Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/oJP9aRVXoFLy2i2dSXudjMQgeyE.roa
File: oJP9aRVXoFLy2i2dSXudjMQgeyE.roa (raw, json)
Hash identifier: NIYmJYFdna9ZhYk4I3xXPQsMYGuyZ8U/wz3qjlpzxoU=
Subject key identifier: A0:93:FD:69:15:57:A0:52:F2:DA:2D:9D:49:7B:9D:8C:C4:20:7B:21
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018CC94AACEE127547E1435B25E041C0BC0C
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/oJP9aRVXoFLy2i2dSXudjMQgeyE.roa
Signing time: Tue 02 Jan 2024 08:29:23 +0000
ROA not before: Tue 02 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6079
IP address blocks: 77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
121.127.48.0/21 maxlen: 24
168.75.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 02:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:ac:ee:12:75:47:e1:43:5b:25:e0:41:c0:bc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 2 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a093fd691557a052f2da2d9d497b9d8cc4207b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a2:de:1c:81:01:a5:60:6d:ec:71:8c:9b:d8:
21:11:d8:d1:61:8d:b7:be:3c:44:da:96:cf:b2:71:
4f:54:8b:64:25:cc:99:24:77:4e:44:c2:7f:21:9b:
ca:9a:ee:97:11:7e:c4:49:19:99:5a:46:af:13:7c:
45:f0:86:6c:30:6c:fb:ce:64:d9:05:62:c5:7e:59:
b2:22:18:65:00:44:95:81:16:d9:aa:14:78:d5:12:
48:75:47:4e:48:24:53:62:10:54:9c:70:4d:e3:85:
ad:90:dc:b0:cc:16:02:d0:29:cb:42:e3:b5:5f:8e:
14:bc:e6:8b:68:ad:a6:5b:e6:17:ce:7a:f6:b5:42:
51:0b:8d:13:f5:82:ab:a0:3b:33:33:43:a1:94:38:
0e:d9:73:e8:63:24:82:1c:a0:26:73:d7:1f:ad:00:
9c:15:e1:58:86:37:8a:18:87:c5:87:a4:bc:a0:55:
92:6b:31:5c:21:86:30:dc:28:b1:5b:21:f4:09:44:
95:43:b9:fa:9d:35:93:85:0d:c2:42:1e:ba:5e:62:
5d:8e:3c:e1:b7:93:1a:b4:ff:38:2b:95:35:1e:ab:
02:31:9b:3e:f6:f9:42:60:67:b9:ff:0f:47:5a:56:
89:fa:0f:24:01:42:86:5e:cd:f7:e8:8d:fb:e9:85:
9a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:93:FD:69:15:57:A0:52:F2:DA:2D:9D:49:7B:9D:8C:C4:20:7B:21
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/oJP9aRVXoFLy2i2dSXudjMQgeyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.200.0/23
79.139.64.0/23
121.127.48.0/21
168.75.224.0/20
176.222.48.0/22
Signature Algorithm: sha256WithRSAEncryption
62:f2:da:3c:0f:c6:6c:40:32:ec:56:b0:b6:40:f9:71:32:83:
bb:0c:71:f2:f8:97:98:fd:6a:fa:96:bc:f7:40:0a:e7:eb:23:
59:ac:04:52:e5:b9:2a:61:0d:66:60:0f:36:d7:ea:59:dc:7c:
88:b2:8c:2d:8f:16:c5:8b:d1:0d:b5:37:41:68:cc:9f:2a:22:
8f:57:af:cf:57:fb:c3:4a:3b:63:7e:64:9d:61:25:8f:cc:e8:
c7:75:4e:b9:de:91:eb:8f:46:5f:d9:7a:1e:31:f3:1f:45:d0:
f6:ff:70:42:b7:36:6f:3d:98:dc:e4:4f:c6:74:93:b3:11:30:
20:1e:2b:e7:d9:01:29:4f:b4:e6:98:d2:16:b1:a8:4f:12:ec:
52:e0:d7:a4:f2:4b:ec:ac:be:5f:12:78:a8:61:3d:c9:5b:a7:
2e:18:95:2d:2f:fa:3f:0c:03:87:8a:fb:08:a7:83:6e:7c:74:
31:6d:ec:68:e4:2a:5a:6a:0f:c8:40:cb:36:5d:f3:2d:13:f2:
02:9d:d8:b3:69:e8:33:55:1e:5f:5e:8d:ee:d1:ae:6b:9d:44:
37:68:54:eb:2a:82:04:fc:87:ea:01:76:0d:a6:30:d1:3f:b6:
0d:58:77:5a:92:df:83:eb:c3:fa:27:55:03:69:f2:7a:f7:25:
a6:b7:03:d4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJSqzuEnVH4UNbJeBBwLwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwMTAyMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkzZmQ2OTE1NTdhMDUyZjJkYTJkOWQ0OTdiOWQ4Y2M0MjA3YjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqLeHIEBpWBt7HGMm9ghEdjRYY23
vjxE2pbPsnFPVItkJcyZJHdORMJ/IZvKmu6XEX7ESRmZWkavE3xF8IZsMGz7zmTZ
BWLFflmyIhhlAESVgRbZqhR41RJIdUdOSCRTYhBUnHBN44WtkNywzBYC0CnLQuO1
X44UvOaLaK2mW+YXznr2tUJRC40T9YKroDszM0OhlDgO2XPoYySCHKAmc9cfrQCc
FeFYhjeKGIfFh6S8oFWSazFcIYYw3CixWyH0CUSVQ7n6nTWThQ3CQh66XmJdjjzh
t5MatP84K5U1HqsCMZs+9vlCYGe5/w9HWlaJ+g8kAUKGXs336I376YWaGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKCT/WkVV6BS8totnUl7nYzEIHshMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvb0pQOWFSVlhvRkx5MmkyZFNYdWRqTVFnZXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBTd/IAwQB
T4tAAwQDeX8wAwQEqEvgAwQCsN4wMA0GCSqGSIb3DQEBCwUAA4IBAQBi8to8D8Zs
QDLsVrC2QPlxMoO7DHHy+JeY/Wr6lrz3QArn6yNZrARS5bkqYQ1mYA821+pZ3HyI
sowtjxbFi9ENtTdBaMyfKiKPV6/PV/vDSjtjfmSdYSWPzOjHdU653pHrj0Zf2Xoe
MfMfRdD2/3BCtzZvPZjc5E/GdJOzETAgHivn2QEpT7TmmNIWsahPEuxS4Nek8kvs
rL5fEnioYT3JW6cuGJUtL/o/DAOHivsIp4NufHQxbexo5Cpaag/IQMs2XfMtE/IC
ndizaegzVR5fXo3u0a5rnUQ3aFTrKoIE/IfqAXYNpjDRP7YNWHdakt+D68P6J1UD
afJ69yWmtwPU
-----END CERTIFICATE-----
Generated at Sun May 19 06:40:27 2024 by rpki-client on console-fra.rpki-client.org