Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/B_gBZACKzf8MmH02fNa8rr7pzUY.roa
File: B_gBZACKzf8MmH02fNa8rr7pzUY.roa (raw, json)
Hash identifier: s3VSPbqQJdMrbF3lCzlnReqnIvU9MxyhXxaOmQxBu9E=
Subject key identifier: 07:F8:01:64:00:8A:CD:FF:0C:98:7D:36:7C:D6:BC:AE:BE:E9:CD:46
Certificate issuer: /CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Certificate serial: 018CC8DEEC084034AE502297A04846E40A92
Authority key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/B_gBZACKzf8MmH02fNa8rr7pzUY.roa
Signing time: Tue 02 Jan 2024 06:31:41 +0000
ROA not before: Tue 02 Jan 2024 06:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43281
IP address blocks: 77.247.200.0/21 maxlen: 24
37.77.168.0/22 maxlen: 24
37.77.172.0/24 maxlen: 24
2a03:9d80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 09:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ec:08:40:34:ae:50:22:97:a0:48:46:e4:0a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Validity
Not Before: Jan 2 06:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07f80164008acdff0c987d367cd6bcaebee9cd46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a0:3b:3a:b0:81:e8:f4:3e:db:9c:e2:66:a2:
33:27:23:6e:7a:56:2b:36:dd:87:ef:a3:84:c6:2e:
90:1f:5a:0a:a7:80:08:53:f2:f1:b1:74:9e:92:c0:
c7:df:98:0c:a2:c3:25:da:b0:b0:da:08:44:5d:39:
07:9e:75:31:2b:43:6b:01:3a:e0:ca:cf:92:af:ff:
25:fe:c3:8f:34:ae:fa:5e:23:68:b3:d7:0c:1b:63:
4d:fb:9b:de:84:ea:93:7c:0c:7e:13:70:d6:03:d1:
20:a8:ba:46:40:26:d0:e5:5e:b2:a7:aa:2b:91:3a:
bf:41:1c:00:0f:c4:2d:62:12:f9:2a:8a:ed:44:92:
52:a7:a3:7d:a5:d5:41:91:39:90:09:52:50:0b:3b:
ac:16:7c:4c:a7:49:14:dc:7d:8e:57:db:5f:51:04:
cd:32:19:c0:b5:b3:b3:14:ee:88:60:9e:c9:b0:6d:
50:e5:2b:0a:92:d8:d9:ca:64:50:59:45:07:d8:f8:
49:41:80:3c:90:e1:b8:0a:90:a6:26:e7:57:e7:41:
41:60:35:a4:6a:de:07:f1:d5:56:fb:89:5a:9f:73:
d5:b5:d2:8e:31:4a:d0:2c:86:01:dc:d3:c9:03:6b:
05:8b:33:dd:c3:5e:7f:f4:64:f3:d9:db:88:db:be:
f0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F8:01:64:00:8A:CD:FF:0C:98:7D:36:7C:D6:BC:AE:BE:E9:CD:46
X509v3 Authority Key Identifier:
keyid:85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/B_gBZACKzf8MmH02fNa8rr7pzUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.168.0-37.77.172.255
77.247.200.0/21
IPv6:
2a03:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
5f:79:8c:93:d8:1f:31:f8:77:1a:61:50:da:1c:40:c1:78:a6:
dd:27:3d:c3:47:f3:15:84:49:c2:4a:5b:1d:57:4e:47:d6:56:
38:90:b0:96:be:55:f1:3f:11:76:28:6e:3c:72:6d:8c:ff:14:
34:1b:8f:0c:a4:fe:7e:32:29:b6:1a:3a:e6:e4:b2:d5:4c:c9:
b8:9f:b7:62:a7:5c:a5:56:49:87:37:7c:fe:04:a2:e0:88:66:
2d:09:3d:cf:d1:7f:b2:5a:11:cd:10:11:bd:bd:b6:55:ad:6d:
31:b8:83:df:59:bd:0b:1d:11:c6:dc:79:cb:9f:2d:98:66:1e:
9f:4d:fa:4b:99:3b:86:62:f3:f5:03:74:03:6f:b9:28:a1:1f:
34:f9:41:08:f9:86:fa:d0:39:2b:cf:fe:0f:86:41:9f:13:b3:
eb:87:e8:ac:cd:33:13:18:4a:10:2a:22:6e:01:e2:47:13:22:
53:38:32:d1:1c:2c:8e:23:be:ec:dd:bd:3a:41:14:47:10:86:
ff:81:a3:32:c5:80:b9:3e:19:04:e2:43:6e:20:39:28:3a:75:
11:e7:48:2b:84:45:22:68:ac:4b:9a:d6:ec:24:15:56:1c:8d:
1c:c0:6d:e6:38:ad:14:a3:b8:fe:31:10:83:a6:73:63:9b:b3:
19:16:d5:c1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzI3uwIQDSuUCKXoEhG5AqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1N2EyYzc0YWY1YTQ0ZDlhYWU0N2EwYjg5NDI1ZmE0Zjdm
YzdjMTkwHhcNMjQwMTAyMDYzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Y4MDE2NDAwOGFjZGZmMGM5ODdkMzY3Y2Q2YmNhZWJlZTljZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKA7OrCB6PQ+25ziZqIzJyNuelYr
Nt2H76OExi6QH1oKp4AIU/LxsXSeksDH35gMosMl2rCw2ghEXTkHnnUxK0NrATrg
ys+Sr/8l/sOPNK76XiNos9cMG2NN+5vehOqTfAx+E3DWA9EgqLpGQCbQ5V6yp6or
kTq/QRwAD8QtYhL5KortRJJSp6N9pdVBkTmQCVJQCzusFnxMp0kU3H2OV9tfUQTN
MhnAtbOzFO6IYJ7JsG1Q5SsKktjZymRQWUUH2PhJQYA8kOG4CpCmJudX50FBYDWk
at4H8dVW+4lan3PVtdKOMUrQLIYB3NPJA2sFizPdw15/9GTz2duI277wCQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAf4AWQAis3/DJh9NnzWvK6+6c1GMB8GA1UdIwQY
MBaAFIV6LHSvWkTZquR6C4lCX6T3/HwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQt
ODM2YWM5N2MwMWJiLzEvQl9nQlpBQ0t6ZjhNbUgwMmZOYThycjdwelVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQtODM2YWM5N2MwMWJi
LzEvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAMlTagD
BAAlTawDBANN98gwDQQCAAIwBwMFACoDnYAwDQYJKoZIhvcNAQELBQADggEBAF95
jJPYHzH4dxphUNocQMF4pt0nPcNH8xWEScJKWx1XTkfWVjiQsJa+VfE/EXYobjxy
bYz/FDQbjwyk/n4yKbYaOubkstVMybift2KnXKVWSYc3fP4EouCIZi0JPc/Rf7Ja
Ec0QEb29tlWtbTG4g99ZvQsdEcbcecufLZhmHp9N+kuZO4Zi8/UDdANvuSihHzT5
QQj5hvrQOSvP/g+GQZ8Ts+uH6KzNMxMYShAqIm4B4kcTIlM4MtEcLI4jvuzdvTpB
FEcQhv+BozLFgLk+GQTiQ24gOSg6dRHnSCuERSJorEua1uwkFVYcjRzAbeY4rRSj
uP4xEIOmc2ObsxkW1cE=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:10:27 2024 by rpki-client on console-fra.rpki-client.org