Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/3aGD17har8CePQ-J06kmn702SDE.roa
File: 3aGD17har8CePQ-J06kmn702SDE.roa (raw, json)
Hash identifier: 8HzssJWu0UljmyR6ef4Hoyi+kUg0/fHJK8dsL6jKod0=
Subject key identifier: DD:A1:83:D7:B8:5A:AF:C0:9E:3D:0F:89:D3:A9:26:9F:BD:36:48:31
Certificate issuer: /CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c
Certificate serial: 018CC6B921D586457E3ED36D6C03D40B153E
Authority key identifier: BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/3aGD17har8CePQ-J06kmn702SDE.roa
Signing time: Mon 01 Jan 2024 20:31:10 +0000
ROA not before: Mon 01 Jan 2024 20:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42421
IP address blocks: 77.72.186.0/24 maxlen: 24
77.72.185.0/24 maxlen: 24
77.72.184.0/24 maxlen: 24
77.72.187.0/24 maxlen: 24
77.72.189.0/24 maxlen: 24
77.72.188.0/24 maxlen: 24
2a03:c6c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:21:d5:86:45:7e:3e:d3:6d:6c:03:d4:0b:15:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dda183d7b85aafc09e3d0f89d3a9269fbd364831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3d:a1:74:0e:40:65:b8:88:54:d5:d9:ba:50:
14:52:5c:f9:6e:bb:3f:20:8f:2f:27:c6:4c:04:2c:
07:77:e4:d9:0b:73:d7:2b:c4:37:76:63:fc:b3:57:
c4:b1:52:0a:b4:4f:31:5a:f4:7e:a8:36:98:8f:7a:
07:d5:fb:77:13:e6:55:88:73:be:a8:9f:62:d0:7a:
eb:14:a7:02:98:24:7b:c1:f8:d1:15:13:e9:85:90:
04:e3:58:90:25:f0:91:24:f1:3a:75:b5:03:44:f2:
88:0d:bf:b0:d2:ae:30:c7:9b:f1:6d:b2:8c:9d:60:
a1:fd:93:04:24:22:c1:a9:a0:3f:fb:a2:18:bf:bb:
01:d8:8b:79:ae:e6:31:e1:bf:77:f2:47:ca:63:18:
38:27:7a:b9:58:1d:e2:55:db:7b:e6:e9:c5:f3:d6:
d0:d4:71:e4:ed:ce:44:31:e1:ca:c6:3a:f2:06:38:
03:bc:c2:5d:6a:2c:d6:a1:5e:ff:0c:2d:73:40:b7:
0d:14:26:30:e1:89:3b:f1:82:5d:b0:ad:ea:4d:5a:
c6:ee:07:26:15:c7:7a:7e:98:85:fa:1c:eb:e5:70:
49:9b:fa:1b:11:af:4f:c8:24:61:c7:97:5b:12:a9:
bb:67:11:a6:3e:b7:ca:fd:f0:22:f7:fd:3d:62:d9:
2c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A1:83:D7:B8:5A:AF:C0:9E:3D:0F:89:D3:A9:26:9F:BD:36:48:31
X509v3 Authority Key Identifier:
keyid:BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/3aGD17har8CePQ-J06kmn702SDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.184.0-77.72.189.255
IPv6:
2a03:c6c0::/48
Signature Algorithm: sha256WithRSAEncryption
71:99:44:d3:49:9d:9f:25:33:17:c8:23:69:3b:01:ed:fa:85:
79:ec:8f:9b:7d:76:cf:63:8e:eb:cc:cf:40:37:f9:8a:ef:41:
5e:8e:ea:46:25:fb:97:b6:d0:9b:18:8f:83:55:85:3b:48:0d:
a3:34:e7:05:2d:1e:c7:e7:b1:f1:e7:0a:ac:a5:77:55:43:61:
02:a6:1a:d1:36:7a:92:57:6a:55:4b:3e:64:d7:e6:36:c4:31:
94:50:7d:d3:79:ff:18:be:19:a0:6e:f5:a8:f8:b6:49:c0:59:
cb:52:42:3d:78:34:f8:10:a4:0e:2d:bc:57:cf:f9:e1:f3:bb:
6a:cd:42:17:41:ff:c9:bf:64:5b:72:36:92:48:21:c2:61:2d:
36:61:32:1f:4a:a1:7d:ca:f4:89:ff:81:6c:17:69:18:e8:2c:
61:9c:28:0f:a5:a0:21:99:f6:95:d0:91:7d:24:8e:c6:8e:26:
cc:5f:f5:aa:8f:73:5f:f9:c7:e7:13:ae:f5:57:e7:2e:28:55:
27:9f:0d:49:41:54:10:be:56:75:ae:8f:96:9d:65:28:c4:e1:
f2:91:7b:a6:62:d8:e7:77:ea:aa:03:a7:39:bb:c3:db:a0:c8:
91:e3:cc:da:81:54:98:e8:04:59:18:75:4c:ec:fe:d8:55:28:
f8:8e:ad:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzGuSHVhkV+PtNtbAPUCxU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYmE4ZWNjZDk3ZTk2MTg5ZmY2ZTMzY2YxMTBhNmM5YTQ3
NzQ1OWMwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGExODNkN2I4NWFhZmMwOWUzZDBmODlkM2E5MjY5ZmJkMzY0ODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj2hdA5AZbiIVNXZulAUUlz5brs/
II8vJ8ZMBCwHd+TZC3PXK8Q3dmP8s1fEsVIKtE8xWvR+qDaYj3oH1ft3E+ZViHO+
qJ9i0HrrFKcCmCR7wfjRFRPphZAE41iQJfCRJPE6dbUDRPKIDb+w0q4wx5vxbbKM
nWCh/ZMEJCLBqaA/+6IYv7sB2It5ruYx4b938kfKYxg4J3q5WB3iVdt75unF89bQ
1HHk7c5EMeHKxjryBjgDvMJdaizWoV7/DC1zQLcNFCYw4Yk78YJdsK3qTVrG7gcm
Fcd6fpiF+hzr5XBJm/obEa9PyCRhx5dbEqm7ZxGmPrfK/fAi9/09YtksJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN2hg9e4Wq/Anj0PidOpJp+9NkgxMB8GA1UdIwQY
MBaAFLu6jszZfpYYn/bjPPEQpsmkd0WcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdxT3pObC1saGlmOXVNODhSQ215YVIzUlp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iOWRhYjgtZDA4NC00YjczLTk5YjIt
ZWU1YjUxNjhiZjJmLzEvM2FHRDE3aGFyOENlUFEtSjA2a21uNzAyU0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iOWRhYjgtZDA4NC00YjczLTk5YjItZWU1YjUxNjhiZjJm
LzEvdTdxT3pObC1saGlmOXVNODhSQ215YVIzUlp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBANNSLgD
BAFNSLwwDwQCAAIwCQMHACoDxsAAADANBgkqhkiG9w0BAQsFAAOCAQEAcZlE00md
nyUzF8gjaTsB7fqFeeyPm312z2OO68zPQDf5iu9BXo7qRiX7l7bQmxiPg1WFO0gN
ozTnBS0ex+ex8ecKrKV3VUNhAqYa0TZ6kldqVUs+ZNfmNsQxlFB903n/GL4ZoG71
qPi2ScBZy1JCPXg0+BCkDi28V8/54fO7as1CF0H/yb9kW3I2kkghwmEtNmEyH0qh
fcr0if+BbBdpGOgsYZwoD6WgIZn2ldCRfSSOxo4mzF/1qo9zX/nH5xOu9VfnLihV
J58NSUFUEL5Wda6Plp1lKMTh8pF7pmLY53fqqgOnObvD26DIkePM2oFUmOgEWRh1
TOz+2FUo+I6tCQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:27:50 2024 by rpki-client on console-ams.rpki-client.org