:d9:bb:62:2f:66:4b:c9:f2:ea:d6:
6c:73:9b:30:b5:66:bf:78:1b:ae:3f:1c:79:a6:da:
7e:ae:be:aa:eb:04:e6:dc:39:cd:86:6d:0b:43:84:
51:a4:68:4f:a2:bf:6b:1e:17:37:72:4c:68:c2:98:
38:87:f3:9e:2f:2f:0d:b9:74:ff:a1:ac:78:16:5b:
b7:57:da:b2:ec:bf:48:4e:d5:71:e7:8f:9f:29:ce:
de:fa:81:8d:d7:5e:ac:10:c1:09:6a:9b:5e:51:6e:
00:58:23:12:cc:f3:7a:58:80:f1:01:08:05:0f:e1:
80:9c:e0:bd:75:32:58:12:b0:5d:cd:62:72:ad:26:
ab:88:6b:7d:5d:1c:60:68:e0:b4:e0:1e:e3:0f:2e:
d1:9d:8f:0b:1b:41:47:5f:88:aa:8b:49:a1:bc:20:
35:56:3f:00:74:85:03:b6:26:9d:52:e3:99:94:b7:
50:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:50:09:FE:EE:02:31:D7:9D:FC:E4:83:50:26:E4:65:CB:52:7D:A2
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/RFAJ_u4CMded_OSDUCbkZctSfaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.145.0/24
92.243.74.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:e8:0a:c4:b6:c6:5d:b2:bd:b4:08:36:62:97:2f:36:b2:33:
ab:44:ab:3d:14:59:c1:71:4b:49:1d:c6:ce:1b:02:44:e0:f5:
4b:24:be:3b:52:7a:9e:93:71:36:19:93:05:bb:0f:bc:f9:d7:
9a:15:c2:5d:c8:48:0e:63:d9:18:38:85:77:9f:3a:61:96:28:
c5:7f:2e:20:6c:a9:b2:aa:01:8a:0e:1b:6d:bb:92:84:f3:08:
83:81:4a:ae:ea:52:31:96:5f:92:36:77:44:66:e3:39:62:0b:
83:1d:b0:6a:e9:c9:71:fc:60:b3:a4:49:15:f4:74:44:69:8e:
44:23:94:31:a3:c6:48:04:40:12:2a:e5:87:2d:a0:d0:0e:8a:
9c:17:40:43:7a:62:d6:ae:9f:fc:09:d4:81:ce:80:ad:37:65:
eb:11:a8:5e:b1:9a:a5:c8:05:fc:ea:5e:61:ea:58:46:e2:47:
2f:7c:36:06:e8:f0:13:d9:1a:65:a9:83:db:b5:c3:59:bd:ed:
8c:de:69:0f:06:8d:52:23:c8:4e:61:60:5c:00:48:45:55:5e:
09:f7:66:ab:48:d4:c0:6d:65:3c:5a:89:3e:9b:3a:8a:f4:20:
08:18:4f:b2:e8:f5:ab:26:b2:16:4b:b1:e3:c5:dc:6c:ab:f7:
dc:40:c6:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5bAId910s6H9QOK8IEQ2iVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwMzIwMDgzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDUwMDlmZWVlMDIzMWQ3OWRmY2U0ODM1MDI2ZTQ2NWNiNTI3ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyanK8t3lE3QSPEbrW1k0QSSDV9v1
KcyRienisc5y1tmCATC5i3LOgjlCvWttQcWprZ54Z0QixprxPvdQJRfHN9giCfqH
JVeu6bqeAWiI/Nm7Yi9mS8ny6tZsc5swtWa/eBuuPxx5ptp+rr6q6wTm3DnNhm0L
Q4RRpGhPor9rHhc3ckxowpg4h/OeLy8NuXT/oax4Flu3V9qy7L9ITtVx54+fKc7e
+oGN116sEMEJapteUW4AWCMSzPN6WIDxAQgFD+GAnOC9dTJYErBdzWJyrSariGt9
XRxgaOC04B7jDy7RnY8LG0FHX4iqi0mhvCA1Vj8AdIUDtiadUuOZlLdQ5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFERQCf7uAjHXnfzkg1Am5GXLUn2iMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvUkZBSl91NENNZGVkX09TRFVDYmtaY3RTZmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATd2RAwQB
XPNKMA0GCSqGSIb3DQEBCwUAA4IBAQAr6ArEtsZdsr20CDZily82sjOrRKs9FFnB
cUtJHcbOGwJE4PVLJL47Unqek3E2GZMFuw+8+deaFcJdyEgOY9kYOIV3nzphlijF
fy4gbKmyqgGKDhttu5KE8wiDgUqu6lIxll+SNndEZuM5YguDHbBq6clx/GCzpEkV
9HREaY5EI5Qxo8ZIBEASKuWHLaDQDoqcF0BDemLWrp/8CdSBzoCtN2XrEahesZql
yAX86l5h6lhG4kcvfDYG6PAT2RplqYPbtcNZve2M3mkPBo1SI8hOYWBcAEhFVV4J
92arSNTAbWU8Wok+mzqK9CAIGE+y6PWrJrIWS7Hjxdxsq/fcQMaj
-----END CERTIFICATE-----
Generated at Wed May 8 02:46:40 2024 by rpki-client on console-ams.rpki-client.org