Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/6dyGxfXLluhMGcuqcGxQu1CEC5U.roa
File: 6dyGxfXLluhMGcuqcGxQu1CEC5U.roa (raw, json)
Hash identifier: fCbp86OQRBkTjBSeS5XEqaJ0Gesqy3Os9XuvnXmZc4k=
Subject key identifier: E9:DC:86:C5:F5:CB:96:E8:4C:19:CB:AA:70:6C:50:BB:50:84:0B:95
Certificate issuer: /CN=f54bfb01b03caa6fce887b4384253db20e59fa71
Certificate serial: 018E7D28BC321D4CD011F65933677F0BCB2B
Authority key identifier: F5:4B:FB:01:B0:3C:AA:6F:CE:88:7B:43:84:25:3D:B2:0E:59:FA:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Uv7AbA8qm_OiHtDhCU9sg5Z-nE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/6dyGxfXLluhMGcuqcGxQu1CEC5U.roa
Signing time: Tue 26 Mar 2024 23:46:45 +0000
ROA not before: Tue 26 Mar 2024 23:46:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60772
IP address blocks: 77.94.64.0/22 maxlen: 22
77.94.64.0/24 maxlen: 24
77.94.65.0/24 maxlen: 24
77.94.66.0/24 maxlen: 24
77.94.67.0/24 maxlen: 24
185.26.140.0/22 maxlen: 22
185.26.140.0/24 maxlen: 24
185.26.141.0/24 maxlen: 24
185.26.142.0/24 maxlen: 24
185.26.143.0/24 maxlen: 24
2a00:83a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/9Uv7AbA8qm_OiHtDhCU9sg5Z-nE.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/9Uv7AbA8qm_OiHtDhCU9sg5Z-nE.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Uv7AbA8qm_OiHtDhCU9sg5Z-nE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7d:28:bc:32:1d:4c:d0:11:f6:59:33:67:7f:0b:cb:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f54bfb01b03caa6fce887b4384253db20e59fa71
Validity
Not Before: Mar 26 23:46:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9dc86c5f5cb96e84c19cbaa706c50bb50840b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3b:d4:6f:0f:6c:57:07:8d:cd:b1:5d:03:54:
67:d7:47:ec:60:d4:17:0f:4b:97:fe:28:82:65:13:
5f:87:ab:28:21:b4:ec:e3:57:f4:41:98:d4:16:7b:
bd:93:a7:4a:e9:b6:ec:9c:3b:41:2c:61:bd:41:60:
15:9d:ed:df:0c:d3:c7:cb:8a:fa:80:e5:99:29:9b:
a8:50:fe:ee:f6:f2:b5:81:8a:9e:c4:c1:ae:c6:a3:
1f:4e:96:42:a1:22:22:2f:b6:6b:b3:8a:60:02:3b:
bb:d1:f3:61:d2:42:d3:7f:ee:09:24:2f:64:44:f1:
d2:dd:8e:0f:8a:e3:f3:2e:62:e2:bb:a8:15:c0:d7:
5c:ef:07:54:7c:59:73:f9:94:02:0e:b9:ab:41:82:
e7:ee:5a:3b:24:b0:a5:d9:6a:6f:0e:6f:76:bb:db:
a3:60:eb:9d:88:0a:e2:d3:cd:dc:15:bd:6b:9e:47:
91:37:35:b5:0a:80:39:25:07:38:f1:bf:d5:a2:82:
18:9f:8d:61:7a:ef:94:64:2e:27:de:75:de:70:61:
cf:4d:c4:1d:33:9b:6c:99:7c:43:a8:74:dd:ff:92:
d6:c3:de:ec:4d:e5:e7:76:45:93:1b:9e:07:0e:bb:
b5:f4:7a:13:ea:55:fb:48:9e:15:7a:65:ea:01:9f:
af:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:DC:86:C5:F5:CB:96:E8:4C:19:CB:AA:70:6C:50:BB:50:84:0B:95
X509v3 Authority Key Identifier:
keyid:F5:4B:FB:01:B0:3C:AA:6F:CE:88:7B:43:84:25:3D:B2:0E:59:FA:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Uv7AbA8qm_OiHtDhCU9sg5Z-nE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/6dyGxfXLluhMGcuqcGxQu1CEC5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/e5e689-c58a-4e86-bf8b-ac0598ec342f/1/9Uv7AbA8qm_OiHtDhCU9sg5Z-nE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.64.0/22
185.26.140.0/22
IPv6:
2a00:83a0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:ae:78:c2:d4:9b:27:48:bf:98:e2:c9:9a:6f:5b:f9:f4:75:
b3:10:53:b0:98:8b:4e:ab:a4:d2:bd:95:cf:28:83:92:ee:11:
d7:7e:7f:cb:19:50:be:10:64:c4:fc:0a:9a:76:ee:68:a9:a5:
8a:de:40:5f:40:a8:ce:88:7d:31:eb:22:8c:72:9c:4f:49:f8:
25:87:57:e6:07:29:9e:1a:a5:41:08:c0:9e:b3:d9:25:99:65:
9d:2f:0e:f6:86:ed:67:2e:02:b6:04:81:33:d7:55:77:ee:2d:
f7:02:9a:49:35:93:a0:e6:55:e0:f6:1a:f3:de:d0:5f:a0:75:
b9:44:73:10:b5:64:88:c1:ec:2a:64:48:9a:19:6d:48:a0:7b:
1f:b4:7a:a0:0f:9e:c4:3b:9c:c4:0d:d0:54:6e:48:df:e3:91:
9f:ef:6e:c7:01:6c:5b:97:a6:dd:fc:91:f4:d9:97:ed:05:99:
cd:3d:43:bb:a2:d6:67:dd:ab:0a:c6:3f:58:da:39:36:70:ac:
bb:c4:8c:82:b6:05:f9:c0:03:3f:59:c8:38:94:ae:20:7c:a4:
80:32:4b:26:4a:cb:b2:a3:3a:83:4b:90:d5:0a:3f:e5:01:89:
55:ff:75:86:c8:08:46:44:8c:b3:7c:fe:50:ec:c7:b8:79:36:
5a:57:9d:66
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY59KLwyHUzQEfZZM2d/C8srMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NGJmYjAxYjAzY2FhNmZjZTg4N2I0Mzg0MjUzZGIyMGU1
OWZhNzEwHhcNMjQwMzI2MjM0NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWRjODZjNWY1Y2I5NmU4NGMxOWNiYWE3MDZjNTBiYjUwODQwYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjvUbw9sVweNzbFdA1Rn10fsYNQX
D0uX/iiCZRNfh6soIbTs41f0QZjUFnu9k6dK6bbsnDtBLGG9QWAVne3fDNPHy4r6
gOWZKZuoUP7u9vK1gYqexMGuxqMfTpZCoSIiL7Zrs4pgAju70fNh0kLTf+4JJC9k
RPHS3Y4PiuPzLmLiu6gVwNdc7wdUfFlz+ZQCDrmrQYLn7lo7JLCl2WpvDm92u9uj
YOudiAri083cFb1rnkeRNzW1CoA5JQc48b/VooIYn41heu+UZC4n3nXecGHPTcQd
M5tsmXxDqHTd/5LWw97sTeXndkWTG54HDru19HoT6lX7SJ4VemXqAZ+v/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOnchsX1y5boTBnLqnBsULtQhAuVMB8GA1UdIwQY
MBaAFPVL+wGwPKpvzoh7Q4QlPbIOWfpxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVV2N0FiQThxbV9PaUh0RGhDVTlzZzVaLW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lNWU2ODktYzU4YS00ZTg2LWJmOGIt
YWMwNTk4ZWMzNDJmLzEvNmR5R3hmWExsdWhNR2N1cWNHeFF1MUNFQzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lNWU2ODktYzU4YS00ZTg2LWJmOGItYWMwNTk4ZWMzNDJm
LzEvOVV2N0FiQThxbV9PaUh0RGhDVTlzZzVaLW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTV5AAwQC
uRqMMA0EAgACMAcDBQAqAIOgMA0GCSqGSIb3DQEBCwUAA4IBAQAfrnjC1JsnSL+Y
4smab1v59HWzEFOwmItOq6TSvZXPKIOS7hHXfn/LGVC+EGTE/Aqadu5oqaWK3kBf
QKjOiH0x6yKMcpxPSfglh1fmBymeGqVBCMCes9klmWWdLw72hu1nLgK2BIEz11V3
7i33AppJNZOg5lXg9hrz3tBfoHW5RHMQtWSIwewqZEiaGW1IoHsftHqgD57EO5zE
DdBUbkjf45Gf727HAWxbl6bd/JH02ZftBZnNPUO7otZn3asKxj9Y2jk2cKy7xIyC
tgX5wAM/Wcg4lK4gfKSAMksmSsuyozqDS5DVCj/lAYlV/3WGyAhGRIyzfP5Q7Me4
eTZaV51m
-----END CERTIFICATE-----
Generated at Sat May 18 00:03:06 2024 by rpki-client on console-fra.rpki-client.org