Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/pS8ZO3CoTk9BBc8hu93he1xWE70.roa
File: pS8ZO3CoTk9BBc8hu93he1xWE70.roa (raw, json)
Hash identifier: RaNXhnJXgtOAQIp5ptUPBAp6fv2h44JveH7XxhY58O0=
Subject key identifier: A5:2F:19:3B:70:A8:4E:4F:41:05:CF:21:BB:DD:E1:7B:5C:56:13:BD
Certificate issuer: /CN=8ad2930d1fe1dd430491fd7b831de9c61692ade4
Certificate serial: 018E00D9F6F2059FBFF28987180FAE777935
Authority key identifier: 8A:D2:93:0D:1F:E1:DD:43:04:91:FD:7B:83:1D:E9:C6:16:92:AD:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/pS8ZO3CoTk9BBc8hu93he1xWE70.roa
Signing time: Sat 02 Mar 2024 20:27:48 +0000
ROA not before: Sat 02 Mar 2024 20:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199276
IP address blocks: 77.247.88.0/24 maxlen: 24
77.247.89.0/24 maxlen: 24
77.247.91.0/24 maxlen: 24
77.247.92.0/24 maxlen: 24
77.247.93.0/24 maxlen: 24
77.247.94.0/24 maxlen: 24
77.247.95.0/24 maxlen: 24
2a13:bc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 05:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:00:d9:f6:f2:05:9f:bf:f2:89:87:18:0f:ae:77:79:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad2930d1fe1dd430491fd7b831de9c61692ade4
Validity
Not Before: Mar 2 20:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a52f193b70a84e4f4105cf21bbdde17b5c5613bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2e:b8:9d:b7:54:aa:32:af:cc:8b:7b:4e:36:
cd:fd:2c:9d:d4:24:04:9f:b9:25:60:5b:f6:25:f6:
32:64:65:14:23:a4:f6:79:04:e9:55:54:11:fb:c3:
cf:bd:fa:5a:8a:0e:cb:dc:89:b8:ec:a2:38:f2:86:
02:94:93:82:8a:f4:89:cb:1a:a0:35:3f:f7:f6:eb:
12:ab:5d:db:67:90:fc:6f:5f:5d:ee:69:7c:53:b6:
f7:33:60:61:6d:87:6d:fd:f7:39:0d:81:83:3d:da:
af:17:64:27:27:9b:7e:02:b7:bc:76:a3:b0:57:4c:
a8:b0:06:76:16:77:4d:da:80:f7:05:1f:d4:c6:33:
06:88:f4:65:6e:4b:ba:05:21:ef:09:10:d0:e6:5b:
cf:c9:6a:ed:37:fe:d3:e7:9e:1f:60:d3:98:af:7d:
a7:03:86:1e:4d:2a:75:c6:58:da:9a:d6:9c:a5:f6:
d3:ef:69:af:0d:d3:24:56:7b:a1:d0:dd:7a:a6:f7:
85:ca:68:c2:d8:90:bc:22:d7:35:23:97:c7:54:e5:
2a:71:9b:a4:fc:c0:53:4f:a3:62:94:90:51:5a:de:
af:b2:4a:76:b7:13:65:ba:80:ee:7f:5d:48:b5:90:
5e:5b:2a:00:ba:b7:a5:b9:24:84:03:bb:f2:b4:e5:
fa:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:2F:19:3B:70:A8:4E:4F:41:05:CF:21:BB:DD:E1:7B:5C:56:13:BD
X509v3 Authority Key Identifier:
keyid:8A:D2:93:0D:1F:E1:DD:43:04:91:FD:7B:83:1D:E9:C6:16:92:AD:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itKTDR_h3UMEkf17gx3pxhaSreQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/pS8ZO3CoTk9BBc8hu93he1xWE70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/be7894-0ccc-4fbd-880b-9758cb2b844e/1/itKTDR_h3UMEkf17gx3pxhaSreQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.88.0/23
77.247.91.0-77.247.95.255
IPv6:
2a13:bc00::/29
Signature Algorithm: sha256WithRSAEncryption
08:ff:31:1e:0e:52:d9:cf:e1:b1:9f:af:89:be:70:8b:0b:60:
10:ff:93:f5:03:a0:c3:ef:a7:93:79:35:46:31:d4:ad:00:0f:
09:af:43:55:3c:9d:aa:5f:8f:6d:cd:8b:e9:77:62:b3:6c:46:
08:2d:99:3b:db:4b:16:9d:16:eb:cc:6d:95:48:d5:aa:fa:43:
74:a2:37:7c:70:1e:e0:83:f7:8a:21:71:d1:81:3a:27:ad:ff:
46:de:3b:4a:45:46:c4:e8:23:a6:ea:62:5f:c2:c3:a0:01:31:
e0:07:be:2a:18:2b:fd:ac:3c:fe:d5:1b:28:03:10:55:64:cb:
76:25:41:6b:63:c4:c3:f2:b4:3f:8c:08:2a:0e:2d:73:9c:b3:
8a:23:6b:46:04:33:b1:f4:8a:18:55:b1:8d:08:7c:fa:78:7a:
3e:1d:68:13:b2:cb:6d:65:41:e9:9d:6c:a2:77:e0:1f:97:43:
a3:33:88:b7:82:73:4e:07:55:b4:54:56:af:28:c4:19:bf:91:
6e:ed:8e:56:f3:85:93:4e:10:e3:ca:d3:c6:c8:74:17:f9:8b:
e9:c5:bf:a2:3a:30:3e:64:c5:70:d4:7a:55:aa:7f:81:15:57:
16:69:d5:b6:d5:7a:fa:75:4a:7e:67:bd:7a:21:3b:b4:0d:4a:
fc:56:75:da
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY4A2fbyBZ+/8omHGA+ud3k1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI5MzBkMWZlMWRkNDMwNDkxZmQ3YjgzMWRlOWM2MTY5
MmFkZTQwHhcNMjQwMzAyMjAyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTJmMTkzYjcwYTg0ZTRmNDEwNWNmMjFiYmRkZTE3YjVjNTYxM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwy64nbdUqjKvzIt7TjbN/Syd1CQE
n7klYFv2JfYyZGUUI6T2eQTpVVQR+8PPvfpaig7L3Im47KI48oYClJOCivSJyxqg
NT/39usSq13bZ5D8b19d7ml8U7b3M2BhbYdt/fc5DYGDPdqvF2QnJ5t+Are8dqOw
V0yosAZ2FndN2oD3BR/UxjMGiPRlbku6BSHvCRDQ5lvPyWrtN/7T554fYNOYr32n
A4YeTSp1xljamtacpfbT72mvDdMkVnuh0N16pveFymjC2JC8Itc1I5fHVOUqcZuk
/MBTT6NilJBRWt6vskp2txNluoDuf11ItZBeWyoAureluSSEA7vytOX6cQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKUvGTtwqE5PQQXPIbvd4XtcVhO9MB8GA1UdIwQY
MBaAFIrSkw0f4d1DBJH9e4Md6cYWkq3kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9iZTc4OTQtMGNjYy00ZmJkLTg4MGIt
OTc1OGNiMmI4NDRlLzEvcFM4Wk8zQ29UazlCQmM4aHU5M2hlMXhXRTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9iZTc4OTQtMGNjYy00ZmJkLTg4MGItOTc1OGNiMmI4NDRl
LzEvaXRLVERSX2gzVU1Fa2YxN2d4M3B4aGFTcmVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQBTfdYMAwD
BABN91sDBAVN90AwDQQCAAIwBwMFAyoTvAAwDQYJKoZIhvcNAQELBQADggEBAAj/
MR4OUtnP4bGfr4m+cIsLYBD/k/UDoMPvp5N5NUYx1K0ADwmvQ1U8napfj23Ni+l3
YrNsRggtmTvbSxadFuvMbZVI1ar6Q3SiN3xwHuCD94ohcdGBOiet/0beO0pFRsTo
I6bqYl/Cw6ABMeAHvioYK/2sPP7VGygDEFVky3YlQWtjxMPytD+MCCoOLXOcs4oj
a0YEM7H0ihhVsY0IfPp4ej4daBOyy21lQemdbKJ34B+XQ6MziLeCc04HVbRUVq8o
xBm/kW7tjlbzhZNOEOPK08bIdBf5i+nFv6I6MD5kxXDUelWqf4EVVxZp1bbVevp1
Sn5nvXohO7QNSvxWddo=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:54:16 2024 by rpki-client on console-ams.rpki-client.org