Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/SpkX7uCa6vlWdj6zr-wQ78Oes4s.roa
File: SpkX7uCa6vlWdj6zr-wQ78Oes4s.roa (raw, json)
Hash identifier: TKNnCX9wJ6m28aRWDlbyarL6UZDCG4AYvfYCldjh3pw=
Subject key identifier: 4A:99:17:EE:E0:9A:EA:F9:56:76:3E:B3:AF:EC:10:EF:C3:9E:B3:8B
Certificate issuer: /CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
Certificate serial: 018CC8011B24CBB8F7DE07044290BFE5291C
Authority key identifier: C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/SpkX7uCa6vlWdj6zr-wQ78Oes4s.roa
Signing time: Tue 02 Jan 2024 02:29:24 +0000
ROA not before: Tue 02 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61071
IP address blocks: 77.78.25.0/24 maxlen: 24
77.78.41.0/24 maxlen: 24
77.78.40.0/24 maxlen: 24
77.78.39.0/24 maxlen: 24
77.78.50.0/24 maxlen: 24
77.78.53.0/24 maxlen: 24
77.78.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/x0636jUjjQKZfELrV0o4ow5dAOc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/x0636jUjjQKZfELrV0o4ow5dAOc.mft
rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 07:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1b:24:cb:b8:f7:de:07:04:42:90:bf:e5:29:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
Validity
Not Before: Jan 2 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a9917eee09aeaf956763eb3afec10efc39eb38b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:24:8d:38:1f:08:c8:d6:b5:0b:d9:4d:84:6f:
02:3b:dc:d6:bb:c8:76:81:c5:b3:4e:e1:a7:65:f8:
c1:49:52:5f:1c:a0:44:e3:3d:e1:d9:4d:2e:45:4c:
0f:9c:58:8a:85:32:f8:29:8a:2c:ad:8c:f8:dc:e2:
2b:7a:b6:b8:b3:9b:47:ab:1e:60:e5:7c:1b:f5:7b:
f0:74:ca:c9:86:cc:cd:0b:13:23:6a:ae:05:c9:ca:
da:ae:c8:27:8a:24:67:6d:dc:06:1d:fc:80:5a:90:
49:b2:0c:b9:07:32:d6:cd:c9:0d:8a:38:7d:0e:7a:
d6:6a:af:70:22:47:99:95:77:8b:52:11:c3:fb:ac:
12:75:4c:e4:4d:c5:c9:a4:50:18:70:8b:bc:66:7e:
98:fb:1f:d6:cd:42:b1:1e:b7:c1:e7:80:ca:55:78:
29:61:44:cb:13:f1:0a:b8:b5:f5:17:81:21:89:42:
52:25:0a:3b:ae:13:7c:87:58:05:39:19:71:05:5e:
70:8f:b9:7e:f9:68:9a:36:12:32:65:89:35:b1:38:
bf:43:4d:9b:40:2c:0c:41:c3:1d:6d:ef:02:e7:c5:
e0:fb:54:13:fc:fa:e5:94:35:06:0c:cc:c6:75:41:
ce:bf:f7:c9:54:db:76:df:fd:3a:a1:3b:54:25:0f:
44:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:99:17:EE:E0:9A:EA:F9:56:76:3E:B3:AF:EC:10:EF:C3:9E:B3:8B
X509v3 Authority Key Identifier:
keyid:C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/SpkX7uCa6vlWdj6zr-wQ78Oes4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/x0636jUjjQKZfELrV0o4ow5dAOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.25.0/24
77.78.39.0-77.78.41.255
77.78.50.0/24
77.78.52.0/23
Signature Algorithm: sha256WithRSAEncryption
15:2a:99:37:d4:dd:f7:c0:20:84:66:98:e6:f5:02:ef:c7:1a:
dc:53:1b:c4:b6:0a:72:72:82:c6:98:4c:76:cb:50:6c:4a:72:
84:07:a8:60:30:ba:b1:9b:40:13:55:2b:70:7b:23:58:cb:4f:
03:0e:57:61:92:0b:6d:4e:d4:84:d9:00:b2:f6:c0:4a:cb:3e:
d0:5e:db:93:ca:07:0f:69:65:cc:bf:53:3f:37:8b:bc:15:a7:
2b:ae:c2:2f:a7:de:c9:48:39:50:9a:11:2f:b3:bc:3e:95:68:
c8:ad:bf:0a:5f:29:69:09:9c:ac:bb:13:7d:40:77:71:c6:a9:
09:1c:55:59:a8:f7:37:88:2c:ae:dc:b6:a7:d8:98:a7:d5:4f:
8e:48:94:9f:2c:02:84:6f:62:97:8b:e1:4e:34:4a:85:8e:4c:
5e:13:d2:49:5a:87:eb:15:82:3d:20:61:02:83:a6:a1:d9:26:
9e:55:be:61:f2:38:40:b2:1b:6f:c9:88:56:fd:c5:a1:ba:bd:
68:43:9c:37:57:05:1e:2d:c9:60:4a:ad:ce:43:6f:df:12:07:
2f:ab:a1:a4:a9:f9:03:19:f4:a3:f3:47:8d:5d:74:cb:cc:24:
bb:75:fa:0b:33:00:fd:51:b2:e5:07:77:36:06:a4:19:05:3d:
91:38:0f:50
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIARsky7j33gcEQpC/5SkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGViN2VhMzUyMzhkMDI5OTdjNDJlYjU3NGEzOGEzMGU1
ZDAwZTcwHhcNMjQwMTAyMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk5MTdlZWUwOWFlYWY5NTY3NjNlYjNhZmVjMTBlZmMzOWViMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSSNOB8IyNa1C9lNhG8CO9zWu8h2
gcWzTuGnZfjBSVJfHKBE4z3h2U0uRUwPnFiKhTL4KYosrYz43OIrera4s5tHqx5g
5Xwb9XvwdMrJhszNCxMjaq4FycrarsgniiRnbdwGHfyAWpBJsgy5BzLWzckNijh9
DnrWaq9wIkeZlXeLUhHD+6wSdUzkTcXJpFAYcIu8Zn6Y+x/WzUKxHrfB54DKVXgp
YUTLE/EKuLX1F4EhiUJSJQo7rhN8h1gFORlxBV5wj7l++WiaNhIyZYk1sTi/Q02b
QCwMQcMdbe8C58Xg+1QT/PrllDUGDMzGdUHOv/fJVNt23/06oTtUJQ9EYwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEqZF+7gmur5VnY+s6/sEO/DnrOLMB8GA1UdIwQY
MBaAFMdOt+o1I40CmXxC61dKOKMOXQDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDA2MzZqVWpqUUtaZkVMclYwbzRvdzVkQU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mNmJkNWYtN2UyNi00MDcyLTlkMWEt
MTU3ZTNjMTY5OTE4LzEvU3BrWDd1Q2E2dmxXZGo2enItd1E3OE9lczRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mNmJkNWYtN2UyNi00MDcyLTlkMWEtMTU3ZTNjMTY5OTE4
LzEveDA2MzZqVWpqUUtaZkVMclYwbzRvdzVkQU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATU4ZMAwD
BABNTicDBAFNTigDBABNTjIDBAFNTjQwDQYJKoZIhvcNAQELBQADggEBABUqmTfU
3ffAIIRmmOb1Au/HGtxTG8S2CnJygsaYTHbLUGxKcoQHqGAwurGbQBNVK3B7I1jL
TwMOV2GSC21O1ITZALL2wErLPtBe25PKBw9pZcy/Uz83i7wVpyuuwi+n3slIOVCa
ES+zvD6VaMitvwpfKWkJnKy7E31Ad3HGqQkcVVmo9zeILK7ctqfYmKfVT45IlJ8s
AoRvYpeL4U40SoWOTF4T0klah+sVgj0gYQKDpqHZJp5VvmHyOECyG2/JiFb9xaG6
vWhDnDdXBR4tyWBKrc5Db98SBy+roaSp+QMZ9KPzR41ddMvMJLt1+gszAP1RsuUH
dzYGpBkFPZE4D1A=
-----END CERTIFICATE-----
Generated at Fri Apr 26 12:12:44 2024 by rpki-client on console-ams.rpki-client.org