Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/apILGtQflvaLcBidaVY8RkDjP8M.roa
File: apILGtQflvaLcBidaVY8RkDjP8M.roa (raw, json)
Hash identifier: 6v45IYxoAxgdE3XcrDJdNAI6e1uPTMz7j1Gkkd6Nr6s=
Subject key identifier: 6A:92:0B:1A:D4:1F:96:F6:8B:70:18:9D:69:56:3C:46:40:E3:3F:C3
Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Certificate serial: 018CC3B73574F0D3F205D4274D2C2A15F53F
Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/apILGtQflvaLcBidaVY8RkDjP8M.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20811
IP address blocks: 77.74.112.0/21 maxlen: 24
185.111.144.0/22 maxlen: 24
109.69.248.0/21 maxlen: 24
2a02:54c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:35:74:f0:d3:f2:05:d4:27:4d:2c:2a:15:f5:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a920b1ad41f96f68b70189d69563c4640e33fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:26:73:49:65:75:cb:ab:b8:08:55:37:78:71:
e5:9d:c8:7e:3d:20:f8:a3:f5:3a:02:d1:00:12:fc:
af:ea:c0:48:fb:a5:56:d3:ed:50:f0:3a:f9:e7:0c:
fd:3c:83:83:98:ba:21:fe:f4:49:f3:94:b7:8e:73:
04:4a:f6:fd:47:3d:fc:44:4c:55:b1:d6:4e:35:92:
9b:d4:de:04:47:ad:46:48:8f:2a:4c:31:53:e0:9d:
34:f3:3d:53:d1:fa:df:6a:a7:63:f3:12:a9:fd:0e:
d2:01:50:03:62:37:fe:32:f6:2e:80:82:4f:ee:d0:
d2:9f:f5:12:73:db:e5:e0:b7:37:63:2e:83:ff:bd:
ba:a2:c5:bf:8b:07:82:c5:c1:24:2e:f7:5d:b8:bb:
b0:05:0a:72:5d:c4:2b:40:e7:7d:1e:c8:0c:42:f9:
6c:3a:d0:42:76:8a:1c:fd:09:af:19:6b:82:37:94:
c7:e4:7e:11:05:1d:96:54:c8:50:97:34:c9:97:57:
f9:26:ff:d0:d3:b4:e6:4f:b5:b9:e3:2d:7c:8a:49:
7c:c4:81:b3:a1:a1:3b:e0:d9:47:ef:9e:13:bd:32:
e1:21:11:28:76:89:ff:59:d1:30:f9:e5:ed:04:9f:
d6:5a:4b:51:e0:59:6f:34:41:4a:fe:b1:31:54:14:
68:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:92:0B:1A:D4:1F:96:F6:8B:70:18:9D:69:56:3C:46:40:E3:3F:C3
X509v3 Authority Key Identifier:
keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/apILGtQflvaLcBidaVY8RkDjP8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.112.0/21
109.69.248.0/21
185.111.144.0/22
IPv6:
2a02:54c0::/29
Signature Algorithm: sha256WithRSAEncryption
77:69:77:49:20:08:36:84:14:94:28:df:aa:c8:06:f2:1c:66:
49:7d:dd:d7:0f:72:92:26:0b:c7:ce:7d:17:8c:4e:5e:d3:5c:
14:ac:3b:f3:76:39:c6:bc:cd:2f:74:a8:fe:b1:b7:28:4c:13:
cd:80:30:d6:9e:3c:7b:12:94:f9:40:ac:5c:b1:57:57:84:13:
af:06:f0:36:b7:69:5a:4d:be:d4:e6:25:63:f9:42:e0:07:35:
50:f1:c8:1b:69:f4:c9:64:b3:9c:a6:2f:a5:b0:0f:aa:d1:19:
e5:a5:27:34:8d:b6:88:ee:7d:96:a8:62:60:cf:a1:ca:08:95:
90:e6:75:9a:8a:83:78:e3:62:9d:56:db:28:ce:c8:53:9d:18:
f3:f5:24:aa:a2:0b:ec:29:35:90:1b:06:d8:1e:67:10:fb:aa:
e4:08:f9:27:bf:71:5a:b1:3b:37:2a:68:8a:05:dd:ff:76:b1:
c9:c6:7e:ef:60:9e:a2:dd:72:8c:53:a9:3f:20:87:2f:3d:fa:
8a:81:99:97:eb:92:08:2f:9b:87:5c:65:9f:c1:52:1f:00:80:
6e:9c:e1:33:71:78:a4:57:54:1c:4b:89:46:ab:d4:34:f7:b9:
cc:c2:42:5d:6a:bd:8a:68:5c:f7:8a:3f:90:a5:9d:bd:ce:7a:
d3:20:34:77
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtzV08NPyBdQnTSwqFfU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0
ZGRiY2IwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTkyMGIxYWQ0MWY5NmY2OGI3MDE4OWQ2OTU2M2M0NjQwZTMzZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCZzSWV1y6u4CFU3eHHlnch+PSD4
o/U6AtEAEvyv6sBI+6VW0+1Q8Dr55wz9PIODmLoh/vRJ85S3jnMESvb9Rz38RExV
sdZONZKb1N4ER61GSI8qTDFT4J008z1T0frfaqdj8xKp/Q7SAVADYjf+MvYugIJP
7tDSn/USc9vl4Lc3Yy6D/726osW/iweCxcEkLvdduLuwBQpyXcQrQOd9HsgMQvls
OtBCdooc/QmvGWuCN5TH5H4RBR2WVMhQlzTJl1f5Jv/Q07TmT7W54y18ikl8xIGz
oaE74NlH754TvTLhIREodon/WdEw+eXtBJ/WWktR4FlvNEFK/rExVBRoYQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGqSCxrUH5b2i3AYnWlWPEZA4z/DMB8GA1UdIwQY
MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt
MmM1YmFjMzVjMzQ0LzEvYXBJTEd0UWZsdmFMY0JpZGFWWThSa0RqUDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0
LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDTUpwAwQD
bUX4AwQCuW+QMA0EAgACMAcDBQMqAlTAMA0GCSqGSIb3DQEBCwUAA4IBAQB3aXdJ
IAg2hBSUKN+qyAbyHGZJfd3XD3KSJgvHzn0XjE5e01wUrDvzdjnGvM0vdKj+sbco
TBPNgDDWnjx7EpT5QKxcsVdXhBOvBvA2t2laTb7U5iVj+ULgBzVQ8cgbafTJZLOc
pi+lsA+q0RnlpSc0jbaI7n2WqGJgz6HKCJWQ5nWaioN442KdVtsozshTnRjz9SSq
ogvsKTWQGwbYHmcQ+6rkCPknv3FasTs3KmiKBd3/drHJxn7vYJ6i3XKMU6k/IIcv
PfqKgZmX65IIL5uHXGWfwVIfAIBunOEzcXikV1QcS4lGq9Q097nMwkJdar2KaFz3
ij+QpZ29znrTIDR3
-----END CERTIFICATE-----
Generated at Sun May 19 06:17:00 2024 by rpki-client on console-fra.rpki-client.org