Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/4_KSiVKnUi5RueKY4KrqD8uQji4.roa
File: 4_KSiVKnUi5RueKY4KrqD8uQji4.roa (raw, json)
Hash identifier: NbRAyYQiILM7pg5851HsbC8O93moBjqAJ3D8uEOpN9Y=
Subject key identifier: E3:F2:92:89:52:A7:52:2E:51:B9:E2:98:E0:AA:EA:0F:CB:90:8E:2E
Certificate issuer: /CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c
Certificate serial: 018CC6B92186D521CD16C1D295E39BC0B0BB
Authority key identifier: BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/4_KSiVKnUi5RueKY4KrqD8uQji4.roa
Signing time: Mon 01 Jan 2024 20:31:10 +0000
ROA not before: Mon 01 Jan 2024 20:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 77.72.184.0/24 maxlen: 24
77.72.185.0/24 maxlen: 24
77.72.186.0/24 maxlen: 24
77.72.187.0/24 maxlen: 24
77.72.188.0/24 maxlen: 24
77.72.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:21:86:d5:21:cd:16:c1:d2:95:e3:9b:c0:b0:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3f2928952a7522e51b9e298e0aaea0fcb908e2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2c:da:0c:ef:0c:1f:ef:33:de:d2:f6:e7:28:
41:cf:34:08:13:a4:50:20:f6:75:56:1b:06:f1:f4:
d3:5d:d1:8d:db:f1:97:e1:ab:5b:03:bb:2b:1f:7d:
9d:ef:98:83:ca:ba:c5:5b:89:c7:8c:8a:db:28:61:
b6:05:da:e6:af:45:2a:cb:b1:41:15:30:bb:46:73:
b3:15:b8:54:48:d0:ff:9d:fd:c3:74:ad:6f:51:52:
fb:87:81:58:a2:d1:5b:45:11:a5:76:57:aa:36:9a:
78:db:d6:25:9b:ab:d9:91:82:5a:64:d2:fa:e3:8f:
e2:6a:52:4b:f0:01:a4:13:9b:dc:ca:60:2d:bb:39:
2f:b3:02:d8:9f:24:e0:a0:40:ba:9b:d1:0e:ea:b7:
7f:79:e7:75:d6:68:ea:c7:e0:b7:66:d6:55:b8:86:
9c:ea:1a:d6:24:01:06:e6:c8:b0:8e:4b:79:b0:0f:
00:cc:4e:93:18:06:51:ec:1d:26:f0:a4:0b:d6:0b:
41:eb:30:76:23:ab:db:46:2b:1a:10:05:12:1f:9a:
87:0e:f0:08:03:fc:9a:42:34:54:b6:c7:2d:6e:1f:
a7:21:d0:6c:35:c2:26:01:6b:11:6c:fd:f6:c9:85:
d7:aa:7a:18:71:78:08:20:78:6b:8f:be:6e:b8:41:
d1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F2:92:89:52:A7:52:2E:51:B9:E2:98:E0:AA:EA:0F:CB:90:8E:2E
X509v3 Authority Key Identifier:
keyid:BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/4_KSiVKnUi5RueKY4KrqD8uQji4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.184.0-77.72.189.255
Signature Algorithm: sha256WithRSAEncryption
4a:13:d2:71:96:ef:0f:42:20:ad:16:1b:bb:06:21:d1:00:36:
17:32:7f:26:30:ed:0a:9d:ee:ed:9e:fa:06:af:40:08:35:23:
54:ec:d6:07:70:86:cd:27:89:39:4e:74:e3:ec:9a:8a:38:31:
d4:9d:6c:13:1d:5b:57:1b:db:b4:ff:42:e4:fc:0e:55:fc:68:
a3:be:f1:fa:35:88:f4:6c:e1:34:11:d2:84:1b:30:bd:17:78:
cf:94:f1:f5:e4:47:dc:58:fb:52:4a:86:a3:4d:bc:69:eb:89:
d1:c0:1c:b9:17:89:8a:3e:d7:83:1c:d7:ec:69:b4:9d:09:87:
95:22:90:e1:56:9e:8d:dd:45:a9:2b:05:84:84:c2:7c:4d:e7:
a1:8e:91:3e:7e:c7:48:14:8a:b3:e3:6f:22:96:d7:fa:52:1c:
19:9c:e1:16:b4:17:df:af:6b:dd:15:1f:7f:65:51:d6:9f:98:
44:80:fc:e0:c3:ce:b1:be:2e:6c:3f:ba:d4:bc:85:e3:e5:03:
40:09:96:3a:58:8a:fc:10:b1:b3:3c:5e:2c:e1:ac:fb:e7:c8:
8a:2f:12:52:65:8c:89:60:03:14:c6:58:30:83:d4:97:62:3a:
d2:d8:db:8b:0c:cb:5d:6f:e0:78:52:f9:33:f0:c7:de:ca:ad:
8a:a7:19:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGuSGG1SHNFsHSleObwLC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYmE4ZWNjZDk3ZTk2MTg5ZmY2ZTMzY2YxMTBhNmM5YTQ3
NzQ1OWMwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2YyOTI4OTUyYTc1MjJlNTFiOWUyOThlMGFhZWEwZmNiOTA4ZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCzaDO8MH+8z3tL25yhBzzQIE6RQ
IPZ1VhsG8fTTXdGN2/GX4atbA7srH32d75iDyrrFW4nHjIrbKGG2Bdrmr0Uqy7FB
FTC7RnOzFbhUSND/nf3DdK1vUVL7h4FYotFbRRGldleqNpp429Ylm6vZkYJaZNL6
44/ialJL8AGkE5vcymAtuzkvswLYnyTgoEC6m9EO6rd/eed11mjqx+C3ZtZVuIac
6hrWJAEG5siwjkt5sA8AzE6TGAZR7B0m8KQL1gtB6zB2I6vbRisaEAUSH5qHDvAI
A/yaQjRUtsctbh+nIdBsNcImAWsRbP32yYXXqnoYcXgIIHhrj75uuEHRPQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOPykolSp1IuUbnimOCq6g/LkI4uMB8GA1UdIwQY
MBaAFLu6jszZfpYYn/bjPPEQpsmkd0WcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdxT3pObC1saGlmOXVNODhSQ215YVIzUlp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iOWRhYjgtZDA4NC00YjczLTk5YjIt
ZWU1YjUxNjhiZjJmLzEvNF9LU2lWS25VaTVSdWVLWTRLcnFEOHVRamk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iOWRhYjgtZDA4NC00YjczLTk5YjItZWU1YjUxNjhiZjJm
LzEvdTdxT3pObC1saGlmOXVNODhSQ215YVIzUlp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANNSLgD
BAFNSLwwDQYJKoZIhvcNAQELBQADggEBAEoT0nGW7w9CIK0WG7sGIdEANhcyfyYw
7Qqd7u2e+gavQAg1I1Ts1gdwhs0niTlOdOPsmoo4MdSdbBMdW1cb27T/QuT8DlX8
aKO+8fo1iPRs4TQR0oQbML0XeM+U8fXkR9xY+1JKhqNNvGnridHAHLkXiYo+14Mc
1+xptJ0Jh5UikOFWno3dRakrBYSEwnxN56GOkT5+x0gUirPjbyKW1/pSHBmc4Ra0
F9+va90VH39lUdafmESA/ODDzrG+Lmw/utS8hePlA0AJljpYivwQsbM8XizhrPvn
yIovElJljIlgAxTGWDCD1JdiOtLY24sMy11v4HhS+TPwx97KrYqnGf4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:26:09 2024 by rpki-client on console-fra.rpki-client.org