Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/0fJF8_9LLkntflMHz36uoHM3NS8.roa
File: 0fJF8_9LLkntflMHz36uoHM3NS8.roa (raw, json)
Hash identifier: Fi/Js9kTXfoqqUHcSSAGnPfpg2MR/yBBdbarDd9Qc5k=
Subject key identifier: D1:F2:45:F3:FF:4B:2E:49:ED:7E:53:07:CF:7E:AE:A0:73:37:35:2F
Certificate issuer: /CN=7ebb888f2b99de9972e2446eba058ab8e2cd7b3f
Certificate serial: 018FF3479C8F84055590BBD26E0244095C9E
Authority key identifier: 7E:BB:88:8F:2B:99:DE:99:72:E2:44:6E:BA:05:8A:B8:E2:CD:7B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fruIjyuZ3ply4kRuugWKuOLNez8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/0fJF8_9LLkntflMHz36uoHM3NS8.roa
Signing time: Fri 07 Jun 2024 15:18:27 +0000
ROA not before: Fri 07 Jun 2024 15:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201032
IP address blocks: 185.77.89.0/24 maxlen: 24
2a05:60c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/fruIjyuZ3ply4kRuugWKuOLNez8.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/fruIjyuZ3ply4kRuugWKuOLNez8.mft
rsync://rpki.ripe.net/repository/DEFAULT/fruIjyuZ3ply4kRuugWKuOLNez8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 15:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f3:47:9c:8f:84:05:55:90:bb:d2:6e:02:44:09:5c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ebb888f2b99de9972e2446eba058ab8e2cd7b3f
Validity
Not Before: Jun 7 15:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1f245f3ff4b2e49ed7e5307cf7eaea07337352f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:74:6b:53:ad:97:aa:a0:01:ba:61:5b:ce:d1:
c0:37:3c:dc:dd:49:ca:69:f2:b5:86:58:87:c5:f4:
5a:f5:3c:c4:91:16:a0:7a:05:6a:3a:d8:fc:30:d0:
85:0a:d5:1b:94:f5:a7:7a:55:8f:39:e5:18:ff:e8:
f6:22:a9:4b:68:95:a0:51:c0:a9:4c:12:9c:27:01:
62:e5:71:ea:8b:34:ff:ca:3c:18:da:1a:90:7e:60:
02:83:af:ad:59:50:53:80:4f:da:ab:8a:0d:02:0f:
26:b6:d5:f5:85:ea:85:31:9e:01:6b:b1:b9:02:b6:
b0:26:d7:61:a7:08:10:6a:9f:0c:5b:bc:5a:ae:b7:
ab:02:21:6e:2f:8c:82:39:9c:92:f3:b9:8c:8a:65:
90:5c:90:93:59:c5:f1:5c:cb:0c:36:53:b4:3a:30:
14:0c:08:e1:f8:26:15:be:50:42:a4:e3:8c:ed:2c:
f9:0e:b1:04:54:64:74:b9:12:96:c0:be:3d:18:b5:
24:d0:5d:5c:a0:71:2a:4f:f9:32:a0:bc:94:7f:ff:
ac:66:c9:84:b0:3f:e8:59:2b:f8:00:d6:d9:31:86:
6f:d7:c5:1e:11:f5:fa:2d:3d:a1:f0:af:e6:a3:47:
ad:1c:3e:55:58:96:4c:f1:50:b9:9a:f9:31:58:4c:
f5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F2:45:F3:FF:4B:2E:49:ED:7E:53:07:CF:7E:AE:A0:73:37:35:2F
X509v3 Authority Key Identifier:
keyid:7E:BB:88:8F:2B:99:DE:99:72:E2:44:6E:BA:05:8A:B8:E2:CD:7B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fruIjyuZ3ply4kRuugWKuOLNez8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/0fJF8_9LLkntflMHz36uoHM3NS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/e1b34a-f388-4ddd-92cd-e1c0a4d04917/1/fruIjyuZ3ply4kRuugWKuOLNez8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.89.0/24
IPv6:
2a05:60c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
60:67:29:6d:eb:96:c9:65:57:6e:40:64:ef:ed:d5:7e:88:c0:
ef:d3:72:37:2a:72:35:af:83:db:d8:db:56:6e:dd:0f:e7:97:
ee:48:e2:ba:47:13:4d:d7:87:45:ac:eb:c0:b0:e1:64:10:b7:
1d:22:9e:53:e5:06:c5:98:cd:6c:b3:79:db:84:fa:18:27:ab:
c2:99:11:c8:95:d5:d4:bf:ab:5f:b3:a0:a6:64:96:57:f5:95:
00:20:8d:96:bd:71:a1:c4:08:8e:33:a4:69:5d:b9:a5:84:42:
45:43:fb:b1:75:30:ff:75:9a:b8:95:36:e9:3e:09:17:21:37:
93:83:43:71:d2:ee:f7:57:ad:3d:0b:47:c8:0e:90:a2:a5:6f:
16:d1:e9:80:9f:69:87:a5:fc:76:c9:72:34:ca:0c:d2:d8:27:
15:28:cc:fe:4b:dc:e4:e0:20:6e:81:dc:e7:87:37:af:77:cf:
3e:2e:0b:51:17:52:d4:b1:a0:ac:98:b2:43:44:7e:5f:fe:43:
8c:19:15:7e:6b:79:99:1c:bb:12:4b:8a:a1:3a:87:e9:f2:fe:
42:3e:b6:dd:c0:60:7a:41:e4:17:d4:64:dc:7e:6f:f9:e0:33:
36:33:da:81:85:78:ae:f4:32:a4:d8:3b:30:d8:82:e1:8f:8d:
d6:2f:7d:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/zR5yPhAVVkLvSbgJECVyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYmI4ODhmMmI5OWRlOTk3MmUyNDQ2ZWJhMDU4YWI4ZTJj
ZDdiM2YwHhcNMjQwNjA3MTUxODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWYyNDVmM2ZmNGIyZTQ5ZWQ3ZTUzMDdjZjdlYWVhMDczMzczNTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHRrU62XqqABumFbztHANzzc3UnK
afK1hliHxfRa9TzEkRagegVqOtj8MNCFCtUblPWnelWPOeUY/+j2IqlLaJWgUcCp
TBKcJwFi5XHqizT/yjwY2hqQfmACg6+tWVBTgE/aq4oNAg8mttX1heqFMZ4Ba7G5
ArawJtdhpwgQap8MW7xarrerAiFuL4yCOZyS87mMimWQXJCTWcXxXMsMNlO0OjAU
DAjh+CYVvlBCpOOM7Sz5DrEEVGR0uRKWwL49GLUk0F1coHEqT/kyoLyUf/+sZsmE
sD/oWSv4ANbZMYZv18UeEfX6LT2h8K/mo0etHD5VWJZM8VC5mvkxWEz1ZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNHyRfP/Sy5J7X5TB89+rqBzNzUvMB8GA1UdIwQY
MBaAFH67iI8rmd6ZcuJEbroFirjizXs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnJ1SWp5dVozcGx5NGtSdXVnV0t1T0xOZXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9lMWIzNGEtZjM4OC00ZGRkLTkyY2Qt
ZTFjMGE0ZDA0OTE3LzEvMGZKRjhfOUxMa250ZmxNSHozNnVvSE0zTlM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9lMWIzNGEtZjM4OC00ZGRkLTkyY2QtZTFjMGE0ZDA0OTE3
LzEvZnJ1SWp5dVozcGx5NGtSdXVnV0t1T0xOZXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuU1ZMA8E
AgACMAkDBwAqBWDAAAEwDQYJKoZIhvcNAQELBQADggEBAGBnKW3rlsllV25AZO/t
1X6IwO/TcjcqcjWvg9vY21Zu3Q/nl+5I4rpHE03Xh0Ws68Cw4WQQtx0inlPlBsWY
zWyzeduE+hgnq8KZEciV1dS/q1+zoKZkllf1lQAgjZa9caHECI4zpGlduaWEQkVD
+7F1MP91mriVNuk+CRchN5ODQ3HS7vdXrT0LR8gOkKKlbxbR6YCfaYel/HbJcjTK
DNLYJxUozP5L3OTgIG6B3OeHN693zz4uC1EXUtSxoKyYskNEfl/+Q4wZFX5reZkc
uxJLiqE6h+ny/kI+tt3AYHpB5BfUZNx+b/ngMzYz2oGFeK70MqTYOzDYguGPjdYv
fRc=
-----END CERTIFICATE-----
Generated at Fri Sep 20 19:07:28 2024 by rpki-client on console-fra.rpki-client.org