Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/naARcsex1DejgWaGL2FELhm5lwQ.roa
File: naARcsex1DejgWaGL2FELhm5lwQ.roa (raw, json)
Hash identifier: TEgnWR+b2w3ordqKeZNBCQqxuq+8jGU7piUmVFo6scM=
Subject key identifier: 9D:A0:11:72:C7:B1:D4:37:A3:81:66:86:2F:61:44:2E:19:B9:97:04
Certificate issuer: /CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21
Certificate serial: 018CC425557BE8FBE38B0EA5236D672BC5E1
Authority key identifier: 90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/naARcsex1DejgWaGL2FELhm5lwQ.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42779
IP address blocks: 77.244.116.0/23 maxlen: 23
77.244.112.0/20 maxlen: 20
77.244.118.0/23 maxlen: 23
77.244.124.0/23 maxlen: 23
77.244.126.0/23 maxlen: 23
2a02:4380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:55:7b:e8:fb:e3:8b:0e:a5:23:6d:67:2b:c5:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9da01172c7b1d437a38166862f61442e19b99704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6f:3d:e3:a3:f9:b3:d9:43:b1:62:3c:3e:46:
31:d0:53:17:a2:75:fe:95:50:8d:b4:a7:7d:1d:f8:
80:32:f5:e1:d2:2e:08:12:c3:5a:ba:02:f5:4a:02:
67:b1:df:8b:1a:c4:56:74:e0:21:8a:ce:b5:d1:26:
63:ba:f6:f3:9d:e1:f5:9f:45:bf:63:d4:2b:80:f2:
32:22:25:59:bb:e7:c2:f5:ef:77:2a:8e:1c:1a:45:
44:92:4d:ce:d2:51:95:6c:8f:a7:5c:da:00:41:59:
08:6d:05:96:f4:fd:3a:70:40:d5:af:b5:0c:ac:38:
bb:d5:89:55:8e:b2:fc:17:c2:cf:a9:d2:9e:f9:71:
35:07:ec:8c:9e:9e:81:f9:25:f3:99:dd:8f:0e:fc:
c4:9c:0d:4a:10:fd:c3:36:38:6c:fd:23:82:bf:b9:
97:58:f7:5d:71:31:52:fb:82:be:ed:ac:b6:66:8b:
19:16:b1:3b:53:2b:ff:87:b4:f0:57:ce:ba:28:a3:
55:8b:b6:59:7f:9c:40:6e:a5:20:69:1f:93:1d:d9:
d9:f5:43:6f:fa:67:ff:69:25:59:eb:ef:e2:fc:98:
bc:01:1e:bf:ea:ae:cc:15:4b:70:8d:7f:c5:f4:b1:
7b:77:04:8f:03:4c:ad:9b:3d:12:9d:a4:79:c4:4b:
28:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A0:11:72:C7:B1:D4:37:A3:81:66:86:2F:61:44:2E:19:B9:97:04
X509v3 Authority Key Identifier:
keyid:90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/naARcsex1DejgWaGL2FELhm5lwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.244.112.0/20
IPv6:
2a02:4380::/32
Signature Algorithm: sha256WithRSAEncryption
89:71:66:96:11:c9:5a:cd:00:75:3f:bd:da:5f:ea:f9:fc:f4:
e0:b8:cb:a8:cd:54:23:19:0c:5c:90:b6:8e:f1:92:88:e2:8b:
7e:41:09:03:49:a3:9b:16:5a:96:a5:62:a2:63:9a:d6:5e:a1:
18:7b:e5:af:12:93:1c:9c:3d:2a:fa:ff:78:fb:0e:2f:b7:7e:
9f:71:d3:eb:80:a7:14:9f:f1:b4:e4:0b:ed:33:b4:0e:cb:3c:
45:76:6a:b5:1d:27:b5:ef:18:c1:a4:49:e0:71:61:66:fb:1e:
c6:05:d0:33:95:c6:52:76:93:aa:b3:cc:56:d7:f9:33:8a:0c:
3c:a7:49:37:af:d7:0e:7a:f3:0c:ba:5f:86:91:c0:bc:3f:61:
68:bc:dc:07:fd:0e:c1:76:fd:8e:b2:93:75:42:f5:00:37:d0:
56:52:96:00:e9:c3:9b:e2:18:65:aa:54:86:47:10:ab:6a:1a:
e0:fb:b3:87:ab:d8:aa:ea:88:0a:1e:fd:5c:e1:01:fe:a9:49:
ac:03:30:5a:1d:9a:6b:4c:87:06:19:67:e8:2d:32:ec:6a:d8:
db:34:a0:13:f0:96:4b:d4:8c:c8:36:ef:1d:13:8b:23:74:05:
aa:ea:6d:00:17:8f:7c:1c:f6:c1:c3:a4:a9:72:dd:db:78:bf:
48:f0:b7:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJVV76Pvjiw6lI21nK8XhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDU4MjJkM2M3YmJmN2FiNTQwNGRkYTg4ZmQ5ZGE5MjEz
OGRlMjEwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGEwMTE3MmM3YjFkNDM3YTM4MTY2ODYyZjYxNDQyZTE5Yjk5NzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm8946P5s9lDsWI8PkYx0FMXonX+
lVCNtKd9HfiAMvXh0i4IEsNaugL1SgJnsd+LGsRWdOAhis610SZjuvbzneH1n0W/
Y9QrgPIyIiVZu+fC9e93Ko4cGkVEkk3O0lGVbI+nXNoAQVkIbQWW9P06cEDVr7UM
rDi71YlVjrL8F8LPqdKe+XE1B+yMnp6B+SXzmd2PDvzEnA1KEP3DNjhs/SOCv7mX
WPddcTFS+4K+7ay2ZosZFrE7Uyv/h7TwV866KKNVi7ZZf5xAbqUgaR+THdnZ9UNv
+mf/aSVZ6+/i/Ji8AR6/6q7MFUtwjX/F9LF7dwSPA0ytmz0SnaR5xEsoTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ2gEXLHsdQ3o4Fmhi9hRC4ZuZcEMB8GA1UdIwQY
MBaAFJDVgi08e796tUBN2oj9nakhON4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAt
MzY5MmY3ODQxNjE5LzEvbmFBUmNzZXgxRGVqZ1dhR0wyRkVMaG01bHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAtMzY5MmY3ODQxNjE5
LzEva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQETfRwMA0E
AgACMAcDBQAqAkOAMA0GCSqGSIb3DQEBCwUAA4IBAQCJcWaWEclazQB1P73aX+r5
/PTguMuozVQjGQxckLaO8ZKI4ot+QQkDSaObFlqWpWKiY5rWXqEYe+WvEpMcnD0q
+v94+w4vt36fcdPrgKcUn/G05AvtM7QOyzxFdmq1HSe17xjBpEngcWFm+x7GBdAz
lcZSdpOqs8xW1/kzigw8p0k3r9cOevMMul+GkcC8P2FovNwH/Q7Bdv2OspN1QvUA
N9BWUpYA6cOb4hhlqlSGRxCrahrg+7OHq9iq6ogKHv1c4QH+qUmsAzBaHZprTIcG
GWfoLTLsatjbNKAT8JZL1IzINu8dE4sjdAWq6m0AF498HPbBw6Spct3beL9I8Lc1
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:32:09 2024 by rpki-client on console-ams.rpki-client.org