Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/luf2qZsGBrM6vfSVW_MH51yCphg.roa
File: luf2qZsGBrM6vfSVW_MH51yCphg.roa (raw, json)
Hash identifier: K3yrcn2g7LT7YTN4+avl5TDyheJ+VfcmEWdyxDhJO8U=
Subject key identifier: 96:E7:F6:A9:9B:06:06:B3:3A:BD:F4:95:5B:F3:07:E7:5C:82:A6:18
Certificate issuer: /CN=f76fd568674856415eb1e21342aaf323b37b7a2e
Certificate serial: 018CCA2A893ABAC9713ED78AE0428AE3632B
Authority key identifier: F7:6F:D5:68:67:48:56:41:5E:B1:E2:13:42:AA:F3:23:B3:7B:7A:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/luf2qZsGBrM6vfSVW_MH51yCphg.roa
Signing time: Tue 02 Jan 2024 12:33:54 +0000
ROA not before: Tue 02 Jan 2024 12:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216376
IP address blocks: 185.77.98.0/24 maxlen: 24
185.77.98.0/23 maxlen: 23
185.77.99.0/24 maxlen: 24
2a13:ab40::/32 maxlen: 32
2a13:ab40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/92_VaGdIVkFeseITQqrzI7N7ei4.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/92_VaGdIVkFeseITQqrzI7N7ei4.mft
rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:89:3a:ba:c9:71:3e:d7:8a:e0:42:8a:e3:63:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f76fd568674856415eb1e21342aaf323b37b7a2e
Validity
Not Before: Jan 2 12:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96e7f6a99b0606b33abdf4955bf307e75c82a618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ad:5e:b3:7e:7c:33:c7:77:1c:c5:5a:6a:40:
19:70:8c:02:d3:5e:97:a3:5c:52:ed:62:4f:72:2c:
84:b2:f9:fe:c7:27:30:d3:2c:6b:e7:13:5d:d1:cd:
d3:6c:7a:30:1b:d5:92:e5:57:3c:cd:89:8d:d2:63:
98:58:ad:4f:ee:59:34:5c:eb:dd:80:59:d2:bd:bd:
6d:48:72:6d:f0:77:46:f9:dc:82:47:6d:8e:03:6c:
03:73:72:44:04:69:a9:4a:7f:b9:b3:77:ae:81:58:
66:ab:d6:be:66:35:85:0a:19:ae:e1:a6:6b:7b:b7:
15:29:61:ab:18:a3:83:d0:ec:a2:f1:02:39:e3:5b:
a4:3f:a4:75:76:7e:43:cd:c5:e8:b4:55:39:8b:dc:
a5:79:8c:e5:fd:a3:0b:49:0f:2b:1e:5f:01:a9:38:
41:e9:c3:a0:ff:56:e2:59:d5:fd:95:77:db:5e:03:
1f:ed:32:d5:a1:a8:24:82:60:7c:e0:37:75:cc:35:
99:3c:3a:40:83:4c:05:41:46:e3:90:13:a0:54:77:
4f:ae:5f:82:e2:82:ed:a8:fb:99:6c:83:10:17:67:
38:d9:8a:0f:4d:01:3c:14:de:70:44:9c:f0:9d:20:
9b:17:fb:63:04:7e:ca:59:f0:49:2c:8a:1c:b7:7f:
4c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E7:F6:A9:9B:06:06:B3:3A:BD:F4:95:5B:F3:07:E7:5C:82:A6:18
X509v3 Authority Key Identifier:
keyid:F7:6F:D5:68:67:48:56:41:5E:B1:E2:13:42:AA:F3:23:B3:7B:7A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/luf2qZsGBrM6vfSVW_MH51yCphg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/92_VaGdIVkFeseITQqrzI7N7ei4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.98.0/23
IPv6:
2a13:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
22:35:45:3e:e3:f3:43:67:ff:3d:39:e8:9e:41:22:95:02:dd:
6d:2e:65:f3:ab:6f:98:2f:78:2e:e7:1c:20:d6:10:72:c2:8d:
72:b0:b8:09:04:58:b3:ab:a5:3a:ad:44:e9:df:bc:d9:1f:1f:
1e:8a:1a:f9:59:10:2e:8a:b8:11:d4:17:ba:20:3f:f2:70:12:
fe:a1:79:2a:ae:42:78:07:fe:d5:ed:d2:2f:bc:41:e3:5a:f4:
c3:f5:a9:60:60:8e:bc:d0:09:4f:6a:bb:1c:71:c7:96:20:b9:
a4:b0:57:86:7b:da:37:2a:10:61:f7:12:4e:2f:ab:cb:54:cc:
bd:c7:8d:d3:38:f8:fd:2a:23:bb:c0:df:46:17:45:ad:ab:a6:
43:76:d3:44:fa:c0:47:92:51:a2:72:c3:59:a7:2f:ce:29:68:
7d:03:36:7a:b8:b4:18:3b:d3:44:12:fa:ad:03:03:84:59:32:
02:86:76:47:65:93:8d:8e:ac:a7:78:4d:32:24:41:a6:26:dd:
83:5c:e0:f9:0d:4e:02:e9:e7:6d:1a:50:8b:c1:b3:34:c4:6c:
5f:a6:ce:39:16:e2:d9:6f:56:c2:85:b6:1b:e0:57:dc:ab:4e:
60:09:80:e2:56:ad:75:3a:fb:0d:0c:e8:09:bb:56:12:f9:27:
0f:75:49:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKok6uslxPteK4EKK42MrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NmZkNTY4Njc0ODU2NDE1ZWIxZTIxMzQyYWFmMzIzYjM3
YjdhMmUwHhcNMjQwMTAyMTIzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU3ZjZhOTliMDYwNmIzM2FiZGY0OTU1YmYzMDdlNzVjODJhNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla1es358M8d3HMVaakAZcIwC016X
o1xS7WJPciyEsvn+xycw0yxr5xNd0c3TbHowG9WS5Vc8zYmN0mOYWK1P7lk0XOvd
gFnSvb1tSHJt8HdG+dyCR22OA2wDc3JEBGmpSn+5s3eugVhmq9a+ZjWFChmu4aZr
e7cVKWGrGKOD0Oyi8QI541ukP6R1dn5DzcXotFU5i9yleYzl/aMLSQ8rHl8BqThB
6cOg/1biWdX9lXfbXgMf7TLVoagkgmB84Dd1zDWZPDpAg0wFQUbjkBOgVHdPrl+C
4oLtqPuZbIMQF2c42YoPTQE8FN5wRJzwnSCbF/tjBH7KWfBJLIoct39MEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJbn9qmbBgazOr30lVvzB+dcgqYYMB8GA1UdIwQY
MBaAFPdv1WhnSFZBXrHiE0Kq8yOze3ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTJfVmFHZElWa0Zlc2VJVFFxcnpJN043ZWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81NDBkYTUtMjdmYi00NmU2LWExMzIt
YjU0ZDgyZDhiZTdiLzEvbHVmMnFac0dCck02dmZTVldfTUg1MXlDcGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81NDBkYTUtMjdmYi00NmU2LWExMzItYjU0ZDgyZDhiZTdi
LzEvOTJfVmFHZElWa0Zlc2VJVFFxcnpJN043ZWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuU1iMA0E
AgACMAcDBQAqE6tAMA0GCSqGSIb3DQEBCwUAA4IBAQAiNUU+4/NDZ/89OeieQSKV
At1tLmXzq2+YL3gu5xwg1hBywo1ysLgJBFizq6U6rUTp37zZHx8eihr5WRAuirgR
1Be6ID/ycBL+oXkqrkJ4B/7V7dIvvEHjWvTD9algYI680AlParsccceWILmksFeG
e9o3KhBh9xJOL6vLVMy9x43TOPj9KiO7wN9GF0Wtq6ZDdtNE+sBHklGicsNZpy/O
KWh9AzZ6uLQYO9NEEvqtAwOEWTIChnZHZZONjqyneE0yJEGmJt2DXOD5DU4C6edt
GlCLwbM0xGxfps45FuLZb1bChbYb4Ffcq05gCYDiVq11OvsNDOgJu1YS+ScPdUnL
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:29:19 2024 by rpki-client on console-fra.rpki-client.org