Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/14F2gSg7mzFZ3on-SwdpAL6c8nw.roa
File: 14F2gSg7mzFZ3on-SwdpAL6c8nw.roa (raw, json)
Hash identifier: XghDP1FjVjDwQacvPf05Ovcatl27ShhVCCnYsheMqho=
Subject key identifier: D7:81:76:81:28:3B:9B:31:59:DE:89:FE:4B:07:69:00:BE:9C:F2:7C
Certificate issuer: /CN=586329f307b98285b71d22c7197ec19b701ded67
Certificate serial: 018CC801CBEB1695E3F73D4D61EEA8B5B188
Authority key identifier: 58:63:29:F3:07:B9:82:85:B7:1D:22:C7:19:7E:C1:9B:70:1D:ED:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/14F2gSg7mzFZ3on-SwdpAL6c8nw.roa
Signing time: Tue 02 Jan 2024 02:30:10 +0000
ROA not before: Tue 02 Jan 2024 02:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42586
IP address blocks: 77.36.128.0/17 maxlen: 21
77.36.128.0/19 maxlen: 19
77.36.128.0/20 maxlen: 20
77.36.128.0/18 maxlen: 18
77.36.144.0/20 maxlen: 20
77.36.224.0/20 maxlen: 20
77.36.224.0/19 maxlen: 19
77.36.240.0/20 maxlen: 20
77.36.160.0/20 maxlen: 20
77.36.160.0/19 maxlen: 19
77.36.165.0/24 maxlen: 24
185.194.244.0/22 maxlen: 22
77.36.166.0/24 maxlen: 24
77.36.163.0/24 maxlen: 24
77.36.164.0/24 maxlen: 24
77.36.176.0/20 maxlen: 20
77.36.192.0/20 maxlen: 20
77.36.192.0/19 maxlen: 19
77.36.192.0/18 maxlen: 18
77.36.208.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:cb:eb:16:95:e3:f7:3d:4d:61:ee:a8:b5:b1:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586329f307b98285b71d22c7197ec19b701ded67
Validity
Not Before: Jan 2 02:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7817681283b9b3159de89fe4b076900be9cf27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7a:3b:04:2d:ec:a8:9c:0b:41:86:7f:84:11:
6d:51:22:c8:c7:72:46:19:56:87:d5:c9:de:09:8e:
49:34:0b:0b:32:4b:56:49:bd:c1:0f:cf:bb:74:27:
cd:4f:d9:dd:46:3b:15:c8:a3:5b:c8:4f:07:d7:38:
7f:be:32:9a:84:c2:5c:db:28:dc:fe:da:29:23:df:
c7:24:6d:22:c8:77:ba:90:a1:2b:61:78:6d:9f:a8:
71:ab:7e:4d:23:c3:ce:73:29:ca:a2:35:ce:b3:00:
ee:fe:c0:68:ae:e8:f2:07:b7:4f:a2:87:ae:c2:41:
7d:7e:db:91:2b:27:36:c6:3f:47:96:4c:91:25:71:
65:a6:f1:28:3d:8c:1e:a6:18:25:e7:4d:9b:e9:31:
ca:b9:8b:26:3d:9d:80:6c:de:8a:f8:25:fa:54:7d:
3c:90:f2:0e:50:7d:17:a6:bb:35:cf:57:8c:d6:59:
89:ef:f1:2c:25:ea:3f:a7:7f:3c:b7:23:88:f9:54:
42:f1:9f:20:90:64:23:3e:df:44:22:b6:7f:70:b6:
89:82:2c:55:87:15:dd:ea:1d:7e:ed:4e:e4:70:56:
e1:e8:21:c1:b3:8b:ef:18:32:0a:99:b4:2d:84:37:
f8:0e:e1:b5:e0:2c:7b:fc:7e:5e:d8:e6:16:fc:76:
a7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:81:76:81:28:3B:9B:31:59:DE:89:FE:4B:07:69:00:BE:9C:F2:7C
X509v3 Authority Key Identifier:
keyid:58:63:29:F3:07:B9:82:85:B7:1D:22:C7:19:7E:C1:9B:70:1D:ED:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/14F2gSg7mzFZ3on-SwdpAL6c8nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0ee2ab-07d9-4a81-abf0-e0e4be6696f9/1/WGMp8we5goW3HSLHGX7Bm3Ad7Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.128.0/17
185.194.244.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:5d:30:56:bd:a4:c0:27:9f:f4:55:d3:1e:a2:9d:e4:94:4a:
b0:e2:b3:76:4a:b5:17:f5:4d:f8:ff:a0:30:69:21:72:9b:9e:
f1:33:e2:1f:a1:46:ea:07:9f:53:b7:13:2e:81:e0:cb:e3:04:
4b:35:c3:b1:51:92:10:02:86:b5:93:3a:bf:0d:0c:01:20:08:
95:9d:94:b9:58:8a:a9:91:59:b0:e6:80:2d:c0:37:46:9f:08:
5f:f4:29:db:01:ba:41:0b:86:77:1a:73:8e:26:8b:34:b0:c0:
6e:62:90:79:5b:68:e5:ec:27:9e:6c:a0:98:ad:0f:cf:3f:3e:
e9:dd:d8:1d:7d:7e:57:1b:f2:7b:77:77:fb:01:a2:66:97:99:
99:19:02:9f:5f:3d:be:1d:e6:8f:27:56:c4:c1:54:a5:61:46:
3f:47:57:e7:21:c2:79:54:21:1b:47:37:64:85:8f:38:d3:40:
c9:ca:42:fe:15:d1:2a:65:e1:b3:78:d7:fb:63:b1:11:dd:28:
fd:ec:b1:fd:03:94:03:fc:cd:18:63:bb:39:bd:f0:e5:c5:07:
59:39:01:d9:ad:01:66:74:e2:3b:a7:37:2b:75:2c:03:bf:34:
e5:d4:c8:49:75:5b:37:b6:92:b6:43:24:ee:32:7b:6f:45:a2:
b2:ac:e7:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAcvrFpXj9z1NYe6otbGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjMyOWYzMDdiOTgyODViNzFkMjJjNzE5N2VjMTliNzAx
ZGVkNjcwHhcNMjQwMTAyMDIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzgxNzY4MTI4M2I5YjMxNTlkZTg5ZmU0YjA3NjkwMGJlOWNmMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1no7BC3sqJwLQYZ/hBFtUSLIx3JG
GVaH1cneCY5JNAsLMktWSb3BD8+7dCfNT9ndRjsVyKNbyE8H1zh/vjKahMJc2yjc
/topI9/HJG0iyHe6kKErYXhtn6hxq35NI8POcynKojXOswDu/sBorujyB7dPooeu
wkF9ftuRKyc2xj9HlkyRJXFlpvEoPYwephgl502b6THKuYsmPZ2AbN6K+CX6VH08
kPIOUH0Xprs1z1eM1lmJ7/EsJeo/p388tyOI+VRC8Z8gkGQjPt9EIrZ/cLaJgixV
hxXd6h1+7U7kcFbh6CHBs4vvGDIKmbQthDf4DuG14Cx7/H5e2OYW/HanQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNeBdoEoO5sxWd6J/ksHaQC+nPJ8MB8GA1UdIwQY
MBaAFFhjKfMHuYKFtx0ixxl+wZtwHe1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0dNcDh3ZTVnb1czSFNMSEdYN0JtM0FkN1djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wZWUyYWItMDdkOS00YTgxLWFiZjAt
ZTBlNGJlNjY5NmY5LzEvMTRGMmdTZzdtekZaM29uLVN3ZHBBTDZjOG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wZWUyYWItMDdkOS00YTgxLWFiZjAtZTBlNGJlNjY5NmY5
LzEvV0dNcDh3ZTVnb1czSFNMSEdYN0JtM0FkN1djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHTSSAAwQC
ucL0MA0GCSqGSIb3DQEBCwUAA4IBAQBvXTBWvaTAJ5/0VdMeop3klEqw4rN2SrUX
9U34/6AwaSFym57xM+IfoUbqB59TtxMugeDL4wRLNcOxUZIQAoa1kzq/DQwBIAiV
nZS5WIqpkVmw5oAtwDdGnwhf9CnbAbpBC4Z3GnOOJos0sMBuYpB5W2jl7CeebKCY
rQ/PPz7p3dgdfX5XG/J7d3f7AaJml5mZGQKfXz2+HeaPJ1bEwVSlYUY/R1fnIcJ5
VCEbRzdkhY8400DJykL+FdEqZeGzeNf7Y7ER3Sj97LH9A5QD/M0YY7s5vfDlxQdZ
OQHZrQFmdOI7pzcrdSwDvzTl1MhJdVs3tpK2QyTuMntvRaKyrOeF
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:16:38 2024 by rpki-client on console-fra.rpki-client.org