Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/cPkr4mGd7cz-lM0OfqIN9tj0sxE.roa
File: cPkr4mGd7cz-lM0OfqIN9tj0sxE.roa (raw, json)
Hash identifier: s2FgGcJNH5yrJvtIB6AJdYbcop/rJ71EWNNKetny6Ds=
Subject key identifier: 70:F9:2B:E2:61:9D:ED:CC:FE:94:CD:0E:7E:A2:0D:F6:D8:F4:B3:11
Certificate issuer: /CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Certificate serial: 018CC6B83C9274BB404953CCB1DE4AD35998
Authority key identifier: AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/cPkr4mGd7cz-lM0OfqIN9tj0sxE.roa
Signing time: Mon 01 Jan 2024 20:30:11 +0000
ROA not before: Mon 01 Jan 2024 20:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201814
IP address blocks: 77.73.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:3c:92:74:bb:40:49:53:cc:b1:de:4a:d3:59:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=affa13f1ae053916280ec68ee1b0976f9ebd3ea8
Validity
Not Before: Jan 1 20:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70f92be2619dedccfe94cd0e7ea20df6d8f4b311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b3:a1:80:2d:b2:09:1b:f3:07:16:ac:bf:12:
02:b3:af:1e:89:c7:b0:b9:00:43:13:e6:d3:a3:6f:
8d:57:8d:7a:0f:84:1f:b8:b1:82:03:6b:19:5f:e2:
56:3a:77:6b:70:55:c2:50:89:cb:a3:8c:74:5e:57:
cc:b0:ac:c6:e9:d1:11:f5:97:1d:9f:63:98:c4:c6:
f9:3f:c0:47:b0:5c:05:b6:e3:ee:a9:83:6d:5d:4a:
65:e7:cf:0c:ac:39:b1:ad:6c:23:36:be:b4:2d:b1:
32:a0:df:9f:67:bf:ff:75:10:d4:9c:34:4e:8e:61:
0b:8a:69:e8:2e:80:eb:b9:1e:26:be:57:42:bc:dd:
12:69:d6:1f:83:4b:34:33:91:3c:2e:a8:87:12:ca:
0d:db:ae:01:c2:dc:6f:34:f7:39:b1:7c:0a:14:14:
ee:23:6c:de:3d:70:8f:a4:05:3a:0d:68:a9:1d:62:
3b:ee:06:cd:55:cc:69:1f:9f:72:a9:e3:f1:17:9b:
e2:4a:a5:7d:37:dc:ef:d5:da:ee:f6:a5:6f:3e:0c:
5a:6e:ac:b9:85:5e:34:70:d6:f7:28:e1:f4:1d:dc:
48:82:60:56:09:9f:31:71:04:f2:dd:79:ce:f8:f1:
0b:39:d5:89:f8:f6:e8:8b:5d:1f:01:39:73:e4:42:
e5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F9:2B:E2:61:9D:ED:CC:FE:94:CD:0E:7E:A2:0D:F6:D8:F4:B3:11
X509v3 Authority Key Identifier:
keyid:AF:FA:13:F1:AE:05:39:16:28:0E:C6:8E:E1:B0:97:6F:9E:BD:3E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_oT8a4FORYoDsaO4bCXb569Pqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/cPkr4mGd7cz-lM0OfqIN9tj0sxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a3c0a4-3191-4e51-8d80-478c2c8cb2a0/1/r_oT8a4FORYoDsaO4bCXb569Pqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.129.0/24
Signature Algorithm: sha256WithRSAEncryption
89:9c:54:6c:a0:dc:86:bd:7a:8b:bf:7f:31:7c:e0:eb:2d:0f:
73:7b:65:a5:73:a3:e7:6a:6d:ce:08:a6:09:ff:4b:70:97:ba:
1d:59:a2:5f:e2:ae:a8:4f:e6:81:39:82:93:b6:f6:52:a5:a9:
69:63:8a:03:8f:a6:06:b0:82:17:86:0e:ca:2f:f2:e7:19:96:
20:29:b5:18:a0:dc:ee:e9:47:b9:ee:ac:79:4b:23:a2:ad:50:
c8:d4:87:c4:02:05:1e:93:d8:23:ae:c2:1b:2a:76:24:e7:98:
c0:d9:41:2e:32:a6:b7:16:05:45:12:92:3c:49:20:7d:5c:0e:
51:4e:c2:fe:7a:6c:e6:c0:fb:05:29:b4:58:cf:19:d3:3b:8c:
90:69:3d:db:64:8c:c7:e0:12:25:9b:54:fc:8a:9f:c4:ce:f7:
fd:bf:32:98:d6:74:68:f1:17:16:5e:56:91:ee:95:d0:e7:ed:
a6:1b:c7:be:16:a5:45:80:81:e0:e4:64:e7:f9:f3:d7:3a:f3:
c7:ab:80:7a:97:f7:d0:6d:2b:c1:8b:a6:17:04:f0:21:89:6d:
89:25:41:fb:bf:6c:66:99:30:89:fc:2b:49:7d:4c:ef:f1:23:
01:24:6e:f9:d8:34:90:a0:c9:30:d6:cc:a7:f0:d8:30:19:c9:
15:48:fb:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuDySdLtASVPMsd5K01mYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZmExM2YxYWUwNTM5MTYyODBlYzY4ZWUxYjA5NzZmOWVi
ZDNlYTgwHhcNMjQwMTAxMjAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGY5MmJlMjYxOWRlZGNjZmU5NGNkMGU3ZWEyMGRmNmQ4ZjRiMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrOhgC2yCRvzBxasvxICs68eicew
uQBDE+bTo2+NV416D4QfuLGCA2sZX+JWOndrcFXCUInLo4x0XlfMsKzG6dER9Zcd
n2OYxMb5P8BHsFwFtuPuqYNtXUpl588MrDmxrWwjNr60LbEyoN+fZ7//dRDUnDRO
jmELimnoLoDruR4mvldCvN0SadYfg0s0M5E8LqiHEsoN264BwtxvNPc5sXwKFBTu
I2zePXCPpAU6DWipHWI77gbNVcxpH59yqePxF5viSqV9N9zv1dru9qVvPgxabqy5
hV40cNb3KOH0HdxIgmBWCZ8xcQTy3XnO+PELOdWJ+Pboi10fATlz5ELlkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHD5K+Jhne3M/pTNDn6iDfbY9LMRMB8GA1UdIwQY
MBaAFK/6E/GuBTkWKA7GjuGwl2+evT6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAt
NDc4YzJjOGNiMmEwLzEvY1BrcjRtR2Q3Y3otbE0wT2ZxSU45dGowc3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hM2MwYTQtMzE5MS00ZTUxLThkODAtNDc4YzJjOGNiMmEw
LzEvcl9vVDhhNEZPUllvRHNhTzRiQ1hiNTY5UHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATUmBMA0G
CSqGSIb3DQEBCwUAA4IBAQCJnFRsoNyGvXqLv38xfODrLQ9ze2Wlc6Pnam3OCKYJ
/0twl7odWaJf4q6oT+aBOYKTtvZSpalpY4oDj6YGsIIXhg7KL/LnGZYgKbUYoNzu
6Ue57qx5SyOirVDI1IfEAgUek9gjrsIbKnYk55jA2UEuMqa3FgVFEpI8SSB9XA5R
TsL+emzmwPsFKbRYzxnTO4yQaT3bZIzH4BIlm1T8ip/Ezvf9vzKY1nRo8RcWXlaR
7pXQ5+2mG8e+FqVFgIHg5GTn+fPXOvPHq4B6l/fQbSvBi6YXBPAhiW2JJUH7v2xm
mTCJ/CtJfUzv8SMBJG752DSQoMkw1syn8NgwGckVSPuy
-----END CERTIFICATE-----
Generated at Mon May 20 17:54:06 2024 by rpki-client on console-fra.rpki-client.org