Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/IBxHLexGPIDYbWmV2bbwOY0sNu0.roa
File: IBxHLexGPIDYbWmV2bbwOY0sNu0.roa (raw, json)
Hash identifier: KJ2WIgJohuhqKFXfbVuKAlsgVN1DO6ZcQKcVdFbmsQs=
Subject key identifier: 20:1C:47:2D:EC:46:3C:80:D8:6D:69:95:D9:B6:F0:39:8D:2C:36:ED
Certificate issuer: /CN=2edec9a2096dec103bae2d7c3796e0d47085c202
Certificate serial: 018E61532EEBCE6C29B67F26FA21EDACA9D8
Authority key identifier: 2E:DE:C9:A2:09:6D:EC:10:3B:AE:2D:7C:37:96:E0:D4:70:85:C2:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lt7Joglt7BA7ri18N5bg1HCFwgI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/IBxHLexGPIDYbWmV2bbwOY0sNu0.roa
Signing time: Thu 21 Mar 2024 14:03:45 +0000
ROA not before: Thu 21 Mar 2024 14:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57619
IP address blocks: 77.71.112.0/24 maxlen: 24
77.71.113.0/24 maxlen: 24
77.71.114.0/24 maxlen: 24
77.71.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/Lt7Joglt7BA7ri18N5bg1HCFwgI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/Lt7Joglt7BA7ri18N5bg1HCFwgI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lt7Joglt7BA7ri18N5bg1HCFwgI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:53:2e:eb:ce:6c:29:b6:7f:26:fa:21:ed:ac:a9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2edec9a2096dec103bae2d7c3796e0d47085c202
Validity
Not Before: Mar 21 14:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=201c472dec463c80d86d6995d9b6f0398d2c36ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:8a:4f:73:7b:dc:6b:38:a5:8f:db:e2:71:
8d:a6:35:31:12:9e:4e:e9:e7:f8:07:fe:de:28:d6:
26:0c:f2:e4:3e:a8:68:65:09:20:3c:3e:37:eb:f1:
76:91:37:5b:59:a8:25:c1:8b:ca:63:5f:64:67:a0:
cf:fa:9b:78:4c:05:8c:90:9e:62:93:6c:27:4e:49:
51:d1:78:39:35:fc:f9:a5:09:2c:5b:3e:0e:84:e0:
a7:6c:6e:e6:7f:53:9f:52:36:dc:64:7a:d9:e4:11:
c3:29:a2:66:c1:f2:72:c8:66:b0:97:21:30:46:9c:
d0:07:d6:9d:26:d5:91:37:c4:1b:cb:bc:c6:74:12:
11:38:82:f4:d1:26:01:bc:c8:15:a8:49:50:c3:2f:
c9:fa:f4:39:03:64:63:a8:b8:3a:3e:e5:90:97:37:
a5:e4:57:9b:b6:ba:f6:6f:04:b7:17:02:72:ca:bd:
a4:eb:d2:e9:1b:9e:29:e2:ee:47:3c:d0:58:12:69:
42:68:97:20:7c:90:f6:48:ab:80:16:26:1e:35:76:
15:2c:47:30:eb:00:11:11:a4:11:9e:d6:a2:a3:b0:
7a:5b:02:c3:bd:3e:df:b3:bf:5b:31:d5:14:37:66:
41:3d:15:0f:8d:50:5e:21:d9:44:5e:f1:62:f3:46:
bf:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:1C:47:2D:EC:46:3C:80:D8:6D:69:95:D9:B6:F0:39:8D:2C:36:ED
X509v3 Authority Key Identifier:
keyid:2E:DE:C9:A2:09:6D:EC:10:3B:AE:2D:7C:37:96:E0:D4:70:85:C2:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lt7Joglt7BA7ri18N5bg1HCFwgI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/IBxHLexGPIDYbWmV2bbwOY0sNu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/df0d37-4f65-439d-a531-057d7af0aef4/1/Lt7Joglt7BA7ri18N5bg1HCFwgI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.71.112.0/22
Signature Algorithm: sha256WithRSAEncryption
17:d2:c5:14:a0:6b:51:84:0c:e5:ee:9c:b6:5f:08:ca:5f:48:
32:01:5b:55:b4:17:cd:0c:e8:6c:a2:cd:d5:93:1c:be:21:99:
6e:80:5f:f1:88:34:15:0e:e0:0f:58:ed:fe:f8:f2:20:a2:dd:
6b:9d:02:eb:74:85:94:fc:59:df:bd:46:6e:97:38:61:58:38:
9b:81:6b:cd:fd:1e:83:cc:e9:f0:36:47:5b:b8:f9:f2:89:3e:
4d:d9:df:dd:f9:29:96:80:fe:50:d6:e1:bc:c1:0d:cb:c6:83:
57:c9:4e:4d:35:70:b0:0e:65:37:81:be:8a:40:7e:6d:3f:62:
96:75:cf:a3:9e:21:3c:d0:53:a8:6c:8c:ba:31:e0:25:14:04:
1c:d1:e8:5a:59:70:ee:87:05:d1:02:b8:70:31:45:ea:3b:39:
2d:d7:fb:69:7d:7e:a4:b0:29:72:be:44:b6:3f:c5:22:a0:b3:
66:7b:93:ac:68:a7:c4:74:31:8f:61:98:33:1a:33:3d:04:60:
95:48:1d:c8:af:77:26:f4:4c:6a:a1:81:f5:84:46:21:b4:74:
2b:ca:cd:df:57:c4:aa:29:41:13:00:2c:d4:91:47:3b:83:36:
b7:a8:94:30:da:dd:f3:c8:35:55:88:55:38:c3:45:c1:11:67:
e4:a3:ed:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5hUy7rzmwptn8m+iHtrKnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZGVjOWEyMDk2ZGVjMTAzYmFlMmQ3YzM3OTZlMGQ0NzA4
NWMyMDIwHhcNMjQwMzIxMTQwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDFjNDcyZGVjNDYzYzgwZDg2ZDY5OTVkOWI2ZjAzOThkMmMzNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwyKT3N73Gs4pY/b4nGNpjUxEp5O
6ef4B/7eKNYmDPLkPqhoZQkgPD436/F2kTdbWaglwYvKY19kZ6DP+pt4TAWMkJ5i
k2wnTklR0Xg5Nfz5pQksWz4OhOCnbG7mf1OfUjbcZHrZ5BHDKaJmwfJyyGawlyEw
RpzQB9adJtWRN8Qby7zGdBIROIL00SYBvMgVqElQwy/J+vQ5A2RjqLg6PuWQlzel
5Febtrr2bwS3FwJyyr2k69LpG54p4u5HPNBYEmlCaJcgfJD2SKuAFiYeNXYVLEcw
6wAREaQRntaio7B6WwLDvT7fs79bMdUUN2ZBPRUPjVBeIdlEXvFi80a/9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAcRy3sRjyA2G1pldm28DmNLDbtMB8GA1UdIwQY
MBaAFC7eyaIJbewQO64tfDeW4NRwhcICMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHQ3Sm9nbHQ3QkE3cmkxOE41YmcxSENGd2dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kZjBkMzctNGY2NS00MzlkLWE1MzEt
MDU3ZDdhZjBhZWY0LzEvSUJ4SExleEdQSURZYldtVjJiYndPWTBzTnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kZjBkMzctNGY2NS00MzlkLWE1MzEtMDU3ZDdhZjBhZWY0
LzEvTHQ3Sm9nbHQ3QkE3cmkxOE41YmcxSENGd2dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCTUdwMA0G
CSqGSIb3DQEBCwUAA4IBAQAX0sUUoGtRhAzl7py2XwjKX0gyAVtVtBfNDOhsos3V
kxy+IZlugF/xiDQVDuAPWO3++PIgot1rnQLrdIWU/FnfvUZulzhhWDibgWvN/R6D
zOnwNkdbuPnyiT5N2d/d+SmWgP5Q1uG8wQ3LxoNXyU5NNXCwDmU3gb6KQH5tP2KW
dc+jniE80FOobIy6MeAlFAQc0ehaWXDuhwXRArhwMUXqOzkt1/tpfX6ksClyvkS2
P8UioLNme5OsaKfEdDGPYZgzGjM9BGCVSB3Ir3cm9ExqoYH1hEYhtHQrys3fV8Sq
KUETACzUkUc7gza3qJQw2t3zyDVViFU4w0XBEWfko+2+
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:35:41 2024 by rpki-client on console-ams.rpki-client.org