Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/shkDt-snog2DFv5Xf2-35fl3zR0.roa
File: shkDt-snog2DFv5Xf2-35fl3zR0.roa (raw, json)
Hash identifier: JafcexLoCzTr35kZEjOoFLAIN07goPPlMHtGbXP2dow=
Subject key identifier: B2:19:03:B7:EB:27:A2:0D:83:16:FE:57:7F:6F:B7:E5:F9:77:CD:1D
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01907BB7C24B6F4B96B5DC7EFE7D60D50005
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/shkDt-snog2DFv5Xf2-35fl3zR0.roa
Signing time: Thu 04 Jul 2024 03:09:18 +0000
ROA not before: Thu 04 Jul 2024 03:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6079
IP address blocks: 77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
121.127.48.0/21 maxlen: 24
168.75.224.0/20 maxlen: 24
176.222.48.0/22 maxlen: 24
194.149.76.0/22 maxlen: 24
198.14.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7b:b7:c2:4b:6f:4b:96:b5:dc:7e:fe:7d:60:d5:00:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 4 03:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b21903b7eb27a20d8316fe577f6fb7e5f977cd1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:9b:46:5c:b9:37:45:f4:0f:a2:5d:f0:6b:
d8:07:5d:69:ab:eb:68:d5:1b:85:35:b8:47:be:f2:
fb:40:92:5c:8f:aa:ab:c6:32:59:58:13:39:c7:da:
0c:f9:bc:9b:c3:35:db:cf:9b:f1:c2:cd:99:93:7b:
05:65:f7:65:d8:31:97:14:6f:20:aa:32:f7:43:a2:
a4:49:17:e1:3d:f1:35:1f:9d:d6:bd:34:1a:3f:ab:
f1:b5:d7:e3:50:c8:36:a9:ee:ac:fa:b7:7a:2f:af:
57:9a:1c:d2:dc:9a:95:da:50:81:4c:58:c1:06:24:
ad:9f:a6:5d:2e:75:49:2e:4f:4d:ef:d2:4b:15:b2:
a0:4e:5d:f7:40:db:bb:6c:2e:6e:3c:88:46:cb:f2:
af:a9:96:36:92:01:f2:c5:36:f4:2e:3d:79:87:aa:
bd:02:58:06:ab:9f:98:63:d0:e1:73:ec:3b:53:18:
d9:f2:b3:7c:96:14:f0:fd:b6:bf:7a:9c:76:db:9d:
64:0f:2a:68:7c:86:ff:57:b1:ef:30:5b:18:82:0c:
a1:e2:39:76:16:52:dd:6c:39:fe:b0:1f:ee:9b:8f:
46:63:35:c1:79:cb:e7:28:b7:c1:46:88:9c:37:15:
18:07:45:70:12:34:ff:06:31:6b:54:0a:cc:ba:11:
49:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:19:03:B7:EB:27:A2:0D:83:16:FE:57:7F:6F:B7:E5:F9:77:CD:1D
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/shkDt-snog2DFv5Xf2-35fl3zR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.200.0/23
79.139.64.0/23
121.127.48.0/21
168.75.224.0/20
176.222.48.0/22
194.149.76.0/22
198.14.16.0/20
Signature Algorithm: sha256WithRSAEncryption
64:e5:3b:11:c5:cc:27:9e:7a:fa:f9:17:09:22:7e:c6:3b:17:
32:1f:d6:f4:2e:a9:a0:71:e5:1f:c8:63:32:c9:d0:28:e0:35:
cf:d0:ad:01:af:b2:54:bc:db:d4:ca:9a:eb:31:06:75:8a:02:
27:ae:14:38:ea:fe:1a:c1:5c:56:27:a1:ab:9c:b7:3e:dd:0f:
e4:14:7f:23:06:d9:7a:1c:5c:f1:dd:84:c2:75:1c:79:5c:e9:
d6:89:d1:b5:20:a5:14:43:c5:96:3c:92:81:33:19:9c:1b:cf:
5a:94:bc:91:ec:22:85:5b:08:30:d3:de:23:7e:a9:94:a7:41:
4e:6d:c3:65:24:bd:fb:b7:52:d5:92:20:44:8a:f3:dc:e2:49:
fe:23:5e:53:35:58:88:1e:e1:60:c5:20:89:3d:ca:8d:f8:50:
79:ec:f3:83:e8:50:ec:96:a7:85:ff:d0:16:52:fe:89:f3:ca:
f4:d8:19:ea:10:d7:d8:b1:02:8d:26:d7:63:70:a8:19:1e:df:
13:97:1f:3d:89:a0:10:a7:cb:8d:a5:dc:8f:30:55:13:10:54:
16:3c:0f:b6:16:ef:dd:a1:c9:7b:2d:1a:00:2b:59:2e:7d:89:
f8:89:8e:15:c1:3c:e0:96:4a:f7:99:f5:01:63:76:f3:da:48:
31:ee:db:1d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZB7t8JLb0uWtdx+/n1g1QAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNzA0MDMwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjE5MDNiN2ViMjdhMjBkODMxNmZlNTc3ZjZmYjdlNWY5NzdjZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta2bRly5N0X0D6Jd8GvYB11pq+to
1RuFNbhHvvL7QJJcj6qrxjJZWBM5x9oM+bybwzXbz5vxws2Zk3sFZfdl2DGXFG8g
qjL3Q6KkSRfhPfE1H53WvTQaP6vxtdfjUMg2qe6s+rd6L69XmhzS3JqV2lCBTFjB
BiStn6ZdLnVJLk9N79JLFbKgTl33QNu7bC5uPIhGy/KvqZY2kgHyxTb0Lj15h6q9
AlgGq5+YY9Dhc+w7UxjZ8rN8lhTw/ba/epx2251kDypofIb/V7HvMFsYggyh4jl2
FlLdbDn+sB/um49GYzXBecvnKLfBRoicNxUYB0VwEjT/BjFrVArMuhFJBQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLIZA7frJ6INgxb+V39vt+X5d80dMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvc2hrRHQtc25vZzJERnY1WGYyLTM1ZmwzelIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBTd/IAwQB
T4tAAwQDeX8wAwQEqEvgAwQCsN4wAwQCwpVMAwQExg4QMA0GCSqGSIb3DQEBCwUA
A4IBAQBk5TsRxcwnnnr6+RcJIn7GOxcyH9b0LqmgceUfyGMyydAo4DXP0K0Br7JU
vNvUyprrMQZ1igInrhQ46v4awVxWJ6GrnLc+3Q/kFH8jBtl6HFzx3YTCdRx5XOnW
idG1IKUUQ8WWPJKBMxmcG89alLyR7CKFWwgw094jfqmUp0FObcNlJL37t1LVkiBE
ivPc4kn+I15TNViIHuFgxSCJPcqN+FB57POD6FDslqeF/9AWUv6J88r02BnqENfY
sQKNJtdjcKgZHt8Tlx89iaAQp8uNpdyPMFUTEFQWPA+2Fu/docl7LRoAK1kufYn4
iY4VwTzglkr3mfUBY3bz2kgx7tsd
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:40:30 2024 by rpki-client on console-ams.rpki-client.org