Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/nB9wgmZdk5LYBFKi1BmY4W12If0.roa
File: nB9wgmZdk5LYBFKi1BmY4W12If0.roa (raw, json)
Hash identifier: KPglfR72l0JbJDCNEmHxbG4x8Yt0wMedaKJMZhdrQv0=
Subject key identifier: 9C:1F:70:82:66:5D:93:92:D8:04:52:A2:D4:19:98:E1:6D:76:21:FD
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 01925284D0D892091441EBB66CF5EC7842D4
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/nB9wgmZdk5LYBFKi1BmY4W12If0.roa
Signing time: Thu 03 Oct 2024 13:14:48 +0000
ROA not before: Thu 03 Oct 2024 13:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 77.221.136.0/22 maxlen: 22
77.221.140.0/22 maxlen: 22
77.221.148.0/24 maxlen: 24
77.221.149.0/24 maxlen: 24
77.221.152.0/23 maxlen: 23
77.221.154.0/23 maxlen: 23
77.221.156.0/23 maxlen: 23
77.221.158.0/23 maxlen: 23
109.120.132.0/23 maxlen: 23
109.120.134.0/23 maxlen: 23
109.120.138.0/24 maxlen: 24
109.120.139.0/24 maxlen: 24
109.120.140.0/24 maxlen: 24
109.120.149.0/24 maxlen: 24
109.120.150.0/24 maxlen: 24
109.120.151.0/24 maxlen: 24
109.120.155.0/24 maxlen: 24
109.120.156.0/23 maxlen: 24
109.120.176.0/23 maxlen: 23
109.120.178.0/23 maxlen: 23
109.120.184.0/23 maxlen: 23
109.120.186.0/23 maxlen: 23
109.120.186.0/24 maxlen: 24
109.120.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:84:d0:d8:92:09:14:41:eb:b6:6c:f5:ec:78:42:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Oct 3 13:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c1f7082665d9392d80452a2d41998e16d7621fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e3:d5:1b:7f:56:0d:a0:2b:7e:8b:e8:03:46:
97:b2:7e:76:df:81:16:c5:1a:e9:58:1d:83:96:a9:
7a:24:32:f7:f6:f4:5e:bb:bd:5a:20:1c:11:bc:47:
c7:d5:c7:21:b3:32:99:57:8a:32:8d:50:66:d3:9a:
c8:ec:31:4c:ed:b7:09:c7:ef:c2:08:73:75:2e:37:
b8:42:95:37:0f:fb:d1:62:91:2d:56:39:06:0f:1d:
23:22:d6:0a:c3:33:54:b5:6b:5c:66:90:51:bf:93:
e2:60:1b:e0:8a:2b:4e:1a:26:65:6a:5f:a1:0b:ee:
82:22:47:01:a1:2e:36:d0:b5:2c:24:8b:31:78:4f:
f4:4b:9a:c4:c8:39:40:ac:0b:27:12:fc:fb:63:d5:
aa:a5:cc:8e:cc:c9:9b:e4:f5:ed:8c:ad:a5:e3:0f:
77:34:91:ee:61:8d:2e:f2:3d:70:7f:88:e4:46:67:
1c:d2:9d:69:cb:0f:de:9f:b5:e7:14:aa:f0:fa:e9:
d4:fb:df:24:4c:72:dc:8f:38:9d:e4:13:67:d4:5a:
d7:6d:2b:38:59:e4:76:77:82:c4:7f:69:b6:97:eb:
a5:d5:52:06:9b:45:8c:d0:48:53:f6:25:0f:4c:ef:
ed:a2:e5:6c:45:6f:d3:a8:2d:a5:46:c7:4b:c3:70:
f9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1F:70:82:66:5D:93:92:D8:04:52:A2:D4:19:98:E1:6D:76:21:FD
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/nB9wgmZdk5LYBFKi1BmY4W12If0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.136.0/21
77.221.148.0/23
77.221.152.0/21
109.120.132.0/22
109.120.138.0-109.120.140.255
109.120.149.0-109.120.151.255
109.120.155.0-109.120.157.255
109.120.176.0/22
109.120.184.0/22
Signature Algorithm: sha256WithRSAEncryption
05:6c:49:0b:0b:00:51:b3:c2:82:b7:c6:8b:89:f3:09:51:05:
09:3c:91:08:17:52:fc:e2:b0:ea:d8:85:6e:5e:da:6b:db:6e:
f6:62:19:a0:46:7b:9f:0d:0a:d3:c4:1c:bd:44:9a:f9:32:10:
ac:8b:ba:b4:8a:70:77:b4:1c:3c:96:6a:c2:60:98:89:a4:08:
9b:3f:15:0b:61:8f:bd:c7:99:88:ba:6b:5d:1a:3d:6d:6f:d2:
70:ec:3a:a2:c9:f0:57:17:c9:61:79:e8:d2:3c:38:5a:f9:2c:
88:b8:07:ba:ad:b4:f4:90:da:9d:c9:68:03:79:54:2c:b1:26:
b3:d9:c1:46:74:c7:3e:43:f9:3a:d8:83:a8:e7:66:46:6d:c9:
ee:1e:09:7f:7a:c9:23:d0:e4:97:fe:28:e4:bd:6a:ab:43:5b:
63:1a:a0:da:8e:0c:46:bd:f4:07:be:b5:24:63:0d:ad:69:20:
fb:7a:16:bf:6f:0f:1d:f6:0f:0f:e8:a5:fc:9d:74:ea:2d:1b:
32:ba:cc:09:8c:58:48:03:af:70:c1:1c:2d:ba:f8:3b:63:7b:
fd:da:5f:e8:93:d3:f1:f1:6b:9b:95:75:6a:8c:91:b1:b3:bd:
4b:9b:09:bb:84:d1:1a:42:b4:45:88:f0:65:32:1e:7a:55:27:
10:7e:72:5e
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZJShNDYkgkUQeu2bPXseELUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQxMDAzMTMxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzFmNzA4MjY2NWQ5MzkyZDgwNDUyYTJkNDE5OThlMTZkNzYyMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uPVG39WDaArfovoA0aXsn5234EW
xRrpWB2Dlql6JDL39vReu71aIBwRvEfH1cchszKZV4oyjVBm05rI7DFM7bcJx+/C
CHN1Lje4QpU3D/vRYpEtVjkGDx0jItYKwzNUtWtcZpBRv5PiYBvgiitOGiZlal+h
C+6CIkcBoS420LUsJIsxeE/0S5rEyDlArAsnEvz7Y9WqpcyOzMmb5PXtjK2l4w93
NJHuYY0u8j1wf4jkRmcc0p1pyw/en7XnFKrw+unU+98kTHLcjzid5BNn1FrXbSs4
WeR2d4LEf2m2l+ul1VIGm0WM0EhT9iUPTO/touVsRW/TqC2lRsdLw3D5zwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJwfcIJmXZOS2ARSotQZmOFtdiH9MB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvbkI5d2dtWmRrNUxZQkZLaTFCbVk0VzEySWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQDTd2IAwQB
Td2UAwQDTd2YAwQCbXiEMAwDBAFteIoDBABteIwwDAMEAG14lQMEA214kDAMAwQA
bXibAwQBbXicAwQCbXiwAwQCbXi4MA0GCSqGSIb3DQEBCwUAA4IBAQAFbEkLCwBR
s8KCt8aLifMJUQUJPJEIF1L84rDq2IVuXtpr2272YhmgRnufDQrTxBy9RJr5MhCs
i7q0inB3tBw8lmrCYJiJpAibPxULYY+9x5mIumtdGj1tb9Jw7DqiyfBXF8lheejS
PDha+SyIuAe6rbT0kNqdyWgDeVQssSaz2cFGdMc+Q/k62IOo52ZGbcnuHgl/eskj
0OSX/ijkvWqrQ1tjGqDajgxGvfQHvrUkYw2taSD7eha/bw8d9g8P6KX8nXTqLRsy
uswJjFhIA69wwRwtuvg7Y3v92l/ok9Px8WublXVqjJGxs71Lmwm7hNEaQrRFiPBl
Mh56VScQfnJe
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:15:14 2024 by rpki-client on console-ams.rpki-client.org