Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/H2t_LGWoc00CKhQcmzUP8qnKjDg.roa
File: H2t_LGWoc00CKhQcmzUP8qnKjDg.roa (raw, json)
Hash identifier: RdFvQ9nOqZRgaqmpT7plYco9SfkeSrngEoWynELM46c=
Subject key identifier: 1F:6B:7F:2C:65:A8:73:4D:02:2A:14:1C:9B:35:0F:F2:A9:CA:8C:38
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018F76DE37E1ED873E8C453E609D5B77AC77
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/H2t_LGWoc00CKhQcmzUP8qnKjDg.roa
Signing time: Tue 14 May 2024 11:30:25 +0000
ROA not before: Tue 14 May 2024 11:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61071
IP address blocks: 77.78.25.0/24 maxlen: 24
77.78.39.0/24 maxlen: 24
77.78.40.0/24 maxlen: 24
77.78.41.0/24 maxlen: 24
77.78.50.0/24 maxlen: 24
77.78.52.0/24 maxlen: 24
77.78.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 Nov 2024 16:12:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:de:37:e1:ed:87:3e:8c:45:3e:60:9d:5b:77:ac:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: May 14 11:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f6b7f2c65a8734d022a141c9b350ff2a9ca8c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a8:1b:c8:92:e9:cd:c8:dc:37:1a:11:43:4d:
d6:90:5d:27:5a:c8:4d:db:81:c9:62:25:a0:89:8a:
cb:82:45:da:cb:f0:7a:23:19:21:85:41:83:05:7a:
b8:d7:55:b3:ac:08:5c:49:cd:12:f4:77:4d:79:82:
15:64:a6:70:d5:98:7a:82:59:f2:89:97:19:57:2e:
79:4b:18:5a:9f:90:fb:bd:de:c8:6d:e5:7a:6f:68:
eb:37:a8:96:bf:47:ae:85:2c:20:e9:e8:1b:07:ed:
20:cc:16:6e:ba:91:24:78:e0:ff:95:ee:32:ff:cd:
88:32:33:bd:75:fb:fb:c1:98:bd:1a:32:c8:30:6c:
e0:83:e3:30:3f:77:7f:d1:3d:2d:53:ac:9f:2d:64:
26:60:0e:76:a0:9e:96:0a:47:ae:16:64:1e:49:59:
fc:aa:4b:f5:35:54:b9:4d:b0:e3:ea:ec:2b:9a:53:
50:97:44:12:f2:78:1e:74:68:18:b1:be:15:c5:27:
f1:7e:48:ed:cc:72:af:92:a1:42:d0:e7:0a:79:6b:
51:23:79:dd:61:e0:a2:dd:f9:9d:ec:79:e6:50:89:
1d:4e:17:57:60:3f:d0:1c:ec:d9:f5:3d:57:d4:c7:
86:58:e5:85:62:f3:ae:74:d9:7d:93:46:44:6c:2d:
45:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6B:7F:2C:65:A8:73:4D:02:2A:14:1C:9B:35:0F:F2:A9:CA:8C:38
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/H2t_LGWoc00CKhQcmzUP8qnKjDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.25.0/24
77.78.39.0-77.78.41.255
77.78.50.0/24
77.78.52.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:38:46:9e:5b:00:87:6f:28:b2:67:1b:df:88:81:8f:46:a1:
80:3b:e9:ed:32:c2:61:88:3a:65:5d:ee:1c:fd:4a:d4:39:91:
35:6b:ad:04:ab:ad:1f:3a:2f:b5:40:49:df:be:28:88:8f:77:
ae:47:cc:1c:10:34:53:48:70:0d:48:f3:41:39:65:9b:b0:17:
33:e3:60:b4:1b:42:f2:dd:2c:6b:84:25:1e:17:19:68:ac:45:
81:7b:0c:43:a4:4a:14:8f:04:f6:24:6c:32:b3:87:8e:10:56:
4e:87:28:51:23:a6:45:f1:79:fb:35:31:e8:07:02:bd:09:f8:
a5:0d:6f:86:61:78:bd:b8:55:01:8c:c8:03:d2:78:a3:77:a9:
20:71:3a:43:56:8f:2d:06:0b:9c:31:9f:b0:9a:c7:7f:7e:95:
6b:f5:1c:e8:01:fc:f3:c1:16:65:cf:37:1a:ff:0d:7a:ac:28:
76:3b:59:3a:4d:8c:8f:9e:f9:07:a1:7d:0b:86:49:43:38:a2:
ca:fc:e2:8a:d8:07:58:d7:57:7f:07:25:dc:7c:d2:7f:27:50:
72:8f:ae:17:6d:f6:44:b7:58:1c:9d:87:f7:40:43:d0:ac:d2:
68:f1:de:f6:14:f9:eb:71:2d:f0:fb:71:17:48:83:f1:81:3d:
a0:a2:51:15
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY923jfh7Yc+jEU+YJ1bd6x3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwNTE0MTEzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjZiN2YyYzY1YTg3MzRkMDIyYTE0MWM5YjM1MGZmMmE5Y2E4YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsagbyJLpzcjcNxoRQ03WkF0nWshN
24HJYiWgiYrLgkXay/B6IxkhhUGDBXq411WzrAhcSc0S9HdNeYIVZKZw1Zh6glny
iZcZVy55Sxhan5D7vd7IbeV6b2jrN6iWv0euhSwg6egbB+0gzBZuupEkeOD/le4y
/82IMjO9dfv7wZi9GjLIMGzgg+MwP3d/0T0tU6yfLWQmYA52oJ6WCkeuFmQeSVn8
qkv1NVS5TbDj6uwrmlNQl0QS8ngedGgYsb4VxSfxfkjtzHKvkqFC0OcKeWtRI3nd
YeCi3fmd7HnmUIkdThdXYD/QHOzZ9T1X1MeGWOWFYvOudNl9k0ZEbC1FRwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB9rfyxlqHNNAioUHJs1D/Kpyow4MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvSDJ0X0xHV29jMDBDS2hRY216VVA4cW5LakRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATU4ZMAwD
BABNTicDBAFNTigDBABNTjIDBAFNTjQwDQYJKoZIhvcNAQELBQADggEBAG04Rp5b
AIdvKLJnG9+IgY9GoYA76e0ywmGIOmVd7hz9StQ5kTVrrQSrrR86L7VASd++KIiP
d65HzBwQNFNIcA1I80E5ZZuwFzPjYLQbQvLdLGuEJR4XGWisRYF7DEOkShSPBPYk
bDKzh44QVk6HKFEjpkXxefs1MegHAr0J+KUNb4ZheL24VQGMyAPSeKN3qSBxOkNW
jy0GC5wxn7Cax39+lWv1HOgB/PPBFmXPNxr/DXqsKHY7WTpNjI+e+QehfQuGSUM4
osr84orYB1jXV38HJdx80n8nUHKPrhdt9kS3WBydh/dAQ9Cs0mjx3vYU+etxLfD7
cRdIg/GBPaCiURU=
-----END CERTIFICATE-----
Generated at Thu Oct 31 22:56:58 2024 by rpki-client on console-fra.rpki-client.org