Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/PkJ7sbC_PPEXmEJbCff8dSDrdyQ.roa
File: PkJ7sbC_PPEXmEJbCff8dSDrdyQ.roa (raw, json)
Hash identifier: PRKS8p/wN8mEQVPhjWlrOyeIP6xKc6t9y1Dpdx4s8eo=
Subject key identifier: 3E:42:7B:B1:B0:BF:3C:F1:17:98:42:5B:09:F7:FC:75:20:EB:77:24
Certificate issuer: /CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Certificate serial: 018CC5001C775888BCF2CF3C97E4945E15F1
Authority key identifier: 02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/PkJ7sbC_PPEXmEJbCff8dSDrdyQ.roa
Signing time: Mon 01 Jan 2024 12:29:27 +0000
ROA not before: Mon 01 Jan 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56402
IP address blocks: 185.120.168.0/24 maxlen: 24
185.120.168.0/23 maxlen: 23
185.120.169.0/24 maxlen: 24
77.77.64.0/18 maxlen: 18
77.77.76.0/23 maxlen: 23
77.77.76.0/24 maxlen: 24
77.77.77.0/24 maxlen: 24
46.225.128.0/19 maxlen: 19
46.225.128.0/20 maxlen: 20
46.225.144.0/20 maxlen: 20
77.77.96.0/19 maxlen: 19
77.77.64.0/19 maxlen: 19
46.225.233.0/24 maxlen: 24
46.224.0.0/19 maxlen: 19
46.224.0.0/24 maxlen: 24
46.224.1.0/24 maxlen: 24
46.224.2.0/24 maxlen: 24
46.224.2.0/23 maxlen: 23
46.224.3.0/24 maxlen: 24
46.224.6.0/24 maxlen: 24
46.224.7.0/24 maxlen: 24
46.224.8.0/24 maxlen: 24
46.224.10.0/24 maxlen: 24
46.224.16.0/20 maxlen: 20
46.224.0.0/15 maxlen: 15
46.224.15.0/24 maxlen: 24
46.225.224.0/19 maxlen: 19
46.224.128.0/19 maxlen: 19
2a02:16c0::/29 maxlen: 29
2a02:16c0::/30 maxlen: 30
2a02:16c4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.mft
rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1c:77:58:88:bc:f2:cf:3c:97:e4:94:5e:15:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Validity
Not Before: Jan 1 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e427bb1b0bf3cf11798425b09f7fc7520eb7724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:93:a2:95:fe:de:02:da:b6:6a:63:fc:65:7a:
e4:6b:c1:3c:84:6c:9a:35:47:68:96:81:5e:e9:95:
06:17:b8:d8:13:d3:c1:1b:af:88:af:ca:5c:9f:71:
e2:90:c7:1e:b1:d4:c0:fb:c3:c4:bd:73:9e:69:19:
9d:95:79:41:aa:16:83:9c:e9:36:da:87:c0:c7:eb:
f5:fd:6c:5a:56:9b:bf:c4:84:27:27:57:c7:86:5b:
50:32:fb:04:81:2a:bc:f0:f5:7e:8b:fc:85:41:f6:
4e:96:75:82:05:04:24:b9:41:d1:d2:62:e2:fa:16:
9b:0c:80:b5:87:d3:67:ae:fe:e5:4f:71:55:56:fd:
7f:da:99:23:9b:67:54:d9:e7:13:6b:ab:91:05:9d:
97:16:a6:b9:fa:aa:e9:7c:a0:bb:01:d5:71:0b:54:
c4:a9:0b:6b:78:62:17:71:bd:96:65:18:35:84:10:
19:f6:63:25:5c:0e:67:4e:31:97:e6:25:aa:8a:80:
b3:7c:ca:19:c1:68:24:2a:63:01:d6:8d:14:ec:0f:
f6:f3:bb:ed:21:59:6f:8d:14:f6:72:db:28:8b:d7:
30:14:b7:51:ef:c4:8a:1c:d2:d3:ae:16:ae:e4:8f:
62:2c:f8:0d:0f:cf:3c:e6:19:bb:4b:31:3d:ab:4b:
fd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:42:7B:B1:B0:BF:3C:F1:17:98:42:5B:09:F7:FC:75:20:EB:77:24
X509v3 Authority Key Identifier:
keyid:02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/PkJ7sbC_PPEXmEJbCff8dSDrdyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.224.0.0/15
77.77.64.0/18
185.120.168.0/23
IPv6:
2a02:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:98:19:85:99:5c:27:0c:90:f7:90:5e:94:ed:b5:55:56:4f:
59:4e:c5:69:67:35:e2:19:28:96:73:be:a4:68:bd:78:59:c6:
bd:50:0a:5d:2b:cf:e6:0f:6e:b5:ea:08:29:a9:9d:12:29:cf:
3a:86:e3:06:28:17:94:73:e4:5c:e1:c9:ec:6b:4c:f9:ad:38:
12:ad:a5:22:a2:2b:d9:c7:0b:c4:56:5a:fa:12:27:90:9a:40:
a0:55:e2:3e:3e:b1:b5:89:d1:0c:93:fa:e4:f0:54:73:ab:41:
f8:99:09:52:98:95:24:bd:3b:23:48:0a:ea:04:e4:ac:5b:cd:
e6:7a:f0:40:28:a8:54:8b:64:25:da:47:e1:50:2c:72:27:e2:
b6:83:ec:f1:b2:73:e4:dd:15:1b:93:d7:0c:7b:75:20:16:d2:
6a:b7:f5:73:0f:73:af:39:fb:81:c6:fd:7b:c7:df:e0:98:9a:
cc:f1:e2:ad:56:e4:d0:47:41:ec:93:cf:cd:3f:52:3e:7f:6c:
fe:d4:c9:74:ef:28:50:60:9c:72:ef:6c:5e:a6:1f:7e:c3:ec:
c7:13:84:8c:b9:4b:11:fe:6b:36:c4:91:2f:3c:dd:63:4d:41:
0b:93:0c:13:36:31:da:ad:2e:3e:dd:ef:d1:01:f2:ea:b5:6d:
25:c9:be:92
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFABx3WIi88s88l+SUXhXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODNhOGM2OWEyNjMwY2Q4ZjZmYTcwYWYyYTUzZmUwMTlm
MmNjMDcwHhcNMjQwMTAxMTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQyN2JiMWIwYmYzY2YxMTc5ODQyNWIwOWY3ZmM3NTIwZWI3NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZOilf7eAtq2amP8ZXrka8E8hGya
NUdoloFe6ZUGF7jYE9PBG6+Ir8pcn3HikMcesdTA+8PEvXOeaRmdlXlBqhaDnOk2
2ofAx+v1/WxaVpu/xIQnJ1fHhltQMvsEgSq88PV+i/yFQfZOlnWCBQQkuUHR0mLi
+habDIC1h9Nnrv7lT3FVVv1/2pkjm2dU2ecTa6uRBZ2XFqa5+qrpfKC7AdVxC1TE
qQtreGIXcb2WZRg1hBAZ9mMlXA5nTjGX5iWqioCzfMoZwWgkKmMB1o0U7A/287vt
IVlvjRT2ctsoi9cwFLdR78SKHNLTrhau5I9iLPgND8885hm7SzE9q0v9LwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFD5Ce7GwvzzxF5hCWwn3/HUg63ckMB8GA1UdIwQY
MBaAFAKDqMaaJjDNj2+nCvKlP+AZ8swHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTkt
NTkyYzBkY2RhZjc5LzEvUGtKN3NiQ19QUEVYbUVKYkNmZjhkU0RyZHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTktNTkyYzBkY2RhZjc5
LzEvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMBLuADBAZN
TUADBAG5eKgwDQQCAAIwBwMFAyoCFsAwDQYJKoZIhvcNAQELBQADggEBAGyYGYWZ
XCcMkPeQXpTttVVWT1lOxWlnNeIZKJZzvqRovXhZxr1QCl0rz+YPbrXqCCmpnRIp
zzqG4wYoF5Rz5FzhyexrTPmtOBKtpSKiK9nHC8RWWvoSJ5CaQKBV4j4+sbWJ0QyT
+uTwVHOrQfiZCVKYlSS9OyNICuoE5KxbzeZ68EAoqFSLZCXaR+FQLHIn4raD7PGy
c+TdFRuT1wx7dSAW0mq39XMPc685+4HG/XvH3+CYmszx4q1W5NBHQeyTz80/Uj5/
bP7UyXTvKFBgnHLvbF6mH37D7McThIy5SxH+azbEkS883WNNQQuTDBM2MdqtLj7d
79EB8uq1bSXJvpI=
-----END CERTIFICATE-----
Generated at Sun Apr 21 05:11:48 2024 by rpki-client on console-ams.rpki-client.org