Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/xHEGKMX31eI_zLSKW7_HTFXTYlg.roa
File: xHEGKMX31eI_zLSKW7_HTFXTYlg.roa (raw, json)
Hash identifier: U5+vIcKRHZGHkS/KAsKwCo0mpCNbXnx2b6Yc6J5e3E8=
Subject key identifier: C4:71:06:28:C5:F7:D5:E2:3F:CC:B4:8A:5B:BF:C7:4C:55:D3:62:58
Certificate issuer: /CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Certificate serial: 018EACEE01B6B55865918B48BA0243771632
Authority key identifier: 79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/xHEGKMX31eI_zLSKW7_HTFXTYlg.roa
Signing time: Fri 05 Apr 2024 06:24:22 +0000
ROA not before: Fri 05 Apr 2024 06:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42532
IP address blocks: 77.73.64.0/23 maxlen: 23
77.73.71.0/24 maxlen: 24
185.145.245.0/24 maxlen: 24
185.155.119.0/24 maxlen: 24
185.242.104.0/22 maxlen: 22
185.242.106.0/23 maxlen: 23
212.6.44.0/24 maxlen: 24
2a0c:16c0::/32 maxlen: 32
2a0c:16c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ac:ee:01:b6:b5:58:65:91:8b:48:ba:02:43:77:16:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79e24b47f8943cad6e04c9f646cb1077c140fdfb
Validity
Not Before: Apr 5 06:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4710628c5f7d5e23fccb48a5bbfc74c55d36258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c4:c0:8a:68:8d:3c:3b:eb:0c:d4:95:fd:dc:
db:83:29:e7:c4:e4:b5:41:5f:f3:fc:eb:5f:59:37:
45:48:92:d3:91:ba:8b:5e:17:bd:13:24:ba:ec:1f:
ca:65:6d:2c:cb:85:8c:0e:5a:c6:1a:a5:dd:be:17:
c2:c1:fd:84:7c:f0:23:49:17:6c:bc:4b:3f:e6:6e:
11:8b:19:ed:97:50:88:ec:f4:81:de:ec:0d:22:42:
c1:b5:7f:78:7f:2d:39:6c:cc:b1:d9:f1:e2:8f:57:
42:20:8b:73:a1:9f:06:99:6a:d0:14:17:f2:96:ea:
02:57:0a:84:60:ca:3f:4e:cc:05:85:8c:aa:d3:88:
34:6c:3d:83:63:42:68:06:50:68:4f:b6:96:68:9f:
e3:1d:19:8a:3c:2e:f7:2e:e1:18:7f:c9:16:90:35:
5e:03:e8:6b:23:c4:ad:e6:ee:96:f5:1c:18:98:82:
ba:80:04:f4:e7:4e:1e:7d:99:c3:ae:f2:37:2b:32:
c0:0c:4f:b2:12:a7:96:07:b3:49:e0:15:a3:8d:ee:
4e:8e:43:92:da:8e:77:66:7f:ba:fe:42:45:b2:9a:
ae:c8:e7:34:36:40:67:1f:17:4e:ef:4b:e6:de:8b:
f0:ed:be:0f:ea:b8:2f:9e:85:66:bf:05:46:a5:bc:
79:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:71:06:28:C5:F7:D5:E2:3F:CC:B4:8A:5B:BF:C7:4C:55:D3:62:58
X509v3 Authority Key Identifier:
keyid:79:E2:4B:47:F8:94:3C:AD:6E:04:C9:F6:46:CB:10:77:C1:40:FD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eeJLR_iUPK1uBMn2RssQd8FA_fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/xHEGKMX31eI_zLSKW7_HTFXTYlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/54a65b-cf0b-498f-80d4-bc584b36cbef/1/eeJLR_iUPK1uBMn2RssQd8FA_fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.64.0/23
77.73.71.0/24
185.145.245.0/24
185.155.119.0/24
185.242.104.0/22
212.6.44.0/24
IPv6:
2a0c:16c0::/31
Signature Algorithm: sha256WithRSAEncryption
64:21:3f:8e:5c:47:78:42:14:79:fa:2d:41:fa:32:dc:fc:c7:
6f:16:ca:29:19:44:79:e0:ba:cc:eb:33:d1:e6:01:91:72:4b:
ab:b9:ae:ff:72:da:9f:f5:95:01:ad:dd:5f:21:bf:20:39:14:
27:45:1a:b5:c4:87:f6:c5:80:57:e0:6f:de:38:5d:82:16:12:
fc:29:5c:08:f7:97:75:3d:64:33:4a:08:cc:9a:a3:2b:aa:00:
e3:21:28:0b:22:7e:80:67:6c:ba:14:e9:80:83:b1:da:2b:0c:
a8:29:60:ac:19:11:7c:16:de:ec:44:fb:f5:9e:1c:1d:5f:ae:
6d:e8:01:44:97:5e:b8:d8:fa:8e:20:f2:70:67:ff:5f:56:7f:
ca:04:bf:3f:f4:29:9c:2d:24:d1:67:02:60:c6:27:ac:f1:5f:
78:d9:7c:a7:2b:fe:3f:81:5c:50:6b:a7:93:e0:7c:b6:d1:8e:
32:fe:a1:a1:01:32:4a:1d:de:17:e4:22:44:5d:dd:17:5e:df:
49:85:65:9a:bc:56:43:14:11:2c:de:3b:9a:c3:b0:22:3b:14:
91:4c:7c:52:bd:ec:30:1c:3b:16:24:1c:92:92:ab:33:07:67:
d2:f2:e1:08:f7:7e:34:29:5d:e1:1a:74:50:89:56:b1:37:8f:
89:25:14:a1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY6s7gG2tVhlkYtIugJDdxYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZTI0YjQ3Zjg5NDNjYWQ2ZTA0YzlmNjQ2Y2IxMDc3YzE0
MGZkZmIwHhcNMjQwNDA1MDYyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDcxMDYyOGM1ZjdkNWUyM2ZjY2I0OGE1YmJmYzc0YzU1ZDM2MjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscTAimiNPDvrDNSV/dzbgynnxOS1
QV/z/OtfWTdFSJLTkbqLXhe9EyS67B/KZW0sy4WMDlrGGqXdvhfCwf2EfPAjSRds
vEs/5m4Rixntl1CI7PSB3uwNIkLBtX94fy05bMyx2fHij1dCIItzoZ8GmWrQFBfy
luoCVwqEYMo/TswFhYyq04g0bD2DY0JoBlBoT7aWaJ/jHRmKPC73LuEYf8kWkDVe
A+hrI8St5u6W9RwYmIK6gAT0504efZnDrvI3KzLADE+yEqeWB7NJ4BWjje5OjkOS
2o53Zn+6/kJFspquyOc0NkBnHxdO70vm3ovw7b4P6rgvnoVmvwVGpbx5ewIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMRxBijF99XiP8y0ilu/x0xV02JYMB8GA1UdIwQY
MBaAFHniS0f4lDytbgTJ9kbLEHfBQP37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQt
YmM1ODRiMzZjYmVmLzEveEhFR0tNWDMxZUlfekxTS1c3X0hURlhUWWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81NGE2NWItY2YwYi00OThmLTgwZDQtYmM1ODRiMzZjYmVm
LzEvZWVKTFJfaVVQSzF1Qk1uMlJzc1FkOEZBX2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBTUlAAwQA
TUlHAwQAuZH1AwQAuZt3AwQCufJoAwQA1AYsMA0EAgACMAcDBQEqDBbAMA0GCSqG
SIb3DQEBCwUAA4IBAQBkIT+OXEd4QhR5+i1B+jLc/MdvFsopGUR54LrM6zPR5gGR
ckurua7/ctqf9ZUBrd1fIb8gORQnRRq1xIf2xYBX4G/eOF2CFhL8KVwI95d1PWQz
SgjMmqMrqgDjISgLIn6AZ2y6FOmAg7HaKwyoKWCsGRF8Ft7sRPv1nhwdX65t6AFE
l1642PqOIPJwZ/9fVn/KBL8/9CmcLSTRZwJgxies8V942XynK/4/gVxQa6eT4Hy2
0Y4y/qGhATJKHd4X5CJEXd0XXt9JhWWavFZDFBEs3juaw7AiOxSRTHxSvewwHDsW
JBySkqszB2fS8uEI9340KV3hGnRQiVaxN4+JJRSh
-----END CERTIFICATE-----
Generated at Sun Jun 2 09:55:01 2024 by rpki-client on console-fra.rpki-client.org