Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/CR9J4P3W6wqD5UcHN9EKxK9WgsM.roa
File: CR9J4P3W6wqD5UcHN9EKxK9WgsM.roa (raw, json)
Hash identifier: tm/IFVKPumpzRoLCLcUhB3urBRDBW5Bw74qLdKLw6Xo=
Subject key identifier: 09:1F:49:E0:FD:D6:EB:0A:83:E5:47:07:37:D1:0A:C4:AF:56:82:C3
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 018F2A0811EBB33306F9B5856EEAC31921CF
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/CR9J4P3W6wqD5UcHN9EKxK9WgsM.roa
Signing time: Mon 29 Apr 2024 13:25:22 +0000
ROA not before: Mon 29 Apr 2024 13:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34568
IP address blocks: 77.87.248.0/21 maxlen: 24
84.246.120.0/21 maxlen: 24
193.138.81.0/24 maxlen: 24
194.116.234.0/23 maxlen: 24
2a01:1f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:08:11:eb:b3:33:06:f9:b5:85:6e:ea:c3:19:21:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Apr 29 13:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=091f49e0fdd6eb0a83e5470737d10ac4af5682c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3a:bc:8e:05:e4:02:b4:64:4d:4d:65:2f:f0:
16:53:57:20:25:bf:36:1f:11:1e:4f:3a:a2:0c:fc:
40:04:53:b5:0b:9a:05:d7:3e:99:c3:04:55:1e:ff:
8d:1e:5e:42:41:fc:91:d7:f8:df:e6:cb:96:78:51:
8e:53:63:6b:2b:61:4b:f0:d7:8f:9e:28:eb:a2:c6:
4f:f6:6d:99:d7:8a:1e:94:70:fa:b9:dc:5d:82:d2:
8c:28:88:75:11:5a:de:c1:bb:c4:33:5b:e2:e2:82:
b6:d7:da:9b:0f:96:82:15:dd:56:13:12:5b:58:35:
f8:20:69:ae:e6:f8:39:89:53:cb:76:5c:ae:e4:b9:
3f:27:3e:b2:76:2b:55:61:b6:e3:f1:f2:7a:19:a6:
e2:9c:ba:51:cb:1a:b4:9c:f1:d7:8a:25:46:53:8c:
7f:98:9b:27:73:fa:b8:10:db:83:48:6c:38:cd:02:
1f:cd:0f:97:cc:51:e8:8e:19:1e:39:a7:77:27:b4:
97:77:77:bd:7b:67:eb:49:c4:79:e2:3e:22:d7:42:
17:ca:dd:f3:b0:fe:51:84:d6:d6:d9:39:af:11:76:
0d:3d:fc:6f:ed:1d:21:37:10:0e:90:53:3e:8c:dd:
d9:5e:b0:7e:dd:87:cd:89:b2:14:af:e1:05:34:6d:
2a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1F:49:E0:FD:D6:EB:0A:83:E5:47:07:37:D1:0A:C4:AF:56:82:C3
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/CR9J4P3W6wqD5UcHN9EKxK9WgsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.248.0/21
84.246.120.0/21
193.138.81.0/24
194.116.234.0/23
IPv6:
2a01:1f8::/32
Signature Algorithm: sha256WithRSAEncryption
02:ae:7a:52:15:fa:c2:e2:74:ac:d7:32:66:3f:e7:43:5c:7c:
d0:b1:bc:45:b3:1f:d5:1f:f4:42:9f:c8:53:b7:71:8d:c7:4f:
73:5b:f9:82:37:79:9a:a7:73:0a:5a:52:10:99:a8:03:af:7a:
48:59:5b:1e:a5:82:db:6d:52:6c:16:94:5b:01:2c:58:e0:d1:
97:c9:5d:26:2e:10:76:61:8e:54:26:ef:e4:89:ef:54:19:b8:
e2:33:15:c6:09:c4:23:c8:44:13:a1:04:fe:4d:36:cb:d2:2d:
43:3d:9d:00:66:75:04:2e:c8:7d:e0:bc:d1:a5:8d:ca:93:29:
07:b6:d1:ee:ea:b7:41:bd:df:23:c9:58:49:69:7d:66:7e:d3:
84:52:15:62:36:d8:8e:c4:c4:59:1f:c4:46:e4:88:3b:34:d1:
15:f1:46:6a:a1:77:bd:18:86:dd:2c:d5:d2:d5:93:d7:9a:87:
59:ad:2c:53:e5:44:f1:ec:f4:79:56:80:22:b5:02:be:ce:3e:
53:20:dc:38:be:d8:22:18:1f:8f:ca:23:3c:81:54:b9:84:ca:
e9:68:c9:cb:e0:3d:7e:af:48:86:2b:c0:21:31:2f:ef:f4:fe:
b9:fb:35:a7:c8:70:1c:c4:a6:92:8d:24:9d:15:46:45:f6:1f:
eb:e0:c9:3a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY8qCBHrszMG+bWFburDGSHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjQwNDI5MTMyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFmNDllMGZkZDZlYjBhODNlNTQ3MDczN2QxMGFjNGFmNTY4MmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDq8jgXkArRkTU1lL/AWU1cgJb82
HxEeTzqiDPxABFO1C5oF1z6ZwwRVHv+NHl5CQfyR1/jf5suWeFGOU2NrK2FL8NeP
nijrosZP9m2Z14oelHD6udxdgtKMKIh1EVrewbvEM1vi4oK219qbD5aCFd1WExJb
WDX4IGmu5vg5iVPLdlyu5Lk/Jz6yditVYbbj8fJ6GabinLpRyxq0nPHXiiVGU4x/
mJsnc/q4ENuDSGw4zQIfzQ+XzFHojhkeOad3J7SXd3e9e2frScR54j4i10IXyt3z
sP5RhNbW2TmvEXYNPfxv7R0hNxAOkFM+jN3ZXrB+3YfNibIUr+EFNG0q2QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAkfSeD91usKg+VHBzfRCsSvVoLDMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvQ1I5SjRQM1c2d3FENVVjSE45RUt4SzlXZ3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDTVf4AwQD
VPZ4AwQAwYpRAwQBwnTqMA0EAgACMAcDBQAqAQH4MA0GCSqGSIb3DQEBCwUAA4IB
AQACrnpSFfrC4nSs1zJmP+dDXHzQsbxFsx/VH/RCn8hTt3GNx09zW/mCN3map3MK
WlIQmagDr3pIWVsepYLbbVJsFpRbASxY4NGXyV0mLhB2YY5UJu/kie9UGbjiMxXG
CcQjyEQToQT+TTbL0i1DPZ0AZnUELsh94LzRpY3KkykHttHu6rdBvd8jyVhJaX1m
ftOEUhViNtiOxMRZH8RG5Ig7NNEV8UZqoXe9GIbdLNXS1ZPXmodZrSxT5UTx7PR5
VoAitQK+zj5TINw4vtgiGB+PyiM8gVS5hMrpaMnL4D1+r0iGK8AhMS/v9P65+zWn
yHAcxKaSjSSdFUZF9h/r4Mk6
-----END CERTIFICATE-----
Generated at Tue May 21 21:39:31 2024 by rpki-client on console-ams.rpki-client.org