Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/1-kWrxUZPFbfqwczSKvVMN5dUx8Q.roa
File: 1-kWrxUZPFbfqwczSKvVMN5dUx8Q.roa (raw, json)
Hash identifier: Ta9kQLg2yksDx3kKhVQ99qSH7NrDc+35Evqr+45mrm8=
Subject key identifier: FA:45:AB:C5:46:4F:15:B7:EA:C1:CC:D2:2A:F5:4C:37:97:54:C7:C4
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 018FDFF8ADEEA60E94627D5C7C544ABA345A
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/1-kWrxUZPFbfqwczSKvVMN5dUx8Q.roa
Signing time: Mon 03 Jun 2024 21:19:27 +0000
ROA not before: Mon 03 Jun 2024 21:19:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42031
IP address blocks: 77.105.128.0/24 maxlen: 24
77.105.129.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.131.0/24 maxlen: 24
77.105.133.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.144.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
185.225.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Jun 2024 06:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:df:f8:ad:ee:a6:0e:94:62:7d:5c:7c:54:4a:ba:34:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Jun 3 21:19:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa45abc5464f15b7eac1ccd22af54c379754c7c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:77:32:a0:12:dd:e1:92:1f:ac:8b:08:b9:4d:
19:bd:22:ab:fb:9d:86:d9:43:a8:96:aa:46:c6:08:
aa:90:cf:ca:16:81:a2:89:72:ce:70:26:98:9b:e1:
94:e2:14:3c:b0:c1:c4:7e:e3:95:97:f9:39:f6:03:
34:b6:1c:b4:dc:11:b5:60:49:2f:ea:f9:41:f1:71:
b7:05:54:3b:d1:89:d9:99:b1:1a:88:c2:dc:85:e2:
c5:c6:d8:9f:99:04:5f:cf:dd:b5:be:e7:02:74:e4:
b8:38:15:2a:69:cb:60:8a:94:74:a3:31:bd:d7:ac:
6a:01:ac:38:22:0c:41:3b:1a:e8:2a:f7:42:e3:61:
2a:f5:60:d2:4b:9e:0d:a2:26:09:87:ba:75:63:bc:
4e:e8:a6:16:b0:16:61:fd:6e:4d:7b:35:0b:bc:d7:
4f:50:b7:72:a0:7d:14:f9:23:e6:1b:48:4d:35:11:
d4:6a:fe:59:bd:fe:3b:ef:b4:81:77:3c:84:97:38:
36:a3:30:4f:a4:05:01:f0:1e:bc:51:3c:ab:3f:f3:
aa:d4:eb:ef:fd:5f:d5:42:37:17:94:f1:99:a5:8d:
b3:a2:e4:c4:23:aa:36:dc:3e:7f:15:cb:23:81:69:
75:3b:25:3d:42:2e:6d:cb:68:d1:46:e7:e5:84:6a:
f2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:45:AB:C5:46:4F:15:B7:EA:C1:CC:D2:2A:F5:4C:37:97:54:C7:C4
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/1-kWrxUZPFbfqwczSKvVMN5dUx8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.128.0/22
77.105.133.0-77.105.134.255
77.105.144.0/24
185.225.202.0/23
Signature Algorithm: sha256WithRSAEncryption
71:62:21:16:d3:24:43:05:64:44:d6:62:49:18:6d:ec:94:4d:
1a:78:a9:8d:9c:6b:66:ea:7b:11:51:45:2d:d2:c2:cf:12:67:
54:ad:22:04:27:e7:63:ca:8c:26:22:12:b7:8c:34:78:56:ea:
f3:30:bc:c7:77:ee:61:1a:89:95:e2:1d:e8:59:c4:ff:2a:f3:
75:60:4a:98:4b:c3:61:fc:ae:9d:ea:ea:39:7a:3f:a2:96:8a:
a1:77:7e:96:e3:8f:58:67:9c:79:81:68:7b:9a:dd:f3:f3:29:
2c:d2:49:df:45:cb:9c:e9:da:5b:ac:93:9a:e2:ef:a8:1c:03:
2a:ff:47:82:18:1d:02:50:0c:1a:46:86:a1:86:b5:e3:da:75:
13:1b:5f:ae:7a:26:dd:d2:e2:1f:2f:b2:35:99:a2:98:3a:fb:
6e:1a:f1:a6:c4:6b:9c:a7:ba:1d:44:16:aa:cc:c0:43:2c:36:
16:d1:ae:49:a9:b6:48:d6:46:20:d3:7c:40:6b:e2:3b:86:76:
ac:2e:f9:a0:56:98:41:8c:5c:35:18:43:ed:62:9a:d5:17:fa:
2d:a3:28:c2:bf:63:e1:2f:39:27:07:36:5b:67:31:09:f8:fe:
10:3c:88:59:9d:e1:42:50:52:76:06:ed:33:9c:45:03:b5:e7:
de:59:cc:16
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY/f+K3upg6UYn1cfFRKujRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjQwNjAzMjExOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ1YWJjNTQ2NGYxNWI3ZWFjMWNjZDIyYWY1NGMzNzk3NTRjN2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33cyoBLd4ZIfrIsIuU0ZvSKr+52G
2UOolqpGxgiqkM/KFoGiiXLOcCaYm+GU4hQ8sMHEfuOVl/k59gM0thy03BG1YEkv
6vlB8XG3BVQ70YnZmbEaiMLcheLFxtifmQRfz921vucCdOS4OBUqactgipR0ozG9
16xqAaw4IgxBOxroKvdC42Eq9WDSS54NoiYJh7p1Y7xO6KYWsBZh/W5NezULvNdP
ULdyoH0U+SPmG0hNNRHUav5Zvf4777SBdzyElzg2ozBPpAUB8B68UTyrP/Oq1Ovv
/V/VQjcXlPGZpY2zouTEI6o23D5/FcsjgWl1OyU9Qi5ty2jRRuflhGryfQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPpFq8VGTxW36sHM0ir1TDeXVMfEMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvMS1rV3J4VVpQRmJmcXdjelNLdlZNTjVkVXg4US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjMvOTg3OTc5LTk2OTMtNDVlMy04NWJhLWVkNTM1OGI2ZGEz
MS8xL2RCWC14SzUyc2s1UEFwa1dTWkY3bWJkQUJFby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAk1pgDAM
AwQATWmFAwQATWmGAwQATWmQAwQBueHKMA0GCSqGSIb3DQEBCwUAA4IBAQBxYiEW
0yRDBWRE1mJJGG3slE0aeKmNnGtm6nsRUUUt0sLPEmdUrSIEJ+djyowmIhK3jDR4
VurzMLzHd+5hGomV4h3oWcT/KvN1YEqYS8Nh/K6d6uo5ej+iloqhd36W449YZ5x5
gWh7mt3z8yks0knfRcuc6dpbrJOa4u+oHAMq/0eCGB0CUAwaRoahhrXj2nUTG1+u
eibd0uIfL7I1maKYOvtuGvGmxGucp7odRBaqzMBDLDYW0a5JqbZI1kYg03xAa+I7
hnasLvmgVphBjFw1GEPtYprVF/otoyjCv2PhLzknBzZbZzEJ+P4QPIhZneFCUFJ2
Bu0znEUDtefeWcwW
-----END CERTIFICATE-----
Generated at Thu Jun 13 12:30:12 2024 by rpki-client on console-ams.rpki-client.org