Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/fec7JqC-wOo8nCxUs-nKrzz06TA.roa
File: fec7JqC-wOo8nCxUs-nKrzz06TA.roa (raw, json)
Hash identifier: oOxRIO29PVAVo8lz8nDYuFby/jpsSkl7n+OyaQjrk0A=
Subject key identifier: 7D:E7:3B:26:A0:BE:C0:EA:3C:9C:2C:54:B3:E9:CA:AF:3C:F4:E9:30
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019160263721AE60A9DAD5626E7F5B39A60C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/fec7JqC-wOo8nCxUs-nKrzz06TA.roa
Signing time: Sat 17 Aug 2024 11:43:22 +0000
ROA not before: Sat 17 Aug 2024 11:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 77.242.149.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
88.209.200.0/24 maxlen: 24
88.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 17:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:60:26:37:21:ae:60:a9:da:d5:62:6e:7f:5b:39:a6:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 17 11:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7de73b26a0bec0ea3c9c2c54b3e9caaf3cf4e930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:81:bc:b7:45:b4:3d:37:06:94:f9:17:10:b0:
1a:19:b9:a4:c1:6d:03:1f:b8:3f:70:31:a6:a3:cd:
be:5e:c6:f3:b1:e7:92:d2:71:60:fa:bc:92:6a:0b:
26:87:a4:c1:d9:e3:c4:9d:91:ea:1f:3d:61:c1:c7:
d8:af:ad:d7:b7:80:b8:01:05:27:53:94:78:86:d8:
d3:96:86:ba:d9:6e:1e:1e:df:0a:64:18:62:59:9f:
60:53:8b:f5:fb:79:55:a9:5d:f7:ce:57:4d:a5:dc:
c7:bd:80:ed:75:db:5b:0e:07:74:c5:08:f9:4d:11:
fc:b4:35:6e:b2:04:80:33:b1:8b:92:0a:8b:e0:9c:
69:18:7f:f4:a2:a5:f3:7b:47:69:42:3b:3d:74:97:
77:d0:57:d7:00:3d:ee:44:91:23:10:11:f4:0a:71:
d2:a9:b4:1d:d0:a2:2b:75:0e:ab:b3:41:1d:ad:41:
a3:92:8f:f0:9d:31:c5:2d:06:02:22:bf:2e:f9:0f:
7a:0b:10:fd:37:9c:37:b9:ac:09:97:47:30:ab:8d:
ba:41:23:09:67:67:c5:c4:33:93:c4:7d:da:e1:c4:
28:0b:1d:92:69:7e:b7:96:88:13:f2:5c:5f:f9:e1:
dc:4c:c5:89:03:16:20:55:0d:57:d6:ea:9b:17:ed:
40:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E7:3B:26:A0:BE:C0:EA:3C:9C:2C:54:B3:E9:CA:AF:3C:F4:E9:30
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/fec7JqC-wOo8nCxUs-nKrzz06TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.149.0/24
77.242.157.0/24
88.209.200.0/24
88.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
60:a7:bd:f3:bf:fd:f6:11:08:36:df:83:57:70:e7:ed:ff:3d:
76:2c:f7:50:d4:33:9a:8c:db:b4:e1:2b:e9:8a:d9:f1:0f:2d:
29:18:96:e9:d3:d9:c1:33:96:47:1d:8b:b7:60:53:f3:f7:a6:
bb:8f:77:77:e9:ce:f7:c3:72:ac:ad:27:09:e1:14:ed:fe:4d:
e5:b9:b5:c1:ad:7d:fd:40:b4:4a:0b:5e:c7:5d:2a:da:b8:18:
90:3b:71:66:4d:b8:45:78:34:22:c9:62:a6:37:c6:53:af:9b:
14:1f:03:a4:83:88:ca:38:17:df:eb:63:ac:23:a7:f2:59:b5:
c9:97:54:99:99:29:5d:0b:31:1b:55:e4:63:e2:e8:6d:53:a9:
92:34:4c:ea:16:66:76:ee:41:8c:f9:7e:53:e2:2a:72:fd:4d:
ea:61:98:13:10:b2:12:fa:42:51:94:2a:5b:da:98:f0:7c:28:
a9:c1:55:1d:03:0e:dd:bd:cc:aa:2b:3f:03:74:f5:4b:58:db:
e2:ff:e6:7f:f5:74:21:ce:e2:ec:11:dc:1e:fd:2c:62:d0:1a:
9d:bd:05:e2:1d:50:f6:fe:0a:47:d4:6c:09:62:46:d6:44:12:
0d:b8:0b:9f:a5:a4:23:28:8f:ff:f1:43:82:3a:60:d0:16:f0:
fb:f9:d2:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZFgJjchrmCp2tVibn9bOaYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwODE3MTE0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGU3M2IyNmEwYmVjMGVhM2M5YzJjNTRiM2U5Y2FhZjNjZjRlOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4G8t0W0PTcGlPkXELAaGbmkwW0D
H7g/cDGmo82+XsbzseeS0nFg+rySagsmh6TB2ePEnZHqHz1hwcfYr63Xt4C4AQUn
U5R4htjTloa62W4eHt8KZBhiWZ9gU4v1+3lVqV33zldNpdzHvYDtddtbDgd0xQj5
TRH8tDVusgSAM7GLkgqL4JxpGH/0oqXze0dpQjs9dJd30FfXAD3uRJEjEBH0CnHS
qbQd0KIrdQ6rs0EdrUGjko/wnTHFLQYCIr8u+Q96CxD9N5w3uawJl0cwq426QSMJ
Z2fFxDOTxH3a4cQoCx2SaX63logT8lxf+eHcTMWJAxYgVQ1X1uqbF+1ADwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH3nOyagvsDqPJwsVLPpyq889OkwMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZmVjN0pxQy13T284bkN4VXMtbktyenowNlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATfKVAwQA
TfKdAwQAWNHIAwQAWNHcMA0GCSqGSIb3DQEBCwUAA4IBAQBgp73zv/32EQg234NX
cOft/z12LPdQ1DOajNu04SvpitnxDy0pGJbp09nBM5ZHHYu3YFPz96a7j3d36c73
w3KsrScJ4RTt/k3lubXBrX39QLRKC17HXSrauBiQO3FmTbhFeDQiyWKmN8ZTr5sU
HwOkg4jKOBff62OsI6fyWbXJl1SZmSldCzEbVeRj4uhtU6mSNEzqFmZ27kGM+X5T
4ipy/U3qYZgTELIS+kJRlCpb2pjwfCipwVUdAw7dvcyqKz8DdPVLWNvi/+Z/9XQh
zuLsEdwe/Sxi0BqdvQXiHVD2/gpH1GwJYkbWRBINuAufpaQjKI//8UOCOmDQFvD7
+dLd
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:42:29 2024 by rpki-client on console-fra.rpki-client.org