Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/K72sahkHzNTlh2OOiV6IahgHT48.roa
File: K72sahkHzNTlh2OOiV6IahgHT48.roa (raw, json)
Hash identifier: B+N0hfHnmNQDhXiIg8zL6Gug+BT0Qx2nJvcc1l0mFaM=
Subject key identifier: 2B:BD:AC:6A:19:07:CC:D4:E5:87:63:8E:89:5E:88:6A:18:07:4F:8F
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 018D91D6948F07A2B82DF07E614498058C9A
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/K72sahkHzNTlh2OOiV6IahgHT48.roa
Signing time: Sat 10 Feb 2024 07:06:15 +0000
ROA not before: Sat 10 Feb 2024 07:06:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213301
IP address blocks: 185.78.84.0/24 maxlen: 24
185.78.85.0/24 maxlen: 24
185.78.87.0/24 maxlen: 24
185.174.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.mft
rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:91:d6:94:8f:07:a2:b8:2d:f0:7e:61:44:98:05:8c:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Feb 10 07:06:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bbdac6a1907ccd4e587638e895e886a18074f8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1d:02:29:b5:b6:45:54:a5:64:2b:ca:f1:0c:
fd:17:ce:00:87:19:c3:e2:41:09:67:e2:3c:9f:d4:
7a:a2:80:a7:23:f4:09:fa:36:be:6c:46:27:eb:42:
77:02:5d:43:09:ee:bb:2a:1d:ad:32:3d:fc:ee:56:
ec:a0:04:45:3c:86:00:18:76:4b:b5:2a:0f:46:c2:
66:54:90:f9:76:b6:bf:1b:e2:7a:c7:70:03:17:21:
34:0e:62:8c:8b:0a:7f:5f:f4:a9:67:a6:d7:35:25:
f8:09:d5:d6:d4:ae:26:ff:a0:7c:d1:8f:39:40:0f:
47:19:24:0e:c1:01:b5:bc:66:a1:58:1c:4d:cc:0e:
38:da:ff:d4:44:4a:c1:82:66:73:38:cf:7e:ae:80:
c7:06:a5:2b:a6:ac:80:aa:e6:fc:63:29:5a:af:ae:
15:e4:23:60:3b:fb:fd:82:ab:e3:d1:0f:e9:84:97:
ea:f1:21:92:4d:b8:32:82:08:b1:7e:7e:69:e1:fa:
ff:de:bb:a0:24:9b:1c:72:49:a6:2e:98:32:85:7a:
02:a5:e3:ac:18:1e:22:8a:54:09:74:f3:bb:ed:34:
a2:f2:2e:30:b2:d6:5a:be:9c:09:13:dd:63:77:38:
7e:36:7c:c7:82:07:f5:bf:61:6e:f3:7e:a2:11:75:
e4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BD:AC:6A:19:07:CC:D4:E5:87:63:8E:89:5E:88:6A:18:07:4F:8F
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/K72sahkHzNTlh2OOiV6IahgHT48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.84.0/23
185.78.87.0/24
185.174.68.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ba:e0:46:ec:c3:65:d4:38:f3:c2:a4:ef:3a:d9:6a:f4:3e:
e3:aa:3b:5a:c1:dd:ad:1b:4d:67:b1:92:c6:fc:ed:52:06:5a:
5a:99:ac:d9:db:49:94:9f:72:18:3d:14:27:44:d0:2d:4a:83:
25:56:65:8f:38:61:82:68:54:0c:fe:6e:1a:83:ed:98:3f:86:
e2:24:96:bd:42:6a:66:aa:b2:5c:36:13:d3:bc:b7:2c:72:d5:
de:a9:b4:56:c6:ee:0a:a2:be:59:62:0f:0e:98:6d:e2:6f:23:
7b:e7:02:63:06:d0:d5:52:2e:57:d5:90:c8:60:3a:f2:0b:2d:
b6:f2:cb:47:0d:59:4d:2f:4a:ea:86:9f:72:94:49:56:32:ca:
e0:a4:bf:42:ac:a6:fd:dd:70:f7:59:a3:92:01:04:54:db:13:
47:66:25:fe:36:cd:55:62:b5:f1:66:fa:7c:fc:e9:b9:f4:de:
ea:d3:d0:e0:9d:a4:99:78:03:3c:67:ff:e4:e3:17:7d:d8:21:
6c:43:5d:e4:32:76:bd:3a:44:8b:d6:6c:7f:05:5b:b2:af:63:
9e:19:0c:b0:08:1a:bb:dd:10:84:0b:f3:8c:a6:bf:84:79:da:
e7:28:93:18:df:9a:0b:ed:9e:7a:c9:7a:f4:e9:47:1d:d1:6f:
fd:a4:ef:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2R1pSPB6K4LfB+YUSYBYyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjQwMjEwMDcwNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmJkYWM2YTE5MDdjY2Q0ZTU4NzYzOGU4OTVlODg2YTE4MDc0ZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB0CKbW2RVSlZCvK8Qz9F84AhxnD
4kEJZ+I8n9R6ooCnI/QJ+ja+bEYn60J3Al1DCe67Kh2tMj387lbsoARFPIYAGHZL
tSoPRsJmVJD5dra/G+J6x3ADFyE0DmKMiwp/X/SpZ6bXNSX4CdXW1K4m/6B80Y85
QA9HGSQOwQG1vGahWBxNzA442v/URErBgmZzOM9+roDHBqUrpqyAqub8Yylar64V
5CNgO/v9gqvj0Q/phJfq8SGSTbgyggixfn5p4fr/3rugJJscckmmLpgyhXoCpeOs
GB4iilQJdPO77TSi8i4wstZavpwJE91jdzh+NnzHggf1v2Fu836iEXXkpwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCu9rGoZB8zU5YdjjoleiGoYB0+PMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvSzcyc2Foa0h6TlRsaDJPT2lWNklhaGdIVDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuU5UAwQA
uU5XAwQAua5EMA0GCSqGSIb3DQEBCwUAA4IBAQAquuBG7MNl1DjzwqTvOtlq9D7j
qjtawd2tG01nsZLG/O1SBlpamazZ20mUn3IYPRQnRNAtSoMlVmWPOGGCaFQM/m4a
g+2YP4biJJa9QmpmqrJcNhPTvLcsctXeqbRWxu4Kor5ZYg8OmG3ibyN75wJjBtDV
Ui5X1ZDIYDryCy228stHDVlNL0rqhp9ylElWMsrgpL9CrKb93XD3WaOSAQRU2xNH
ZiX+Ns1VYrXxZvp8/Om59N7q09DgnaSZeAM8Z//k4xd92CFsQ13kMna9OkSL1mx/
BVuyr2OeGQywCBq73RCEC/OMpr+EedrnKJMY35oL7Z56yXr06Ucd0W/9pO91
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:36:35 2024 by rpki-client on console-ams.rpki-client.org