Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/d0D91TUpkN0yD_90HeBQrVxWAPs.roa
File: d0D91TUpkN0yD_90HeBQrVxWAPs.roa (raw, json)
Hash identifier: 8l4NmIQ7fyDUw6LQ72pxgoQInx1iPvpo4UtHuQsZMIU=
Subject key identifier: 77:40:FD:D5:35:29:90:DD:32:0F:FF:74:1D:E0:50:AD:5C:56:00:FB
Certificate issuer: /CN=9b868a76f5b4748e1e4bba834701a68577c63462
Certificate serial: 018CC3493E893DC9B49D72A9E7B82F32D6C8
Authority key identifier: 9B:86:8A:76:F5:B4:74:8E:1E:4B:BA:83:47:01:A6:85:77:C6:34:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4aKdvW0dI4eS7qDRwGmhXfGNGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/d0D91TUpkN0yD_90HeBQrVxWAPs.roa
Signing time: Mon 01 Jan 2024 04:30:06 +0000
ROA not before: Mon 01 Jan 2024 04:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51234
IP address blocks: 176.117.0.0/21 maxlen: 21
176.117.2.0/24 maxlen: 24
176.117.0.0/24 maxlen: 24
195.191.78.0/24 maxlen: 24
195.191.78.0/23 maxlen: 23
195.191.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/m4aKdvW0dI4eS7qDRwGmhXfGNGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/m4aKdvW0dI4eS7qDRwGmhXfGNGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4aKdvW0dI4eS7qDRwGmhXfGNGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:3e:89:3d:c9:b4:9d:72:a9:e7:b8:2f:32:d6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b868a76f5b4748e1e4bba834701a68577c63462
Validity
Not Before: Jan 1 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7740fdd5352990dd320fff741de050ad5c5600fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:df:b8:b2:d2:cd:b1:59:2c:ee:0d:f2:2f:8b:
e9:d7:70:cd:e8:a6:cb:8e:34:dd:24:58:2e:2d:3d:
06:f2:a9:77:b7:e0:41:5a:77:3f:d5:77:7a:e4:76:
8d:08:a3:f5:b9:c7:d2:62:49:82:93:5d:4b:71:81:
c9:dd:00:22:0e:52:e9:0b:c3:69:09:1a:7c:54:47:
34:bd:4d:7d:4a:6d:75:e6:5d:89:00:80:99:56:54:
61:d0:8e:d6:0d:b7:d4:e1:eb:a6:77:3a:c8:e3:26:
4a:97:48:5e:69:c0:2e:4d:b5:2f:82:02:f4:e0:94:
df:9f:60:d6:64:34:54:0c:c2:9e:20:45:0a:cb:72:
7d:dc:30:68:a1:6f:dc:65:7a:58:b3:03:a8:2f:28:
c7:2f:93:be:d1:79:6b:b1:8a:01:bd:b4:53:43:25:
da:ee:d3:44:dd:01:10:15:30:b5:db:37:cf:74:f1:
01:ab:ea:7e:1e:5b:b2:9b:63:37:dc:09:9b:c2:f5:
39:1d:26:ee:db:01:84:dc:12:00:a8:f4:94:54:34:
d2:75:dc:94:5f:c6:51:75:b6:7a:aa:35:1b:48:e3:
48:8e:7b:be:79:1a:5b:88:78:50:97:f9:82:5c:25:
38:f4:54:7a:8e:fc:93:cf:da:db:69:51:ad:1f:98:
40:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:40:FD:D5:35:29:90:DD:32:0F:FF:74:1D:E0:50:AD:5C:56:00:FB
X509v3 Authority Key Identifier:
keyid:9B:86:8A:76:F5:B4:74:8E:1E:4B:BA:83:47:01:A6:85:77:C6:34:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4aKdvW0dI4eS7qDRwGmhXfGNGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/d0D91TUpkN0yD_90HeBQrVxWAPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0b0d82-fa60-44cb-b83f-6a34e46aaa56/1/m4aKdvW0dI4eS7qDRwGmhXfGNGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.0.0/21
195.191.78.0/23
Signature Algorithm: sha256WithRSAEncryption
33:8a:90:7f:b6:f6:63:67:6c:76:81:ef:d7:01:c0:1b:fb:ca:
f4:b9:f0:3d:90:2d:7e:3b:8d:de:ec:ab:2f:d4:f2:88:30:00:
f4:47:b3:02:a6:57:2d:43:be:28:14:59:67:b9:19:3d:7e:f7:
62:ea:1e:78:eb:05:cf:ce:86:01:3a:24:3a:1b:53:bf:e2:44:
78:0a:a3:2e:ff:97:6c:93:3d:c6:1d:f6:3c:cf:9e:dc:66:d9:
44:76:48:06:6d:50:1d:71:c7:b2:54:ea:f5:04:87:de:e0:8a:
04:15:00:31:e0:a7:95:d0:66:45:c0:b8:2a:77:43:53:92:4b:
09:cd:75:9c:d2:d2:ec:3a:b2:19:af:91:a1:1d:eb:3c:bc:a0:
0a:5f:8b:05:69:33:a0:03:e4:a2:e9:b5:84:c8:38:81:a9:52:
c5:9b:e7:4e:e8:19:65:6e:33:09:0c:a2:d4:e1:15:63:ba:b3:
25:0e:1e:01:eb:9f:cc:9f:80:14:7e:8c:8c:11:b5:8f:6c:c5:
82:0b:bb:d8:93:69:14:7a:5d:b8:c9:bf:90:7f:b8:37:ae:42:
fb:47:b9:58:ab:e7:4a:66:24:99:5e:25:48:2d:db:c7:f1:ab:
fa:5d:99:c0:4a:b9:90:8a:90:4b:6e:d7:dd:c4:b1:6a:47:5f:
68:b5:14:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDST6JPcm0nXKp57gvMtbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODY4YTc2ZjViNDc0OGUxZTRiYmE4MzQ3MDFhNjg1Nzdj
NjM0NjIwHhcNMjQwMTAxMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQwZmRkNTM1Mjk5MGRkMzIwZmZmNzQxZGUwNTBhZDVjNTYwMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN+4stLNsVks7g3yL4vp13DN6KbL
jjTdJFguLT0G8ql3t+BBWnc/1Xd65HaNCKP1ucfSYkmCk11LcYHJ3QAiDlLpC8Np
CRp8VEc0vU19Sm115l2JAICZVlRh0I7WDbfU4eumdzrI4yZKl0heacAuTbUvggL0
4JTfn2DWZDRUDMKeIEUKy3J93DBooW/cZXpYswOoLyjHL5O+0XlrsYoBvbRTQyXa
7tNE3QEQFTC12zfPdPEBq+p+Hluym2M33AmbwvU5HSbu2wGE3BIAqPSUVDTSddyU
X8ZRdbZ6qjUbSONIjnu+eRpbiHhQl/mCXCU49FR6jvyTz9rbaVGtH5hAOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHdA/dU1KZDdMg//dB3gUK1cVgD7MB8GA1UdIwQY
MBaAFJuGinb1tHSOHku6g0cBpoV3xjRiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRhS2R2VzBkSTRlUzdxRFJ3R21oWGZHTkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wYjBkODItZmE2MC00NGNiLWI4M2Yt
NmEzNGU0NmFhYTU2LzEvZDBEOTFUVXBrTjB5RF85MEhlQlFyVnhXQVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wYjBkODItZmE2MC00NGNiLWI4M2YtNmEzNGU0NmFhYTU2
LzEvbTRhS2R2VzBkSTRlUzdxRFJ3R21oWGZHTkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsHUAAwQB
w79OMA0GCSqGSIb3DQEBCwUAA4IBAQAzipB/tvZjZ2x2ge/XAcAb+8r0ufA9kC1+
O43e7Ksv1PKIMAD0R7MCplctQ74oFFlnuRk9fvdi6h546wXPzoYBOiQ6G1O/4kR4
CqMu/5dskz3GHfY8z57cZtlEdkgGbVAdcceyVOr1BIfe4IoEFQAx4KeV0GZFwLgq
d0NTkksJzXWc0tLsOrIZr5GhHes8vKAKX4sFaTOgA+Si6bWEyDiBqVLFm+dO6Bll
bjMJDKLU4RVjurMlDh4B65/Mn4AUfoyMEbWPbMWCC7vYk2kUel24yb+Qf7g3rkL7
R7lYq+dKZiSZXiVILdvH8av6XZnASrmQipBLbtfdxLFqR19otRTQ
-----END CERTIFICATE-----
Generated at Mon May 20 15:27:04 2024 by rpki-client on console-ams.rpki-client.org