Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/r121nLtbhT6ScYlmucIyBj2DlxA.roa
File: r121nLtbhT6ScYlmucIyBj2DlxA.roa (raw, json)
Hash identifier: qUf5miw9mXU73eSXjehohUJK4702gaRVjwq5ud3Kxjw=
Subject key identifier: AF:5D:B5:9C:BB:5B:85:3E:92:71:89:66:B9:C2:32:06:3D:83:97:10
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 018F0F1CAD9EBE41CAB717997F44FC150C61
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/r121nLtbhT6ScYlmucIyBj2DlxA.roa
Signing time: Wed 24 Apr 2024 07:58:08 +0000
ROA not before: Wed 24 Apr 2024 07:58:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 185.77.116.0/24 maxlen: 24
185.77.117.0/24 maxlen: 24
185.77.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 07:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:1c:ad:9e:be:41:ca:b7:17:99:7f:44:fc:15:0c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Apr 24 07:58:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af5db59cbb5b853e92718966b9c232063d839710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:96:54:29:4a:58:21:1d:af:38:95:5c:d3:33:
22:90:57:f1:61:93:b3:ab:f2:ea:5f:dd:90:26:be:
f3:b9:2f:ec:42:09:14:42:72:60:26:94:6b:bf:2e:
de:d8:64:6c:b9:63:92:3b:f8:73:c3:15:3b:17:74:
27:fa:2e:a9:fd:eb:11:f4:c7:10:85:37:38:bb:77:
51:63:14:dd:f0:69:57:fa:47:6b:65:c7:90:e9:8d:
60:99:d6:ba:c9:bc:e0:7f:b2:80:fb:cc:d1:2c:5d:
a1:be:1f:76:0c:f4:15:de:6d:50:ff:8d:af:00:b1:
d1:a1:0f:72:30:f9:df:40:1d:d6:52:3a:f1:0c:10:
21:de:ed:9e:79:61:28:00:2f:09:cc:fa:9a:cb:5e:
06:24:d3:0b:81:2b:be:06:8f:ba:23:50:31:1e:49:
f8:f4:02:d2:a0:12:58:cf:66:62:6a:db:b1:fe:a1:
01:a0:d0:72:e2:d7:b2:47:08:80:10:83:e3:3c:60:
9f:8e:e2:f8:80:52:7e:5e:0f:55:27:e6:55:48:82:
0a:a0:f6:64:b0:c6:6d:01:5a:d6:48:99:86:83:c6:
41:fd:4e:d4:fe:7a:ff:e7:6c:6d:b2:3b:a8:24:98:
52:e0:cc:00:6f:4d:71:fb:25:30:27:0b:4a:3b:bb:
12:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:5D:B5:9C:BB:5B:85:3E:92:71:89:66:B9:C2:32:06:3D:83:97:10
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/r121nLtbhT6ScYlmucIyBj2DlxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.116.0-185.77.118.255
Signature Algorithm: sha256WithRSAEncryption
6b:b1:47:f9:00:b1:d0:d1:74:ce:09:94:ee:e8:55:81:a9:ec:
2a:ed:b4:84:30:37:ca:73:8c:10:2e:b0:0b:9d:4e:7e:67:d1:
b4:49:6a:ae:59:f9:40:61:d8:65:44:3a:1b:8d:ef:7e:48:f1:
02:97:3f:65:e6:93:85:a8:b7:b8:df:1f:d2:d2:5d:51:a9:01:
c8:29:7a:d7:3b:4f:ce:14:1b:ad:66:34:ad:04:46:55:53:fe:
b2:d1:a2:3c:94:1b:eb:c0:25:a7:db:fe:e6:46:9e:da:95:0d:
59:79:05:78:11:45:ad:63:af:d0:55:1b:b9:c3:10:e3:6a:c2:
9c:37:40:9f:ec:64:d5:93:bc:cd:05:bb:dc:4a:bf:39:36:fd:
5f:5d:49:c4:25:a4:32:f4:72:2d:20:ca:41:20:a5:ae:4f:e8:
1d:a4:84:08:93:0a:96:50:77:71:a5:20:58:79:c8:44:26:25:
8e:de:55:e8:a8:bd:ff:79:74:d2:f4:63:53:56:9e:ed:a5:54:
7e:dc:cc:60:c1:3e:73:c4:73:1b:57:9e:84:b8:f9:c1:7b:cf:
c6:00:d9:61:0e:1d:47:17:4d:6b:52:9a:8e:c5:45:62:4a:51:
97:40:e0:31:b2:5a:58:f2:da:9b:12:ef:4f:b2:9a:c6:40:a3:
7a:d1:9d:c3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8PHK2evkHKtxeZf0T8FQxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjQwNDI0MDc1ODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjVkYjU5Y2JiNWI4NTNlOTI3MTg5NjZiOWMyMzIwNjNkODM5NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5ZUKUpYIR2vOJVc0zMikFfxYZOz
q/LqX92QJr7zuS/sQgkUQnJgJpRrvy7e2GRsuWOSO/hzwxU7F3Qn+i6p/esR9McQ
hTc4u3dRYxTd8GlX+kdrZceQ6Y1gmda6ybzgf7KA+8zRLF2hvh92DPQV3m1Q/42v
ALHRoQ9yMPnfQB3WUjrxDBAh3u2eeWEoAC8JzPqay14GJNMLgSu+Bo+6I1AxHkn4
9ALSoBJYz2Ziatux/qEBoNBy4teyRwiAEIPjPGCfjuL4gFJ+Xg9VJ+ZVSIIKoPZk
sMZtAVrWSJmGg8ZB/U7U/nr/52xtsjuoJJhS4MwAb01x+yUwJwtKO7sSjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK9dtZy7W4U+knGJZrnCMgY9g5cQMB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvcjEyMW5MdGJoVDZTY1lsbXVjSXlCajJEbHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5TXQD
BAC5TXYwDQYJKoZIhvcNAQELBQADggEBAGuxR/kAsdDRdM4JlO7oVYGp7CrttIQw
N8pzjBAusAudTn5n0bRJaq5Z+UBh2GVEOhuN735I8QKXP2Xmk4Wot7jfH9LSXVGp
Acgpetc7T84UG61mNK0ERlVT/rLRojyUG+vAJafb/uZGntqVDVl5BXgRRa1jr9BV
G7nDEONqwpw3QJ/sZNWTvM0Fu9xKvzk2/V9dScQlpDL0ci0gykEgpa5P6B2khAiT
CpZQd3GlIFh5yEQmJY7eVeiovf95dNL0Y1NWnu2lVH7czGDBPnPEcxtXnoS4+cF7
z8YA2WEOHUcXTWtSmo7FRWJKUZdA4DGyWljy2psS70+ymsZAo3rRncM=
-----END CERTIFICATE-----
Generated at Sun May 12 16:19:50 2024 by rpki-client on console-fra.rpki-client.org