Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/dg810T9psQX7OVr709bVl2kPKMQ.roa
File: dg810T9psQX7OVr709bVl2kPKMQ.roa (raw, json)
Hash identifier: tLrtah/qZO1n1S9H7ONEHqgi2Dc/ydvOcqrROBvCMz8=
Subject key identifier: 76:0F:35:D1:3F:69:B1:05:FB:39:5A:FB:D3:D6:D5:97:69:0F:28:C4
Certificate issuer: /CN=f68b2f4e668ef0a176a8bd0004e2777670833238
Certificate serial: 018CC6B783CD5B787D570777578C6F40B741
Authority key identifier: F6:8B:2F:4E:66:8E:F0:A1:76:A8:BD:00:04:E2:77:76:70:83:32:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9osvTmaO8KF2qL0ABOJ3dnCDMjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/dg810T9psQX7OVr709bVl2kPKMQ.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43995
IP address blocks: 82.151.32.0/19 maxlen: 27
45.159.44.0/22 maxlen: 22
185.77.24.0/22 maxlen: 24
2a02:e040::/29 maxlen: 64
2a0f:7180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/9osvTmaO8KF2qL0ABOJ3dnCDMjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/9osvTmaO8KF2qL0ABOJ3dnCDMjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/9osvTmaO8KF2qL0ABOJ3dnCDMjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:83:cd:5b:78:7d:57:07:77:57:8c:6f:40:b7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f68b2f4e668ef0a176a8bd0004e2777670833238
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=760f35d13f69b105fb395afbd3d6d597690f28c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e3:2f:0f:2e:f5:1a:cb:69:37:dc:66:1c:41:
e3:30:5f:a5:fa:46:1c:c5:f2:5c:13:77:3b:48:7e:
c8:a7:b0:df:91:7f:c1:c0:28:a3:cd:1c:c7:01:80:
19:2a:85:07:97:fb:59:b8:f7:f5:1b:1b:a1:f0:59:
74:5a:f8:2b:93:f7:ea:59:97:66:8d:d5:35:b5:4b:
c3:1d:00:87:70:38:8c:14:d6:66:6f:60:9a:5d:e7:
a7:b0:66:dd:1e:12:e5:06:b1:74:f9:cb:b3:68:f0:
dd:0f:b0:65:92:e3:9f:a7:9b:f4:20:c9:a2:03:63:
8d:e6:d6:c3:fe:e5:0c:83:e6:e6:6b:50:32:e0:a2:
22:37:2d:17:82:fe:76:b4:70:bd:27:c7:d2:30:a9:
71:40:2a:41:70:de:4c:3c:be:a2:e4:46:0a:43:03:
f5:6e:40:8f:4a:1e:4f:a1:7f:bd:a1:a1:46:86:66:
2b:c4:bb:6b:53:6e:66:42:52:26:9a:59:a9:1a:e5:
d6:aa:61:b7:20:d1:39:cd:de:cb:13:05:05:2b:c3:
4e:d6:d8:b4:ca:df:30:3a:19:bd:57:dd:e2:c2:82:
e8:84:24:ab:05:fe:d3:88:36:f4:f5:81:a1:ce:ca:
53:db:26:b4:59:27:f0:a1:4d:28:71:53:dc:8b:b6:
51:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0F:35:D1:3F:69:B1:05:FB:39:5A:FB:D3:D6:D5:97:69:0F:28:C4
X509v3 Authority Key Identifier:
keyid:F6:8B:2F:4E:66:8E:F0:A1:76:A8:BD:00:04:E2:77:76:70:83:32:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9osvTmaO8KF2qL0ABOJ3dnCDMjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/dg810T9psQX7OVr709bVl2kPKMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/9osvTmaO8KF2qL0ABOJ3dnCDMjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.44.0/22
82.151.32.0/19
185.77.24.0/22
IPv6:
2a02:e040::/29
2a0f:7180::/29
Signature Algorithm: sha256WithRSAEncryption
6a:8c:e8:39:6c:3c:86:95:aa:a3:43:e9:e6:93:00:ac:6e:3b:
92:25:72:52:35:a1:b5:60:81:17:5c:9c:78:5b:da:6e:01:90:
b5:a8:fc:5e:ee:12:2c:79:b0:c3:a8:b0:74:c2:e6:4d:20:71:
22:5c:83:04:55:ca:1c:81:a3:d7:e0:5b:35:5b:c6:ef:9e:0e:
34:2f:84:d5:b3:21:06:b8:56:5d:b4:8b:a7:82:f2:10:24:7d:
36:a8:9f:2b:83:c7:72:ac:8a:fc:58:53:cc:9c:02:4a:ac:78:
3d:8a:15:7d:5e:b1:f4:a1:e9:3b:65:ad:d8:12:7a:c1:04:30:
36:74:95:f4:25:6a:38:13:17:4c:de:c6:2c:95:99:b0:d1:80:
44:fe:dc:c6:27:92:18:0b:57:6a:ad:af:bb:99:24:92:37:bb:
83:63:ce:7c:92:47:d8:33:a1:73:ac:ed:49:0c:96:87:e1:74:
ea:cb:61:82:3a:98:2b:20:50:12:c3:b0:f4:46:56:70:33:b9:
fd:63:15:5b:70:78:ec:32:73:1c:eb:16:1e:18:c8:90:8f:32:
4e:4b:e2:0c:22:70:c4:78:ed:11:17:c4:be:91:41:77:11:60:
8f:85:b0:dc:ce:81:d3:2a:0b:5c:29:39:50:a8:1d:5f:e9:35:
79:a1:92:49
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzGt4PNW3h9Vwd3V4xvQLdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OGIyZjRlNjY4ZWYwYTE3NmE4YmQwMDA0ZTI3Nzc2NzA4
MzMyMzgwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBmMzVkMTNmNjliMTA1ZmIzOTVhZmJkM2Q2ZDU5NzY5MGYyOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+MvDy71GstpN9xmHEHjMF+l+kYc
xfJcE3c7SH7Ip7DfkX/BwCijzRzHAYAZKoUHl/tZuPf1Gxuh8Fl0Wvgrk/fqWZdm
jdU1tUvDHQCHcDiMFNZmb2CaXeensGbdHhLlBrF0+cuzaPDdD7BlkuOfp5v0IMmi
A2ON5tbD/uUMg+bma1Ay4KIiNy0Xgv52tHC9J8fSMKlxQCpBcN5MPL6i5EYKQwP1
bkCPSh5PoX+9oaFGhmYrxLtrU25mQlImmlmpGuXWqmG3INE5zd7LEwUFK8NO1ti0
yt8wOhm9V93iwoLohCSrBf7TiDb09YGhzspT2ya0WSfwoU0ocVPci7ZR3QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHYPNdE/abEF+zla+9PW1ZdpDyjEMB8GA1UdIwQY
MBaAFPaLL05mjvChdqi9AATid3ZwgzI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOW9zdlRtYU84S0YycUwwQUJPSjNkbkNETWpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mZGM1OTktNzgwYi00NDE0LTllMmEt
NTJiMDc3NWM3Y2I0LzEvZGc4MTBUOXBzUVg3T1ZyNzA5YlZsMmtQS01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mZGM1OTktNzgwYi00NDE0LTllMmEtNTJiMDc3NWM3Y2I0
LzEvOW9zdlRtYU84S0YycUwwQUJPSjNkbkNETWpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLZ8sAwQF
UpcgAwQCuU0YMBQEAgACMA4DBQMqAuBAAwUDKg9xgDANBgkqhkiG9w0BAQsFAAOC
AQEAaozoOWw8hpWqo0Pp5pMArG47kiVyUjWhtWCBF1yceFvabgGQtaj8Xu4SLHmw
w6iwdMLmTSBxIlyDBFXKHIGj1+BbNVvG754ONC+E1bMhBrhWXbSLp4LyECR9Nqif
K4PHcqyK/FhTzJwCSqx4PYoVfV6x9KHpO2Wt2BJ6wQQwNnSV9CVqOBMXTN7GLJWZ
sNGARP7cxieSGAtXaq2vu5kkkje7g2POfJJH2DOhc6ztSQyWh+F06sthgjqYKyBQ
EsOw9EZWcDO5/WMVW3B47DJzHOsWHhjIkI8yTkviDCJwxHjtERfEvpFBdxFgj4Ww
3M6B0yoLXCk5UKgdX+k1eaGSSQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:43 2024 by rpki-client on console-fra.rpki-client.org