Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/hGqJz3Ush7Sly1qTGYjyaCnLJc0.roa
File: hGqJz3Ush7Sly1qTGYjyaCnLJc0.roa (raw, json)
Hash identifier: YNotQS9DP1Ycl8DJgRYsYkx8agIsCPTB1+yYqpeoxsA=
Subject key identifier: 84:6A:89:CF:75:2C:87:B4:A5:CB:5A:93:19:88:F2:68:29:CB:25:CD
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 018F11201E802702F686DFA8422A1BE370AD
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/hGqJz3Ush7Sly1qTGYjyaCnLJc0.roa
Signing time: Wed 24 Apr 2024 17:21:08 +0000
ROA not before: Wed 24 Apr 2024 17:21:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201476
IP address blocks: 77.104.194.0/24 maxlen: 24
77.104.210.0/24 maxlen: 24
77.104.216.0/24 maxlen: 24
77.104.223.0/24 maxlen: 24
77.104.240.0/24 maxlen: 24
77.104.245.0/24 maxlen: 24
94.138.116.0/22 maxlen: 22
94.138.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:11:20:1e:80:27:02:f6:86:df:a8:42:2a:1b:e3:70:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Apr 24 17:21:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=846a89cf752c87b4a5cb5a931988f26829cb25cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:80:17:35:88:ea:ca:32:95:1c:9f:e3:72:0e:
f8:64:61:8b:6f:7c:ad:87:86:65:c6:42:5f:a9:d5:
96:cb:76:2b:a8:5b:fc:32:b6:24:40:4f:13:49:48:
b4:4f:b6:ee:94:7e:04:0f:87:66:14:3f:e6:a8:f8:
ac:cd:29:a3:21:26:d0:f1:71:59:19:94:e9:62:f5:
77:c7:1f:8e:21:8e:3d:85:12:8c:86:64:73:c1:3b:
ba:37:78:24:a7:77:e2:a7:03:c0:b0:87:e7:d4:c5:
8f:15:0c:a0:3b:8c:cf:e2:78:25:f3:f8:fc:dd:29:
6a:4c:83:35:29:f5:5f:31:85:9d:37:73:aa:52:f7:
55:12:f0:06:69:cc:02:67:82:e3:ad:6f:9a:ce:65:
8c:00:5e:d6:cd:d6:37:3b:9b:c8:3f:a4:40:2d:04:
83:28:2e:d9:a8:df:6c:6d:a7:9c:ca:38:ca:27:5b:
3a:a7:51:15:35:cf:ce:32:98:6a:ea:3f:ac:40:62:
8b:e7:9b:16:fa:18:f0:46:da:8c:f8:e9:63:00:52:
62:70:75:df:78:43:ea:d6:c1:0f:30:e9:2c:a4:7d:
ce:2c:bb:bc:ee:1d:35:a9:7e:29:12:1d:19:f4:ee:
49:23:7f:fe:d9:ad:3e:78:f9:3b:66:de:66:de:a3:
3b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:6A:89:CF:75:2C:87:B4:A5:CB:5A:93:19:88:F2:68:29:CB:25:CD
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/hGqJz3Ush7Sly1qTGYjyaCnLJc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.104.194.0/24
77.104.210.0/24
77.104.216.0/24
77.104.223.0/24
77.104.240.0/24
77.104.245.0/24
94.138.116.0-94.138.123.255
Signature Algorithm: sha256WithRSAEncryption
59:58:6a:cb:69:4e:ca:3b:a1:78:d1:54:d9:66:4d:a8:cc:03:
89:a0:c0:ea:76:b7:53:ba:8a:05:3d:b4:3f:d7:d6:6c:47:a5:
c7:c4:65:86:6b:72:57:b4:1d:7b:8b:6e:85:3c:9f:03:18:9e:
bb:83:67:1f:25:dc:94:82:97:03:90:aa:a9:66:ac:2a:dd:ec:
ac:ab:2e:6a:b2:95:70:58:ff:b1:ad:53:a0:b0:a8:55:1e:28:
32:14:40:86:53:e5:7e:e8:f7:3a:fc:62:e0:5f:dd:d6:28:83:
ff:37:60:12:f4:d3:13:aa:0d:93:28:94:0b:af:5d:7a:3c:03:
02:07:c0:61:c7:7e:18:5f:71:2f:de:11:a3:4b:77:cc:17:0b:
ea:4d:7d:ae:ef:f7:10:aa:c5:77:3c:86:a3:d5:3c:ad:2f:fa:
15:5e:ed:86:ae:0a:43:5b:f1:37:29:0f:a5:1d:b5:14:10:c3:
83:15:d8:15:2e:39:bc:95:90:af:ca:da:ce:c0:6e:94:25:c4:
45:3c:0a:12:91:a0:fe:32:42:12:9c:28:ea:23:b1:f4:57:f7:
7e:c8:e6:70:70:58:4e:fd:b6:40:77:9e:4e:74:c5:a2:f1:e4:
ad:0c:ab:04:51:c8:0f:19:f3:07:98:7d:7f:71:d5:db:8c:f3:
20:bf:13:3f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY8RIB6AJwL2ht+oQiob43CtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjQwNDI0MTcyMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDZhODljZjc1MmM4N2I0YTVjYjVhOTMxOTg4ZjI2ODI5Y2IyNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4AXNYjqyjKVHJ/jcg74ZGGLb3yt
h4ZlxkJfqdWWy3YrqFv8MrYkQE8TSUi0T7bulH4ED4dmFD/mqPiszSmjISbQ8XFZ
GZTpYvV3xx+OIY49hRKMhmRzwTu6N3gkp3fipwPAsIfn1MWPFQygO4zP4ngl8/j8
3SlqTIM1KfVfMYWdN3OqUvdVEvAGacwCZ4LjrW+azmWMAF7WzdY3O5vIP6RALQSD
KC7ZqN9sbaecyjjKJ1s6p1EVNc/OMphq6j+sQGKL55sW+hjwRtqM+OljAFJicHXf
eEPq1sEPMOkspH3OLLu87h01qX4pEh0Z9O5JI3/+2a0+ePk7Zt5m3qM7KQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIRqic91LIe0pctakxmI8mgpyyXNMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvaEdxSnozVXNoN1NseTFxVEdZanlhQ25MSmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQATWjCAwQA
TWjSAwQATWjYAwQATWjfAwQATWjwAwQATWj1MAwDBAJeinQDBAJeingwDQYJKoZI
hvcNAQELBQADggEBAFlYastpTso7oXjRVNlmTajMA4mgwOp2t1O6igU9tD/X1mxH
pcfEZYZrcle0HXuLboU8nwMYnruDZx8l3JSClwOQqqlmrCrd7KyrLmqylXBY/7Gt
U6CwqFUeKDIUQIZT5X7o9zr8YuBf3dYog/83YBL00xOqDZMolAuvXXo8AwIHwGHH
fhhfcS/eEaNLd8wXC+pNfa7v9xCqxXc8hqPVPK0v+hVe7YauCkNb8TcpD6UdtRQQ
w4MV2BUuObyVkK/K2s7AbpQlxEU8ChKRoP4yQhKcKOojsfRX937I5nBwWE79tkB3
nk50xaLx5K0MqwRRyA8Z8weYfX9x1duM8yC/Ez8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:22 2024 by rpki-client on console-fra.rpki-client.org