Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/hMxBKpXDTvdljAKNliO82noDc38.roa
File: hMxBKpXDTvdljAKNliO82noDc38.roa (raw, json)
Hash identifier: DcaNjReeYsDogGwge/1Dpnjl4OYw+CO+sXNROvZ5fy4=
Subject key identifier: 84:CC:41:2A:95:C3:4E:F7:65:8C:02:8D:96:23:BC:DA:7A:03:73:7F
Certificate issuer: /CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
Certificate serial: 01919E28F26E7A96A811141F58B8E1955A00
Authority key identifier: 4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/hMxBKpXDTvdljAKNliO82noDc38.roa
Signing time: Thu 29 Aug 2024 12:42:48 +0000
ROA not before: Thu 29 Aug 2024 12:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20912
IP address blocks: 77.39.192.0/20 maxlen: 24
77.39.216.0/22 maxlen: 24
85.119.176.0/21 maxlen: 24
185.109.188.0/22 maxlen: 24
212.66.96.0/19 maxlen: 24
2001:40d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/Tw532cb_aNymjwXfj0Z17nvcsLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/Tw532cb_aNymjwXfj0Z17nvcsLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:28:f2:6e:7a:96:a8:11:14:1f:58:b8:e1:95:5a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f0e77d9c6ff68dca68f05df8f4675ee7bdcb0bc
Validity
Not Before: Aug 29 12:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84cc412a95c34ef7658c028d9623bcda7a03737f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:be:f1:6d:e9:b8:33:3c:f6:73:78:3b:cd:03:
9c:c3:de:1e:6c:7d:83:8c:63:d3:ea:43:f9:ff:d9:
dd:27:e1:83:47:15:4e:b0:81:1a:ea:0f:90:be:5f:
fa:d1:d8:a2:63:a0:4d:15:07:bf:69:aa:66:82:3a:
4d:29:c6:20:0c:e8:3e:30:f7:ee:06:c5:53:33:ef:
fd:07:65:94:93:e5:74:3f:31:8e:3f:fb:8d:4f:43:
92:19:c9:1e:f3:0c:1a:48:0a:81:a6:38:2c:20:eb:
45:1c:83:08:76:5f:db:d8:15:f9:ec:d0:a2:dd:9d:
3c:3d:0c:19:49:14:a3:83:26:71:35:43:b7:05:e1:
e8:70:e6:4f:cf:13:5e:4d:2a:a2:a7:8a:ec:6c:e2:
b4:7e:84:a5:29:b8:bf:1e:5c:46:12:ef:74:9f:f1:
83:60:05:99:d2:19:10:3e:ff:af:5e:de:9a:cb:20:
f7:89:fc:34:dc:0d:ee:31:f5:32:18:84:5a:da:2b:
c4:ed:2a:aa:bd:da:41:9b:70:60:fb:f1:32:ab:69:
09:40:1f:e4:04:13:ce:00:e5:98:7a:6b:2a:83:d1:
97:11:75:d0:ad:32:1f:a1:41:51:eb:56:c1:91:bf:
db:ff:8b:7a:e4:5d:f6:5a:97:44:30:49:b4:9e:04:
a4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CC:41:2A:95:C3:4E:F7:65:8C:02:8D:96:23:BC:DA:7A:03:73:7F
X509v3 Authority Key Identifier:
keyid:4F:0E:77:D9:C6:FF:68:DC:A6:8F:05:DF:8F:46:75:EE:7B:DC:B0:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tw532cb_aNymjwXfj0Z17nvcsLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/hMxBKpXDTvdljAKNliO82noDc38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3dc222-1206-4922-8890-455b19f766cc/1/Tw532cb_aNymjwXfj0Z17nvcsLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.39.192.0/20
77.39.216.0/22
85.119.176.0/21
185.109.188.0/22
212.66.96.0/19
IPv6:
2001:40d0::/32
Signature Algorithm: sha256WithRSAEncryption
84:c0:d8:69:ad:e6:a0:05:15:ec:b6:6b:e2:ff:a1:44:63:ad:
23:29:6e:52:fb:e5:b8:26:e3:7f:2f:77:c9:8b:15:f8:81:88:
a4:45:8a:b1:b9:57:45:e7:ac:41:aa:a5:b7:03:8a:df:e7:15:
82:0c:56:65:8d:db:cf:e5:c6:28:34:e9:2f:25:65:9b:c6:b8:
23:bb:52:07:bd:f4:98:7b:be:2a:ef:66:eb:d4:34:ff:b5:7a:
35:8d:0d:63:f3:d5:3b:64:24:12:32:16:af:c7:16:c0:5b:4b:
01:41:0d:be:ea:c8:f8:07:72:fd:45:e5:92:30:3d:c6:48:8d:
a4:a2:c1:0b:6f:f8:f7:ce:6f:10:8a:ea:36:a9:35:93:fb:7c:
25:77:e7:67:db:62:3f:2d:6f:3c:fd:d3:1b:6d:bd:89:4c:83:
f8:5d:08:8b:80:2b:d2:a5:af:51:f9:9c:71:cf:ac:09:a7:e3:
b0:1f:3a:22:fc:fe:99:a3:06:60:72:1e:58:bc:d3:8f:9b:1d:
98:38:24:a0:0e:18:a4:87:7b:27:54:a2:a0:39:c8:c5:da:83:
7f:dc:a6:db:ee:12:8e:bb:5e:0a:44:12:8b:54:74:d2:05:89:
9b:5a:24:4f:a8:45:1e:87:1f:69:52:30:03:ca:1a:c7:6d:59:
7a:1d:3d:4c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZGeKPJuepaoERQfWLjhlVoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMGU3N2Q5YzZmZjY4ZGNhNjhmMDVkZjhmNDY3NWVlN2Jk
Y2IwYmMwHhcNMjQwODI5MTI0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNjNDEyYTk1YzM0ZWY3NjU4YzAyOGQ5NjIzYmNkYTdhMDM3MzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir7xbem4Mzz2c3g7zQOcw94ebH2D
jGPT6kP5/9ndJ+GDRxVOsIEa6g+Qvl/60diiY6BNFQe/aapmgjpNKcYgDOg+MPfu
BsVTM+/9B2WUk+V0PzGOP/uNT0OSGcke8wwaSAqBpjgsIOtFHIMIdl/b2BX57NCi
3Z08PQwZSRSjgyZxNUO3BeHocOZPzxNeTSqip4rsbOK0foSlKbi/HlxGEu90n/GD
YAWZ0hkQPv+vXt6ayyD3ifw03A3uMfUyGIRa2ivE7SqqvdpBm3Bg+/Eyq2kJQB/k
BBPOAOWYemsqg9GXEXXQrTIfoUFR61bBkb/b/4t65F32WpdEMEm0ngSkaQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFITMQSqVw073ZYwCjZYjvNp6A3N/MB8GA1UdIwQY
MBaAFE8Od9nG/2jcpo8F349Gde573LC8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHc1MzJjYl9hTnltandYZmowWjE3bnZjc0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8zZGMyMjItMTIwNi00OTIyLTg4OTAt
NDU1YjE5Zjc2NmNjLzEvaE14QktwWERUdmRsakFLTmxpTzgybm9EYzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8zZGMyMjItMTIwNi00OTIyLTg4OTAtNDU1YjE5Zjc2NmNj
LzEvVHc1MzJjYl9hTnltandYZmowWjE3bnZjc0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQETSfAAwQC
TSfYAwQDVXewAwQCuW28AwQF1EJgMA0EAgACMAcDBQAgAUDQMA0GCSqGSIb3DQEB
CwUAA4IBAQCEwNhpreagBRXstmvi/6FEY60jKW5S++W4JuN/L3fJixX4gYikRYqx
uVdF56xBqqW3A4rf5xWCDFZljdvP5cYoNOkvJWWbxrgju1IHvfSYe74q72br1DT/
tXo1jQ1j89U7ZCQSMhavxxbAW0sBQQ2+6sj4B3L9ReWSMD3GSI2kosELb/j3zm8Q
iuo2qTWT+3wld+dn22I/LW88/dMbbb2JTIP4XQiLgCvSpa9R+Zxxz6wJp+OwHzoi
/P6ZowZgch5YvNOPmx2YOCSgDhikh3snVKKgOcjF2oN/3Kbb7hKOu14KRBKLVHTS
BYmbWiRPqEUehx9pUjADyhrHbVl6HT1M
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:50:57 2024 by rpki-client on console-ams.rpki-client.org