Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/7SdPJFRfxzDyNZtGTABV0VtXypk.roa
File: 7SdPJFRfxzDyNZtGTABV0VtXypk.roa (raw, json)
Hash identifier: IMgWZt9j6n0XOwifr3ZuDh1jscpHIXUbryF1IhA1OS4=
Subject key identifier: ED:27:4F:24:54:5F:C7:30:F2:35:9B:46:4C:00:55:D1:5B:57:CA:99
Certificate issuer: /CN=b59909ed171b38c1fdc4362229e78d69851de11c
Certificate serial: 018F0E324DCD623F25099CA8ED468D23B2D2
Authority key identifier: B5:99:09:ED:17:1B:38:C1:FD:C4:36:22:29:E7:8D:69:85:1D:E1:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/7SdPJFRfxzDyNZtGTABV0VtXypk.roa
Signing time: Wed 24 Apr 2024 03:42:08 +0000
ROA not before: Wed 24 Apr 2024 03:42:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60447
IP address blocks: 77.246.216.0/22 maxlen: 22
77.246.216.0/24 maxlen: 24
77.246.217.0/24 maxlen: 24
77.246.218.0/24 maxlen: 24
77.246.219.0/24 maxlen: 24
95.214.104.0/22 maxlen: 22
95.214.104.0/23 maxlen: 23
95.214.106.0/23 maxlen: 23
185.97.72.0/22 maxlen: 22
185.97.72.0/24 maxlen: 24
185.97.73.0/24 maxlen: 24
185.97.74.0/24 maxlen: 24
185.97.75.0/24 maxlen: 24
195.170.166.0/24 maxlen: 24
2a06:4c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.mft
rsync://rpki.ripe.net/repository/DEFAULT/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0e:32:4d:cd:62:3f:25:09:9c:a8:ed:46:8d:23:b2:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b59909ed171b38c1fdc4362229e78d69851de11c
Validity
Not Before: Apr 24 03:42:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed274f24545fc730f2359b464c0055d15b57ca99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9b:ae:f7:c1:63:2d:54:4c:2f:20:11:ab:a5:
0e:02:ee:ac:eb:a0:62:93:16:19:7b:a7:e4:2f:ba:
ba:34:2e:e3:4f:4f:34:4f:f1:50:1d:71:2a:53:1e:
73:c6:34:ff:f0:bb:9f:b3:8a:22:03:6f:44:b3:d8:
99:0c:c7:99:bb:84:78:06:7d:ee:b4:28:03:a0:be:
10:98:a0:41:ba:96:04:00:74:28:05:10:1b:c5:6a:
46:fb:fa:61:46:75:e6:ad:2a:f1:8f:78:3e:ae:d4:
d9:03:68:e0:d6:9d:03:d7:8a:7c:c6:fa:c0:4d:1a:
08:9f:d1:f1:b2:78:89:72:d9:e5:89:7b:bb:39:d4:
47:b0:81:0b:c3:c1:b7:8c:a0:d0:2d:2e:8e:fa:19:
5e:8c:14:ce:29:9a:f1:0b:c3:b1:b3:91:3c:12:b5:
30:43:7a:a4:20:07:5a:4a:d4:87:ac:20:d1:08:b6:
7f:5c:a6:4c:2e:b1:24:e0:9d:f9:22:08:2d:f2:1d:
aa:4d:c4:b8:98:c5:1d:ad:6a:27:b0:65:00:62:ac:
38:f0:0e:80:f7:86:8b:8c:84:43:31:de:f3:5e:c6:
e4:73:37:6f:9d:de:d3:dc:5f:ba:77:be:b9:b6:73:
b3:39:ac:0d:05:96:66:bd:9f:47:79:48:1b:71:15:
64:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:27:4F:24:54:5F:C7:30:F2:35:9B:46:4C:00:55:D1:5B:57:CA:99
X509v3 Authority Key Identifier:
keyid:B5:99:09:ED:17:1B:38:C1:FD:C4:36:22:29:E7:8D:69:85:1D:E1:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/7SdPJFRfxzDyNZtGTABV0VtXypk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9ee980-67a2-4d3c-b6ca-fde073588f0f/1/tZkJ7RcbOMH9xDYiKeeNaYUd4Rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.216.0/22
95.214.104.0/22
185.97.72.0/22
195.170.166.0/24
IPv6:
2a06:4c0::/32
Signature Algorithm: sha256WithRSAEncryption
41:f8:d1:41:03:ef:7c:8f:1f:83:d3:42:32:fa:12:47:9b:78:
da:6b:b2:d5:cb:59:18:b9:a5:d8:22:97:eb:ff:b1:a5:b0:2d:
f4:a2:8b:a5:06:fe:7e:0c:b6:75:0a:59:88:56:1c:d5:cd:28:
64:25:c8:26:60:46:73:01:5c:09:4e:25:05:75:96:aa:58:51:
9c:48:5a:9c:b1:fa:99:6c:5f:56:3e:67:62:84:5d:cb:74:63:
69:7e:a1:f4:bb:a8:64:68:e4:d0:5b:52:70:7c:58:a0:74:75:
84:c1:b4:71:78:82:44:8b:f0:3b:a8:28:3a:dc:1d:1b:e2:61:
ac:06:2f:64:91:d0:14:58:ad:98:8b:6f:89:bc:09:d2:13:34:
2e:9a:21:05:c8:13:9d:0c:b3:3e:df:47:73:ce:9b:7d:06:2a:
90:51:7d:c6:4c:4a:5d:55:df:28:1a:1f:55:a2:5d:5b:15:71:
06:bb:4c:8a:84:74:9c:97:19:83:96:88:37:c5:a8:09:4e:09:
bb:e1:39:5a:a5:12:fb:f1:7e:5b:57:df:eb:df:be:26:c2:90:
64:1b:be:2d:0b:c7:a5:fa:85:a1:a1:a0:36:d6:17:64:95:8d:
27:ca:be:19:7f:5c:73:9e:f1:ad:77:08:92:27:57:f7:95:61:
8d:43:f2:69
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY8OMk3NYj8lCZyo7UaNI7LSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTkwOWVkMTcxYjM4YzFmZGM0MzYyMjI5ZTc4ZDY5ODUx
ZGUxMWMwHhcNMjQwNDI0MDM0MjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDI3NGYyNDU0NWZjNzMwZjIzNTliNDY0YzAwNTVkMTViNTdjYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypuu98FjLVRMLyARq6UOAu6s66Bi
kxYZe6fkL7q6NC7jT080T/FQHXEqUx5zxjT/8Lufs4oiA29Es9iZDMeZu4R4Bn3u
tCgDoL4QmKBBupYEAHQoBRAbxWpG+/phRnXmrSrxj3g+rtTZA2jg1p0D14p8xvrA
TRoIn9HxsniJctnliXu7OdRHsIELw8G3jKDQLS6O+hlejBTOKZrxC8Oxs5E8ErUw
Q3qkIAdaStSHrCDRCLZ/XKZMLrEk4J35Iggt8h2qTcS4mMUdrWonsGUAYqw48A6A
94aLjIRDMd7zXsbkczdvnd7T3F+6d765tnOzOawNBZZmvZ9HeUgbcRVkeQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFO0nTyRUX8cw8jWbRkwAVdFbV8qZMB8GA1UdIwQY
MBaAFLWZCe0XGzjB/cQ2IinnjWmFHeEcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFprSjdSY2JPTUg5eERZaUtlZU5hWVVkNFJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZWU5ODAtNjdhMi00ZDNjLWI2Y2Et
ZmRlMDczNTg4ZjBmLzEvN1NkUEpGUmZ4ekR5Tlp0R1RBQlYwVnRYeXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZWU5ODAtNjdhMi00ZDNjLWI2Y2EtZmRlMDczNTg4ZjBm
LzEvdFprSjdSY2JPTUg5eERZaUtlZU5hWVVkNFJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCTfbYAwQC
X9ZoAwQCuWFIAwQAw6qmMA0EAgACMAcDBQAqBgTAMA0GCSqGSIb3DQEBCwUAA4IB
AQBB+NFBA+98jx+D00Iy+hJHm3jaa7LVy1kYuaXYIpfr/7GlsC30ooulBv5+DLZ1
ClmIVhzVzShkJcgmYEZzAVwJTiUFdZaqWFGcSFqcsfqZbF9WPmdihF3LdGNpfqH0
u6hkaOTQW1JwfFigdHWEwbRxeIJEi/A7qCg63B0b4mGsBi9kkdAUWK2Yi2+JvAnS
EzQumiEFyBOdDLM+30dzzpt9BiqQUX3GTEpdVd8oGh9Vol1bFXEGu0yKhHSclxmD
log3xagJTgm74TlapRL78X5bV9/r374mwpBkG74tC8el+oWhoaA21hdklY0nyr4Z
f1xznvGtdwiSJ1f3lWGNQ/Jp
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:51:05 2024 by rpki-client on console-fra.rpki-client.org