Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/T72iM3vPMzim5cVljf6xNLtdHG8.roa
File: T72iM3vPMzim5cVljf6xNLtdHG8.roa (raw, json)
Hash identifier: 046oey/aiV4lpSsTroMkrEyHi/H9Z2mmpKN8fQvDZ/0=
Subject key identifier: 4F:BD:A2:33:7B:CF:33:38:A6:E5:C5:65:8D:FE:B1:34:BB:5D:1C:6F
Certificate issuer: /CN=77e839ea59b975824fd708a0ad735550017cbf7c
Certificate serial: 018CC34942CF4DEA04FBE8B5D30C4E70898A
Authority key identifier: 77:E8:39:EA:59:B9:75:82:4F:D7:08:A0:AD:73:55:50:01:7C:BF:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-g56lm5dYJP1wigrXNVUAF8v3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/T72iM3vPMzim5cVljf6xNLtdHG8.roa
Signing time: Mon 01 Jan 2024 04:30:07 +0000
ROA not before: Mon 01 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49920
IP address blocks: 185.234.53.0/24 maxlen: 24
185.234.54.0/23 maxlen: 23
185.149.60.0/22 maxlen: 24
2a05:c0c0::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/d-g56lm5dYJP1wigrXNVUAF8v3w.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/d-g56lm5dYJP1wigrXNVUAF8v3w.mft
rsync://rpki.ripe.net/repository/DEFAULT/d-g56lm5dYJP1wigrXNVUAF8v3w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:42:cf:4d:ea:04:fb:e8:b5:d3:0c:4e:70:89:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77e839ea59b975824fd708a0ad735550017cbf7c
Validity
Not Before: Jan 1 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fbda2337bcf3338a6e5c5658dfeb134bb5d1c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d5:de:a4:c2:30:a3:8c:fd:cb:55:d4:77:c1:
b8:da:09:44:68:7c:79:ca:12:54:8e:e4:f9:ce:c1:
1c:c5:32:30:66:46:8b:e5:f9:19:93:7a:f4:0f:3e:
0f:72:bd:60:58:dd:88:3f:11:6c:b9:10:22:26:0d:
2c:a9:6d:bc:a3:fc:4e:d6:62:de:f8:ac:4d:e0:e5:
9c:81:de:51:f0:cc:e8:58:ba:99:69:21:87:ab:32:
bc:2b:f4:85:8d:b3:ec:8c:f0:21:3c:59:ff:47:c7:
09:9a:db:34:73:1a:f2:10:66:60:8d:6a:17:4a:ad:
ca:4f:c0:eb:d9:2f:fc:81:47:fa:11:a7:a1:92:9f:
0a:f3:71:ba:7c:04:ac:da:59:c0:ca:fe:b1:7b:9d:
83:dd:1f:20:f7:18:51:c2:90:23:52:d8:f5:db:69:
34:27:68:a1:64:d5:02:b5:5b:33:05:93:f4:49:65:
6c:93:39:8d:b9:41:fe:b3:e0:5c:93:e1:d1:a1:32:
3d:67:3d:8a:25:51:3a:12:b9:d3:22:ca:13:3a:1c:
6b:28:4c:a5:00:5a:69:19:e3:5a:a2:65:04:df:cb:
9e:11:ea:3c:12:ab:2d:82:cc:de:aa:e3:49:36:89:
3b:77:88:6a:f4:95:87:1c:e4:17:cf:f9:4a:94:bc:
ec:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:BD:A2:33:7B:CF:33:38:A6:E5:C5:65:8D:FE:B1:34:BB:5D:1C:6F
X509v3 Authority Key Identifier:
keyid:77:E8:39:EA:59:B9:75:82:4F:D7:08:A0:AD:73:55:50:01:7C:BF:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-g56lm5dYJP1wigrXNVUAF8v3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/T72iM3vPMzim5cVljf6xNLtdHG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ae5b5f-e748-4fd5-b1de-c79a3fa71d34/1/d-g56lm5dYJP1wigrXNVUAF8v3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.60.0/22
185.234.53.0-185.234.55.255
IPv6:
2a05:c0c0::/29
Signature Algorithm: sha256WithRSAEncryption
24:e4:ac:39:f8:da:43:ba:13:b5:e9:58:8c:94:f8:fc:ea:d6:
75:41:01:d6:86:80:6c:c0:a8:80:da:c4:55:be:45:1e:b1:f3:
7f:d8:3e:25:6e:5b:1a:b8:58:97:e2:b0:09:96:d6:d1:fa:82:
52:f3:90:1e:c2:4d:d9:b0:28:41:1b:f2:b0:ca:d7:4d:5d:68:
2c:0c:4b:b9:b4:17:06:58:65:61:a5:a6:30:10:96:25:56:15:
0e:3e:a7:3b:93:05:da:09:63:91:8b:4a:fa:60:a2:9b:c6:62:
19:7e:84:28:a0:19:9a:0a:0b:8f:a4:13:62:80:08:9a:4c:f2:
16:97:45:10:f4:2e:83:19:12:b8:d7:d5:89:ae:a0:a5:6d:b7:
a8:92:3e:3f:30:a6:a5:66:6a:e7:95:c1:af:61:36:f3:a1:13:
87:0b:02:88:9a:90:b2:0f:b7:a2:d6:ec:bf:7d:2d:c3:8f:d7:
70:ae:d9:e3:c8:67:0b:9c:41:40:38:c4:4b:76:8a:88:0b:5e:
d8:88:b2:b2:01:d0:08:e4:2a:2e:20:2a:2c:49:18:fa:f8:54:
5f:2e:be:19:b5:4b:e2:e0:09:ed:38:00:34:71:84:36:2e:62:
c7:01:b4:54:5c:24:64:cc:4a:f8:74:cb:d2:b9:b8:21:94:fe:
7d:e4:db:d1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzDSULPTeoE++i10wxOcImKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZTgzOWVhNTliOTc1ODI0ZmQ3MDhhMGFkNzM1NTUwMDE3
Y2JmN2MwHhcNMjQwMTAxMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmJkYTIzMzdiY2YzMzM4YTZlNWM1NjU4ZGZlYjEzNGJiNWQxYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdXepMIwo4z9y1XUd8G42glEaHx5
yhJUjuT5zsEcxTIwZkaL5fkZk3r0Dz4Pcr1gWN2IPxFsuRAiJg0sqW28o/xO1mLe
+KxN4OWcgd5R8MzoWLqZaSGHqzK8K/SFjbPsjPAhPFn/R8cJmts0cxryEGZgjWoX
Sq3KT8Dr2S/8gUf6Eaehkp8K83G6fASs2lnAyv6xe52D3R8g9xhRwpAjUtj122k0
J2ihZNUCtVszBZP0SWVskzmNuUH+s+Bck+HRoTI9Zz2KJVE6ErnTIsoTOhxrKEyl
AFppGeNaomUE38ueEeo8EqstgszequNJNok7d4hq9JWHHOQXz/lKlLzsvwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFE+9ojN7zzM4puXFZY3+sTS7XRxvMB8GA1UdIwQY
MBaAFHfoOepZuXWCT9cIoK1zVVABfL98MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC1nNTZsbTVkWUpQMXdpZ3JYTlZVQUY4djN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9hZTViNWYtZTc0OC00ZmQ1LWIxZGUt
Yzc5YTNmYTcxZDM0LzEvVDcyaU0zdlBNemltNWNWbGpmNnhOTHRkSEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9hZTViNWYtZTc0OC00ZmQ1LWIxZGUtYzc5YTNmYTcxZDM0
LzEvZC1nNTZsbTVkWUpQMXdpZ3JYTlZVQUY4djN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuZU8MAwD
BAC56jUDBAO56jAwDQQCAAIwBwMFAyoFwMAwDQYJKoZIhvcNAQELBQADggEBACTk
rDn42kO6E7XpWIyU+Pzq1nVBAdaGgGzAqIDaxFW+RR6x83/YPiVuWxq4WJfisAmW
1tH6glLzkB7CTdmwKEEb8rDK101daCwMS7m0FwZYZWGlpjAQliVWFQ4+pzuTBdoJ
Y5GLSvpgopvGYhl+hCigGZoKC4+kE2KACJpM8haXRRD0LoMZErjX1YmuoKVtt6iS
Pj8wpqVmaueVwa9hNvOhE4cLAoiakLIPt6LW7L99LcOP13Cu2ePIZwucQUA4xEt2
iogLXtiIsrIB0AjkKi4gKixJGPr4VF8uvhm1S+LgCe04ADRxhDYuYscBtFRcJGTM
Svh0y9K5uCGU/n3k29E=
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:35:53 2024 by rpki-client on console-fra.rpki-client.org