Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/PO88PbD0mkL4SwQ0Fbegx8I8ycQ.roa
File: PO88PbD0mkL4SwQ0Fbegx8I8ycQ.roa (raw, json)
Hash identifier: YlK127R8QDHKSvyUNPNI8AvctFDCSybwAT3D+fBWczU=
Subject key identifier: 3C:EF:3C:3D:B0:F4:9A:42:F8:4B:04:34:15:B7:A0:C7:C2:3C:C9:C4
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 018E7498F5C407CB0379563E23D9F0647FED
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/PO88PbD0mkL4SwQ0Fbegx8I8ycQ.roa
Signing time: Mon 25 Mar 2024 07:52:45 +0000
ROA not before: Mon 25 Mar 2024 07:52:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212341
IP address blocks: 77.87.185.0/24 maxlen: 24
185.66.176.0/22 maxlen: 22
185.66.178.0/24 maxlen: 24
2a05:900::/32 maxlen: 32
2a05:901::/32 maxlen: 32
2a05:902::/32 maxlen: 32
2a05:903::/32 maxlen: 32
2a05:904::/32 maxlen: 32
2a05:905::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:98:f5:c4:07:cb:03:79:56:3e:23:d9:f0:64:7f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Mar 25 07:52:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cef3c3db0f49a42f84b043415b7a0c7c23cc9c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f9:f7:12:e4:4f:20:30:6e:38:de:f2:7d:8f:
aa:c5:88:3a:41:55:5d:70:21:ff:84:d5:1f:c7:c5:
2d:f1:99:a5:30:2f:33:67:e8:fd:25:aa:c8:df:f0:
e2:b0:2e:a6:40:f5:f7:ee:71:d5:23:e9:ed:1e:38:
41:e1:59:f4:b5:94:ef:6f:bd:de:27:c6:90:c9:96:
93:b6:0e:dc:eb:49:ff:d0:7b:68:b4:f3:73:dc:54:
2b:07:70:68:98:1f:e2:11:09:92:17:bb:e3:86:bf:
dc:9d:dd:aa:fe:88:86:56:4d:1c:12:0b:11:29:78:
44:e1:2c:72:a6:7d:7a:3c:d3:70:08:01:e2:4a:ab:
f8:73:3c:ba:b4:01:46:14:7c:4f:d9:17:90:05:cc:
c9:aa:c8:ad:39:00:71:d6:70:d5:47:da:5b:54:04:
0e:41:4d:df:62:b4:de:ae:56:ca:59:56:e9:5e:16:
84:c1:b7:4a:46:e4:d9:53:fc:50:7d:b0:fc:d4:68:
80:37:ca:7d:79:14:24:e6:7d:91:97:45:a8:2d:8d:
03:e2:94:ab:f4:ab:76:ce:71:61:8e:23:56:5c:03:
c2:c5:7d:66:7f:a2:53:50:5d:90:1a:1b:94:8d:a0:
a4:bf:96:73:a2:61:db:64:25:7c:93:d0:7c:12:bc:
63:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:EF:3C:3D:B0:F4:9A:42:F8:4B:04:34:15:B7:A0:C7:C2:3C:C9:C4
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/PO88PbD0mkL4SwQ0Fbegx8I8ycQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.185.0/24
185.66.176.0/22
IPv6:
2a05:900::-2a05:905:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
72:d8:87:32:aa:50:5c:00:4a:9f:14:05:3b:cb:3d:96:8c:53:
5b:f9:13:cd:bf:2e:de:86:df:c0:b4:d6:0d:87:77:58:e9:85:
6b:65:f6:c4:63:38:5d:60:da:6a:33:22:71:42:b2:71:85:6c:
c5:da:8a:72:25:35:f0:fa:56:de:1f:4b:9f:53:25:6d:e2:aa:
2a:7b:d8:a0:e6:e3:5e:01:c3:8d:90:c3:e6:33:7e:47:98:cf:
69:a3:64:03:90:c0:12:01:52:2c:59:5e:89:78:d3:66:8d:99:
ee:c8:65:9e:d5:92:a7:cf:4c:d0:e6:b6:a4:cc:23:62:a1:37:
7b:e6:39:d0:f2:2c:7c:3a:8f:3c:60:4f:61:d8:9e:05:8a:bf:
f8:02:d7:7a:91:87:76:71:f5:c4:a5:fb:74:66:f8:b4:ce:0c:
3a:37:aa:61:64:5c:96:0b:63:4d:05:7e:a0:62:93:b6:4d:c0:
66:64:86:8c:a8:78:42:1c:0e:a8:ad:3c:70:ba:71:a2:4f:fa:
77:94:cc:81:c0:53:d8:73:45:c7:47:14:d6:00:93:6b:f4:5b:
22:01:77:b6:ce:b8:fb:96:90:52:91:92:17:a8:27:30:28:02:
bb:0d:07:0f:d4:c6:20:7f:58:75:c5:f5:d7:86:e5:d3:f8:3d:
9f:88:fa:53
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY50mPXEB8sDeVY+I9nwZH/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjQwMzI1MDc1MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2VmM2MzZGIwZjQ5YTQyZjg0YjA0MzQxNWI3YTBjN2MyM2NjOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPn3EuRPIDBuON7yfY+qxYg6QVVd
cCH/hNUfx8Ut8ZmlMC8zZ+j9JarI3/DisC6mQPX37nHVI+ntHjhB4Vn0tZTvb73e
J8aQyZaTtg7c60n/0HtotPNz3FQrB3BomB/iEQmSF7vjhr/cnd2q/oiGVk0cEgsR
KXhE4Sxypn16PNNwCAHiSqv4czy6tAFGFHxP2ReQBczJqsitOQBx1nDVR9pbVAQO
QU3fYrTerlbKWVbpXhaEwbdKRuTZU/xQfbD81GiAN8p9eRQk5n2Rl0WoLY0D4pSr
9Kt2znFhjiNWXAPCxX1mf6JTUF2QGhuUjaCkv5ZzomHbZCV8k9B8ErxjGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDzvPD2w9JpC+EsENBW3oMfCPMnEMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvUE84OFBiRDBta0w0U3dRMEZiZWd4OEk4eWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzASBAIAATAMAwQATVe5AwQC
uUKwMBUEAgACMA8wDQMEACoFCQMFASoFCQQwDQYJKoZIhvcNAQELBQADggEBAHLY
hzKqUFwASp8UBTvLPZaMU1v5E82/Lt6G38C01g2Hd1jphWtl9sRjOF1g2mozInFC
snGFbMXainIlNfD6Vt4fS59TJW3iqip72KDm414Bw42Qw+YzfkeYz2mjZAOQwBIB
UixZXol402aNme7IZZ7VkqfPTNDmtqTMI2KhN3vmOdDyLHw6jzxgT2HYngWKv/gC
13qRh3Zx9cSl+3Rm+LTODDo3qmFkXJYLY00FfqBik7ZNwGZkhoyoeEIcDqitPHC6
caJP+neUzIHAU9hzRcdHFNYAk2v0WyIBd7bOuPuWkFKRkheoJzAoArsNBw/UxiB/
WHXF9deG5dP4PZ+I+lM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:25:02 2024 by rpki-client on console-ams.rpki-client.org