Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/hOpqybgGweckoqTnppJ1ZC36PYo.roa
File: hOpqybgGweckoqTnppJ1ZC36PYo.roa (raw, json)
Hash identifier: tkwGKyXKm49ThjrjzdrwYXnu1w6XoZOJbo68RfUeCNU=
Subject key identifier: 84:EA:6A:C9:B8:06:C1:E7:24:A2:A4:E7:A6:92:75:64:2D:FA:3D:8A
Certificate issuer: /CN=1c8e17411e0100c914b040d514c28e1d7d36991e
Certificate serial: 018CC94E16E0D604A1377607A515B03555C3
Authority key identifier: 1C:8E:17:41:1E:01:00:C9:14:B0:40:D5:14:C2:8E:1D:7D:36:99:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HI4XQR4BAMkUsEDVFMKOHX02mR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/hOpqybgGweckoqTnppJ1ZC36PYo.roa
Signing time: Tue 02 Jan 2024 08:33:07 +0000
ROA not before: Tue 02 Jan 2024 08:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41931
IP address blocks: 77.46.32.0/19 maxlen: 19
77.46.64.0/20 maxlen: 20
77.46.80.0/20 maxlen: 20
77.46.96.0/20 maxlen: 20
195.177.196.0/23 maxlen: 23
77.46.4.0/22 maxlen: 22
77.46.8.0/21 maxlen: 21
77.46.112.0/20 maxlen: 20
77.46.16.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/HI4XQR4BAMkUsEDVFMKOHX02mR4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/HI4XQR4BAMkUsEDVFMKOHX02mR4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HI4XQR4BAMkUsEDVFMKOHX02mR4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:16:e0:d6:04:a1:37:76:07:a5:15:b0:35:55:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c8e17411e0100c914b040d514c28e1d7d36991e
Validity
Not Before: Jan 2 08:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84ea6ac9b806c1e724a2a4e7a69275642dfa3d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1f:16:09:d5:b0:90:cf:e3:2c:cf:09:ef:b5:
93:18:43:9d:c0:d2:57:fa:da:a5:78:da:c1:30:fd:
db:e9:dc:11:02:53:fe:4d:10:4e:05:2a:28:ec:2a:
6b:93:83:13:e4:d0:ab:db:31:f5:23:d7:90:e2:c4:
49:15:50:13:7f:f1:3f:29:eb:4e:1f:1c:35:b7:68:
b9:e4:46:67:04:dd:8f:a5:f8:a6:44:c5:69:82:5d:
c2:47:ab:9d:5d:06:c6:e5:aa:b5:62:fe:58:02:07:
58:7c:fc:49:e6:60:e5:4b:7e:3b:f2:f9:50:b7:89:
97:1c:3b:34:37:0f:66:39:3d:86:6d:71:e5:c3:7e:
2a:84:82:7f:36:3d:f6:78:a6:2c:bd:7b:fb:98:3c:
2a:06:ae:32:7d:31:a5:82:af:80:68:3f:7b:48:b7:
8d:00:55:a5:2e:99:e6:ce:aa:68:80:97:89:31:47:
1a:d8:c1:de:ca:d8:5a:09:bf:3f:fc:ce:7a:e9:ae:
f3:d6:f2:5b:e4:14:13:80:ac:a2:36:bd:ee:35:b7:
60:d6:35:db:05:7b:cb:77:e2:b5:42:aa:bd:55:cc:
53:6b:c6:8b:fc:1f:d1:50:bd:bc:74:b7:fc:c1:3c:
9d:5e:43:73:1a:24:10:04:2f:0a:37:8b:c7:5c:2b:
b4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EA:6A:C9:B8:06:C1:E7:24:A2:A4:E7:A6:92:75:64:2D:FA:3D:8A
X509v3 Authority Key Identifier:
keyid:1C:8E:17:41:1E:01:00:C9:14:B0:40:D5:14:C2:8E:1D:7D:36:99:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HI4XQR4BAMkUsEDVFMKOHX02mR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/hOpqybgGweckoqTnppJ1ZC36PYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/HI4XQR4BAMkUsEDVFMKOHX02mR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.46.4.0-77.46.127.255
195.177.196.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:1d:9d:15:04:81:8b:48:54:f6:c2:57:be:7e:e9:eb:3d:24:
cd:df:57:3e:c4:e5:75:06:4f:42:8c:7e:eb:33:9d:06:98:2c:
a0:69:f0:62:f0:2f:3a:a3:98:db:27:11:cc:67:16:9b:a3:7d:
dc:6e:5f:6e:89:22:12:e4:51:d1:26:80:87:f8:13:5b:3d:3d:
51:03:0b:06:58:9d:bd:1c:64:2c:28:2a:f7:79:e4:47:ab:cd:
5e:3f:fa:7f:ee:a5:bb:e4:40:9d:97:0c:54:e6:63:27:23:87:
1b:61:aa:db:85:fb:d3:c9:dd:3c:5f:26:6d:39:31:d3:cd:15:
52:72:e9:ca:58:5e:d5:f4:8f:b9:93:54:0f:d6:f6:23:c1:8e:
f4:6b:29:74:f6:cf:68:23:a1:b5:a8:fd:a8:02:23:6c:d3:dc:
52:22:01:69:d4:8e:c0:91:b0:83:82:58:ff:b1:cc:14:d1:7e:
32:4f:22:f9:7d:ad:34:91:9b:c2:b8:3f:7e:b7:c4:4f:42:d7:
29:dc:2f:73:b7:37:69:d7:91:df:d5:20:96:2f:92:b2:e4:a3:
32:de:02:e2:0b:34:af:52:a9:3b:29:44:9c:c3:60:0f:e6:55:
c1:df:ae:80:18:e7:37:c7:ef:0c:4f:19:31:32:05:62:67:78:
36:cd:f3:bf
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJThbg1gShN3YHpRWwNVXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOGUxNzQxMWUwMTAwYzkxNGIwNDBkNTE0YzI4ZTFkN2Qz
Njk5MWUwHhcNMjQwMTAyMDgzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGVhNmFjOWI4MDZjMWU3MjRhMmE0ZTdhNjkyNzU2NDJkZmEzZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh8WCdWwkM/jLM8J77WTGEOdwNJX
+tqleNrBMP3b6dwRAlP+TRBOBSoo7Cprk4MT5NCr2zH1I9eQ4sRJFVATf/E/KetO
Hxw1t2i55EZnBN2PpfimRMVpgl3CR6udXQbG5aq1Yv5YAgdYfPxJ5mDlS3478vlQ
t4mXHDs0Nw9mOT2GbXHlw34qhIJ/Nj32eKYsvXv7mDwqBq4yfTGlgq+AaD97SLeN
AFWlLpnmzqpogJeJMUca2MHeythaCb8//M566a7z1vJb5BQTgKyiNr3uNbdg1jXb
BXvLd+K1Qqq9VcxTa8aL/B/RUL28dLf8wTydXkNzGiQQBC8KN4vHXCu0RQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFITqasm4BsHnJKKk56aSdWQt+j2KMB8GA1UdIwQY
MBaAFByOF0EeAQDJFLBA1RTCjh19NpkeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEk0WFFSNEJBTWtVc0VEVkZNS09IWDAybVI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hNmM3ZWItYjcyZi00ODMzLWE1Mjgt
NmI0OWEzODkzYzc5LzEvaE9wcXliZ0d3ZWNrb3FUbnBwSjFaQzM2UFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hNmM3ZWItYjcyZi00ODMzLWE1MjgtNmI0OWEzODkzYzc5
LzEvSEk0WFFSNEJBTWtVc0VEVkZNS09IWDAybVI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJNLgQD
BAdNLgADBAHDscQwDQYJKoZIhvcNAQELBQADggEBALEdnRUEgYtIVPbCV75+6es9
JM3fVz7E5XUGT0KMfusznQaYLKBp8GLwLzqjmNsnEcxnFpujfdxuX26JIhLkUdEm
gIf4E1s9PVEDCwZYnb0cZCwoKvd55EerzV4/+n/upbvkQJ2XDFTmYycjhxthqtuF
+9PJ3TxfJm05MdPNFVJy6cpYXtX0j7mTVA/W9iPBjvRrKXT2z2gjobWo/agCI2zT
3FIiAWnUjsCRsIOCWP+xzBTRfjJPIvl9rTSRm8K4P363xE9C1yncL3O3N2nXkd/V
IJYvkrLkozLeAuILNK9SqTspRJzDYA/mVcHfroAY5zfH7wxPGTEyBWJneDbN878=
-----END CERTIFICATE-----
Generated at Sat Sep 28 09:31:35 2024 by rpki-client on console-fra.rpki-client.org